Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add Factor Tests for Authentication Providers

Browse Source 
Issue gh-17933
This commit is contained in:
Josh Cummings
2025-09-18 15:38:39 -06:00
parent 39e2bb67fc
commit 758b35df9c
9 changed files with 158 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
core/src/test/java/org/springframework/security/authentication/dao/DaoAuthenticationProviderTests.java
+10
View File
@@ -31,6 +31,7 @@ import org.springframework.security.authentication.CredentialsExpiredException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.authentication.SecurityAssertions;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.password.CompromisedPasswordChecker;
@@ -504,6 +505,15 @@ public class DaoAuthenticationProviderTests {
assertThat(authentication).isNotNull();
}
@Test
void authenticateWhenSuccessThenIssuesFactor() {
UserDetails user = PasswordEncodedUser.user();
DaoAuthenticationProvider provider = new DaoAuthenticationProvider(withUsers(user));
Authentication request = new UsernamePasswordAuthenticationToken("user", "password");
Authentication result = provider.authenticate(request);
SecurityAssertions.assertThat(result).hasAuthority("FACTOR_PASSWORD");
}
private UserDetailsService withUsers(UserDetails... users) {
return new InMemoryUserDetailsManager(users);
}
core/src/test/java/org/springframework/security/authentication/ott/OneTimeTokenAuthenticationProviderTests.java
+13
View File
@@ -26,6 +26,7 @@ import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.SecurityAssertions;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
@@ -98,6 +99,18 @@ public class OneTimeTokenAuthenticationProviderTests {
assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.provider.authenticate(token));
}
@Test
void authenticateWhenSuccessThenIssuesFactor() {
given(this.oneTimeTokenService.consume(any()))
.willReturn(new DefaultOneTimeToken(TOKEN, USERNAME, Instant.now().plusSeconds(120)));
given(this.userDetailsService.loadUserByUsername(anyString()))
.willReturn(new User(USERNAME, PASSWORD, List.of()));
OneTimeTokenAuthenticationToken token = new OneTimeTokenAuthenticationToken(TOKEN);
Authentication authentication = this.provider.authenticate(token);
SecurityAssertions.assertThat(authentication).hasAuthority("FACTOR_OTT");
}
@Test
void constructorWhenOneTimeTokenServiceIsNullThenThrowIllegalArgumentException() {
// @formatter:off