Add test support for SecurityContextHolderFilter
Issue gh-9635
This commit is contained in:
Rob Winch
@@ -85,6 +85,10 @@ public abstract class WebTestUtils {
|
||||
if (filter != null) {
|
||||
ReflectionTestUtils.setField(filter, "repo", securityContextRepository);
|
||||
}
|
||||
SecurityContextHolderFilter holderFilter = findFilter(request, SecurityContextHolderFilter.class);
|
||||
if (holderFilter != null) {
|
||||
ReflectionTestUtils.setField(holderFilter, "securityContextRepository", securityContextRepository);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
+30
@@ -24,6 +24,7 @@ import org.mockito.Mock;
|
||||
import org.mockito.junit.jupiter.MockitoExtension;
|
||||
|
||||
import org.springframework.context.ConfigurableApplicationContext;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.security.config.BeanIds;
|
||||
@@ -33,6 +34,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
|
||||
import org.springframework.security.web.DefaultSecurityFilterChain;
|
||||
import org.springframework.security.web.FilterChainProxy;
|
||||
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
|
||||
import org.springframework.security.web.context.SecurityContextHolderFilter;
|
||||
import org.springframework.security.web.context.SecurityContextPersistenceFilter;
|
||||
import org.springframework.security.web.context.SecurityContextRepository;
|
||||
import org.springframework.security.web.csrf.CsrfFilter;
|
||||
@@ -43,6 +45,7 @@ import org.springframework.web.context.WebApplicationContext;
|
||||
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
||||
@ExtendWith(MockitoExtension.class)
|
||||
public class WebTestUtilsTests {
|
||||
@@ -126,6 +129,19 @@ public class WebTestUtilsTests {
|
||||
assertThat(WebTestUtils.getSecurityContextRepository(this.request)).isSameAs(this.contextRepo);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void setSecurityContextRepositoryWhenSecurityContextHolderFilter() {
|
||||
SecurityContextRepository expectedRepository = mock(SecurityContextRepository.class);
|
||||
loadConfig(SecurityContextHolderFilterConfig.class);
|
||||
// verify our configuration sets up to have SecurityContextHolderFilter and not
|
||||
// SecurityContextPersistenceFilter
|
||||
assertThat(WebTestUtils.findFilter(this.request, SecurityContextPersistenceFilter.class)).isNull();
|
||||
assertThat(WebTestUtils.findFilter(this.request, SecurityContextHolderFilter.class)).isNotNull();
|
||||
|
||||
WebTestUtils.setSecurityContextRepository(this.request, expectedRepository);
|
||||
assertThat(WebTestUtils.getSecurityContextRepository(this.request)).isSameAs(expectedRepository);
|
||||
}
|
||||
|
||||
// gh-3343
|
||||
@Test
|
||||
public void findFilterNoMatchingFilters() {
|
||||
@@ -220,4 +236,18 @@ public class WebTestUtilsTests {
|
||||
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
static class SecurityContextHolderFilterConfig {
|
||||
|
||||
@Bean
|
||||
DefaultSecurityFilterChain springSecurityFilter(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.securityContext((securityContext) -> securityContext.requireExplicitSave(true));
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user