From f888a3f78accaa6588f36528b8eee5a8c27772bc Mon Sep 17 00:00:00 2001 From: Bogdan Stoean <4540392+BogdanStoean@users.noreply.github.com> Date: Mon, 29 Jan 2018 07:44:40 +0200 Subject: [PATCH] BAEL-1410 - refactor tests (#3525) * initial setup with spring boot/ spring data jpa/ flyway * BAEL-1315 - added flyway test extensions for spring * BAEL-1315 - added flyway test extensions for spring * BAEL-1315 - created multiple migration scripts and locations * BAEL-1315 - test insert after schema creation * cleanup * BAEL-1315 - test data changes by a migration * [BAEL-1410] Spring Boot Security Auto-Configuration * [BAEL-1410] Added some tests for incorrect credentials use case * [BAEL-1410] Added readme and some code improvements * [BAEL-1410] removed form based auth config because is redundant added oauth2 server auto-configuration sample with test * [BAEL-1410] added custom Authorization Server Config * [BAEL-1410] update README * [BAEL-1410]refactor tests * [BAEL-1410]oauth2 resource server * [BAEL-1410]oauth2 sso sample with facebook * [BAEL-1410]remove spring-flyway * [BAEL-1410]refactor tests * [BAEL-1410] refactor tests * [BAEL-1410] update --- ...BasicAuthConfigurationIntegrationTest.java | 2 + ...figAuthorizationServerIntegrationTest.java | 55 ++++++------------- ...figAuthorizationServerIntegrationTest.java | 26 +++------ .../OAuth2IntegrationTestSupport.java | 34 ++++++++++++ 4 files changed, 59 insertions(+), 58 deletions(-) create mode 100644 spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/OAuth2IntegrationTestSupport.java diff --git a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/basic_auth/BasicAuthConfigurationIntegrationTest.java b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/basic_auth/BasicAuthConfigurationIntegrationTest.java index 4e4244abb7..32c3fbdef4 100644 --- a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/basic_auth/BasicAuthConfigurationIntegrationTest.java +++ b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/basic_auth/BasicAuthConfigurationIntegrationTest.java @@ -37,6 +37,7 @@ public class BasicAuthConfigurationIntegrationTest { @Test public void whenLoggedUserRequestsHomePage_ThenSuccess() throws IllegalStateException, IOException { ResponseEntity response = restTemplate.getForEntity(base.toString(), String.class); + assertEquals(HttpStatus.OK, response.getStatusCode()); assertTrue(response .getBody() @@ -47,6 +48,7 @@ public class BasicAuthConfigurationIntegrationTest { public void whenUserWithWrongCredentialsRequestsHomePage_ThenUnauthorizedPage() throws IllegalStateException, IOException { restTemplate = new TestRestTemplate("user", "wrongpassword"); ResponseEntity response = restTemplate.getForEntity(base.toString(), String.class); + assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode()); assertTrue(response .getBody() diff --git a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/CustomConfigAuthorizationServerIntegrationTest.java b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/CustomConfigAuthorizationServerIntegrationTest.java index 09df9ce645..cc953eef5a 100644 --- a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/CustomConfigAuthorizationServerIntegrationTest.java +++ b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/CustomConfigAuthorizationServerIntegrationTest.java @@ -2,10 +2,7 @@ package com.baeldung.springbootsecurity.oauth2server; import org.junit.Test; import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter; -import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext; import org.springframework.security.oauth2.client.OAuth2RestTemplate; import org.springframework.security.oauth2.client.resource.OAuth2AccessDeniedException; import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails; @@ -13,7 +10,6 @@ import org.springframework.security.oauth2.common.OAuth2AccessToken; import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.junit4.SpringRunner; -import static java.lang.String.format; import static java.util.Collections.singletonList; import static org.junit.Assert.assertNotNull; import static org.springframework.boot.test.context.SpringBootTest.WebEnvironment.RANDOM_PORT; @@ -21,54 +17,35 @@ import static org.springframework.boot.test.context.SpringBootTest.WebEnvironmen @RunWith(SpringRunner.class) @SpringBootTest(webEnvironment = RANDOM_PORT, classes = SpringBootAuthorizationServerApplication.class) @ActiveProfiles("authz") -public class CustomConfigAuthorizationServerIntegrationTest { - - @Value("${local.server.port}") protected int port; +public class CustomConfigAuthorizationServerIntegrationTest extends OAuth2IntegrationTestSupport { @Test - public void whenAccessTokenIsRequested_ThenAccessTokenValueIsNotNull() { - ClientCredentialsResourceDetails resourceDetails = getClientCredentialsResourceDetails(); - resourceDetails.setClientId("baeldung"); - resourceDetails.setClientSecret("baeldung"); - resourceDetails.setScope(singletonList("read")); - DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext(); - OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceDetails, clientContext); - restTemplate.setMessageConverters(singletonList(new MappingJackson2HttpMessageConverter())); + public void givenOAuth2Context_whenAccessTokenIsRequested_ThenAccessTokenValueIsNotNull() { + ClientCredentialsResourceDetails resourceDetails = getClientCredentialsResourceDetails("baeldung", singletonList("read")); + OAuth2RestTemplate restTemplate = getOAuth2RestTemplate(resourceDetails); + OAuth2AccessToken accessToken = restTemplate.getAccessToken(); + assertNotNull(accessToken); } @Test(expected = OAuth2AccessDeniedException.class) - public void whenAccessTokenIsRequestedWithInvalidException_ThenExceptionIsThrown() { - ClientCredentialsResourceDetails resourceDetails = getClientCredentialsResourceDetails(); - resourceDetails.setClientId("baeldung"); - resourceDetails.setClientSecret("baeldung"); - resourceDetails.setScope(singletonList("write")); - DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext(); - OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceDetails, clientContext); - restTemplate.setMessageConverters(singletonList(new MappingJackson2HttpMessageConverter())); + public void givenOAuth2Context_whenAccessTokenIsRequestedWithInvalidException_ThenExceptionIsThrown() { + ClientCredentialsResourceDetails resourceDetails = getClientCredentialsResourceDetails("baeldung", singletonList("write")); + OAuth2RestTemplate restTemplate = getOAuth2RestTemplate(resourceDetails); + restTemplate.getAccessToken(); } @Test - public void whenAccessTokenIsRequestedByClientWithWriteScope_ThenAccessTokenIsNotNull() { - ClientCredentialsResourceDetails resourceDetails = getClientCredentialsResourceDetails(); - resourceDetails.setClientId("baeldung-admin"); - resourceDetails.setClientSecret("baeldung"); - resourceDetails.setScope(singletonList("write")); - DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext(); - OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceDetails, clientContext); - restTemplate.setMessageConverters(singletonList(new MappingJackson2HttpMessageConverter())); - OAuth2AccessToken accessToken = restTemplate.getAccessToken(); - assertNotNull(accessToken); - } + public void givenOAuth2Context_whenAccessTokenIsRequestedByClientWithWriteScope_ThenAccessTokenIsNotNull() { + ClientCredentialsResourceDetails resourceDetails = getClientCredentialsResourceDetails("baeldung-admin", singletonList("write")); + OAuth2RestTemplate restTemplate = getOAuth2RestTemplate(resourceDetails); - private ClientCredentialsResourceDetails getClientCredentialsResourceDetails() { - ClientCredentialsResourceDetails resourceDetails = new ClientCredentialsResourceDetails(); - resourceDetails.setAccessTokenUri(format("http://localhost:%d/oauth/token", port)); - resourceDetails.setGrantType("client_credentials"); - return resourceDetails; + OAuth2AccessToken accessToken = restTemplate.getAccessToken(); + + assertNotNull(accessToken); } } diff --git a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/DefaultConfigAuthorizationServerIntegrationTest.java b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/DefaultConfigAuthorizationServerIntegrationTest.java index c7b1b4ef6c..4d7b449380 100644 --- a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/DefaultConfigAuthorizationServerIntegrationTest.java +++ b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/DefaultConfigAuthorizationServerIntegrationTest.java @@ -2,40 +2,28 @@ package com.baeldung.springbootsecurity.oauth2server; import org.junit.Test; import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter; -import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext; import org.springframework.security.oauth2.client.OAuth2RestTemplate; import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails; import org.springframework.security.oauth2.common.OAuth2AccessToken; import org.springframework.test.context.junit4.SpringRunner; -import static java.lang.String.format; import static java.util.Arrays.asList; -import static java.util.Collections.singletonList; import static org.junit.Assert.assertNotNull; import static org.springframework.boot.test.context.SpringBootTest.WebEnvironment.RANDOM_PORT; @RunWith(SpringRunner.class) @SpringBootTest(webEnvironment = RANDOM_PORT, classes = SpringBootAuthorizationServerApplication.class, - properties = { "security.oauth2.client.client-id=client", "security.oauth2.client.client-secret=secret" }) -public class DefaultConfigAuthorizationServerIntegrationTest { - - @Value("${local.server.port}") protected int port; + properties = { "security.oauth2.client.client-id=client", "security.oauth2.client.client-secret=baeldung" }) +public class DefaultConfigAuthorizationServerIntegrationTest extends OAuth2IntegrationTestSupport { @Test - public void whenAccessTokenIsRequested_ThenAccessTokenValueIsNotNull() { - ClientCredentialsResourceDetails resourceDetails = new ClientCredentialsResourceDetails(); - resourceDetails.setAccessTokenUri(format("http://localhost:%d/oauth/token", port)); - resourceDetails.setClientId("client"); - resourceDetails.setClientSecret("secret"); - resourceDetails.setGrantType("client_credentials"); - resourceDetails.setScope(asList("read", "write")); - DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext(); - OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceDetails, clientContext); - restTemplate.setMessageConverters(singletonList(new MappingJackson2HttpMessageConverter())); + public void givenOAuth2Context_whenAccessTokenIsRequested_ThenAccessTokenValueIsNotNull() { + ClientCredentialsResourceDetails resourceDetails = getClientCredentialsResourceDetails("client", asList("read", "write")); + OAuth2RestTemplate restTemplate = getOAuth2RestTemplate(resourceDetails); + OAuth2AccessToken accessToken = restTemplate.getAccessToken(); + assertNotNull(accessToken); } diff --git a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/OAuth2IntegrationTestSupport.java b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/OAuth2IntegrationTestSupport.java new file mode 100644 index 0000000000..3eef206c7d --- /dev/null +++ b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/OAuth2IntegrationTestSupport.java @@ -0,0 +1,34 @@ +package com.baeldung.springbootsecurity.oauth2server; + +import org.springframework.beans.factory.annotation.Value; +import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter; +import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext; +import org.springframework.security.oauth2.client.OAuth2RestTemplate; +import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails; + +import java.util.List; + +import static java.lang.String.format; +import static java.util.Collections.singletonList; + +public class OAuth2IntegrationTestSupport { + + @Value("${local.server.port}") protected int port; + + protected ClientCredentialsResourceDetails getClientCredentialsResourceDetails(final String clientId, final List scopes) { + ClientCredentialsResourceDetails resourceDetails = new ClientCredentialsResourceDetails(); + resourceDetails.setAccessTokenUri(format("http://localhost:%d/oauth/token", port)); + resourceDetails.setClientId(clientId); + resourceDetails.setClientSecret("baeldung"); + resourceDetails.setScope(scopes); + resourceDetails.setGrantType("client_credentials"); + return resourceDetails; + } + + protected OAuth2RestTemplate getOAuth2RestTemplate(final ClientCredentialsResourceDetails resourceDetails) { + DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext(); + OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceDetails, clientContext); + restTemplate.setMessageConverters(singletonList(new MappingJackson2HttpMessageConverter())); + return restTemplate; + } +}