Merge pull request #13895 from achraftt/BAEL-6303

BAEL-6303: Encode passwords with Spring Boot CLI
2023-04-28 15:01:01 +02:00 · 2023-04-28 15:01:01 +02:00 · b2f2af9407
parent ba0f7855eb 2efc27170d
commit b2f2af9407
5 changed files with 117 additions and 0 deletions
--- a/spring-boot-modules/spring-boot-cli/pom.xml
+++ b/spring-boot-modules/spring-boot-cli/pom.xml
@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>spring-boot-cli</artifactId>
+    <name>spring-boot-cli</name>
+    <packaging>jar</packaging>
+    <description></description>
+
+    <parent>
+        <groupId>com.baeldung.spring-boot-modules</groupId>
+        <artifactId>spring-boot-modules</artifactId>
+        <version>1.0.0-SNAPSHOT</version>
+    </parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+
+</project>
--- a/spring-boot-modules/spring-boot-cli/src/main/java/com/baeldung/Application.java
+++ b/spring-boot-modules/spring-boot-cli/src/main/java/com/baeldung/Application.java
@ -0,0 +1,12 @@
+package com.baeldung;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class Application {
+
+    public static void main(String[] args) {
+        SpringApplication.run(Application.class, args);
+    }
+}
--- a/spring-boot-modules/spring-boot-cli/src/main/java/com/baeldung/controller/LoginController.java
+++ b/spring-boot-modules/spring-boot-cli/src/main/java/com/baeldung/controller/LoginController.java
@ -0,0 +1,13 @@
+package com.baeldung.controller;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class LoginController {
+
+    @GetMapping("/")
+    public String hello() {
+        return "Hello World!";
+    }
+}
--- a/spring-boot-modules/spring-boot-cli/src/main/resources/application.properties
+++ b/spring-boot-modules/spring-boot-cli/src/main/resources/application.properties
@ -0,0 +1,3 @@
+spring.security.user.name=baeldung
+# Encoded password with SpringBoot CLI, the decoded password is baeldungPassword
+spring.security.user.password={bcrypt}$2y$10$R8VIwFiQ7aUST17YqMaWJuxjkCYqk3jjPlSxyDLLzqCTOwFuJNq2a
--- a/spring-boot-modules/spring-boot-cli/src/test/java/com/baeldung/encoding/PasswordEncodingUnitTest.java
+++ b/spring-boot-modules/spring-boot-cli/src/test/java/com/baeldung/encoding/PasswordEncodingUnitTest.java
@ -0,0 +1,51 @@
+package com.baeldung.encoding;
+
+import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
+import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+import org.springframework.web.context.WebApplicationContext;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+@AutoConfigureMockMvc
+public class PasswordEncodingUnitTest {
+    private final static String userName = "baeldung";
+    private final static String passwordDecoded = "baeldungPassword";
+
+    private MockMvc mvc;
+
+    @Autowired
+    private WebApplicationContext webApplicationContext;
+
+    @Before
+    public void setup() {
+        mvc = MockMvcBuilders.webAppContextSetup(webApplicationContext)
+          .apply(springSecurity())
+          .build();
+    }
+
+    @Test
+    public void givenRequestWithWrongPassword_shouldFailWith401() throws Exception {
+        mvc.perform(get("/").with(httpBasic(userName, "wrongPassword")))
+          .andExpect(status().isUnauthorized());
+
+    }
+
+    @Test
+    public void givenRequestWithCorrectDecodedPassword_houldSucceedWith200() throws Exception {
+        mvc.perform(get("/").with(httpBasic(userName, passwordDecoded)))
+          .andExpect(status().isOk());
+
+    }
+}