diff --git a/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java b/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java index 9040547d6a..4d14294b1a 100644 --- a/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java +++ b/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java @@ -166,7 +166,7 @@ public class AclImplTests { assertThat(acl.getEntries().get(2).getSid()).isEqualTo(new GrantedAuthoritySid("ROLE_TEST2")); } - @Test(expected = NotFoundException.class) + @Test public void insertAceFailsForNonExistentElement() { MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true, new PrincipalSid("joe")); @@ -174,7 +174,8 @@ public class AclImplTests { // Insert one permission acl.insertAce(0, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST1"), true); service.updateAcl(acl); - acl.insertAce(55, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST2"), true); + assertThatExceptionOfType(NotFoundException.class) + .isThrownBy(() -> acl.insertAce(55, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST2"), true)); } @Test @@ -411,38 +412,40 @@ public class AclImplTests { .isFalse(); } - @Test(expected = NotFoundException.class) + @Test public void insertAceRaisesNotFoundExceptionForIndexLessThanZero() { AclImpl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true, new PrincipalSid("joe")); - acl.insertAce(-1, mock(Permission.class), mock(Sid.class), true); + assertThatExceptionOfType(NotFoundException.class) + .isThrownBy(() -> acl.insertAce(-1, mock(Permission.class), mock(Sid.class), true)); } - @Test(expected = NotFoundException.class) + @Test public void deleteAceRaisesNotFoundExceptionForIndexLessThanZero() { AclImpl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true, new PrincipalSid("joe")); - acl.deleteAce(-1); + assertThatExceptionOfType(NotFoundException.class).isThrownBy(() -> acl.deleteAce(-1)); } - @Test(expected = NotFoundException.class) + @Test public void insertAceRaisesNotFoundExceptionForIndexGreaterThanSize() { AclImpl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true, new PrincipalSid("joe")); // Insert at zero, OK. acl.insertAce(0, mock(Permission.class), mock(Sid.class), true); // Size is now 1 - acl.insertAce(2, mock(Permission.class), mock(Sid.class), true); + assertThatExceptionOfType(NotFoundException.class) + .isThrownBy(() -> acl.insertAce(2, mock(Permission.class), mock(Sid.class), true)); } // SEC-1151 - @Test(expected = NotFoundException.class) + @Test public void deleteAceRaisesNotFoundExceptionForIndexEqualToSize() { AclImpl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true, new PrincipalSid("joe")); acl.insertAce(0, mock(Permission.class), mock(Sid.class), true); // Size is now 1 - acl.deleteAce(1); + assertThatExceptionOfType(NotFoundException.class).isThrownBy(() -> acl.deleteAce(1)); } // SEC-1795 diff --git a/acl/src/test/java/org/springframework/security/acls/domain/ObjectIdentityImplTests.java b/acl/src/test/java/org/springframework/security/acls/domain/ObjectIdentityImplTests.java index ca94695ac1..539fff692d 100644 --- a/acl/src/test/java/org/springframework/security/acls/domain/ObjectIdentityImplTests.java +++ b/acl/src/test/java/org/springframework/security/acls/domain/ObjectIdentityImplTests.java @@ -72,9 +72,9 @@ public class ObjectIdentityImplTests { assertThatNoException().isThrownBy(() -> new ObjectIdentityImpl(mockId)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorRejectsInvalidTypeParameter() { - new ObjectIdentityImpl("", 1L); + assertThatIllegalArgumentException().isThrownBy(() -> new ObjectIdentityImpl("", 1L)); } @Test diff --git a/acl/src/test/java/org/springframework/security/acls/jdbc/AbstractBasicLookupStrategyTests.java b/acl/src/test/java/org/springframework/security/acls/jdbc/AbstractBasicLookupStrategyTests.java index 7a7e2f196d..d1a20e6352 100644 --- a/acl/src/test/java/org/springframework/security/acls/jdbc/AbstractBasicLookupStrategyTests.java +++ b/acl/src/test/java/org/springframework/security/acls/jdbc/AbstractBasicLookupStrategyTests.java @@ -54,6 +54,7 @@ import org.springframework.security.acls.model.Sid; import org.springframework.security.core.authority.SimpleGrantedAuthority; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests {@link BasicLookupStrategy} @@ -294,12 +295,13 @@ public abstract class AbstractBasicLookupStrategyTests { assertThat(foundParent2Acl.isGranted(checkPermission, sids, false)).isTrue(); } - @Test(expected = IllegalArgumentException.class) + @Test public void nullOwnerIsNotSupported() { String query = "INSERT INTO acl_object_identity(ID,OBJECT_ID_CLASS,OBJECT_ID_IDENTITY,PARENT_OBJECT,OWNER_SID,ENTRIES_INHERITING) VALUES (6,2,104,null,null,1);"; getJdbcTemplate().execute(query); ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS, 104L); - this.strategy.readAclsById(Arrays.asList(oid), Arrays.asList(BEN_SID)); + assertThatIllegalArgumentException() + .isThrownBy(() -> this.strategy.readAclsById(Arrays.asList(oid), Arrays.asList(BEN_SID))); } @Test diff --git a/acl/src/test/java/org/springframework/security/acls/jdbc/AclClassIdUtilsTests.java b/acl/src/test/java/org/springframework/security/acls/jdbc/AclClassIdUtilsTests.java index 99660737d7..49b4e12b1a 100644 --- a/acl/src/test/java/org/springframework/security/acls/jdbc/AclClassIdUtilsTests.java +++ b/acl/src/test/java/org/springframework/security/acls/jdbc/AclClassIdUtilsTests.java @@ -31,6 +31,7 @@ import org.mockito.junit.MockitoJUnitRunner; import org.springframework.core.convert.ConversionService; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; /** @@ -125,14 +126,14 @@ public class AclClassIdUtilsTests { assertThat(newIdentifier).isEqualTo(identifier); } - @Test(expected = IllegalArgumentException.class) + @Test public void shouldNotAcceptNullConversionServiceInConstruction() { - new AclClassIdUtils(null); + assertThatIllegalArgumentException().isThrownBy(() -> new AclClassIdUtils(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void shouldNotAcceptNullConversionServiceInSetter() { - this.aclClassIdUtils.setConversionService(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.aclClassIdUtils.setConversionService(null)); } } diff --git a/acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyWithAclClassTypeTests.java b/acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyWithAclClassTypeTests.java index 532304a57b..2db9b65608 100644 --- a/acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyWithAclClassTypeTests.java +++ b/acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyWithAclClassTypeTests.java @@ -37,6 +37,8 @@ import org.springframework.security.acls.domain.ObjectIdentityImpl; import org.springframework.security.acls.model.Acl; import org.springframework.security.acls.model.ObjectIdentity; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; + /** * Tests {@link BasicLookupStrategy} with Acl Class type id set to UUID. * @@ -110,10 +112,11 @@ public class BasicLookupStrategyWithAclClassTypeTests extends AbstractBasicLooku Assert.assertNotNull(foundAcls.get(oid)); } - @Test(expected = ConversionFailedException.class) + @Test public void testReadObjectIdentityUsingNonUuidInDatabase() { ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS_WITH_UUID, OBJECT_IDENTITY_LONG_AS_UUID); - this.uuidEnabledStrategy.readAclsById(Arrays.asList(oid), Arrays.asList(BEN_SID)); + assertThatExceptionOfType(ConversionFailedException.class) + .isThrownBy(() -> this.uuidEnabledStrategy.readAclsById(Arrays.asList(oid), Arrays.asList(BEN_SID))); } } diff --git a/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java b/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java index 397a72cfcd..8c2a3a4603 100644 --- a/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java +++ b/acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java @@ -94,10 +94,11 @@ public class EhCacheBasedAclCacheTests { SecurityContextHolder.clearContext(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorRejectsNullParameters() { - new EhCacheBasedAclCache(null, new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger()), - new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_USER"))); + assertThatIllegalArgumentException().isThrownBy( + () -> new EhCacheBasedAclCache(null, new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger()), + new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_USER")))); } @Test diff --git a/acl/src/test/java/org/springframework/security/acls/jdbc/JdbcAclServiceTests.java b/acl/src/test/java/org/springframework/security/acls/jdbc/JdbcAclServiceTests.java index 49985c2d2e..7894a6dce0 100644 --- a/acl/src/test/java/org/springframework/security/acls/jdbc/JdbcAclServiceTests.java +++ b/acl/src/test/java/org/springframework/security/acls/jdbc/JdbcAclServiceTests.java @@ -44,6 +44,7 @@ import org.springframework.security.acls.model.ObjectIdentity; import org.springframework.security.acls.model.Sid; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyList; import static org.mockito.ArgumentMatchers.anyString; @@ -95,13 +96,14 @@ public class JdbcAclServiceTests { } // SEC-1898 - @Test(expected = NotFoundException.class) + @Test public void readAclByIdMissingAcl() { Map result = new HashMap<>(); given(this.lookupStrategy.readAclsById(anyList(), anyList())).willReturn(result); ObjectIdentity objectIdentity = new ObjectIdentityImpl(Object.class, 1); List sids = Arrays.asList(new PrincipalSid("user")); - this.aclService.readAclById(objectIdentity, sids); + assertThatExceptionOfType(NotFoundException.class) + .isThrownBy(() -> this.aclService.readAclById(objectIdentity, sids)); } @Test diff --git a/acl/src/test/java/org/springframework/security/acls/jdbc/SpringCacheBasedAclCacheTests.java b/acl/src/test/java/org/springframework/security/acls/jdbc/SpringCacheBasedAclCacheTests.java index 9a3bd62400..aae9980362 100644 --- a/acl/src/test/java/org/springframework/security/acls/jdbc/SpringCacheBasedAclCacheTests.java +++ b/acl/src/test/java/org/springframework/security/acls/jdbc/SpringCacheBasedAclCacheTests.java @@ -43,6 +43,7 @@ import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.util.FieldUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests {@link org.springframework.security.acls.domain.SpringCacheBasedAclCache} @@ -74,9 +75,9 @@ public class SpringCacheBasedAclCacheTests { return cache; } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorRejectsNullParameters() { - new SpringCacheBasedAclCache(null, null, null); + assertThatIllegalArgumentException().isThrownBy(() -> new SpringCacheBasedAclCache(null, null, null)); } @SuppressWarnings("rawtypes") diff --git a/aspects/src/test/java/org/springframework/security/access/intercept/aspectj/aspect/AnnotationSecurityAspectTests.java b/aspects/src/test/java/org/springframework/security/access/intercept/aspectj/aspect/AnnotationSecurityAspectTests.java index 2bda2d7fac..f67df408f7 100644 --- a/aspects/src/test/java/org/springframework/security/access/intercept/aspectj/aspect/AnnotationSecurityAspectTests.java +++ b/aspects/src/test/java/org/springframework/security/access/intercept/aspectj/aspect/AnnotationSecurityAspectTests.java @@ -98,9 +98,10 @@ public class AnnotationSecurityAspectTests { this.secured.securedMethod(); } - @Test(expected = AuthenticationCredentialsNotFoundException.class) + @Test public void securedClassMethodDeniesUnauthenticatedAccess() { - this.secured.securedClassMethod(); + assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) + .isThrownBy(() -> this.secured.securedClassMethod()); } @Test @@ -109,17 +110,17 @@ public class AnnotationSecurityAspectTests { this.secured.securedClassMethod(); } - @Test(expected = AccessDeniedException.class) + @Test public void internalPrivateCallIsIntercepted() { SecurityContextHolder.getContext().setAuthentication(this.anne); assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> this.secured.publicCallsPrivate()); - this.securedSub.publicCallsPrivate(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> this.securedSub.publicCallsPrivate()); } - @Test(expected = AccessDeniedException.class) + @Test public void protectedMethodIsIntercepted() { SecurityContextHolder.getContext().setAuthentication(this.anne); - this.secured.protectedMethod(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> this.secured.protectedMethod()); } @Test @@ -129,11 +130,11 @@ public class AnnotationSecurityAspectTests { } // SEC-1262 - @Test(expected = AccessDeniedException.class) + @Test public void denyAllPreAuthorizeDeniesAccess() { configureForElAnnotations(); SecurityContextHolder.getContext().setAuthentication(this.anne); - this.prePostSecured.denyAllMethod(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.prePostSecured::denyAllMethod); } @Test diff --git a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java index 682aa88676..ef7a451d2e 100644 --- a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java +++ b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java @@ -41,6 +41,8 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.web.authentication.WebAuthenticationDetails; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.assertj.core.api.Assertions.assertThatIllegalStateException; import static org.assertj.core.api.Assertions.fail; import static org.mockito.ArgumentMatchers.any; @@ -199,7 +201,7 @@ public class CasAuthenticationProviderTests { assertThatIllegalStateException().isThrownBy(() -> cap.authenticate(token)); } - @Test(expected = BadCredentialsException.class) + @Test public void missingTicketIdIsDetected() throws Exception { CasAuthenticationProvider cap = new CasAuthenticationProvider(); cap.setAuthenticationUserDetailsService(new MockAuthoritiesPopulator()); @@ -211,10 +213,10 @@ public class CasAuthenticationProviderTests { cap.afterPropertiesSet(); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( CasAuthenticationFilter.CAS_STATEFUL_IDENTIFIER, ""); - cap.authenticate(token); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> cap.authenticate(token)); } - @Test(expected = BadCredentialsException.class) + @Test public void invalidKeyIsDetected() throws Exception { final Assertion assertion = new AssertionImpl("test"); CasAuthenticationProvider cap = new CasAuthenticationProvider(); @@ -227,30 +229,30 @@ public class CasAuthenticationProviderTests { cap.afterPropertiesSet(); CasAuthenticationToken token = new CasAuthenticationToken("WRONG_KEY", makeUserDetails(), "credentials", AuthorityUtils.createAuthorityList("XX"), makeUserDetails(), assertion); - cap.authenticate(token); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> cap.authenticate(token)); } - @Test(expected = IllegalArgumentException.class) + @Test public void detectsMissingAuthoritiesPopulator() throws Exception { CasAuthenticationProvider cap = new CasAuthenticationProvider(); cap.setKey("qwerty"); cap.setStatelessTicketCache(new MockStatelessTicketCache()); cap.setTicketValidator(new MockTicketValidator(true)); cap.setServiceProperties(makeServiceProperties()); - cap.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> cap.afterPropertiesSet()); } - @Test(expected = IllegalArgumentException.class) + @Test public void detectsMissingKey() throws Exception { CasAuthenticationProvider cap = new CasAuthenticationProvider(); cap.setAuthenticationUserDetailsService(new MockAuthoritiesPopulator()); cap.setStatelessTicketCache(new MockStatelessTicketCache()); cap.setTicketValidator(new MockTicketValidator(true)); cap.setServiceProperties(makeServiceProperties()); - cap.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> cap.afterPropertiesSet()); } - @Test(expected = IllegalArgumentException.class) + @Test public void detectsMissingStatelessTicketCache() throws Exception { CasAuthenticationProvider cap = new CasAuthenticationProvider(); // set this explicitly to null to test failure @@ -259,17 +261,17 @@ public class CasAuthenticationProviderTests { cap.setKey("qwerty"); cap.setTicketValidator(new MockTicketValidator(true)); cap.setServiceProperties(makeServiceProperties()); - cap.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> cap.afterPropertiesSet()); } - @Test(expected = IllegalArgumentException.class) + @Test public void detectsMissingTicketValidator() throws Exception { CasAuthenticationProvider cap = new CasAuthenticationProvider(); cap.setAuthenticationUserDetailsService(new MockAuthoritiesPopulator()); cap.setKey("qwerty"); cap.setStatelessTicketCache(new MockStatelessTicketCache()); cap.setServiceProperties(makeServiceProperties()); - cap.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> cap.afterPropertiesSet()); } @Test diff --git a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java index 9102af096e..6585c8c864 100644 --- a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java +++ b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java @@ -68,10 +68,11 @@ public class CasAuthenticationTokenTests { "Password", AuthorityUtils.createAuthorityList("ROLE_1", null), makeUserDetails(), assertion)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenEmptyKeyThenThrowsException() { - new CasAuthenticationToken("", "user", "password", Collections.emptyList(), - new User("user", "password", Collections.emptyList()), null); + assertThatIllegalArgumentException().isThrownBy( + () -> new CasAuthenticationToken("", "user", "password", Collections.emptyList(), + new User("user", "password", Collections.emptyList()), null)); } @Test diff --git a/cas/src/test/java/org/springframework/security/cas/authentication/SpringCacheBasedTicketCacheTests.java b/cas/src/test/java/org/springframework/security/cas/authentication/SpringCacheBasedTicketCacheTests.java index 607ed39260..bc48f9ac27 100644 --- a/cas/src/test/java/org/springframework/security/cas/authentication/SpringCacheBasedTicketCacheTests.java +++ b/cas/src/test/java/org/springframework/security/cas/authentication/SpringCacheBasedTicketCacheTests.java @@ -23,6 +23,7 @@ import org.springframework.cache.CacheManager; import org.springframework.cache.concurrent.ConcurrentMapCacheManager; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests @@ -56,9 +57,9 @@ public class SpringCacheBasedTicketCacheTests extends AbstractStatelessTicketCac assertThat(cache.getByTicketId("UNKNOWN_SERVICE_TICKET")).isNull(); } - @Test(expected = IllegalArgumentException.class) + @Test public void testStartupDetectsMissingCache() throws Exception { - new SpringCacheBasedTicketCache(null); + assertThatIllegalArgumentException().isThrownBy(() -> new SpringCacheBasedTicketCache(null)); } } diff --git a/cas/src/test/java/org/springframework/security/cas/web/CasAuthenticationFilterTests.java b/cas/src/test/java/org/springframework/security/cas/web/CasAuthenticationFilterTests.java index e704ecd3ff..f161e98473 100644 --- a/cas/src/test/java/org/springframework/security/cas/web/CasAuthenticationFilterTests.java +++ b/cas/src/test/java/org/springframework/security/cas/web/CasAuthenticationFilterTests.java @@ -36,6 +36,7 @@ import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; @@ -76,13 +77,14 @@ public class CasAuthenticationFilterTests { assertThat(result != null).isTrue(); } - @Test(expected = AuthenticationException.class) + @Test public void testNullServiceTicketHandledGracefully() throws Exception { CasAuthenticationFilter filter = new CasAuthenticationFilter(); filter.setAuthenticationManager((a) -> { throw new BadCredentialsException("Rejected"); }); - filter.attemptAuthentication(new MockHttpServletRequest(), new MockHttpServletResponse()); + assertThatExceptionOfType(AuthenticationException.class).isThrownBy( + () -> filter.attemptAuthentication(new MockHttpServletRequest(), new MockHttpServletResponse())); } @Test diff --git a/cas/src/test/java/org/springframework/security/cas/web/ServicePropertiesTests.java b/cas/src/test/java/org/springframework/security/cas/web/ServicePropertiesTests.java index 8ec0b40af1..eba5b1f667 100644 --- a/cas/src/test/java/org/springframework/security/cas/web/ServicePropertiesTests.java +++ b/cas/src/test/java/org/springframework/security/cas/web/ServicePropertiesTests.java @@ -31,10 +31,10 @@ import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException */ public class ServicePropertiesTests { - @Test(expected = IllegalArgumentException.class) + @Test public void detectsMissingService() throws Exception { ServiceProperties sp = new ServiceProperties(); - sp.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(sp::afterPropertiesSet); } @Test diff --git a/config/src/integration-test/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParserTests.java b/config/src/integration-test/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParserTests.java index 01edcd9f47..1a6f26c4bc 100644 --- a/config/src/integration-test/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParserTests.java +++ b/config/src/integration-test/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParserTests.java @@ -33,6 +33,7 @@ import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; public class LdapProviderBeanDefinitionParserTests { @@ -73,10 +74,10 @@ public class LdapProviderBeanDefinitionParserTests { .containsExactly("member={0}", "uniqueMember={0}"); } - @Test(expected = ApplicationContextException.class) + @Test public void missingServerEltCausesConfigException() { - new InMemoryXmlApplicationContext( - "" + " " + ""); + assertThatExceptionOfType(ApplicationContextException.class).isThrownBy(() -> new InMemoryXmlApplicationContext( + "" + " " + "")); } @Test diff --git a/config/src/test/java/org/springframework/security/config/InvalidConfigurationTests.java b/config/src/test/java/org/springframework/security/config/InvalidConfigurationTests.java index 63fa324a88..8ae7e61db1 100644 --- a/config/src/test/java/org/springframework/security/config/InvalidConfigurationTests.java +++ b/config/src/test/java/org/springframework/security/config/InvalidConfigurationTests.java @@ -47,14 +47,16 @@ public class InvalidConfigurationTests { } // Parser should throw a SAXParseException - @Test(expected = XmlBeanDefinitionStoreException.class) + @Test public void passwordEncoderCannotAppearAtTopLevel() { - setContext(""); + assertThatExceptionOfType(XmlBeanDefinitionStoreException.class) + .isThrownBy(() -> setContext("")); } - @Test(expected = XmlBeanDefinitionStoreException.class) + @Test public void authenticationProviderCannotAppearAtTopLevel() { - setContext(""); + assertThatExceptionOfType(XmlBeanDefinitionStoreException.class) + .isThrownBy(() -> setContext("")); } @Test diff --git a/config/src/test/java/org/springframework/security/config/annotation/issue50/Issue50Tests.java b/config/src/test/java/org/springframework/security/config/annotation/issue50/Issue50Tests.java index 647ca8f834..2df6f1aecb 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/issue50/Issue50Tests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/issue50/Issue50Tests.java @@ -38,6 +38,7 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringRunner; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * @author Rob Winch @@ -71,15 +72,17 @@ public class Issue50Tests { // no exception } - @Test(expected = UsernameNotFoundException.class) + @Test public void authenticateWhenMissingUserThenUsernameNotFoundException() { - this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("test", "password")); + assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy(() -> this.authenticationManager + .authenticate(new UsernamePasswordAuthenticationToken("test", "password"))); } - @Test(expected = BadCredentialsException.class) + @Test public void authenticateWhenInvalidPasswordThenBadCredentialsException() { this.userRepo.save(User.withUsernameAndPassword("test", "password")); - this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("test", "invalid")); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.authenticationManager + .authenticate(new UsernamePasswordAuthenticationToken("test", "invalid"))); } @Test @@ -90,12 +93,12 @@ public class Issue50Tests { assertThat(result.getName()).isEqualTo("test"); } - @Test(expected = AccessDeniedException.class) + @Test public void globalMethodSecurityIsEnabledWhenNotAllowedThenAccessDenied() { SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("test", null, "ROLE_USER")); this.userRepo.save(User.withUsernameAndPassword("denied", "password")); - Authentication result = this.authenticationManager - .authenticate(new UsernamePasswordAuthenticationToken("test", "password")); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> this.authenticationManager + .authenticate(new UsernamePasswordAuthenticationToken("test", "password"))); } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/AbstractConfiguredSecurityBuilderTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/AbstractConfiguredSecurityBuilderTests.java index 4c9eb0d3e3..0409acdfc5 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/AbstractConfiguredSecurityBuilderTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/AbstractConfiguredSecurityBuilderTests.java @@ -27,6 +27,8 @@ import org.springframework.security.config.annotation.SecurityConfigurer; import org.springframework.security.config.annotation.SecurityConfigurerAdapter; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; +import static org.assertj.core.api.Assertions.assertThatIllegalStateException; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; @@ -44,14 +46,14 @@ public class AbstractConfiguredSecurityBuilderTests { this.builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenObjectPostProcessorIsNullThenThrowIllegalArgumentException() { - new TestConfiguredSecurityBuilder(null); + assertThatIllegalArgumentException().isThrownBy(() -> new TestConfiguredSecurityBuilder(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void objectPostProcessorWhenNullThenThrowIllegalArgumentException() { - this.builder.objectPostProcessor(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.builder.objectPostProcessor(null)); } @Test @@ -61,15 +63,15 @@ public class AbstractConfiguredSecurityBuilderTests { assertThat(this.builder.getConfigurers(TestSecurityConfigurer.class)).hasSize(1); } - @Test(expected = IllegalStateException.class) + @Test public void buildWhenBuildTwiceThenThrowIllegalStateException() throws Exception { this.builder.build(); - this.builder.build(); + assertThatIllegalStateException().isThrownBy(() -> this.builder.build()); } - @Test(expected = IllegalStateException.class) + @Test public void getObjectWhenNotBuiltThenThrowIllegalStateException() { - this.builder.getObject(); + assertThatIllegalStateException().isThrownBy(this.builder::getObject); } @Test @@ -81,22 +83,22 @@ public class AbstractConfiguredSecurityBuilderTests { verify(DelegateSecurityConfigurer.CONFIGURER).configure(this.builder); } - @Test(expected = IllegalStateException.class) + @Test public void getConfigurerWhenMultipleConfigurersThenThrowIllegalStateException() throws Exception { TestConfiguredSecurityBuilder builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class), true); builder.apply(new DelegateSecurityConfigurer()); builder.apply(new DelegateSecurityConfigurer()); - builder.getConfigurer(DelegateSecurityConfigurer.class); + assertThatIllegalStateException().isThrownBy(() -> builder.getConfigurer(DelegateSecurityConfigurer.class)); } - @Test(expected = IllegalStateException.class) + @Test public void removeConfigurerWhenMultipleConfigurersThenThrowIllegalStateException() throws Exception { TestConfiguredSecurityBuilder builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class), true); builder.apply(new DelegateSecurityConfigurer()); builder.apply(new DelegateSecurityConfigurer()); - builder.removeConfigurer(DelegateSecurityConfigurer.class); + assertThatIllegalStateException().isThrownBy(() -> builder.removeConfigurer(DelegateSecurityConfigurer.class)); } @Test diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryAnyMatcherTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryAnyMatcherTests.java index 98232d5a6d..49688e9767 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryAnyMatcherTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryAnyMatcherTests.java @@ -26,6 +26,8 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.web.context.support.AnnotationConfigWebApplicationContext; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; + /** * Tests for {@link AbstractRequestMatcherRegistry}. * @@ -33,29 +35,34 @@ import org.springframework.web.context.support.AnnotationConfigWebApplicationCon */ public class AbstractRequestMatcherRegistryAnyMatcherTests { - @Test(expected = BeanCreationException.class) + @Test public void antMatchersCanNotWorkAfterAnyRequest() { - loadConfig(AntMatchersAfterAnyRequestConfig.class); + assertThatExceptionOfType(BeanCreationException.class) + .isThrownBy(() -> loadConfig(AntMatchersAfterAnyRequestConfig.class)); } - @Test(expected = BeanCreationException.class) + @Test public void mvcMatchersCanNotWorkAfterAnyRequest() { - loadConfig(MvcMatchersAfterAnyRequestConfig.class); + assertThatExceptionOfType(BeanCreationException.class) + .isThrownBy(() -> loadConfig(MvcMatchersAfterAnyRequestConfig.class)); } - @Test(expected = BeanCreationException.class) + @Test public void regexMatchersCanNotWorkAfterAnyRequest() { - loadConfig(RegexMatchersAfterAnyRequestConfig.class); + assertThatExceptionOfType(BeanCreationException.class) + .isThrownBy(() -> loadConfig(RegexMatchersAfterAnyRequestConfig.class)); } - @Test(expected = BeanCreationException.class) + @Test public void anyRequestCanNotWorkAfterItself() { - loadConfig(AnyRequestAfterItselfConfig.class); + assertThatExceptionOfType(BeanCreationException.class) + .isThrownBy(() -> loadConfig(AnyRequestAfterItselfConfig.class)); } - @Test(expected = BeanCreationException.class) + @Test public void requestMatchersCanNotWorkAfterAnyRequest() { - loadConfig(RequestMatchersAfterAnyRequestConfig.class); + assertThatExceptionOfType(BeanCreationException.class) + .isThrownBy(() -> loadConfig(RequestMatchersAfterAnyRequestConfig.class)); } private void loadConfig(Class... configs) { diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/Sec2515Tests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/Sec2515Tests.java index 77ee64ea66..49a354caaa 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/Sec2515Tests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/Sec2515Tests.java @@ -30,6 +30,7 @@ import org.springframework.security.config.test.SpringTestRule; import org.springframework.web.context.support.AnnotationConfigWebApplicationContext; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.Mockito.mock; /** @@ -41,14 +42,16 @@ public class Sec2515Tests { public final SpringTestRule spring = new SpringTestRule(); // SEC-2515 - @Test(expected = FatalBeanException.class) + @Test public void loadConfigWhenAuthenticationManagerNotConfiguredAndRegisterBeanThenThrowFatalBeanException() { - this.spring.register(StackOverflowSecurityConfig.class).autowire(); + assertThatExceptionOfType(FatalBeanException.class) + .isThrownBy(() -> this.spring.register(StackOverflowSecurityConfig.class).autowire()); } - @Test(expected = FatalBeanException.class) + @Test public void loadConfigWhenAuthenticationManagerNotConfiguredAndRegisterBeanCustomNameThenThrowFatalBeanException() { - this.spring.register(CustomBeanNameStackOverflowSecurityConfig.class).autowire(); + assertThatExceptionOfType(FatalBeanException.class) + .isThrownBy(() -> this.spring.register(CustomBeanNameStackOverflowSecurityConfig.class).autowire()); } // SEC-2549 diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistryTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistryTests.java index 68d23d130e..c6edb4b5d2 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistryTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistryTests.java @@ -34,6 +34,7 @@ import org.springframework.security.messaging.util.matcher.MessageMatcher; import org.springframework.util.AntPathMatcher; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; @RunWith(MockitoJUnitRunner.class) @@ -96,9 +97,9 @@ public class MessageSecurityMetadataSourceRegistryTests { assertThat(getAttribute()).isEqualTo("permitAll"); } - @Test(expected = IllegalArgumentException.class) + @Test public void pathMatcherNull() { - this.messages.simpDestPathMatcher(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.messages.simpDestPathMatcher(null)); } @Test diff --git a/config/src/test/java/org/springframework/security/config/authentication/AuthenticationProviderBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/authentication/AuthenticationProviderBeanDefinitionParserTests.java index b1e453d708..fd4fc1f762 100644 --- a/config/src/test/java/org/springframework/security/config/authentication/AuthenticationProviderBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/authentication/AuthenticationProviderBeanDefinitionParserTests.java @@ -31,6 +31,8 @@ import org.springframework.security.config.util.InMemoryXmlApplicationContext; import org.springframework.security.crypto.password.LdapShaPasswordEncoder; import org.springframework.security.crypto.password.MessageDigestPasswordEncoder; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; + /** * Tests for {@link AuthenticationProviderBeanDefinitionParser}. * @@ -140,18 +142,20 @@ public class AuthenticationProviderBeanDefinitionParserTests { } // SEC-1466 - @Test(expected = BeanDefinitionParsingException.class) + @Test public void exernalProviderDoesNotSupportChildElements() { + assertThatExceptionOfType(BeanDefinitionParsingException.class).isThrownBy(() -> // @formatter:off - this.appContext = new InMemoryXmlApplicationContext(" " - + " " - + " " - + " " - + " " - + " " - + " "); + this.appContext = new InMemoryXmlApplicationContext(" " + + " " + + " " + + " " + + " " + + " " + + " ") // @formatter:on + ); } private AuthenticationProvider getProvider() { diff --git a/config/src/test/java/org/springframework/security/config/authentication/UserServiceBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/authentication/UserServiceBeanDefinitionParserTests.java index 239f1145ce..b5d636f892 100644 --- a/config/src/test/java/org/springframework/security/config/authentication/UserServiceBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/authentication/UserServiceBeanDefinitionParserTests.java @@ -26,6 +26,7 @@ import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * @author Luke Taylor @@ -122,26 +123,28 @@ public class UserServiceBeanDefinitionParserTests { assertThat(bob.isEnabled()).isFalse(); } - @Test(expected = FatalBeanException.class) + @Test public void userWithBothPropertiesAndEmbeddedUsersThrowsException() { + assertThatExceptionOfType(FatalBeanException.class).isThrownBy(() -> // @formatter:off - setContext("" - + " " - + ""); + setContext("" + + " " + + "") // @formatter:on - UserDetailsService userService = (UserDetailsService) this.appContext.getBean("service"); - userService.loadUserByUsername("Joe"); + ); } - @Test(expected = FatalBeanException.class) + @Test public void multipleTopLevelUseWithoutIdThrowsException() { - setContext("" - + ""); + assertThatExceptionOfType(FatalBeanException.class).isThrownBy(() -> setContext( + "" + + "")); } - @Test(expected = FatalBeanException.class) + @Test public void userServiceWithMissingPropertiesFileThrowsException() { - setContext(""); + assertThatExceptionOfType(FatalBeanException.class).isThrownBy( + () -> setContext("")); } private void setContext(String context) { diff --git a/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsJcTests.java b/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsJcTests.java index 49025a33c3..3ffa7eec71 100644 --- a/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsJcTests.java +++ b/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsJcTests.java @@ -50,6 +50,7 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration @@ -110,16 +111,16 @@ public class GrantedAuthorityDefaultsJcTests { this.messageService.getJsrMessage(); } - @Test(expected = AccessDeniedException.class) + @Test public void messageDenied() { setup("DENIED"); - this.messageService.getMessage(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.messageService::getMessage); } - @Test(expected = AccessDeniedException.class) + @Test public void jsrMessageDenied() { setup("DENIED"); - this.messageService.getJsrMessage(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.messageService::getJsrMessage); } // SEC-2926 diff --git a/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsXmlTests.java b/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsXmlTests.java index d8dad3d308..bcd36eff3d 100644 --- a/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsXmlTests.java +++ b/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsXmlTests.java @@ -43,6 +43,7 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration @@ -103,16 +104,16 @@ public class GrantedAuthorityDefaultsXmlTests { this.messageService.getJsrMessage(); } - @Test(expected = AccessDeniedException.class) + @Test public void messageDenied() { setup("DENIED"); - this.messageService.getMessage(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.messageService::getMessage); } - @Test(expected = AccessDeniedException.class) + @Test public void jsrMessageDenied() { setup("DENIED"); - this.messageService.getJsrMessage(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.messageService::getJsrMessage); } // SEC-2926 diff --git a/config/src/test/java/org/springframework/security/config/http/FilterSecurityMetadataSourceBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/http/FilterSecurityMetadataSourceBeanDefinitionParserTests.java index 503e0bd803..e65f92cd59 100644 --- a/config/src/test/java/org/springframework/security/config/http/FilterSecurityMetadataSourceBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/http/FilterSecurityMetadataSourceBeanDefinitionParserTests.java @@ -36,6 +36,7 @@ import org.springframework.security.web.access.expression.ExpressionBasedFilterI import org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * Tests for {@link FilterInvocationSecurityMetadataSourceParser}. @@ -119,11 +120,12 @@ public class FilterSecurityMetadataSourceBeanDefinitionParserTests { // @formatter:on } - @Test(expected = BeanDefinitionParsingException.class) + @Test public void parsingInterceptUrlServletPathFails() { - setContext("" - + " " - + ""); + assertThatExceptionOfType(BeanDefinitionParsingException.class) + .isThrownBy(() -> setContext("" + + " " + + "")); } private FilterInvocation createFilterInvocation(String path, String method) { diff --git a/config/src/test/java/org/springframework/security/config/method/GlobalMethodSecurityBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/method/GlobalMethodSecurityBeanDefinitionParserTests.java index 87263447e1..f4f3ee7ac2 100644 --- a/config/src/test/java/org/springframework/security/config/method/GlobalMethodSecurityBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/method/GlobalMethodSecurityBeanDefinitionParserTests.java @@ -96,10 +96,11 @@ public class GlobalMethodSecurityBeanDefinitionParserTests { this.target = null; } - @Test(expected = AuthenticationCredentialsNotFoundException.class) + @Test public void targetShouldPreventProtectedMethodInvocationWithNoContext() { loadContext(); - this.target.someUserMethod1(); + assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) + .isThrownBy(this.target::someUserMethod1); } @Test @@ -114,13 +115,13 @@ public class GlobalMethodSecurityBeanDefinitionParserTests { assertThat(((MethodSecurityMetadataSourceAdvisor) advisors[0]).getOrder()).isEqualTo(1001); } - @Test(expected = AccessDeniedException.class) + @Test public void targetShouldPreventProtectedMethodInvocationWithIncorrectRole() { loadContext(); TestingAuthenticationToken token = new TestingAuthenticationToken("Test", "Password", "ROLE_SOMEOTHERROLE"); token.setAuthenticated(true); SecurityContextHolder.getContext().setAuthentication(token); - this.target.someAdminMethod(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.target::someAdminMethod); } @Test @@ -138,7 +139,7 @@ public class GlobalMethodSecurityBeanDefinitionParserTests { assertThat(service.getPostProcessorWasHere()).isEqualTo("Hello from the post processor!"); } - @Test(expected = AccessDeniedException.class) + @Test public void worksWithAspectJAutoproxy() { // @formatter:off setContext("" @@ -155,7 +156,7 @@ public class GlobalMethodSecurityBeanDefinitionParserTests { UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password", AuthorityUtils.createAuthorityList("ROLE_SOMEOTHERROLE")); SecurityContextHolder.getContext().setAuthentication(token); - service.loadUserByUsername("notused"); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> service.loadUserByUsername("notused")); } @Test @@ -201,13 +202,14 @@ public class GlobalMethodSecurityBeanDefinitionParserTests { this.target.someOther(0); } - @Test(expected = BeanDefinitionParsingException.class) + @Test public void duplicateElementCausesError() { - setContext("" + ""); + assertThatExceptionOfType(BeanDefinitionParsingException.class) + .isThrownBy(() -> setContext("" + "")); } // SEC-936 - @Test(expected = AccessDeniedException.class) + @Test public void worksWithoutTargetOrClass() { // @formatter:off setContext("" @@ -221,7 +223,7 @@ public class GlobalMethodSecurityBeanDefinitionParserTests { AuthorityUtils.createAuthorityList("ROLE_SOMEOTHERROLE")); SecurityContextHolder.getContext().setAuthentication(token); this.target = (BusinessService) this.appContext.getBean("businessService"); - this.target.someUserMethod1(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.target::someUserMethod1); } // Expression configuration tests @@ -242,7 +244,7 @@ public class GlobalMethodSecurityBeanDefinitionParserTests { .isSameAs(FieldUtils.getFieldValue(aip, "postAdvice.expressionHandler")); } - @Test(expected = AccessDeniedException.class) + @Test public void accessIsDeniedForHasRoleExpression() { // @formatter:off setContext("" @@ -251,7 +253,7 @@ public class GlobalMethodSecurityBeanDefinitionParserTests { // @formatter:on SecurityContextHolder.getContext().setAuthentication(this.bob); this.target = (BusinessService) this.appContext.getBean("target"); - this.target.someAdminMethod(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.target::someAdminMethod); } @Test @@ -322,7 +324,7 @@ public class GlobalMethodSecurityBeanDefinitionParserTests { } // SEC-1450 - @Test(expected = AuthenticationException.class) + @Test @SuppressWarnings("unchecked") public void genericsAreMatchedByProtectPointcut() { // @formatter:off @@ -334,7 +336,7 @@ public class GlobalMethodSecurityBeanDefinitionParserTests { + ConfigTestUtils.AUTH_PROVIDER_XML); // @formatter:on Foo foo = (Foo) this.appContext.getBean("target"); - foo.foo(new SecurityConfig("A")); + assertThatExceptionOfType(AuthenticationException.class).isThrownBy(() -> foo.foo(new SecurityConfig("A"))); } // SEC-1448 diff --git a/config/src/test/java/org/springframework/security/config/method/InterceptMethodsBeanDefinitionDecoratorTests.java b/config/src/test/java/org/springframework/security/config/method/InterceptMethodsBeanDefinitionDecoratorTests.java index 0316daf0fe..2fb131b8b9 100644 --- a/config/src/test/java/org/springframework/security/config/method/InterceptMethodsBeanDefinitionDecoratorTests.java +++ b/config/src/test/java/org/springframework/security/config/method/InterceptMethodsBeanDefinitionDecoratorTests.java @@ -40,6 +40,7 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * @author Luke Taylor @@ -82,9 +83,10 @@ public class InterceptMethodsBeanDefinitionDecoratorTests implements Application this.target.unprotected(); } - @Test(expected = AuthenticationCredentialsNotFoundException.class) + @Test public void targetShouldPreventProtectedMethodInvocationWithNoContext() { - this.target.doSomething(); + assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) + .isThrownBy(this.target::doSomething); } @Test @@ -95,17 +97,17 @@ public class InterceptMethodsBeanDefinitionDecoratorTests implements Application this.target.doSomething(); } - @Test(expected = AccessDeniedException.class) + @Test public void targetShouldPreventProtectedMethodInvocationWithIncorrectRole() { UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password", AuthorityUtils.createAuthorityList("ROLE_SOMEOTHERROLE")); SecurityContextHolder.getContext().setAuthentication(token); - this.target.doSomething(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.target::doSomething); } - @Test(expected = AuthenticationException.class) + @Test public void transactionalMethodsShouldBeSecured() { - this.transactionalTarget.doSomething(); + assertThatExceptionOfType(AuthenticationException.class).isThrownBy(this.transactionalTarget::doSomething); } @Override diff --git a/config/src/test/java/org/springframework/security/config/method/Jsr250AnnotationDrivenBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/method/Jsr250AnnotationDrivenBeanDefinitionParserTests.java index 571868f184..9c43ad33ca 100644 --- a/config/src/test/java/org/springframework/security/config/method/Jsr250AnnotationDrivenBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/method/Jsr250AnnotationDrivenBeanDefinitionParserTests.java @@ -29,6 +29,8 @@ import org.springframework.security.config.util.InMemoryXmlApplicationContext; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.context.SecurityContextHolder; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; + /** * @author Luke Taylor */ @@ -57,9 +59,10 @@ public class Jsr250AnnotationDrivenBeanDefinitionParserTests { SecurityContextHolder.clearContext(); } - @Test(expected = AuthenticationCredentialsNotFoundException.class) + @Test public void targetShouldPreventProtectedMethodInvocationWithNoContext() { - this.target.someUserMethod1(); + assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) + .isThrownBy(() -> this.target.someUserMethod1()); } @Test @@ -78,12 +81,12 @@ public class Jsr250AnnotationDrivenBeanDefinitionParserTests { this.target.someUserMethod1(); } - @Test(expected = AccessDeniedException.class) + @Test public void targetShouldPreventProtectedMethodInvocationWithIncorrectRole() { UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password", AuthorityUtils.createAuthorityList("ROLE_SOMEOTHERROLE")); SecurityContextHolder.getContext().setAuthentication(token); - this.target.someAdminMethod(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.target::someAdminMethod); } @Test diff --git a/config/src/test/java/org/springframework/security/config/method/PreAuthorizeTests.java b/config/src/test/java/org/springframework/security/config/method/PreAuthorizeTests.java index 91c10958e3..9a4e5cdea0 100644 --- a/config/src/test/java/org/springframework/security/config/method/PreAuthorizeTests.java +++ b/config/src/test/java/org/springframework/security/config/method/PreAuthorizeTests.java @@ -27,6 +27,8 @@ import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; + /** * @author Rob Winch * @@ -43,11 +45,11 @@ public class PreAuthorizeTests { SecurityContextHolder.clearContext(); } - @Test(expected = AccessDeniedException.class) + @Test public void preAuthorizeAdminRoleDenied() { SecurityContextHolder.getContext() .setAuthentication(new TestingAuthenticationToken("user", "pass", "ROLE_USER")); - this.service.preAuthorizeAdminRole(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.service::preAuthorizeAdminRole); } @Test @@ -64,11 +66,12 @@ public class PreAuthorizeTests { this.service.contactPermission(new Contact("user")); } - @Test(expected = AccessDeniedException.class) + @Test public void preAuthorizeContactPermissionDenied() { SecurityContextHolder.getContext() .setAuthentication(new TestingAuthenticationToken("user", "pass", "ROLE_ADMIN")); - this.service.contactPermission(new Contact("admin")); + assertThatExceptionOfType(AccessDeniedException.class) + .isThrownBy(() -> this.service.contactPermission(new Contact("admin"))); } } diff --git a/config/src/test/java/org/springframework/security/config/method/Sec2196Tests.java b/config/src/test/java/org/springframework/security/config/method/Sec2196Tests.java index 7814a7f7d6..fa1067e63a 100644 --- a/config/src/test/java/org/springframework/security/config/method/Sec2196Tests.java +++ b/config/src/test/java/org/springframework/security/config/method/Sec2196Tests.java @@ -26,6 +26,8 @@ import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.config.util.InMemoryXmlApplicationContext; import org.springframework.security.core.context.SecurityContextHolder; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; + /** * @author Rob Winch * @@ -34,14 +36,14 @@ public class Sec2196Tests { private ConfigurableApplicationContext context; - @Test(expected = AccessDeniedException.class) + @Test public void genericMethodsProtected() { loadContext("" + ""); SecurityContextHolder.getContext() .setAuthentication(new TestingAuthenticationToken("test", "pass", "ROLE_USER")); Service service = this.context.getBean(Service.class); - service.save(new User()); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> service.save(new User())); } @Test diff --git a/config/src/test/java/org/springframework/security/config/method/SecuredAnnotationDrivenBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/method/SecuredAnnotationDrivenBeanDefinitionParserTests.java index 75961648dd..ceb72bdc05 100644 --- a/config/src/test/java/org/springframework/security/config/method/SecuredAnnotationDrivenBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/method/SecuredAnnotationDrivenBeanDefinitionParserTests.java @@ -65,9 +65,10 @@ public class SecuredAnnotationDrivenBeanDefinitionParserTests { SecurityContextHolder.clearContext(); } - @Test(expected = AuthenticationCredentialsNotFoundException.class) + @Test public void targetShouldPreventProtectedMethodInvocationWithNoContext() { - this.target.someUserMethod1(); + assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) + .isThrownBy(this.target::someUserMethod1); } @Test @@ -78,28 +79,29 @@ public class SecuredAnnotationDrivenBeanDefinitionParserTests { this.target.someUserMethod1(); } - @Test(expected = AccessDeniedException.class) + @Test public void targetShouldPreventProtectedMethodInvocationWithIncorrectRole() { UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password", AuthorityUtils.createAuthorityList("ROLE_SOMEOTHER")); SecurityContextHolder.getContext().setAuthentication(token); - this.target.someAdminMethod(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.target::someAdminMethod); } // SEC-1387 - @Test(expected = AuthenticationCredentialsNotFoundException.class) + @Test public void targetIsSerializableBeforeUse() throws Exception { BusinessService chompedTarget = (BusinessService) serializeAndDeserialize(this.target); - chompedTarget.someAdminMethod(); + assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) + .isThrownBy(chompedTarget::someAdminMethod); } - @Test(expected = AccessDeniedException.class) + @Test public void targetIsSerializableAfterUse() throws Exception { assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) .isThrownBy(this.target::someAdminMethod); SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("u", "p", "ROLE_A")); BusinessService chompedTarget = (BusinessService) serializeAndDeserialize(this.target); - chompedTarget.someAdminMethod(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(chompedTarget::someAdminMethod); } private Object serializeAndDeserialize(Object o) throws IOException, ClassNotFoundException { diff --git a/config/src/test/java/org/springframework/security/config/method/SecuredTests.java b/config/src/test/java/org/springframework/security/config/method/SecuredTests.java index 607b164c67..1a2504f32c 100644 --- a/config/src/test/java/org/springframework/security/config/method/SecuredTests.java +++ b/config/src/test/java/org/springframework/security/config/method/SecuredTests.java @@ -27,6 +27,8 @@ import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; + /** * @author Rob Winch * @@ -43,11 +45,11 @@ public class SecuredTests { SecurityContextHolder.clearContext(); } - @Test(expected = AccessDeniedException.class) + @Test public void securedAdminRoleDenied() { SecurityContextHolder.getContext() .setAuthentication(new TestingAuthenticationToken("user", "pass", "ROLE_USER")); - this.service.securedAdminRole(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.service::securedAdminRole); } @Test diff --git a/config/src/test/java/org/springframework/security/config/method/configuration/Gh4020GlobalMethodSecurityConfigurationTests.java b/config/src/test/java/org/springframework/security/config/method/configuration/Gh4020GlobalMethodSecurityConfigurationTests.java index ac1bc7b814..3d1da6e0ae 100644 --- a/config/src/test/java/org/springframework/security/config/method/configuration/Gh4020GlobalMethodSecurityConfigurationTests.java +++ b/config/src/test/java/org/springframework/security/config/method/configuration/Gh4020GlobalMethodSecurityConfigurationTests.java @@ -31,6 +31,7 @@ import org.springframework.security.config.annotation.method.configuration.Enabl import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.Mockito.mock; /** @@ -44,9 +45,9 @@ public class Gh4020GlobalMethodSecurityConfigurationTests { DenyAllService denyAll; // gh-4020 - @Test(expected = AuthenticationCredentialsNotFoundException.class) + @Test public void denyAll() { - this.denyAll.denyAll(); + assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class).isThrownBy(this.denyAll::denyAll); } @Configuration diff --git a/config/src/test/java/org/springframework/security/config/web/server/AuthorizeExchangeSpecTests.java b/config/src/test/java/org/springframework/security/config/web/server/AuthorizeExchangeSpecTests.java index 99fe4a2c1a..0559e635c2 100644 --- a/config/src/test/java/org/springframework/security/config/web/server/AuthorizeExchangeSpecTests.java +++ b/config/src/test/java/org/springframework/security/config/web/server/AuthorizeExchangeSpecTests.java @@ -23,6 +23,8 @@ import org.springframework.security.config.annotation.web.reactive.ServerHttpSec import org.springframework.security.test.web.reactive.server.WebTestClientBuilder; import org.springframework.test.web.reactive.server.WebTestClient; +import static org.assertj.core.api.Assertions.assertThatIllegalStateException; + /** * @author Rob Winch * @since 5.0 @@ -105,31 +107,34 @@ public class AuthorizeExchangeSpecTests { // @formatter:on } - @Test(expected = IllegalStateException.class) + @Test public void antMatchersWhenNoAccessAndAnotherMatcherThenThrowsException() { this.http.authorizeExchange().pathMatchers("/incomplete"); - this.http.authorizeExchange().pathMatchers("/throws-exception"); + assertThatIllegalStateException() + .isThrownBy(() -> this.http.authorizeExchange().pathMatchers("/throws-exception")); } - @Test(expected = IllegalStateException.class) + @Test public void anyExchangeWhenFollowedByMatcherThenThrowsException() { + assertThatIllegalStateException().isThrownBy(() -> // @formatter:off - this.http.authorizeExchange() - .anyExchange().denyAll() - .pathMatchers("/never-reached"); + this.http.authorizeExchange() + .anyExchange().denyAll() + .pathMatchers("/never-reached") // @formatter:on + ); } - @Test(expected = IllegalStateException.class) + @Test public void buildWhenMatcherDefinedWithNoAccessThenThrowsException() { this.http.authorizeExchange().pathMatchers("/incomplete"); - this.http.build(); + assertThatIllegalStateException().isThrownBy(this.http::build); } - @Test(expected = IllegalStateException.class) + @Test public void buildWhenMatcherDefinedWithNoAccessInLambdaThenThrowsException() { this.http.authorizeExchange((exchanges) -> exchanges.pathMatchers("/incomplete")); - this.http.build(); + assertThatIllegalStateException().isThrownBy(this.http::build); } private WebTestClient buildClient() { diff --git a/config/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorWithAopConfigTests.java b/config/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorWithAopConfigTests.java index b4992795ab..7aa9c23914 100644 --- a/config/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorWithAopConfigTests.java +++ b/config/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorWithAopConfigTests.java @@ -84,7 +84,7 @@ public class MethodSecurityInterceptorWithAopConfigTests { } } - @Test(expected = AuthenticationCredentialsNotFoundException.class) + @Test public void securityInterceptorIsAppliedWhenUsedWithAopConfig() { // @formatter:off setContext("" @@ -99,10 +99,11 @@ public class MethodSecurityInterceptorWithAopConfigTests { // Check both against interface and class assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) .isThrownBy(() -> target.makeLowerCase("TEST")); - target.makeUpperCase("test"); + assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) + .isThrownBy(() -> target.makeUpperCase("test")); } - @Test(expected = AuthenticationCredentialsNotFoundException.class) + @Test public void securityInterceptorIsAppliedWhenUsedWithBeanNameAutoProxyCreator() { // @formatter:off setContext("" @@ -126,7 +127,8 @@ public class MethodSecurityInterceptorWithAopConfigTests { ITargetObject target = (ITargetObject) this.appContext.getBean("target"); assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) .isThrownBy(() -> target.makeLowerCase("TEST")); - target.makeUpperCase("test"); + assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) + .isThrownBy(() -> target.makeUpperCase("test")); } private void setContext(String context) { diff --git a/core/src/test/java/org/springframework/security/access/AuthenticationCredentialsNotFoundEventTests.java b/core/src/test/java/org/springframework/security/access/AuthenticationCredentialsNotFoundEventTests.java index e694b06466..61476b5c6f 100644 --- a/core/src/test/java/org/springframework/security/access/AuthenticationCredentialsNotFoundEventTests.java +++ b/core/src/test/java/org/springframework/security/access/AuthenticationCredentialsNotFoundEventTests.java @@ -22,6 +22,8 @@ import org.springframework.security.access.event.AuthenticationCredentialsNotFou import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException; import org.springframework.security.util.SimpleMethodInvocation; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; + /** * Tests {@link AuthenticationCredentialsNotFoundEvent}. * @@ -29,22 +31,24 @@ import org.springframework.security.util.SimpleMethodInvocation; */ public class AuthenticationCredentialsNotFoundEventTests { - @Test(expected = IllegalArgumentException.class) + @Test public void testRejectsNulls() { - new AuthenticationCredentialsNotFoundEvent(null, SecurityConfig.createList("TEST"), - new AuthenticationCredentialsNotFoundException("test")); + assertThatIllegalArgumentException().isThrownBy(() -> new AuthenticationCredentialsNotFoundEvent(null, + SecurityConfig.createList("TEST"), new AuthenticationCredentialsNotFoundException("test"))); } - @Test(expected = IllegalArgumentException.class) + @Test public void testRejectsNulls2() { - new AuthenticationCredentialsNotFoundEvent(new SimpleMethodInvocation(), null, - new AuthenticationCredentialsNotFoundException("test")); + assertThatIllegalArgumentException() + .isThrownBy(() -> new AuthenticationCredentialsNotFoundEvent(new SimpleMethodInvocation(), null, + new AuthenticationCredentialsNotFoundException("test"))); } - @Test(expected = IllegalArgumentException.class) + @Test public void testRejectsNulls3() { - new AuthenticationCredentialsNotFoundEvent(new SimpleMethodInvocation(), SecurityConfig.createList("TEST"), - null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new AuthenticationCredentialsNotFoundEvent(new SimpleMethodInvocation(), + SecurityConfig.createList("TEST"), null)); } } diff --git a/core/src/test/java/org/springframework/security/access/AuthorizationFailureEventTests.java b/core/src/test/java/org/springframework/security/access/AuthorizationFailureEventTests.java index b6f5766cfe..94af492ae9 100644 --- a/core/src/test/java/org/springframework/security/access/AuthorizationFailureEventTests.java +++ b/core/src/test/java/org/springframework/security/access/AuthorizationFailureEventTests.java @@ -25,6 +25,7 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio import org.springframework.security.util.SimpleMethodInvocation; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests {@link AuthorizationFailureEvent}. @@ -39,24 +40,29 @@ public class AuthorizationFailureEventTests { private AccessDeniedException exception = new AuthorizationServiceException("error", new Throwable()); - @Test(expected = IllegalArgumentException.class) + @Test public void rejectsNullSecureObject() { - new AuthorizationFailureEvent(null, this.attributes, this.foo, this.exception); + assertThatIllegalArgumentException() + .isThrownBy(() -> new AuthorizationFailureEvent(null, this.attributes, this.foo, this.exception)); } - @Test(expected = IllegalArgumentException.class) + @Test public void rejectsNullAttributesList() { - new AuthorizationFailureEvent(new SimpleMethodInvocation(), null, this.foo, this.exception); + assertThatIllegalArgumentException().isThrownBy( + () -> new AuthorizationFailureEvent(new SimpleMethodInvocation(), null, this.foo, this.exception)); } - @Test(expected = IllegalArgumentException.class) + @Test public void rejectsNullAuthentication() { - new AuthorizationFailureEvent(new SimpleMethodInvocation(), this.attributes, null, this.exception); + assertThatIllegalArgumentException() + .isThrownBy(() -> new AuthorizationFailureEvent(new SimpleMethodInvocation(), this.attributes, null, + this.exception)); } - @Test(expected = IllegalArgumentException.class) + @Test public void rejectsNullException() { - new AuthorizationFailureEvent(new SimpleMethodInvocation(), this.attributes, this.foo, null); + assertThatIllegalArgumentException().isThrownBy( + () -> new AuthorizationFailureEvent(new SimpleMethodInvocation(), this.attributes, this.foo, null)); } @Test diff --git a/core/src/test/java/org/springframework/security/access/AuthorizedEventTests.java b/core/src/test/java/org/springframework/security/access/AuthorizedEventTests.java index 9b6fee171e..370252a06c 100644 --- a/core/src/test/java/org/springframework/security/access/AuthorizedEventTests.java +++ b/core/src/test/java/org/springframework/security/access/AuthorizedEventTests.java @@ -22,6 +22,8 @@ import org.springframework.security.access.event.AuthorizedEvent; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.util.SimpleMethodInvocation; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; + /** * Tests {@link AuthorizedEvent}. * @@ -29,20 +31,22 @@ import org.springframework.security.util.SimpleMethodInvocation; */ public class AuthorizedEventTests { - @Test(expected = IllegalArgumentException.class) + @Test public void testRejectsNulls() { - new AuthorizedEvent(null, SecurityConfig.createList("TEST"), - new UsernamePasswordAuthenticationToken("foo", "bar")); + assertThatIllegalArgumentException().isThrownBy(() -> new AuthorizedEvent(null, + SecurityConfig.createList("TEST"), new UsernamePasswordAuthenticationToken("foo", "bar"))); } - @Test(expected = IllegalArgumentException.class) + @Test public void testRejectsNulls2() { - new AuthorizedEvent(new SimpleMethodInvocation(), null, new UsernamePasswordAuthenticationToken("foo", "bar")); + assertThatIllegalArgumentException().isThrownBy(() -> new AuthorizedEvent(new SimpleMethodInvocation(), null, + new UsernamePasswordAuthenticationToken("foo", "bar"))); } - @Test(expected = IllegalArgumentException.class) + @Test public void testRejectsNulls3() { - new AuthorizedEvent(new SimpleMethodInvocation(), SecurityConfig.createList("TEST"), null); + assertThatIllegalArgumentException().isThrownBy( + () -> new AuthorizedEvent(new SimpleMethodInvocation(), SecurityConfig.createList("TEST"), null)); } } diff --git a/core/src/test/java/org/springframework/security/access/SecurityConfigTests.java b/core/src/test/java/org/springframework/security/access/SecurityConfigTests.java index 7cc22aff20..9551051bb8 100644 --- a/core/src/test/java/org/springframework/security/access/SecurityConfigTests.java +++ b/core/src/test/java/org/springframework/security/access/SecurityConfigTests.java @@ -19,6 +19,8 @@ package org.springframework.security.access; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests {@link SecurityConfig}. @@ -33,19 +35,20 @@ public class SecurityConfigTests { assertThat(config.hashCode()).isEqualTo("TEST".hashCode()); } - @Test(expected = IllegalArgumentException.class) + @Test public void testCannotConstructWithNullAttribute() { - new SecurityConfig(null); // SEC-727 + assertThatIllegalArgumentException().isThrownBy(() -> new SecurityConfig(null)); // SEC-727 } - @Test(expected = IllegalArgumentException.class) + @Test public void testCannotConstructWithEmptyAttribute() { - new SecurityConfig(""); // SEC-727 + assertThatIllegalArgumentException().isThrownBy(() -> new SecurityConfig("")); // SEC-727 } - @Test(expected = NoSuchMethodException.class) + @Test public void testNoArgConstructorDoesntExist() throws Exception { - SecurityConfig.class.getDeclaredConstructor((Class[]) null); + assertThatExceptionOfType(NoSuchMethodException.class) + .isThrownBy(() -> SecurityConfig.class.getDeclaredConstructor((Class[]) null)); } @Test diff --git a/core/src/test/java/org/springframework/security/access/expression/AbstractSecurityExpressionHandlerTests.java b/core/src/test/java/org/springframework/security/access/expression/AbstractSecurityExpressionHandlerTests.java index f8c6b653a2..c326f86c90 100644 --- a/core/src/test/java/org/springframework/security/access/expression/AbstractSecurityExpressionHandlerTests.java +++ b/core/src/test/java/org/springframework/security/access/expression/AbstractSecurityExpressionHandlerTests.java @@ -27,6 +27,7 @@ import org.springframework.expression.spel.standard.SpelExpressionParser; import org.springframework.security.core.Authentication; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.mock; /** @@ -57,9 +58,9 @@ public class AbstractSecurityExpressionHandlerTests { .isEqualTo(true); } - @Test(expected = IllegalArgumentException.class) + @Test public void setExpressionParserNull() { - this.handler.setExpressionParser(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.handler.setExpressionParser(null)); } @Test diff --git a/core/src/test/java/org/springframework/security/access/expression/method/DefaultMethodSecurityExpressionHandlerTests.java b/core/src/test/java/org/springframework/security/access/expression/method/DefaultMethodSecurityExpressionHandlerTests.java index 0cc3343ca5..a1686fdeb1 100644 --- a/core/src/test/java/org/springframework/security/access/expression/method/DefaultMethodSecurityExpressionHandlerTests.java +++ b/core/src/test/java/org/springframework/security/access/expression/method/DefaultMethodSecurityExpressionHandlerTests.java @@ -37,6 +37,7 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.doReturn; @@ -69,9 +70,9 @@ public class DefaultMethodSecurityExpressionHandlerTests { SecurityContextHolder.clearContext(); } - @Test(expected = IllegalArgumentException.class) + @Test public void setTrustResolverNull() { - this.handler.setTrustResolver(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.handler.setTrustResolver(null)); } @Test diff --git a/core/src/test/java/org/springframework/security/access/expression/method/ExpressionBasedPreInvocationAdviceTests.java b/core/src/test/java/org/springframework/security/access/expression/method/ExpressionBasedPreInvocationAdviceTests.java index 8f942bb330..29aab692cd 100644 --- a/core/src/test/java/org/springframework/security/access/expression/method/ExpressionBasedPreInvocationAdviceTests.java +++ b/core/src/test/java/org/springframework/security/access/expression/method/ExpressionBasedPreInvocationAdviceTests.java @@ -30,6 +30,7 @@ import org.springframework.security.access.prepost.PreInvocationAttribute; import org.springframework.security.core.Authentication; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests {@link ExpressionBasedPreInvocationAdvice} @@ -50,21 +51,23 @@ public class ExpressionBasedPreInvocationAdviceTests { this.expressionBasedPreInvocationAdvice = new ExpressionBasedPreInvocationAdvice(); } - @Test(expected = IllegalArgumentException.class) + @Test public void findFilterTargetNameProvidedButNotMatch() throws Exception { PreInvocationAttribute attribute = new PreInvocationExpressionAttribute("true", "filterTargetDoesNotMatch", null); MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "doSomethingCollection", new Class[] { List.class }, new Object[] { new ArrayList<>() }); - this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute); + assertThatIllegalArgumentException().isThrownBy( + () -> this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute)); } - @Test(expected = IllegalArgumentException.class) + @Test public void findFilterTargetNameProvidedArrayUnsupported() throws Exception { PreInvocationAttribute attribute = new PreInvocationExpressionAttribute("true", "param", null); MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "doSomethingArray", new Class[] { String[].class }, new Object[] { new String[0] }); - this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute); + assertThatIllegalArgumentException().isThrownBy( + () -> this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute)); } @Test @@ -77,12 +80,13 @@ public class ExpressionBasedPreInvocationAdviceTests { assertThat(result).isTrue(); } - @Test(expected = IllegalArgumentException.class) + @Test public void findFilterTargetNameNotProvidedArrayUnsupported() throws Exception { PreInvocationAttribute attribute = new PreInvocationExpressionAttribute("true", "", null); MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "doSomethingArray", new Class[] { String[].class }, new Object[] { new String[0] }); - this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute); + assertThatIllegalArgumentException().isThrownBy( + () -> this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute)); } @Test @@ -95,21 +99,23 @@ public class ExpressionBasedPreInvocationAdviceTests { assertThat(result).isTrue(); } - @Test(expected = IllegalArgumentException.class) + @Test public void findFilterTargetNameNotProvidedTypeNotSupported() throws Exception { PreInvocationAttribute attribute = new PreInvocationExpressionAttribute("true", "", null); MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "doSomethingString", new Class[] { String.class }, new Object[] { "param" }); - this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute); + assertThatIllegalArgumentException().isThrownBy( + () -> this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute)); } - @Test(expected = IllegalArgumentException.class) + @Test public void findFilterTargetNameNotProvidedMethodAcceptMoreThenOneArgument() throws Exception { PreInvocationAttribute attribute = new PreInvocationExpressionAttribute("true", "", null); MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "doSomethingTwoArgs", new Class[] { String.class, List.class }, new Object[] { "param", new ArrayList<>() }); - this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute); + assertThatIllegalArgumentException().isThrownBy( + () -> this.expressionBasedPreInvocationAdvice.before(this.authentication, methodInvocation, attribute)); } private class TestClass { diff --git a/core/src/test/java/org/springframework/security/access/expression/method/MethodExpressionVoterTests.java b/core/src/test/java/org/springframework/security/access/expression/method/MethodExpressionVoterTests.java index d409c4054d..e3e0bfcf35 100644 --- a/core/src/test/java/org/springframework/security/access/expression/method/MethodExpressionVoterTests.java +++ b/core/src/test/java/org/springframework/security/access/expression/method/MethodExpressionVoterTests.java @@ -32,6 +32,7 @@ import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.util.SimpleMethodInvocation; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; @SuppressWarnings("unchecked") public class MethodExpressionVoterTests { @@ -86,28 +87,28 @@ public class MethodExpressionVoterTests { assertThat(arg).containsExactly("joe", "sam"); } - @Test(expected = IllegalArgumentException.class) + @Test public void arraysCannotBePrefiltered() throws Exception { MethodInvocation mi = new SimpleMethodInvocation(new TargetImpl(), methodTakingAnArray(), createArrayArg("sam", "joe")); - this.am.vote(this.joe, mi, - createAttributes(new PreInvocationExpressionAttribute("(filterObject == 'jim')", "someArray", null))); + assertThatIllegalArgumentException().isThrownBy(() -> this.am.vote(this.joe, mi, + createAttributes(new PreInvocationExpressionAttribute("(filterObject == 'jim')", "someArray", null)))); } - @Test(expected = IllegalArgumentException.class) + @Test public void incorrectFilterTargetNameIsRejected() throws Exception { MethodInvocation mi = new SimpleMethodInvocation(new TargetImpl(), methodTakingACollection(), createCollectionArg("joe", "bob")); - this.am.vote(this.joe, mi, - createAttributes(new PreInvocationExpressionAttribute("(filterObject == 'joe')", "collcetion", null))); + assertThatIllegalArgumentException().isThrownBy(() -> this.am.vote(this.joe, mi, + createAttributes(new PreInvocationExpressionAttribute("(filterObject == 'joe')", "collcetion", null)))); } - @Test(expected = IllegalArgumentException.class) + @Test public void nullNamedFilterTargetIsRejected() throws Exception { MethodInvocation mi = new SimpleMethodInvocation(new TargetImpl(), methodTakingACollection(), new Object[] { null }); - this.am.vote(this.joe, mi, - createAttributes(new PreInvocationExpressionAttribute("(filterObject == 'joe')", "collection", null))); + assertThatIllegalArgumentException().isThrownBy(() -> this.am.vote(this.joe, mi, + createAttributes(new PreInvocationExpressionAttribute("(filterObject == 'joe')", "collection", null)))); } @Test diff --git a/core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyUtilsTests.java b/core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyUtilsTests.java index ae08fd1249..8230e3c0a9 100644 --- a/core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyUtilsTests.java +++ b/core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyUtilsTests.java @@ -26,6 +26,7 @@ import java.util.TreeMap; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link RoleHierarchyUtils}. @@ -52,42 +53,47 @@ public class RoleHierarchyUtilsTests { assertThat(roleHierarchy).isEqualTo(expectedRoleHierarchy); } - @Test(expected = IllegalArgumentException.class) + @Test public void roleHierarchyFromMapWhenMapNullThenThrowsIllegalArgumentException() { - RoleHierarchyUtils.roleHierarchyFromMap(null); + assertThatIllegalArgumentException().isThrownBy(() -> RoleHierarchyUtils.roleHierarchyFromMap(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void roleHierarchyFromMapWhenMapEmptyThenThrowsIllegalArgumentException() { - RoleHierarchyUtils.roleHierarchyFromMap(Collections.>emptyMap()); + assertThatIllegalArgumentException().isThrownBy( + () -> RoleHierarchyUtils.roleHierarchyFromMap(Collections.>emptyMap())); } - @Test(expected = IllegalArgumentException.class) + @Test public void roleHierarchyFromMapWhenRoleNullThenThrowsIllegalArgumentException() { Map> roleHierarchyMap = new HashMap<>(); roleHierarchyMap.put(null, Arrays.asList("ROLE_B", "ROLE_C")); - RoleHierarchyUtils.roleHierarchyFromMap(roleHierarchyMap); + assertThatIllegalArgumentException() + .isThrownBy(() -> RoleHierarchyUtils.roleHierarchyFromMap(roleHierarchyMap)); } - @Test(expected = IllegalArgumentException.class) + @Test public void roleHierarchyFromMapWhenRoleEmptyThenThrowsIllegalArgumentException() { Map> roleHierarchyMap = new HashMap<>(); roleHierarchyMap.put("", Arrays.asList("ROLE_B", "ROLE_C")); - RoleHierarchyUtils.roleHierarchyFromMap(roleHierarchyMap); + assertThatIllegalArgumentException() + .isThrownBy(() -> RoleHierarchyUtils.roleHierarchyFromMap(roleHierarchyMap)); } - @Test(expected = IllegalArgumentException.class) + @Test public void roleHierarchyFromMapWhenImpliedRolesNullThenThrowsIllegalArgumentException() { Map> roleHierarchyMap = new HashMap<>(); roleHierarchyMap.put("ROLE_A", null); - RoleHierarchyUtils.roleHierarchyFromMap(roleHierarchyMap); + assertThatIllegalArgumentException() + .isThrownBy(() -> RoleHierarchyUtils.roleHierarchyFromMap(roleHierarchyMap)); } - @Test(expected = IllegalArgumentException.class) + @Test public void roleHierarchyFromMapWhenImpliedRolesEmptyThenThrowsIllegalArgumentException() { Map> roleHierarchyMap = new HashMap<>(); roleHierarchyMap.put("ROLE_A", Collections.emptyList()); - RoleHierarchyUtils.roleHierarchyFromMap(roleHierarchyMap); + assertThatIllegalArgumentException() + .isThrownBy(() -> RoleHierarchyUtils.roleHierarchyFromMap(roleHierarchyMap)); } } diff --git a/core/src/test/java/org/springframework/security/access/intercept/AbstractSecurityInterceptorTests.java b/core/src/test/java/org/springframework/security/access/intercept/AbstractSecurityInterceptorTests.java index 6a4047cbae..d2bf49792d 100644 --- a/core/src/test/java/org/springframework/security/access/intercept/AbstractSecurityInterceptorTests.java +++ b/core/src/test/java/org/springframework/security/access/intercept/AbstractSecurityInterceptorTests.java @@ -23,6 +23,7 @@ import org.springframework.security.access.SecurityMetadataSource; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.util.SimpleMethodInvocation; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.mock; /** @@ -33,7 +34,7 @@ import static org.mockito.Mockito.mock; */ public class AbstractSecurityInterceptorTests { - @Test(expected = IllegalArgumentException.class) + @Test public void detectsIfInvocationPassedIncompatibleSecureObject() { MockSecurityInterceptorWhichOnlySupportsStrings si = new MockSecurityInterceptorWhichOnlySupportsStrings(); si.setRunAsManager(mock(RunAsManager.class)); @@ -41,10 +42,10 @@ public class AbstractSecurityInterceptorTests { si.setAfterInvocationManager(mock(AfterInvocationManager.class)); si.setAccessDecisionManager(mock(AccessDecisionManager.class)); si.setSecurityMetadataSource(mock(SecurityMetadataSource.class)); - si.beforeInvocation(new SimpleMethodInvocation()); + assertThatIllegalArgumentException().isThrownBy(() -> si.beforeInvocation(new SimpleMethodInvocation())); } - @Test(expected = IllegalArgumentException.class) + @Test public void detectsViolationOfGetSecureObjectClassMethod() throws Exception { MockSecurityInterceptorReturnsNull si = new MockSecurityInterceptorReturnsNull(); si.setRunAsManager(mock(RunAsManager.class)); @@ -52,7 +53,7 @@ public class AbstractSecurityInterceptorTests { si.setAfterInvocationManager(mock(AfterInvocationManager.class)); si.setAccessDecisionManager(mock(AccessDecisionManager.class)); si.setSecurityMetadataSource(mock(SecurityMetadataSource.class)); - si.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(si::afterPropertiesSet); } private class MockSecurityInterceptorReturnsNull extends AbstractSecurityInterceptor { diff --git a/core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java index 620806f5ff..64a1f73158 100644 --- a/core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java +++ b/core/src/test/java/org/springframework/security/access/intercept/RunAsImplAuthenticationProviderTests.java @@ -26,19 +26,21 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.authority.AuthorityUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests {@link RunAsImplAuthenticationProvider}. */ public class RunAsImplAuthenticationProviderTests { - @Test(expected = BadCredentialsException.class) + @Test public void testAuthenticationFailDueToWrongKey() { RunAsUserToken token = new RunAsUserToken("wrong_key", "Test", "Password", AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"), UsernamePasswordAuthenticationToken.class); RunAsImplAuthenticationProvider provider = new RunAsImplAuthenticationProvider(); provider.setKey("hello_world"); - provider.authenticate(token); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> provider.authenticate(token)); } @Test @@ -53,10 +55,10 @@ public class RunAsImplAuthenticationProviderTests { assertThat(resultCast.getKeyHash()).isEqualTo("my_password".hashCode()); } - @Test(expected = IllegalArgumentException.class) + @Test public void testStartupFailsIfNoKey() throws Exception { RunAsImplAuthenticationProvider provider = new RunAsImplAuthenticationProvider(); - provider.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(provider::afterPropertiesSet); } @Test diff --git a/core/src/test/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityInterceptorTests.java b/core/src/test/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityInterceptorTests.java index 01ae098bda..2447e49bc1 100644 --- a/core/src/test/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityInterceptorTests.java +++ b/core/src/test/java/org/springframework/security/access/intercept/aopalliance/MethodSecurityInterceptorTests.java @@ -48,6 +48,7 @@ import org.springframework.security.core.context.SecurityContextHolder; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.eq; @@ -124,63 +125,63 @@ public class MethodSecurityInterceptorTests { assertThat(this.interceptor.getAfterInvocationManager()).isEqualTo(aim); } - @Test(expected = IllegalArgumentException.class) + @Test public void missingAccessDecisionManagerIsDetected() throws Exception { this.interceptor.setAccessDecisionManager(null); - this.interceptor.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> this.interceptor.afterPropertiesSet()); } - @Test(expected = IllegalArgumentException.class) + @Test public void missingAuthenticationManagerIsDetected() throws Exception { this.interceptor.setAuthenticationManager(null); - this.interceptor.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> this.interceptor.afterPropertiesSet()); } - @Test(expected = IllegalArgumentException.class) + @Test public void missingMethodSecurityMetadataSourceIsRejected() throws Exception { this.interceptor.setSecurityMetadataSource(null); - this.interceptor.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> this.interceptor.afterPropertiesSet()); } - @Test(expected = IllegalArgumentException.class) + @Test public void missingRunAsManagerIsRejected() throws Exception { this.interceptor.setRunAsManager(null); - this.interceptor.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> this.interceptor.afterPropertiesSet()); } - @Test(expected = IllegalArgumentException.class) + @Test public void initializationRejectsSecurityMetadataSourceThatDoesNotSupportMethodInvocation() throws Throwable { given(this.mds.supports(MethodInvocation.class)).willReturn(false); - this.interceptor.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> this.interceptor.afterPropertiesSet()); } - @Test(expected = IllegalArgumentException.class) + @Test public void initializationRejectsAccessDecisionManagerThatDoesNotSupportMethodInvocation() throws Exception { given(this.mds.supports(MethodInvocation.class)).willReturn(true); given(this.adm.supports(MethodInvocation.class)).willReturn(false); - this.interceptor.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> this.interceptor.afterPropertiesSet()); } - @Test(expected = IllegalArgumentException.class) + @Test public void intitalizationRejectsRunAsManagerThatDoesNotSupportMethodInvocation() throws Exception { final RunAsManager ram = mock(RunAsManager.class); given(ram.supports(MethodInvocation.class)).willReturn(false); this.interceptor.setRunAsManager(ram); - this.interceptor.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> this.interceptor.afterPropertiesSet()); } - @Test(expected = IllegalArgumentException.class) + @Test public void intitalizationRejectsAfterInvocationManagerThatDoesNotSupportMethodInvocation() throws Exception { final AfterInvocationManager aim = mock(AfterInvocationManager.class); given(aim.supports(MethodInvocation.class)).willReturn(false); this.interceptor.setAfterInvocationManager(aim); - this.interceptor.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> this.interceptor.afterPropertiesSet()); } - @Test(expected = IllegalArgumentException.class) + @Test public void initializationFailsIfAccessDecisionManagerRejectsConfigAttributes() throws Exception { given(this.adm.supports(any(ConfigAttribute.class))).willReturn(false); - this.interceptor.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> this.interceptor.afterPropertiesSet()); } @Test @@ -219,13 +220,14 @@ public class MethodSecurityInterceptorTests { assertThat(!this.token.isAuthenticated()).isTrue(); } - @Test(expected = AuthenticationException.class) + @Test public void callIsntMadeWhenAuthenticationManagerRejectsAuthentication() { final TestingAuthenticationToken token = new TestingAuthenticationToken("Test", "Password"); SecurityContextHolder.getContext().setAuthentication(token); mdsReturnsUserRole(); given(this.authman.authenticate(token)).willThrow(new BadCredentialsException("rejected")); - this.advisedTarget.makeLowerCase("HELLO"); + assertThatExceptionOfType(AuthenticationException.class) + .isThrownBy(() -> this.advisedTarget.makeLowerCase("HELLO")); } @Test @@ -256,9 +258,9 @@ public class MethodSecurityInterceptorTests { verify(this.eventPublisher).publishEvent(any(AuthorizationFailureEvent.class)); } - @Test(expected = IllegalArgumentException.class) + @Test public void rejectsNullSecuredObjects() throws Throwable { - this.interceptor.invoke(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.interceptor.invoke(null)); } @Test @@ -299,10 +301,11 @@ public class MethodSecurityInterceptorTests { assertThat(SecurityContextHolder.getContext().getAuthentication()).isSameAs(this.token); } - @Test(expected = AuthenticationCredentialsNotFoundException.class) + @Test public void emptySecurityContextIsRejected() { mdsReturnsUserRole(); - this.advisedTarget.makeUpperCase("hello"); + assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) + .isThrownBy(() -> this.advisedTarget.makeUpperCase("hello")); } @Test diff --git a/core/src/test/java/org/springframework/security/access/vote/AffirmativeBasedTests.java b/core/src/test/java/org/springframework/security/access/vote/AffirmativeBasedTests.java index d11135de93..d9058c8f27 100644 --- a/core/src/test/java/org/springframework/security/access/vote/AffirmativeBasedTests.java +++ b/core/src/test/java/org/springframework/security/access/vote/AffirmativeBasedTests.java @@ -30,6 +30,7 @@ import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; @@ -89,19 +90,21 @@ public class AffirmativeBasedTests { this.mgr.decide(this.user, new Object(), this.attrs); } - @Test(expected = AccessDeniedException.class) + @Test public void oneDenyVoteTwoAbstainVotesDeniesAccess() { this.mgr = new AffirmativeBased( Arrays.>asList(this.deny, this.abstain, this.abstain)); - this.mgr.decide(this.user, new Object(), this.attrs); + assertThatExceptionOfType(AccessDeniedException.class) + .isThrownBy(() -> this.mgr.decide(this.user, new Object(), this.attrs)); } - @Test(expected = AccessDeniedException.class) + @Test public void onlyAbstainVotesDeniesAccessWithDefault() { this.mgr = new AffirmativeBased( Arrays.>asList(this.abstain, this.abstain, this.abstain)); assertThat(!this.mgr.isAllowIfAllAbstainDecisions()).isTrue(); // check default - this.mgr.decide(this.user, new Object(), this.attrs); + assertThatExceptionOfType(AccessDeniedException.class) + .isThrownBy(() -> this.mgr.decide(this.user, new Object(), this.attrs)); } @Test diff --git a/core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java b/core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java index 647387d2aa..160313d5ff 100644 --- a/core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java +++ b/core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java @@ -28,7 +28,7 @@ import org.springframework.security.access.SecurityConfig; import org.springframework.security.authentication.TestingAuthenticationToken; import static org.assertj.core.api.Assertions.assertThat; -import static org.assertj.core.api.Assertions.fail; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * Tests {@link ConsensusBased}. @@ -37,14 +37,14 @@ import static org.assertj.core.api.Assertions.fail; */ public class ConsensusBasedTests { - @Test(expected = AccessDeniedException.class) + @Test public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccessWithoutDefault() { TestingAuthenticationToken auth = makeTestToken(); ConsensusBased mgr = makeDecisionManager(); mgr.setAllowIfEqualGrantedDeniedDecisions(false); assertThat(!mgr.isAllowIfEqualGrantedDeniedDecisions()).isTrue(); // check changed List config = SecurityConfig.createList("ROLE_1", "DENY_FOR_SURE"); - mgr.decide(auth, new Object(), config); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> mgr.decide(auth, new Object(), config)); } @Test @@ -63,20 +63,21 @@ public class ConsensusBasedTests { mgr.decide(auth, new Object(), SecurityConfig.createList("ROLE_2")); } - @Test(expected = AccessDeniedException.class) + @Test public void testOneDenyVoteTwoAbstainVotesDeniesAccess() { TestingAuthenticationToken auth = makeTestToken(); ConsensusBased mgr = makeDecisionManager(); - mgr.decide(auth, new Object(), SecurityConfig.createList("ROLE_WE_DO_NOT_HAVE")); - fail("Should have thrown AccessDeniedException"); + assertThatExceptionOfType(AccessDeniedException.class) + .isThrownBy(() -> mgr.decide(auth, new Object(), SecurityConfig.createList("ROLE_WE_DO_NOT_HAVE"))); } - @Test(expected = AccessDeniedException.class) + @Test public void testThreeAbstainVotesDeniesAccessWithDefault() { TestingAuthenticationToken auth = makeTestToken(); ConsensusBased mgr = makeDecisionManager(); assertThat(!mgr.isAllowIfAllAbstainDecisions()).isTrue(); // check default - mgr.decide(auth, new Object(), SecurityConfig.createList("IGNORED_BY_ALL")); + assertThatExceptionOfType(AccessDeniedException.class) + .isThrownBy(() -> mgr.decide(auth, new Object(), SecurityConfig.createList("IGNORED_BY_ALL"))); } @Test diff --git a/core/src/test/java/org/springframework/security/authentication/AbstractAuthenticationTokenTests.java b/core/src/test/java/org/springframework/security/authentication/AbstractAuthenticationTokenTests.java index 7329158a9e..cbd33ad055 100644 --- a/core/src/test/java/org/springframework/security/authentication/AbstractAuthenticationTokenTests.java +++ b/core/src/test/java/org/springframework/security/authentication/AbstractAuthenticationTokenTests.java @@ -27,6 +27,7 @@ import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.authority.SimpleGrantedAuthority; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.times; @@ -46,12 +47,13 @@ public class AbstractAuthenticationTokenTests { this.authorities = AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"); } - @Test(expected = UnsupportedOperationException.class) + @Test public void testAuthoritiesAreImmutable() { MockAuthenticationImpl token = new MockAuthenticationImpl("Test", "Password", this.authorities); List gotAuthorities = (List) token.getAuthorities(); assertThat(gotAuthorities).isNotSameAs(this.authorities); - gotAuthorities.set(0, new SimpleGrantedAuthority("ROLE_SUPER_USER")); + assertThatExceptionOfType(UnsupportedOperationException.class) + .isThrownBy(() -> gotAuthorities.set(0, new SimpleGrantedAuthority("ROLE_SUPER_USER"))); } @Test diff --git a/core/src/test/java/org/springframework/security/authentication/DefaultAuthenticationEventPublisherTests.java b/core/src/test/java/org/springframework/security/authentication/DefaultAuthenticationEventPublisherTests.java index 6a7ac10f3e..134b3620e6 100644 --- a/core/src/test/java/org/springframework/security/authentication/DefaultAuthenticationEventPublisherTests.java +++ b/core/src/test/java/org/springframework/security/authentication/DefaultAuthenticationEventPublisherTests.java @@ -36,6 +36,8 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.userdetails.UsernameNotFoundException; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.isA; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.reset; @@ -111,12 +113,13 @@ public class DefaultAuthenticationEventPublisherTests { verify(appPublisher).publishEvent(isA(AuthenticationFailureDisabledEvent.class)); } - @Test(expected = RuntimeException.class) + @Test public void missingEventClassExceptionCausesException() { this.publisher = new DefaultAuthenticationEventPublisher(); Properties p = new Properties(); p.put(MockAuthenticationException.class.getName(), "NoSuchClass"); - this.publisher.setAdditionalExceptionMappings(p); + assertThatExceptionOfType(RuntimeException.class) + .isThrownBy(() -> this.publisher.setAdditionalExceptionMappings(p)); } @Test @@ -132,27 +135,27 @@ public class DefaultAuthenticationEventPublisherTests { verifyZeroInteractions(appPublisher); } - @Test(expected = IllegalArgumentException.class) + @Test public void emptyMapCausesException() { Map, Class> mappings = new HashMap<>(); this.publisher = new DefaultAuthenticationEventPublisher(); - this.publisher.setAdditionalExceptionMappings(mappings); + assertThatIllegalArgumentException().isThrownBy(() -> this.publisher.setAdditionalExceptionMappings(mappings)); } - @Test(expected = IllegalArgumentException.class) + @Test public void missingExceptionClassCausesException() { Map, Class> mappings = new HashMap<>(); mappings.put(null, AuthenticationFailureLockedEvent.class); this.publisher = new DefaultAuthenticationEventPublisher(); - this.publisher.setAdditionalExceptionMappings(mappings); + assertThatIllegalArgumentException().isThrownBy(() -> this.publisher.setAdditionalExceptionMappings(mappings)); } - @Test(expected = IllegalArgumentException.class) + @Test public void missingEventClassAsMapValueCausesException() { Map, Class> mappings = new HashMap<>(); mappings.put(LockedException.class, null); this.publisher = new DefaultAuthenticationEventPublisher(); - this.publisher.setAdditionalExceptionMappings(mappings); + assertThatIllegalArgumentException().isThrownBy(() -> this.publisher.setAdditionalExceptionMappings(mappings)); } @Test @@ -168,10 +171,11 @@ public class DefaultAuthenticationEventPublisherTests { verify(appPublisher).publishEvent(isA(AuthenticationFailureDisabledEvent.class)); } - @Test(expected = IllegalArgumentException.class) + @Test public void defaultAuthenticationFailureEventClassSetNullThen() { this.publisher = new DefaultAuthenticationEventPublisher(); - this.publisher.setDefaultAuthenticationFailureEvent(null); + assertThatIllegalArgumentException() + .isThrownBy(() -> this.publisher.setDefaultAuthenticationFailureEvent(null)); } @Test @@ -185,11 +189,11 @@ public class DefaultAuthenticationEventPublisherTests { verify(appPublisher).publishEvent(isA(AuthenticationFailureBadCredentialsEvent.class)); } - @Test(expected = RuntimeException.class) + @Test public void defaultAuthenticationFailureEventMissingAppropriateConstructorThen() { this.publisher = new DefaultAuthenticationEventPublisher(); - this.publisher - .setDefaultAuthenticationFailureEvent(AuthenticationFailureEventWithoutAppropriateConstructor.class); + assertThatExceptionOfType(RuntimeException.class).isThrownBy(() -> this.publisher + .setDefaultAuthenticationFailureEvent(AuthenticationFailureEventWithoutAppropriateConstructor.class)); } private static final class AuthenticationFailureEventWithoutAppropriateConstructor diff --git a/core/src/test/java/org/springframework/security/authentication/ProviderManagerTests.java b/core/src/test/java/org/springframework/security/authentication/ProviderManagerTests.java index 987dc5b63a..4d9f6c8055 100644 --- a/core/src/test/java/org/springframework/security/authentication/ProviderManagerTests.java +++ b/core/src/test/java/org/springframework/security/authentication/ProviderManagerTests.java @@ -29,6 +29,7 @@ import org.springframework.security.core.AuthenticationException; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.BDDMockito.given; @@ -45,7 +46,7 @@ import static org.mockito.Mockito.verifyNoMoreInteractions; */ public class ProviderManagerTests { - @Test(expected = ProviderNotFoundException.class) + @Test public void authenticationFailsWithUnsupportedToken() { Authentication token = new AbstractAuthenticationToken(null) { @Override @@ -60,7 +61,7 @@ public class ProviderManagerTests { }; ProviderManager mgr = makeProviderManager(); mgr.setMessageSource(mock(MessageSource.class)); - mgr.authenticate(token); + assertThatExceptionOfType(ProviderNotFoundException.class).isThrownBy(() -> mgr.authenticate(token)); } @Test @@ -98,19 +99,20 @@ public class ProviderManagerTests { verify(publisher).publishAuthenticationSuccess(result); } - @Test(expected = IllegalArgumentException.class) + @Test public void testStartupFailsIfProvidersNotSetAsList() { - new ProviderManager((List) null); + assertThatIllegalArgumentException().isThrownBy(() -> new ProviderManager((List) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void testStartupFailsIfProvidersNotSetAsVarargs() { - new ProviderManager((AuthenticationProvider) null); + assertThatIllegalArgumentException().isThrownBy(() -> new ProviderManager((AuthenticationProvider) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void testStartupFailsIfProvidersContainNullElement() { - new ProviderManager(Arrays.asList(mock(AuthenticationProvider.class), null)); + assertThatIllegalArgumentException() + .isThrownBy(() -> new ProviderManager(Arrays.asList(mock(AuthenticationProvider.class), null))); } // gh-8689 diff --git a/core/src/test/java/org/springframework/security/authentication/ReactiveAuthenticationManagerAdapterTests.java b/core/src/test/java/org/springframework/security/authentication/ReactiveAuthenticationManagerAdapterTests.java index 7dc48107fc..2c706dc7c3 100644 --- a/core/src/test/java/org/springframework/security/authentication/ReactiveAuthenticationManagerAdapterTests.java +++ b/core/src/test/java/org/springframework/security/authentication/ReactiveAuthenticationManagerAdapterTests.java @@ -27,6 +27,7 @@ import reactor.test.StepVerifier; import org.springframework.security.core.Authentication; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; @@ -50,14 +51,14 @@ public class ReactiveAuthenticationManagerAdapterTests { this.manager = new ReactiveAuthenticationManagerAdapter(this.delegate); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullAuthenticationManager() { - new ReactiveAuthenticationManagerAdapter(null); + assertThatIllegalArgumentException().isThrownBy(() -> new ReactiveAuthenticationManagerAdapter(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setSchedulerNull() { - this.manager.setScheduler(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.manager.setScheduler(null)); } @Test diff --git a/core/src/test/java/org/springframework/security/authentication/ReactiveUserDetailsServiceAuthenticationManagerTests.java b/core/src/test/java/org/springframework/security/authentication/ReactiveUserDetailsServiceAuthenticationManagerTests.java index 7aaac05a44..5a4b9466e9 100644 --- a/core/src/test/java/org/springframework/security/authentication/ReactiveUserDetailsServiceAuthenticationManagerTests.java +++ b/core/src/test/java/org/springframework/security/authentication/ReactiveUserDetailsServiceAuthenticationManagerTests.java @@ -33,6 +33,7 @@ import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.crypto.password.PasswordEncoder; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; @@ -62,10 +63,10 @@ public class ReactiveUserDetailsServiceAuthenticationManagerTests { this.password = "pass"; } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullUserDetailsService() { - ReactiveUserDetailsService userDetailsService = null; - new UserDetailsRepositoryReactiveAuthenticationManager(userDetailsService); + assertThatIllegalArgumentException() + .isThrownBy(() -> new UserDetailsRepositoryReactiveAuthenticationManager(null)); } @Test diff --git a/core/src/test/java/org/springframework/security/authentication/UserDetailsRepositoryReactiveAuthenticationManagerTests.java b/core/src/test/java/org/springframework/security/authentication/UserDetailsRepositoryReactiveAuthenticationManagerTests.java index 7cd80768dc..06630e17f3 100644 --- a/core/src/test/java/org/springframework/security/authentication/UserDetailsRepositoryReactiveAuthenticationManagerTests.java +++ b/core/src/test/java/org/springframework/security/authentication/UserDetailsRepositoryReactiveAuthenticationManagerTests.java @@ -165,7 +165,7 @@ public class UserDetailsRepositoryReactiveAuthenticationManagerTests { verifyZeroInteractions(this.postAuthenticationChecks); } - @Test(expected = AccountExpiredException.class) + @Test public void authenticateWhenAccountExpiredThenException() { this.manager.setPasswordEncoder(this.encoder); // @formatter:off @@ -178,10 +178,11 @@ public class UserDetailsRepositoryReactiveAuthenticationManagerTests { given(this.userDetailsService.findByUsername(any())).willReturn(Mono.just(expiredUser)); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(expiredUser, expiredUser.getPassword()); - this.manager.authenticate(token).block(); + assertThatExceptionOfType(AccountExpiredException.class) + .isThrownBy(() -> this.manager.authenticate(token).block()); } - @Test(expected = LockedException.class) + @Test public void authenticateWhenAccountLockedThenException() { this.manager.setPasswordEncoder(this.encoder); // @formatter:off @@ -194,10 +195,10 @@ public class UserDetailsRepositoryReactiveAuthenticationManagerTests { given(this.userDetailsService.findByUsername(any())).willReturn(Mono.just(lockedUser)); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(lockedUser, lockedUser.getPassword()); - this.manager.authenticate(token).block(); + assertThatExceptionOfType(LockedException.class).isThrownBy(() -> this.manager.authenticate(token).block()); } - @Test(expected = DisabledException.class) + @Test public void authenticateWhenAccountDisabledThenException() { this.manager.setPasswordEncoder(this.encoder); // @formatter:off @@ -210,7 +211,7 @@ public class UserDetailsRepositoryReactiveAuthenticationManagerTests { given(this.userDetailsService.findByUsername(any())).willReturn(Mono.just(disabledUser)); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(disabledUser, disabledUser.getPassword()); - this.manager.authenticate(token).block(); + assertThatExceptionOfType(DisabledException.class).isThrownBy(() -> this.manager.authenticate(token).block()); } } diff --git a/core/src/test/java/org/springframework/security/authentication/UsernamePasswordAuthenticationTokenTests.java b/core/src/test/java/org/springframework/security/authentication/UsernamePasswordAuthenticationTokenTests.java index 5f1b830fee..5aca769989 100644 --- a/core/src/test/java/org/springframework/security/authentication/UsernamePasswordAuthenticationTokenTests.java +++ b/core/src/test/java/org/springframework/security/authentication/UsernamePasswordAuthenticationTokenTests.java @@ -21,6 +21,7 @@ import org.junit.Test; import org.springframework.security.core.authority.AuthorityUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** @@ -63,10 +64,11 @@ public class UsernamePasswordAuthenticationTokenTests { assertThat(AuthorityUtils.authorityListToSet(token.getAuthorities())).contains("ROLE_TWO"); } - @Test(expected = NoSuchMethodException.class) + @Test public void testNoArgConstructorDoesntExist() throws Exception { Class clazz = UsernamePasswordAuthenticationToken.class; - clazz.getDeclaredConstructor((Class[]) null); + assertThatExceptionOfType(NoSuchMethodException.class) + .isThrownBy(() -> clazz.getDeclaredConstructor((Class[]) null)); } } diff --git a/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationTokenTests.java b/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationTokenTests.java index 1debbc4981..22d9bfafbd 100644 --- a/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationTokenTests.java +++ b/core/src/test/java/org/springframework/security/authentication/anonymous/AnonymousAuthenticationTokenTests.java @@ -101,19 +101,21 @@ public class AnonymousAuthenticationTokenTests { assertThat(!token.isAuthenticated()).isTrue(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenNullAuthoritiesThenThrowIllegalArgumentException() { - new AnonymousAuthenticationToken("key", "principal", null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new AnonymousAuthenticationToken("key", "principal", null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenEmptyAuthoritiesThenThrowIllegalArgumentException() { - new AnonymousAuthenticationToken("key", "principal", Collections.emptyList()); + assertThatIllegalArgumentException().isThrownBy( + () -> new AnonymousAuthenticationToken("key", "principal", Collections.emptyList())); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenPrincipalIsEmptyStringThenThrowIllegalArgumentException() { - new AnonymousAuthenticationToken("key", "", ROLES_12); + assertThatIllegalArgumentException().isThrownBy(() -> new AnonymousAuthenticationToken("key", "", ROLES_12)); } } diff --git a/core/src/test/java/org/springframework/security/authentication/jaas/DefaultJaasAuthenticationProviderTests.java b/core/src/test/java/org/springframework/security/authentication/jaas/DefaultJaasAuthenticationProviderTests.java index 217daa7d53..fa25cd8494 100644 --- a/core/src/test/java/org/springframework/security/authentication/jaas/DefaultJaasAuthenticationProviderTests.java +++ b/core/src/test/java/org/springframework/security/authentication/jaas/DefaultJaasAuthenticationProviderTests.java @@ -45,6 +45,7 @@ import org.springframework.test.util.ReflectionTestUtils; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.ArgumentMatchers.isA; @@ -82,16 +83,16 @@ public class DefaultJaasAuthenticationProviderTests { ReflectionTestUtils.setField(this.provider, "log", this.log); } - @Test(expected = IllegalArgumentException.class) + @Test public void afterPropertiesSetNullConfiguration() throws Exception { this.provider.setConfiguration(null); - this.provider.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(this.provider::afterPropertiesSet); } - @Test(expected = IllegalArgumentException.class) + @Test public void afterPropertiesSetNullAuthorityGranters() throws Exception { this.provider.setAuthorityGranters(null); - this.provider.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(this.provider::afterPropertiesSet); } @Test diff --git a/core/src/test/java/org/springframework/security/authentication/jaas/memory/InMemoryConfigurationTests.java b/core/src/test/java/org/springframework/security/authentication/jaas/memory/InMemoryConfigurationTests.java index c1f4f8be7f..ab53c91c22 100644 --- a/core/src/test/java/org/springframework/security/authentication/jaas/memory/InMemoryConfigurationTests.java +++ b/core/src/test/java/org/springframework/security/authentication/jaas/memory/InMemoryConfigurationTests.java @@ -29,6 +29,7 @@ import org.junit.Test; import org.springframework.security.authentication.jaas.TestLoginModule; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests {@link InMemoryConfiguration}. @@ -55,9 +56,10 @@ public class InMemoryConfigurationTests { assertThat(new InMemoryConfiguration((AppConfigurationEntry[]) null).getAppConfigurationEntry("name")).isNull(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullMapped() { - new InMemoryConfiguration((Map) null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new InMemoryConfiguration((Map) null)); } @Test @@ -72,9 +74,9 @@ public class InMemoryConfigurationTests { .getAppConfigurationEntry("name")).isNull(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullMapNullDefault() { - new InMemoryConfiguration(null, null); + assertThatIllegalArgumentException().isThrownBy(() -> new InMemoryConfiguration(null, null)); } @Test diff --git a/core/src/test/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManagerImplTests.java b/core/src/test/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManagerImplTests.java index d279a30e07..8fd7fe26ec 100644 --- a/core/src/test/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManagerImplTests.java +++ b/core/src/test/java/org/springframework/security/authentication/rcp/RemoteAuthenticationManagerImplTests.java @@ -23,6 +23,7 @@ import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; @@ -35,13 +36,14 @@ import static org.mockito.Mockito.mock; */ public class RemoteAuthenticationManagerImplTests { - @Test(expected = RemoteAuthenticationException.class) + @Test public void testFailedAuthenticationReturnsRemoteAuthenticationException() { RemoteAuthenticationManagerImpl manager = new RemoteAuthenticationManagerImpl(); AuthenticationManager am = mock(AuthenticationManager.class); given(am.authenticate(any(Authentication.class))).willThrow(new BadCredentialsException("")); manager.setAuthenticationManager(am); - manager.attemptAuthentication("rod", "password"); + assertThatExceptionOfType(RemoteAuthenticationException.class) + .isThrownBy(() -> manager.attemptAuthentication("rod", "password")); } @Test diff --git a/core/src/test/java/org/springframework/security/authorization/AuthorityReactiveAuthorizationManagerTests.java b/core/src/test/java/org/springframework/security/authorization/AuthorityReactiveAuthorizationManagerTests.java index 1ed793a989..7066a98268 100644 --- a/core/src/test/java/org/springframework/security/authorization/AuthorityReactiveAuthorizationManagerTests.java +++ b/core/src/test/java/org/springframework/security/authorization/AuthorityReactiveAuthorizationManagerTests.java @@ -29,6 +29,7 @@ import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; /** @@ -120,42 +121,40 @@ public class AuthorityReactiveAuthorizationManagerTests { assertThat(granted).isFalse(); } - @Test(expected = IllegalArgumentException.class) + @Test public void hasRoleWhenNullThenException() { - String role = null; - AuthorityReactiveAuthorizationManager.hasRole(role); + assertThatIllegalArgumentException() + .isThrownBy(() -> AuthorityReactiveAuthorizationManager.hasRole((String) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void hasAuthorityWhenNullThenException() { - String authority = null; - AuthorityReactiveAuthorizationManager.hasAuthority(authority); + assertThatIllegalArgumentException() + .isThrownBy(() -> AuthorityReactiveAuthorizationManager.hasAuthority((String) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void hasAnyRoleWhenNullThenException() { - String role = null; - AuthorityReactiveAuthorizationManager.hasAnyRole(role); + assertThatIllegalArgumentException() + .isThrownBy(() -> AuthorityReactiveAuthorizationManager.hasAnyRole((String) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void hasAnyAuthorityWhenNullThenException() { - String authority = null; - AuthorityReactiveAuthorizationManager.hasAnyAuthority(authority); + assertThatIllegalArgumentException() + .isThrownBy(() -> AuthorityReactiveAuthorizationManager.hasAnyAuthority((String) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void hasAnyRoleWhenOneIsNullThenException() { - String role1 = "ROLE_ADMIN"; - String role2 = null; - AuthorityReactiveAuthorizationManager.hasAnyRole(role1, role2); + assertThatIllegalArgumentException() + .isThrownBy(() -> AuthorityReactiveAuthorizationManager.hasAnyRole("ROLE_ADMIN", (String) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void hasAnyAuthorityWhenOneIsNullThenException() { - String authority1 = "ADMIN"; - String authority2 = null; - AuthorityReactiveAuthorizationManager.hasAnyAuthority(authority1, authority2); + assertThatIllegalArgumentException() + .isThrownBy(() -> AuthorityReactiveAuthorizationManager.hasAnyAuthority("ADMIN", (String) null)); } } diff --git a/core/src/test/java/org/springframework/security/concurrent/AbstractDelegatingSecurityContextExecutorServiceTests.java b/core/src/test/java/org/springframework/security/concurrent/AbstractDelegatingSecurityContextExecutorServiceTests.java index f8fcbc48cb..bb1867b5c2 100644 --- a/core/src/test/java/org/springframework/security/concurrent/AbstractDelegatingSecurityContextExecutorServiceTests.java +++ b/core/src/test/java/org/springframework/security/concurrent/AbstractDelegatingSecurityContextExecutorServiceTests.java @@ -27,6 +27,7 @@ import org.junit.Test; import org.mockito.Mock; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.verify; @@ -57,9 +58,9 @@ public abstract class AbstractDelegatingSecurityContextExecutorServiceTests } @Override - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullDelegate() { - new DelegatingSecurityContextExecutorService(null); + assertThatIllegalArgumentException().isThrownBy(() -> new DelegatingSecurityContextExecutorService(null)); } @Test diff --git a/core/src/test/java/org/springframework/security/concurrent/AbstractDelegatingSecurityContextExecutorTests.java b/core/src/test/java/org/springframework/security/concurrent/AbstractDelegatingSecurityContextExecutorTests.java index 073670a93d..0c54307dbe 100644 --- a/core/src/test/java/org/springframework/security/concurrent/AbstractDelegatingSecurityContextExecutorTests.java +++ b/core/src/test/java/org/springframework/security/concurrent/AbstractDelegatingSecurityContextExecutorTests.java @@ -22,6 +22,7 @@ import java.util.concurrent.ScheduledExecutorService; import org.junit.Test; import org.mockito.Mock; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.verify; /** @@ -42,9 +43,9 @@ public abstract class AbstractDelegatingSecurityContextExecutorTests private DelegatingSecurityContextExecutor executor; - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullDelegate() { - new DelegatingSecurityContextExecutor(null); + assertThatIllegalArgumentException().isThrownBy(() -> new DelegatingSecurityContextExecutor(null)); } @Test diff --git a/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextCallableTests.java b/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextCallableTests.java index 1783ee4806..e3122a3ac7 100644 --- a/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextCallableTests.java +++ b/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextCallableTests.java @@ -34,6 +34,7 @@ import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContextHolder; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.verify; @@ -79,24 +80,26 @@ public class DelegatingSecurityContextCallableTests { SecurityContextHolder.clearContext(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullDelegate() { - new DelegatingSecurityContextCallable<>(null); + assertThatIllegalArgumentException().isThrownBy(() -> new DelegatingSecurityContextCallable<>(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullDelegateNonNullSecurityContext() { - new DelegatingSecurityContextCallable<>(null, this.securityContext); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DelegatingSecurityContextCallable<>(null, this.securityContext)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullDelegateAndSecurityContext() { - new DelegatingSecurityContextCallable<>(null, null); + assertThatIllegalArgumentException().isThrownBy(() -> new DelegatingSecurityContextCallable<>(null, null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullSecurityContext() { - new DelegatingSecurityContextCallable<>(this.delegate, null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DelegatingSecurityContextCallable<>(this.delegate, null)); } @Test @@ -109,8 +112,8 @@ public class DelegatingSecurityContextCallableTests { public void callDefaultSecurityContext() throws Exception { SecurityContextHolder.setContext(this.securityContext); this.callable = new DelegatingSecurityContextCallable<>(this.delegate); - SecurityContextHolder.clearContext(); // ensure callable is what sets up the - // SecurityContextHolder + // ensure callable is what sets up the SecurityContextHolder + SecurityContextHolder.clearContext(); assertWrapped(this.callable); } @@ -123,22 +126,23 @@ public class DelegatingSecurityContextCallableTests { assertWrapped(this.callable.call()); } - @Test(expected = IllegalArgumentException.class) + @Test public void createNullDelegate() { - DelegatingSecurityContextCallable.create(null, this.securityContext); + assertThatIllegalArgumentException() + .isThrownBy(() -> DelegatingSecurityContextCallable.create(null, this.securityContext)); } - @Test(expected = IllegalArgumentException.class) + @Test public void createNullDelegateAndSecurityContext() { - DelegatingSecurityContextRunnable.create(null, null); + assertThatIllegalArgumentException().isThrownBy(() -> DelegatingSecurityContextRunnable.create(null, null)); } @Test public void createNullSecurityContext() throws Exception { SecurityContextHolder.setContext(this.securityContext); this.callable = DelegatingSecurityContextCallable.create(this.delegate, null); - SecurityContextHolder.clearContext(); // ensure callable is what sets up the - // SecurityContextHolder + // ensure callable is what sets up the SecurityContextHolder + SecurityContextHolder.clearContext(); assertWrapped(this.callable); } diff --git a/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextRunnableTests.java b/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextRunnableTests.java index 3c47bc6416..5f13ce3da0 100644 --- a/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextRunnableTests.java +++ b/core/src/test/java/org/springframework/security/concurrent/DelegatingSecurityContextRunnableTests.java @@ -34,6 +34,7 @@ import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContextHolder; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.willAnswer; import static org.mockito.Mockito.verify; @@ -74,24 +75,26 @@ public class DelegatingSecurityContextRunnableTests { SecurityContextHolder.clearContext(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullDelegate() { - new DelegatingSecurityContextRunnable(null); + assertThatIllegalArgumentException().isThrownBy(() -> new DelegatingSecurityContextRunnable(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullDelegateNonNullSecurityContext() { - new DelegatingSecurityContextRunnable(null, this.securityContext); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DelegatingSecurityContextRunnable(null, this.securityContext)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullDelegateAndSecurityContext() { - new DelegatingSecurityContextRunnable(null, null); + assertThatIllegalArgumentException().isThrownBy(() -> new DelegatingSecurityContextRunnable(null, null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullSecurityContext() { - new DelegatingSecurityContextRunnable(this.delegate, null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DelegatingSecurityContextRunnable(this.delegate, null)); } @Test @@ -119,14 +122,15 @@ public class DelegatingSecurityContextRunnableTests { assertWrapped(this.runnable); } - @Test(expected = IllegalArgumentException.class) + @Test public void createNullDelegate() { - DelegatingSecurityContextRunnable.create(null, this.securityContext); + assertThatIllegalArgumentException() + .isThrownBy(() -> DelegatingSecurityContextRunnable.create(null, this.securityContext)); } - @Test(expected = IllegalArgumentException.class) + @Test public void createNullDelegateAndSecurityContext() { - DelegatingSecurityContextRunnable.create(null, null); + assertThatIllegalArgumentException().isThrownBy(() -> DelegatingSecurityContextRunnable.create(null, null)); } @Test diff --git a/core/src/test/java/org/springframework/security/context/DelegatingApplicationListenerTests.java b/core/src/test/java/org/springframework/security/context/DelegatingApplicationListenerTests.java index 86d242ad66..8d66830b52 100644 --- a/core/src/test/java/org/springframework/security/context/DelegatingApplicationListenerTests.java +++ b/core/src/test/java/org/springframework/security/context/DelegatingApplicationListenerTests.java @@ -25,6 +25,7 @@ import org.mockito.junit.MockitoJUnitRunner; import org.springframework.context.ApplicationEvent; import org.springframework.context.event.SmartApplicationListener; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.never; @@ -75,9 +76,9 @@ public class DelegatingApplicationListenerTests { verify(this.delegate, never()).onApplicationEvent(any(ApplicationEvent.class)); } - @Test(expected = IllegalArgumentException.class) + @Test public void addNull() { - this.listener.addListener(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.listener.addListener(null)); } } diff --git a/core/src/test/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapperTests.java b/core/src/test/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapperTests.java index b57bbc3801..73c39acfdd 100644 --- a/core/src/test/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapperTests.java +++ b/core/src/test/java/org/springframework/security/core/authority/mapping/MapBasedAttributes2GrantedAuthoritiesMapperTests.java @@ -28,6 +28,7 @@ import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Ruud Senden @@ -35,44 +36,41 @@ import static org.assertj.core.api.Assertions.assertThat; @SuppressWarnings("unchecked") public class MapBasedAttributes2GrantedAuthoritiesMapperTests { - @Test(expected = IllegalArgumentException.class) + @Test public void testAfterPropertiesSetNoMap() throws Exception { MapBasedAttributes2GrantedAuthoritiesMapper mapper = new MapBasedAttributes2GrantedAuthoritiesMapper(); - mapper.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(mapper::afterPropertiesSet); } - @Test(expected = IllegalArgumentException.class) + @Test public void testAfterPropertiesSetEmptyMap() throws Exception { MapBasedAttributes2GrantedAuthoritiesMapper mapper = new MapBasedAttributes2GrantedAuthoritiesMapper(); - mapper.setAttributes2grantedAuthoritiesMap(new HashMap()); - mapper.afterPropertiesSet(); + assertThatIllegalArgumentException() + .isThrownBy(() -> mapper.setAttributes2grantedAuthoritiesMap(new HashMap())); } - @Test(expected = IllegalArgumentException.class) + @Test public void testAfterPropertiesSetInvalidKeyTypeMap() throws Exception { MapBasedAttributes2GrantedAuthoritiesMapper mapper = new MapBasedAttributes2GrantedAuthoritiesMapper(); HashMap m = new HashMap(); m.put(new Object(), "ga1"); - mapper.setAttributes2grantedAuthoritiesMap(m); - mapper.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> mapper.setAttributes2grantedAuthoritiesMap(m)); } - @Test(expected = IllegalArgumentException.class) + @Test public void testAfterPropertiesSetInvalidValueTypeMap1() throws Exception { MapBasedAttributes2GrantedAuthoritiesMapper mapper = new MapBasedAttributes2GrantedAuthoritiesMapper(); HashMap m = new HashMap(); m.put("role1", new Object()); - mapper.setAttributes2grantedAuthoritiesMap(m); - mapper.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> mapper.setAttributes2grantedAuthoritiesMap(m)); } - @Test(expected = IllegalArgumentException.class) + @Test public void testAfterPropertiesSetInvalidValueTypeMap2() throws Exception { MapBasedAttributes2GrantedAuthoritiesMapper mapper = new MapBasedAttributes2GrantedAuthoritiesMapper(); HashMap m = new HashMap(); m.put("role1", new Object[] { new String[] { "ga1", "ga2" }, new Object() }); - mapper.setAttributes2grantedAuthoritiesMap(m); - mapper.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> mapper.setAttributes2grantedAuthoritiesMap(m)); } @Test diff --git a/core/src/test/java/org/springframework/security/core/authority/mapping/SimpleAuthoritiesMapperTests.java b/core/src/test/java/org/springframework/security/core/authority/mapping/SimpleAuthoritiesMapperTests.java index 35781b5f30..61ff94419d 100644 --- a/core/src/test/java/org/springframework/security/core/authority/mapping/SimpleAuthoritiesMapperTests.java +++ b/core/src/test/java/org/springframework/security/core/authority/mapping/SimpleAuthoritiesMapperTests.java @@ -25,18 +25,19 @@ import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Luke Taylor */ public class SimpleAuthoritiesMapperTests { - @Test(expected = IllegalArgumentException.class) - public void rejectsInvalidCaseConversionFlags() throws Exception { + @Test + public void rejectsInvalidCaseConversionFlags() { SimpleAuthorityMapper mapper = new SimpleAuthorityMapper(); mapper.setConvertToLowerCase(true); mapper.setConvertToUpperCase(true); - mapper.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(mapper::afterPropertiesSet); } @Test diff --git a/core/src/test/java/org/springframework/security/core/token/DefaultTokenTests.java b/core/src/test/java/org/springframework/security/core/token/DefaultTokenTests.java index 1dc583b84b..4c41fed858 100644 --- a/core/src/test/java/org/springframework/security/core/token/DefaultTokenTests.java +++ b/core/src/test/java/org/springframework/security/core/token/DefaultTokenTests.java @@ -21,6 +21,7 @@ import java.util.Date; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests {@link DefaultToken}. @@ -40,11 +41,11 @@ public class DefaultTokenTests { assertThat(t2).isEqualTo(t1); } - @Test(expected = IllegalArgumentException.class) + @Test public void testRejectsNullExtendedInformation() { String key = "key"; long created = new Date().getTime(); - new DefaultToken(key, created, null); + assertThatIllegalArgumentException().isThrownBy(() -> new DefaultToken(key, created, null)); } @Test diff --git a/core/src/test/java/org/springframework/security/core/token/KeyBasedPersistenceTokenServiceTests.java b/core/src/test/java/org/springframework/security/core/token/KeyBasedPersistenceTokenServiceTests.java index fd4efeebb9..ed092bcacb 100644 --- a/core/src/test/java/org/springframework/security/core/token/KeyBasedPersistenceTokenServiceTests.java +++ b/core/src/test/java/org/springframework/security/core/token/KeyBasedPersistenceTokenServiceTests.java @@ -22,12 +22,12 @@ import java.util.Date; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests {@link KeyBasedPersistenceTokenService}. * * @author Ben Alex - * */ public class KeyBasedPersistenceTokenServiceTests { @@ -80,20 +80,22 @@ public class KeyBasedPersistenceTokenServiceTests { assertThat(result).isEqualTo(token); } - @Test(expected = IllegalArgumentException.class) + @Test public void testOperationWithMissingKey() { KeyBasedPersistenceTokenService service = getService(); - Token token = new DefaultToken("", new Date().getTime(), ""); - service.verifyToken(token.getKey()); + assertThatIllegalArgumentException().isThrownBy(() -> { + Token token = new DefaultToken("", new Date().getTime(), ""); + service.verifyToken(token.getKey()); + }); } - @Test(expected = IllegalArgumentException.class) + @Test public void testOperationWithTamperedKey() { KeyBasedPersistenceTokenService service = getService(); Token goodToken = service.allocateToken(""); String fake = goodToken.getKey().toUpperCase(); Token token = new DefaultToken(fake, new Date().getTime(), ""); - service.verifyToken(token.getKey()); + assertThatIllegalArgumentException().isThrownBy(() -> service.verifyToken(token.getKey())); } } diff --git a/core/src/test/java/org/springframework/security/core/userdetails/MapReactiveUserDetailsServiceTests.java b/core/src/test/java/org/springframework/security/core/userdetails/MapReactiveUserDetailsServiceTests.java index a6f8760871..75abac7178 100644 --- a/core/src/test/java/org/springframework/security/core/userdetails/MapReactiveUserDetailsServiceTests.java +++ b/core/src/test/java/org/springframework/security/core/userdetails/MapReactiveUserDetailsServiceTests.java @@ -24,6 +24,7 @@ import org.junit.Test; import reactor.core.publisher.Mono; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; public class MapReactiveUserDetailsServiceTests { @@ -35,16 +36,16 @@ public class MapReactiveUserDetailsServiceTests { // @formatter:on private MapReactiveUserDetailsService users = new MapReactiveUserDetailsService(Arrays.asList(USER_DETAILS)); - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullUsers() { - Collection users = null; - new MapReactiveUserDetailsService(users); + assertThatIllegalArgumentException() + .isThrownBy(() -> new MapReactiveUserDetailsService((Collection) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorEmptyUsers() { - Collection users = Collections.emptyList(); - new MapReactiveUserDetailsService(users); + assertThatIllegalArgumentException() + .isThrownBy(() -> new MapReactiveUserDetailsService(Collections.emptyList())); } @Test diff --git a/core/src/test/java/org/springframework/security/core/userdetails/cache/EhCacheBasedUserCacheTests.java b/core/src/test/java/org/springframework/security/core/userdetails/cache/EhCacheBasedUserCacheTests.java index 45f1887853..28a828e21b 100644 --- a/core/src/test/java/org/springframework/security/core/userdetails/cache/EhCacheBasedUserCacheTests.java +++ b/core/src/test/java/org/springframework/security/core/userdetails/cache/EhCacheBasedUserCacheTests.java @@ -27,7 +27,7 @@ import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.User; import static org.assertj.core.api.Assertions.assertThat; -import static org.assertj.core.api.Assertions.fail; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests {@link EhCacheBasedUserCache}. @@ -77,11 +77,10 @@ public class EhCacheBasedUserCacheTests { assertThat(cache.getUserFromCache("UNKNOWN_USER")).isNull(); } - @Test(expected = IllegalArgumentException.class) + @Test public void startupDetectsMissingCache() throws Exception { EhCacheBasedUserCache cache = new EhCacheBasedUserCache(); - cache.afterPropertiesSet(); - fail("Should have thrown IllegalArgumentException"); + assertThatIllegalArgumentException().isThrownBy(cache::afterPropertiesSet); Ehcache myCache = getCache(); cache.setCache(myCache); assertThat(cache.getCache()).isEqualTo(myCache); diff --git a/core/src/test/java/org/springframework/security/core/userdetails/cache/SpringCacheBasedUserCacheTests.java b/core/src/test/java/org/springframework/security/core/userdetails/cache/SpringCacheBasedUserCacheTests.java index 44bf44bade..c42020a073 100644 --- a/core/src/test/java/org/springframework/security/core/userdetails/cache/SpringCacheBasedUserCacheTests.java +++ b/core/src/test/java/org/springframework/security/core/userdetails/cache/SpringCacheBasedUserCacheTests.java @@ -27,6 +27,7 @@ import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.User; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests @@ -75,9 +76,9 @@ public class SpringCacheBasedUserCacheTests { assertThat(cache.getUserFromCache("UNKNOWN_USER")).isNull(); } - @Test(expected = IllegalArgumentException.class) + @Test public void startupDetectsMissingCache() throws Exception { - new SpringCacheBasedUserCache(null); + assertThatIllegalArgumentException().isThrownBy(() -> new SpringCacheBasedUserCache(null)); } } diff --git a/core/src/test/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImplTests.java b/core/src/test/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImplTests.java index f933024e33..b1d4d559a1 100644 --- a/core/src/test/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImplTests.java +++ b/core/src/test/java/org/springframework/security/core/userdetails/jdbc/JdbcDaoImplTests.java @@ -156,10 +156,10 @@ public class JdbcDaoImplTests { }); } - @Test(expected = IllegalArgumentException.class) + @Test public void setMessageSourceWhenNullThenThrowsException() { JdbcDaoImpl dao = new JdbcDaoImpl(); - dao.setMessageSource(null); + assertThatIllegalArgumentException().isThrownBy(() -> dao.setMessageSource(null)); } @Test diff --git a/core/src/test/java/org/springframework/security/jackson2/AnonymousAuthenticationTokenMixinTests.java b/core/src/test/java/org/springframework/security/jackson2/AnonymousAuthenticationTokenMixinTests.java index 924364f352..387f1576a1 100644 --- a/core/src/test/java/org/springframework/security/jackson2/AnonymousAuthenticationTokenMixinTests.java +++ b/core/src/test/java/org/springframework/security/jackson2/AnonymousAuthenticationTokenMixinTests.java @@ -29,6 +29,7 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * @author Jitendra Singh @@ -64,12 +65,13 @@ public class AnonymousAuthenticationTokenMixinTests extends AbstractMixinTests { assertThat(token.getAuthorities()).isNotNull().hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); } - @Test(expected = JsonMappingException.class) + @Test public void deserializeAnonymousAuthenticationTokenWithoutAuthoritiesTest() throws IOException { String jsonString = "{\"@class\": \"org.springframework.security.authentication.AnonymousAuthenticationToken\", \"details\": null," + "\"principal\": \"user\", \"authenticated\": true, \"keyHash\": " + HASH_KEY.hashCode() + "," + "\"authorities\": [\"java.util.ArrayList\", []]}"; - this.mapper.readValue(jsonString, AnonymousAuthenticationToken.class); + assertThatExceptionOfType(JsonMappingException.class) + .isThrownBy(() -> this.mapper.readValue(jsonString, AnonymousAuthenticationToken.class)); } @Test diff --git a/core/src/test/java/org/springframework/security/jackson2/RememberMeAuthenticationTokenMixinTests.java b/core/src/test/java/org/springframework/security/jackson2/RememberMeAuthenticationTokenMixinTests.java index 85b05860e8..9d5a1a6fdd 100644 --- a/core/src/test/java/org/springframework/security/jackson2/RememberMeAuthenticationTokenMixinTests.java +++ b/core/src/test/java/org/springframework/security/jackson2/RememberMeAuthenticationTokenMixinTests.java @@ -30,6 +30,7 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Jitendra Singh @@ -48,6 +49,7 @@ public class RememberMeAuthenticationTokenMixinTests extends AbstractMixinTests + "\"authorities\": " + SimpleGrantedAuthorityMixinTests.AUTHORITIES_ARRAYLIST_JSON + "}"; // @formatter:on + // @formatter:off private static final String REMEMBERME_AUTH_STRINGPRINCIPAL_JSON = "{" + "\"@class\": \"org.springframework.security.authentication.RememberMeAuthenticationToken\"," @@ -58,14 +60,17 @@ public class RememberMeAuthenticationTokenMixinTests extends AbstractMixinTests + "\"authorities\": " + SimpleGrantedAuthorityMixinTests.AUTHORITIES_ARRAYLIST_JSON + "}"; // @formatter:on - @Test(expected = IllegalArgumentException.class) + + @Test public void testWithNullPrincipal() { - new RememberMeAuthenticationToken("key", null, Collections.emptyList()); + assertThatIllegalArgumentException().isThrownBy( + () -> new RememberMeAuthenticationToken("key", null, Collections.emptyList())); } - @Test(expected = IllegalArgumentException.class) + @Test public void testWithNullKey() { - new RememberMeAuthenticationToken(null, "principal", Collections.emptyList()); + assertThatIllegalArgumentException().isThrownBy( + () -> new RememberMeAuthenticationToken(null, "principal", Collections.emptyList())); } @Test diff --git a/core/src/test/java/org/springframework/security/jackson2/SimpleGrantedAuthorityMixinTests.java b/core/src/test/java/org/springframework/security/jackson2/SimpleGrantedAuthorityMixinTests.java index 05d67d7323..e146a827e9 100644 --- a/core/src/test/java/org/springframework/security/jackson2/SimpleGrantedAuthorityMixinTests.java +++ b/core/src/test/java/org/springframework/security/jackson2/SimpleGrantedAuthorityMixinTests.java @@ -27,6 +27,7 @@ import org.skyscreamer.jsonassert.JSONAssert; import org.springframework.security.core.authority.SimpleGrantedAuthority; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * @author Jitendra Singh @@ -56,10 +57,11 @@ public class SimpleGrantedAuthorityMixinTests extends AbstractMixinTests { assertThat(authority.getAuthority()).isNotNull().isEqualTo("ROLE_USER"); } - @Test(expected = JsonMappingException.class) + @Test public void deserializeGrantedAuthorityWithoutRoleTest() throws IOException { String json = "{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\"}"; - this.mapper.readValue(json, SimpleGrantedAuthority.class); + assertThatExceptionOfType(JsonMappingException.class) + .isThrownBy(() -> this.mapper.readValue(json, SimpleGrantedAuthority.class)); } } diff --git a/core/src/test/java/org/springframework/security/jackson2/UserDeserializerTests.java b/core/src/test/java/org/springframework/security/jackson2/UserDeserializerTests.java index 299b4f9026..0f08439621 100644 --- a/core/src/test/java/org/springframework/security/jackson2/UserDeserializerTests.java +++ b/core/src/test/java/org/springframework/security/jackson2/UserDeserializerTests.java @@ -32,6 +32,7 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Jitendra Singh @@ -67,11 +68,12 @@ public class UserDeserializerTests extends AbstractMixinTests { JSONAssert.assertEquals(userWithNoAuthoritiesJson(), userJson, true); } - @Test(expected = IllegalArgumentException.class) + @Test public void deserializeUserWithNullPasswordEmptyAuthorityTest() throws IOException { String userJsonWithoutPasswordString = USER_JSON.replace(SimpleGrantedAuthorityMixinTests.AUTHORITIES_SET_JSON, "[]"); - this.mapper.readValue(userJsonWithoutPasswordString, User.class); + assertThatIllegalArgumentException() + .isThrownBy(() -> this.mapper.readValue(userJsonWithoutPasswordString, User.class)); } @Test @@ -85,11 +87,11 @@ public class UserDeserializerTests extends AbstractMixinTests { assertThat(user.isEnabled()).isEqualTo(true); } - @Test(expected = IllegalArgumentException.class) + @Test public void deserializeUserWithNoClassIdInAuthoritiesTest() throws Exception { String userJson = USER_JSON.replace(SimpleGrantedAuthorityMixinTests.AUTHORITIES_SET_JSON, "[{\"authority\": \"ROLE_USER\"}]"); - this.mapper.readValue(userJson, User.class); + assertThatIllegalArgumentException().isThrownBy(() -> this.mapper.readValue(userJson, User.class)); } @Test diff --git a/core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java b/core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java index 54a24a39bc..b24123905e 100644 --- a/core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java +++ b/core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java @@ -189,9 +189,10 @@ public class JdbcUserDetailsManagerTests { assertThat(this.cache.getUserMap().containsKey("joe")).isTrue(); } - @Test(expected = AccessDeniedException.class) + @Test public void changePasswordFailsForUnauthenticatedUser() { - this.manager.changePassword("password", "newPassword"); + assertThatExceptionOfType(AccessDeniedException.class) + .isThrownBy(() -> this.manager.changePassword("password", "newPassword")); } @Test diff --git a/core/src/test/java/org/springframework/security/scheduling/DelegatingSecurityContextTaskSchedulerTests.java b/core/src/test/java/org/springframework/security/scheduling/DelegatingSecurityContextTaskSchedulerTests.java index d52d530956..30dfff8180 100644 --- a/core/src/test/java/org/springframework/security/scheduling/DelegatingSecurityContextTaskSchedulerTests.java +++ b/core/src/test/java/org/springframework/security/scheduling/DelegatingSecurityContextTaskSchedulerTests.java @@ -29,6 +29,7 @@ import org.mockito.MockitoAnnotations; import org.springframework.scheduling.TaskScheduler; import org.springframework.scheduling.Trigger; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.ArgumentMatchers.isA; @@ -65,9 +66,9 @@ public class DelegatingSecurityContextTaskSchedulerTests { this.delegatingSecurityContextTaskScheduler = null; } - @Test(expected = IllegalArgumentException.class) + @Test public void testSchedulerIsNotNull() { - this.delegatingSecurityContextTaskScheduler = new DelegatingSecurityContextTaskScheduler(null); + assertThatIllegalArgumentException().isThrownBy(() -> new DelegatingSecurityContextTaskScheduler(null)); } @Test diff --git a/core/src/test/java/org/springframework/security/util/MethodInvocationUtilsTests.java b/core/src/test/java/org/springframework/security/util/MethodInvocationUtilsTests.java index 7bc823f2bb..3901e63ec1 100644 --- a/core/src/test/java/org/springframework/security/util/MethodInvocationUtilsTests.java +++ b/core/src/test/java/org/springframework/security/util/MethodInvocationUtilsTests.java @@ -25,6 +25,7 @@ import org.springframework.aop.framework.AdvisedSupport; import org.springframework.security.access.annotation.BusinessServiceImpl; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Luke Taylor @@ -44,9 +45,10 @@ public class MethodInvocationUtilsTests { assertThat(mi).isNotNull(); } - @Test(expected = IllegalArgumentException.class) + @Test public void exceptionIsRaisedIfArgInfoOmittedAndMethodNameIsNotUnique() { - MethodInvocationUtils.createFromClass(BusinessServiceImpl.class, "methodReturningAList"); + assertThatIllegalArgumentException().isThrownBy( + () -> MethodInvocationUtils.createFromClass(BusinessServiceImpl.class, "methodReturningAList")); } @Test diff --git a/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2EncodingUtilsTests.java b/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2EncodingUtilsTests.java index 5bab1e821f..f69b9d479d 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2EncodingUtilsTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2EncodingUtilsTests.java @@ -22,6 +22,7 @@ import org.bouncycastle.crypto.params.Argon2Parameters; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Simeon Macke @@ -66,69 +67,70 @@ public class Argon2EncodingUtilsTests { this.testDataEntry2.decoded.getParameters())).isEqualTo(this.testDataEntry2.encoded); } - @Test(expected = IllegalArgumentException.class) + @Test public void encodeWhenNonexistingAlgorithmThenThrowException() { - Argon2EncodingUtils.encode(new byte[] { 0, 1, 2, 3 }, (new Argon2Parameters.Builder(3)).withVersion(19) - .withMemoryAsKB(333).withIterations(5).withParallelism(2).build()); + assertThatIllegalArgumentException().isThrownBy( + () -> Argon2EncodingUtils.encode(new byte[] { 0, 1, 2, 3 }, (new Argon2Parameters.Builder(3)) + .withVersion(19).withMemoryAsKB(333).withIterations(5).withParallelism(2).build())); } - @Test(expected = IllegalArgumentException.class) + @Test public void decodeWhenNotAnArgon2HashThenThrowException() { - Argon2EncodingUtils.decode("notahash"); + assertThatIllegalArgumentException().isThrownBy(() -> Argon2EncodingUtils.decode("notahash")); } - @Test(expected = IllegalArgumentException.class) + @Test public void decodeWhenNonexistingAlgorithmThenThrowException() { - Argon2EncodingUtils.decode( - "$argon2x$v=19$m=1024,t=3,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs"); + assertThatIllegalArgumentException().isThrownBy(() -> Argon2EncodingUtils.decode( + "$argon2x$v=19$m=1024,t=3,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs")); } - @Test(expected = IllegalArgumentException.class) + @Test public void decodeWhenIllegalVersionParameterThenThrowException() { - Argon2EncodingUtils.decode( - "$argon2i$v=x$m=1024,t=3,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs"); + assertThatIllegalArgumentException().isThrownBy(() -> Argon2EncodingUtils.decode( + "$argon2i$v=x$m=1024,t=3,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs")); } - @Test(expected = IllegalArgumentException.class) + @Test public void decodeWhenIllegalMemoryParameterThenThrowException() { - Argon2EncodingUtils - .decode("$argon2i$v=19$m=x,t=3,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs"); + assertThatIllegalArgumentException().isThrownBy(() -> Argon2EncodingUtils.decode( + "$argon2i$v=19$m=x,t=3,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs")); } - @Test(expected = IllegalArgumentException.class) + @Test public void decodeWhenIllegalIterationsParameterThenThrowException() { - Argon2EncodingUtils.decode( - "$argon2i$v=19$m=1024,t=x,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs"); + assertThatIllegalArgumentException().isThrownBy(() -> Argon2EncodingUtils.decode( + "$argon2i$v=19$m=1024,t=x,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs")); } - @Test(expected = IllegalArgumentException.class) + @Test public void decodeWhenIllegalParallelityParameterThenThrowException() { - Argon2EncodingUtils.decode( - "$argon2i$v=19$m=1024,t=3,p=x$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs"); + assertThatIllegalArgumentException().isThrownBy(() -> Argon2EncodingUtils.decode( + "$argon2i$v=19$m=1024,t=3,p=x$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs")); } - @Test(expected = IllegalArgumentException.class) + @Test public void decodeWhenMissingVersionParameterThenThrowException() { - Argon2EncodingUtils - .decode("$argon2i$m=1024,t=3,p=x$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs"); + assertThatIllegalArgumentException().isThrownBy(() -> Argon2EncodingUtils + .decode("$argon2i$m=1024,t=3,p=x$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs")); } - @Test(expected = IllegalArgumentException.class) + @Test public void decodeWhenMissingMemoryParameterThenThrowException() { - Argon2EncodingUtils - .decode("$argon2i$v=19$t=3,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs"); + assertThatIllegalArgumentException().isThrownBy(() -> Argon2EncodingUtils + .decode("$argon2i$v=19$t=3,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs")); } - @Test(expected = IllegalArgumentException.class) + @Test public void decodeWhenMissingIterationsParameterThenThrowException() { - Argon2EncodingUtils - .decode("$argon2i$v=19$m=1024,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs"); + assertThatIllegalArgumentException().isThrownBy(() -> Argon2EncodingUtils + .decode("$argon2i$v=19$m=1024,p=2$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs")); } - @Test(expected = IllegalArgumentException.class) + @Test public void decodeWhenMissingParallelityParameterThenThrowException() { - Argon2EncodingUtils - .decode("$argon2i$v=19$m=1024,t=3$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs"); + assertThatIllegalArgumentException().isThrownBy(() -> Argon2EncodingUtils + .decode("$argon2i$v=19$m=1024,t=3$Y1JkRmJDdzIzZ3oyTWx4aw$cGE5Cbd/cx7micVhXVBdH5qTr66JI1iUyuNNVAnErXs")); } private void assertArgon2HashEquals(Argon2EncodingUtils.Argon2Hash expected, diff --git a/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2PasswordEncoderTests.java b/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2PasswordEncoderTests.java index 23fde39954..72eda1f817 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2PasswordEncoderTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/argon2/Argon2PasswordEncoderTests.java @@ -28,6 +28,7 @@ import org.mockito.junit.MockitoJUnitRunner; import org.springframework.security.crypto.keygen.BytesKeyGenerator; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Simeon Macke @@ -181,9 +182,9 @@ public class Argon2PasswordEncoderTests { assertThat(this.encoder.upgradeEncoding("")).isFalse(); } - @Test(expected = IllegalArgumentException.class) + @Test public void upgradeEncodingWhenEncodedPassIsBogusThenThrowException() { - this.encoder.upgradeEncoding("thisIsNoValidHash"); + assertThatIllegalArgumentException().isThrownBy(() -> this.encoder.upgradeEncoding("thisIsNoValidHash")); } private void injectPredictableSaltGen() throws Exception { diff --git a/crypto/src/test/java/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoderTests.java b/crypto/src/test/java/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoderTests.java index b9c9c1072f..9039dc9657 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoderTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoderTests.java @@ -21,6 +21,7 @@ import java.security.SecureRandom; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Dave Syer @@ -129,14 +130,14 @@ public class BCryptPasswordEncoderTests { assertThat(encoder.matches("password", result)).isTrue(); } - @Test(expected = IllegalArgumentException.class) + @Test public void badLowCustomStrength() { - new BCryptPasswordEncoder(3); + assertThatIllegalArgumentException().isThrownBy(() -> new BCryptPasswordEncoder(3)); } - @Test(expected = IllegalArgumentException.class) + @Test public void badHighCustomStrength() { - new BCryptPasswordEncoder(32); + assertThatIllegalArgumentException().isThrownBy(() -> new BCryptPasswordEncoder(32)); } @Test @@ -189,22 +190,22 @@ public class BCryptPasswordEncoderTests { * @see https://github.com/spring-projects/spring-security/pull/7042#issuecomment-506755496 */ - @Test(expected = IllegalArgumentException.class) + @Test public void upgradeFromNonBCrypt() { BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(); - encoder.upgradeEncoding("not-a-bcrypt-password"); + assertThatIllegalArgumentException().isThrownBy(() -> encoder.upgradeEncoding("not-a-bcrypt-password")); } - @Test(expected = IllegalArgumentException.class) + @Test public void encodeNullRawPassword() { BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(); - encoder.encode(null); + assertThatIllegalArgumentException().isThrownBy(() -> encoder.encode(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void matchNullRawPassword() { BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(); - encoder.matches(null, "does-not-matter"); + assertThatIllegalArgumentException().isThrownBy(() -> encoder.matches(null, "does-not-matter")); } } diff --git a/crypto/src/test/java/org/springframework/security/crypto/bcrypt/BCryptTests.java b/crypto/src/test/java/org/springframework/security/crypto/bcrypt/BCryptTests.java index 010c1e9c8e..2e11b0fe4e 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/bcrypt/BCryptTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/bcrypt/BCryptTests.java @@ -21,6 +21,7 @@ import org.junit.BeforeClass; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * JUnit unit tests for BCrypt routines @@ -328,19 +329,21 @@ public class BCryptTests { assertThat(BCrypt.roundsForLogRounds(31)).isEqualTo(0x80000000L); } - @Test(expected = IllegalArgumentException.class) + @Test public void emptyByteArrayCannotBeEncoded() { - BCrypt.encode_base64(new byte[0], 0, new StringBuilder()); + assertThatIllegalArgumentException() + .isThrownBy(() -> BCrypt.encode_base64(new byte[0], 0, new StringBuilder())); } - @Test(expected = IllegalArgumentException.class) + @Test public void moreBytesThanInTheArrayCannotBeEncoded() { - BCrypt.encode_base64(new byte[1], 2, new StringBuilder()); + assertThatIllegalArgumentException() + .isThrownBy(() -> BCrypt.encode_base64(new byte[1], 2, new StringBuilder())); } - @Test(expected = IllegalArgumentException.class) + @Test public void decodingMustRequestMoreThanZeroBytes() { - BCrypt.decode_base64("", 0); + assertThatIllegalArgumentException().isThrownBy(() -> BCrypt.decode_base64("", 0)); } private static String encode_base64(byte d[], int len) throws IllegalArgumentException { @@ -394,14 +397,14 @@ public class BCryptTests { } } - @Test(expected = IllegalArgumentException.class) + @Test public void genSaltFailsWithTooFewRounds() { - BCrypt.gensalt(3); + assertThatIllegalArgumentException().isThrownBy(() -> BCrypt.gensalt(3)); } - @Test(expected = IllegalArgumentException.class) + @Test public void genSaltFailsWithTooManyRounds() { - BCrypt.gensalt(32); + assertThatIllegalArgumentException().isThrownBy(() -> BCrypt.gensalt(32)); } @Test @@ -410,24 +413,26 @@ public class BCryptTests { assertThat(BCrypt.gensalt(31)).startsWith("$2a$31$"); } - @Test(expected = IllegalArgumentException.class) + @Test public void hashpwFailsWhenSaltIsNull() { - BCrypt.hashpw("password", null); + assertThatIllegalArgumentException().isThrownBy(() -> BCrypt.hashpw("password", null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void hashpwFailsWhenSaltSpecifiesTooFewRounds() { - BCrypt.hashpw("password", "$2a$03$......................"); + assertThatIllegalArgumentException() + .isThrownBy(() -> BCrypt.hashpw("password", "$2a$03$......................")); } - @Test(expected = IllegalArgumentException.class) + @Test public void hashpwFailsWhenSaltSpecifiesTooManyRounds() { - BCrypt.hashpw("password", "$2a$32$......................"); + assertThatIllegalArgumentException() + .isThrownBy(() -> BCrypt.hashpw("password", "$2a$32$......................")); } - @Test(expected = IllegalArgumentException.class) + @Test public void saltLengthIsChecked() { - BCrypt.hashpw("", ""); + assertThatIllegalArgumentException().isThrownBy(() -> BCrypt.hashpw("", "")); } @Test @@ -436,9 +441,10 @@ public class BCryptTests { .isEqualTo("$2$05$......................bvpG2UfzdyW/S0ny/4YyEZrmczoJfVm"); } - @Test(expected = IllegalArgumentException.class) + @Test public void hashpwFailsWhenSaltIsTooShort() { - BCrypt.hashpw("password", "$2a$10$123456789012345678901"); + assertThatIllegalArgumentException() + .isThrownBy(() -> BCrypt.hashpw("password", "$2a$10$123456789012345678901")); } @Test diff --git a/crypto/src/test/java/org/springframework/security/crypto/codec/Base64Tests.java b/crypto/src/test/java/org/springframework/security/crypto/codec/Base64Tests.java index 6518c4b007..40017d5279 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/codec/Base64Tests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/codec/Base64Tests.java @@ -19,6 +19,8 @@ package org.springframework.security.crypto.codec; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Luke Taylor @@ -37,14 +39,14 @@ public class Base64Tests { assertThat(Base64.isBase64(new byte[] { (byte) 'A', (byte) 'B', (byte) 'C', (byte) '`' })).isFalse(); } - @Test(expected = NullPointerException.class) + @Test public void isBase64RejectsNull() { - Base64.isBase64(null); + assertThatExceptionOfType(NullPointerException.class).isThrownBy(() -> Base64.isBase64(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void isBase64RejectsInvalidLength() { - Base64.isBase64(new byte[] { (byte) 'A' }); + assertThatIllegalArgumentException().isThrownBy(() -> Base64.isBase64(new byte[] { (byte) 'A' })); } } diff --git a/crypto/src/test/java/org/springframework/security/crypto/encrypt/BouncyCastleAesBytesEncryptorTests.java b/crypto/src/test/java/org/springframework/security/crypto/encrypt/BouncyCastleAesBytesEncryptorTests.java index 88d0712c5c..6286b2767d 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/encrypt/BouncyCastleAesBytesEncryptorTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/encrypt/BouncyCastleAesBytesEncryptorTests.java @@ -27,6 +27,8 @@ import org.junit.Test; import org.springframework.security.crypto.codec.Hex; import org.springframework.security.crypto.keygen.KeyGenerators; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; + public class BouncyCastleAesBytesEncryptorTests { private byte[] testData; @@ -69,14 +71,16 @@ public class BouncyCastleAesBytesEncryptorTests { Assert.assertArrayEquals(this.testData, decrypted2); } - @Test(expected = IllegalArgumentException.class) + @Test public void bcCbcWithWrongLengthIv() { - new BouncyCastleAesCbcBytesEncryptor(this.password, this.salt, KeyGenerators.secureRandom(8)); + assertThatIllegalArgumentException().isThrownBy( + () -> new BouncyCastleAesCbcBytesEncryptor(this.password, this.salt, KeyGenerators.secureRandom(8))); } - @Test(expected = IllegalArgumentException.class) + @Test public void bcGcmWithWrongLengthIv() { - new BouncyCastleAesGcmBytesEncryptor(this.password, this.salt, KeyGenerators.secureRandom(8)); + assertThatIllegalArgumentException().isThrownBy( + () -> new BouncyCastleAesGcmBytesEncryptor(this.password, this.salt, KeyGenerators.secureRandom(8))); } } diff --git a/crypto/src/test/java/org/springframework/security/crypto/keygen/Base64StringKeyGeneratorTests.java b/crypto/src/test/java/org/springframework/security/crypto/keygen/Base64StringKeyGeneratorTests.java index ca108238b1..c451b4954b 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/keygen/Base64StringKeyGeneratorTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/keygen/Base64StringKeyGeneratorTests.java @@ -21,6 +21,7 @@ import java.util.Base64; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Rob Winch @@ -28,15 +29,14 @@ import static org.assertj.core.api.Assertions.assertThat; */ public class Base64StringKeyGeneratorTests { - @Test(expected = IllegalArgumentException.class) + @Test public void constructorIntWhenLessThan32ThenIllegalArgumentException() { - new Base64StringKeyGenerator(31); + assertThatIllegalArgumentException().isThrownBy(() -> new Base64StringKeyGenerator(31)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorEncoderWhenEncoderNullThenThrowsIllegalArgumentException() { - Base64.Encoder encoder = null; - new Base64StringKeyGenerator(null); + assertThatIllegalArgumentException().isThrownBy(() -> new Base64StringKeyGenerator(null)); } @Test diff --git a/crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java b/crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java index e123f27c5f..a04cec7c2f 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java @@ -72,19 +72,21 @@ public class DelegatingPasswordEncoderTests { this.passwordEncoder = new DelegatingPasswordEncoder(this.bcryptId, this.delegates); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenIdForEncodeNullThenIllegalArgumentException() { - new DelegatingPasswordEncoder(null, this.delegates); + assertThatIllegalArgumentException().isThrownBy(() -> new DelegatingPasswordEncoder(null, this.delegates)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenIdForEncodeDoesNotExistThenIllegalArgumentException() { - new DelegatingPasswordEncoder(this.bcryptId + "INVALID", this.delegates); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DelegatingPasswordEncoder(this.bcryptId + "INVALID", this.delegates)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setDefaultPasswordEncoderForMatchesWhenNullThenIllegalArgumentException() { - this.passwordEncoder.setDefaultPasswordEncoderForMatches(null); + assertThatIllegalArgumentException() + .isThrownBy(() -> this.passwordEncoder.setDefaultPasswordEncoderForMatches(null)); } @Test @@ -180,9 +182,9 @@ public class DelegatingPasswordEncoderTests { verifyZeroInteractions(this.bcrypt, this.noop); } - @Test(expected = IllegalArgumentException.class) + @Test public void matchesWhenRawPasswordNotNullAndEncodedPasswordNullThenThrowsIllegalArgumentException() { - this.passwordEncoder.matches(this.rawPassword, null); + assertThatIllegalArgumentException().isThrownBy(() -> this.passwordEncoder.matches(this.rawPassword, null)); } @Test diff --git a/crypto/src/test/java/org/springframework/security/crypto/password/LdapShaPasswordEncoderTests.java b/crypto/src/test/java/org/springframework/security/crypto/password/LdapShaPasswordEncoderTests.java index c2ba10087f..a24ae4be91 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/password/LdapShaPasswordEncoderTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/password/LdapShaPasswordEncoderTests.java @@ -21,6 +21,7 @@ import org.junit.Test; import org.springframework.security.crypto.keygen.KeyGenerators; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests {@link LdapShaPasswordEncoder}. @@ -92,15 +93,16 @@ public class LdapShaPasswordEncoderTests { assertThat(this.sha.encode("somepassword").startsWith("{SSHA}")); } - @Test(expected = IllegalArgumentException.class) + @Test public void invalidPrefixIsRejected() { - this.sha.matches("somepassword", "{MD9}xxxxxxxxxx"); + assertThatIllegalArgumentException().isThrownBy(() -> this.sha.matches("somepassword", "{MD9}xxxxxxxxxx")); } - @Test(expected = IllegalArgumentException.class) + @Test public void malformedPrefixIsRejected() { // No right brace - this.sha.matches("somepassword", "{SSHA25ro4PKC8jhQZ26jVsozhX/xaP0suHgX"); + assertThatIllegalArgumentException() + .isThrownBy(() -> this.sha.matches("somepassword", "{SSHA25ro4PKC8jhQZ26jVsozhX/xaP0suHgX")); } } diff --git a/crypto/src/test/java/org/springframework/security/crypto/password/MessageDigestPasswordEncoderTests.java b/crypto/src/test/java/org/springframework/security/crypto/password/MessageDigestPasswordEncoderTests.java index 057545ca41..a08ea0d77b 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/password/MessageDigestPasswordEncoderTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/password/MessageDigestPasswordEncoderTests.java @@ -19,6 +19,7 @@ package org.springframework.security.crypto.password; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalStateException; /** *

@@ -112,9 +113,9 @@ public class MessageDigestPasswordEncoderTests { assertThat(pe.matches(raw, "{THIS_IS_A_SALT}4b79b7de23eb23b78cc5ede227d532b8a51f89b2ec166f808af76b0dbedc47d7")); } - @Test(expected = IllegalStateException.class) + @Test public void testInvalidStrength() { - new MessageDigestPasswordEncoder("SHA-666"); + assertThatIllegalStateException().isThrownBy(() -> new MessageDigestPasswordEncoder("SHA-666")); } } diff --git a/crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java b/crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java index 6dcd99865a..3c4eb04a9b 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java @@ -19,6 +19,7 @@ package org.springframework.security.crypto.scrypt; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Shazin Sadakath @@ -91,29 +92,32 @@ public class SCryptPasswordEncoderTests { assertThat(encoder.matches("password", "012345678901234567890123456789")).isFalse(); } - @Test(expected = IllegalArgumentException.class) + @Test public void invalidCpuCostParameter() { - new SCryptPasswordEncoder(Integer.MIN_VALUE, 16, 2, 32, 16); + assertThatIllegalArgumentException() + .isThrownBy(() -> new SCryptPasswordEncoder(Integer.MIN_VALUE, 16, 2, 32, 16)); } - @Test(expected = IllegalArgumentException.class) + @Test public void invalidMemoryCostParameter() { - new SCryptPasswordEncoder(2, Integer.MAX_VALUE, 2, 32, 16); + assertThatIllegalArgumentException() + .isThrownBy(() -> new SCryptPasswordEncoder(2, Integer.MAX_VALUE, 2, 32, 16)); } - @Test(expected = IllegalArgumentException.class) + @Test public void invalidParallelizationParameter() { - new SCryptPasswordEncoder(2, 8, Integer.MAX_VALUE, 32, 16); + assertThatIllegalArgumentException() + .isThrownBy(() -> new SCryptPasswordEncoder(2, 8, Integer.MAX_VALUE, 32, 16)); } - @Test(expected = IllegalArgumentException.class) + @Test public void invalidSaltLengthParameter() { - new SCryptPasswordEncoder(2, 8, 1, 16, -1); + assertThatIllegalArgumentException().isThrownBy(() -> new SCryptPasswordEncoder(2, 8, 1, 16, -1)); } - @Test(expected = IllegalArgumentException.class) + @Test public void invalidKeyLengthParameter() { - new SCryptPasswordEncoder(2, 8, 1, -1, 16); + assertThatIllegalArgumentException().isThrownBy(() -> new SCryptPasswordEncoder(2, 8, 1, -1, 16)); } @Test @@ -153,9 +157,10 @@ public class SCryptPasswordEncoderTests { assertThat(strongEncoder.upgradeEncoding(weakPassword)).isTrue(); } - @Test(expected = IllegalArgumentException.class) + @Test public void upgradeEncodingWhenInvalidInputThenException() { - new SCryptPasswordEncoder().upgradeEncoding("not-a-scrypt-password"); + assertThatIllegalArgumentException() + .isThrownBy(() -> new SCryptPasswordEncoder().upgradeEncoding("not-a-scrypt-password")); } } diff --git a/data/src/test/java/org/springframework/security/data/repository/query/SecurityEvaluationContextExtensionTests.java b/data/src/test/java/org/springframework/security/data/repository/query/SecurityEvaluationContextExtensionTests.java index b4937afebb..5283ee7759 100644 --- a/data/src/test/java/org/springframework/security/data/repository/query/SecurityEvaluationContextExtensionTests.java +++ b/data/src/test/java/org/springframework/security/data/repository/query/SecurityEvaluationContextExtensionTests.java @@ -25,6 +25,7 @@ import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.context.SecurityContextHolder; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; public class SecurityEvaluationContextExtensionTests { @@ -40,9 +41,9 @@ public class SecurityEvaluationContextExtensionTests { SecurityContextHolder.clearContext(); } - @Test(expected = IllegalArgumentException.class) + @Test public void getRootObjectSecurityContextHolderAuthenticationNull() { - getRoot().getAuthentication(); + assertThatIllegalArgumentException().isThrownBy(() -> getRoot().getAuthentication()); } @Test diff --git a/itest/context/src/integration-test/java/org/springframework/security/integration/HttpPathParameterStrippingTests.java b/itest/context/src/integration-test/java/org/springframework/security/integration/HttpPathParameterStrippingTests.java index eebe083e15..9f7770003e 100644 --- a/itest/context/src/integration-test/java/org/springframework/security/integration/HttpPathParameterStrippingTests.java +++ b/itest/context/src/integration-test/java/org/springframework/security/integration/HttpPathParameterStrippingTests.java @@ -34,7 +34,7 @@ import org.springframework.security.web.firewall.RequestRejectedException; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; @ContextConfiguration(locations = { "/http-path-param-stripping-app-context.xml" }) @RunWith(SpringJUnit4ClassRunner.class) @@ -43,33 +43,35 @@ public class HttpPathParameterStrippingTests { @Autowired private FilterChainProxy fcp; - @Test(expected = RequestRejectedException.class) + @Test public void securedFilterChainCannotBeBypassedByAddingPathParameters() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); request.setPathInfo("/secured;x=y/admin.html"); request.setSession(createAuthenticatedSession("ROLE_USER")); MockHttpServletResponse response = new MockHttpServletResponse(); - this.fcp.doFilter(request, response, new MockFilterChain()); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.fcp.doFilter(request, response, new MockFilterChain())); } - @Test(expected = RequestRejectedException.class) + @Test public void adminFilePatternCannotBeBypassedByAddingPathParameters() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); request.setServletPath("/secured/admin.html;x=user.html"); request.setSession(createAuthenticatedSession("ROLE_USER")); MockHttpServletResponse response = new MockHttpServletResponse(); - this.fcp.doFilter(request, response, new MockFilterChain()); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.fcp.doFilter(request, response, new MockFilterChain())); } - @Test(expected = RequestRejectedException.class) + @Test public void adminFilePatternCannotBeBypassedByAddingPathParametersWithPathInfo() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); request.setServletPath("/secured"); request.setPathInfo("/admin.html;x=user.html"); request.setSession(createAuthenticatedSession("ROLE_USER")); MockHttpServletResponse response = new MockHttpServletResponse(); - this.fcp.doFilter(request, response, new MockFilterChain()); - assertThat(response.getStatus()).isEqualTo(403); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.fcp.doFilter(request, response, new MockFilterChain())); } public HttpSession createAuthenticatedSession(String... roles) { diff --git a/itest/context/src/integration-test/java/org/springframework/security/integration/MultiAnnotationTests.java b/itest/context/src/integration-test/java/org/springframework/security/integration/MultiAnnotationTests.java index 90fe40b464..50813ce4aa 100644 --- a/itest/context/src/integration-test/java/org/springframework/security/integration/MultiAnnotationTests.java +++ b/itest/context/src/integration-test/java/org/springframework/security/integration/MultiAnnotationTests.java @@ -31,6 +31,8 @@ import org.springframework.security.integration.multiannotation.SecuredService; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; + /** * @author Luke Taylor */ @@ -57,16 +59,16 @@ public class MultiAnnotationTests { SecurityContextHolder.clearContext(); } - @Test(expected = AccessDeniedException.class) + @Test public void preAuthorizeDeniedIsDenied() { SecurityContextHolder.getContext().setAuthentication(this.joe_a); - this.service.preAuthorizeDenyAllMethod(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.service::preAuthorizeDenyAllMethod); } - @Test(expected = AccessDeniedException.class) + @Test public void preAuthorizeRoleAIsDeniedIfRoleMissing() { SecurityContextHolder.getContext().setAuthentication(this.joe_b); - this.service.preAuthorizeHasRoleAMethod(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.service::preAuthorizeHasRoleAMethod); } @Test @@ -81,10 +83,10 @@ public class MultiAnnotationTests { this.service.securedAnonymousMethod(); } - @Test(expected = AccessDeniedException.class) + @Test public void securedRoleAIsDeniedIfRoleMissing() { SecurityContextHolder.getContext().setAuthentication(this.joe_b); - this.service.securedRoleAMethod(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.service::securedRoleAMethod); } @Test @@ -93,16 +95,16 @@ public class MultiAnnotationTests { this.service.securedRoleAMethod(); } - @Test(expected = AccessDeniedException.class) + @Test public void preAuthorizedOnlyServiceDeniesIfRoleMissing() { SecurityContextHolder.getContext().setAuthentication(this.joe_b); - this.preService.preAuthorizedMethod(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.preService::preAuthorizedMethod); } - @Test(expected = AccessDeniedException.class) + @Test public void securedOnlyRoleAServiceDeniesIfRoleMissing() { SecurityContextHolder.getContext().setAuthentication(this.joe_b); - this.secService.securedMethod(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.secService::securedMethod); } } diff --git a/itest/context/src/integration-test/java/org/springframework/security/integration/SEC936ApplicationContextTests.java b/itest/context/src/integration-test/java/org/springframework/security/integration/SEC936ApplicationContextTests.java index 03414f32ea..66e82b0f28 100644 --- a/itest/context/src/integration-test/java/org/springframework/security/integration/SEC936ApplicationContextTests.java +++ b/itest/context/src/integration-test/java/org/springframework/security/integration/SEC936ApplicationContextTests.java @@ -27,6 +27,8 @@ import org.springframework.security.core.session.SessionRegistry; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; + /** * @author Luke Taylor * @since 2.0 @@ -35,17 +37,17 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; @RunWith(SpringJUnit4ClassRunner.class) public class SEC936ApplicationContextTests { - @Autowired /** * SessionRegistry is used as the test service interface (nothing to do with the test) */ + @Autowired private SessionRegistry sessionRegistry; - @Test(expected = AccessDeniedException.class) + @Test public void securityInterceptorHandlesCallWithNoTargetObject() { SecurityContextHolder.getContext() .setAuthentication(new UsernamePasswordAuthenticationToken("bob", "bobspassword")); - this.sessionRegistry.getAllPrincipals(); + assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(this.sessionRegistry::getAllPrincipals); } } diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java index 85d9c99e9f..2158d7636a 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java @@ -20,8 +20,6 @@ import java.util.ArrayList; import java.util.Hashtable; import java.util.List; -import javax.naming.directory.DirContext; - import org.junit.Test; import org.junit.runner.RunWith; @@ -32,6 +30,8 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringRunner; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Luke Taylor @@ -80,21 +80,14 @@ public class DefaultSpringSecurityContextSourceTests { } // SEC-1145. Confirms that there is no issue here with pooling. - @Test(expected = AuthenticationException.class) + @Test public void cantBindWithWrongPasswordImmediatelyAfterSuccessfulBind() throws Exception { - DirContext ctx = null; - try { - ctx = this.contextSource.getContext("uid=Bob,ou=people,dc=springframework,dc=org", "bobspassword"); - } - catch (Exception ex) { - } - assertThat(ctx).isNotNull(); + this.contextSource.getContext("uid=Bob,ou=people,dc=springframework,dc=org", "bobspassword").close(); // com.sun.jndi.ldap.LdapPoolManager.showStats(System.out); - ctx.close(); // com.sun.jndi.ldap.LdapPoolManager.showStats(System.out); // Now get it gain, with wrong password. Should fail. - ctx = this.contextSource.getContext("uid=Bob,ou=people,dc=springframework,dc=org", "wrongpassword"); - ctx.close(); + assertThatExceptionOfType(AuthenticationException.class).isThrownBy(() -> this.contextSource + .getContext("uid=Bob,ou=people,dc=springframework,dc=org", "wrongpassword").close()); } @Test @@ -105,12 +98,14 @@ public class DefaultSpringSecurityContextSourceTests { contextSource.getContext("uid=space cadet,ou=space cadets,dc=springframework,dc=org", "spacecadetspassword"); } - @Test(expected = IllegalArgumentException.class) + @Test public void instantiationFailsWithEmptyServerList() { List serverUrls = new ArrayList<>(); - DefaultSpringSecurityContextSource ctxSrc = new DefaultSpringSecurityContextSource(serverUrls, - "dc=springframework,dc=org"); - ctxSrc.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(() -> { + DefaultSpringSecurityContextSource ctxSrc = new DefaultSpringSecurityContextSource(serverUrls, + "dc=springframework,dc=org"); + ctxSrc.afterPropertiesSet(); + }); } @Test @@ -140,15 +135,15 @@ public class DefaultSpringSecurityContextSourceTests { assertThat(ctxSrc.isPooled()).isTrue(); } - @Test(expected = IllegalArgumentException.class) + @Test public void instantiationFailsWithIncorrectServerUrl() { List serverUrls = new ArrayList<>(); // a simple trailing slash should be ok serverUrls.add("ldaps://blah:636/"); // this url should be rejected because the root DN goes into a separate parameter serverUrls.add("ldap://bar:389/dc=foobar,dc=org"); - DefaultSpringSecurityContextSource ctxSrc = new DefaultSpringSecurityContextSource(serverUrls, - "dc=springframework,dc=org"); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DefaultSpringSecurityContextSource(serverUrls, "dc=springframework,dc=org")); } static class EnvExposingDefaultSpringSecurityContextSource extends DefaultSpringSecurityContextSource { diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/BindAuthenticatorTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/BindAuthenticatorTests.java index 577fb9a169..47151dfac7 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/BindAuthenticatorTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/BindAuthenticatorTests.java @@ -60,9 +60,10 @@ public class BindAuthenticatorTests { } - @Test(expected = BadCredentialsException.class) + @Test public void emptyPasswordIsRejected() { - this.authenticator.authenticate(new UsernamePasswordAuthenticationToken("jen", "")); + assertThatExceptionOfType(BadCredentialsException.class) + .isThrownBy(() -> this.authenticator.authenticate(new UsernamePasswordAuthenticationToken("jen", ""))); } @Test diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java index 44c9311fde..bced081eec 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java @@ -37,6 +37,7 @@ import org.springframework.test.context.junit4.SpringRunner; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link PasswordComparisonAuthenticator}. @@ -84,11 +85,12 @@ public class PasswordComparisonAuthenticatorTests { () -> this.authenticator.authenticate(new UsernamePasswordAuthenticationToken("Joe", "pass"))); } - @Test(expected = BadCredentialsException.class) + @Test public void testLdapPasswordCompareFailsWithWrongPassword() { // Don't retrieve the password this.authenticator.setUserAttributes(new String[] { "uid", "cn", "sn" }); - this.authenticator.authenticate(new UsernamePasswordAuthenticationToken("bob", "wrongpass")); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy( + () -> this.authenticator.authenticate(new UsernamePasswordAuthenticationToken("bob", "wrongpass"))); } @Test @@ -121,9 +123,9 @@ public class PasswordComparisonAuthenticatorTests { this.authenticator.authenticate(this.ben); } - @Test(expected = IllegalArgumentException.class) + @Test public void testPasswordEncoderCantBeNull() { - this.authenticator.setPasswordEncoder(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.authenticator.setPasswordEncoder(null)); } @Test diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearchTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearchTests.java index 517a4f67cf..bcdf501b75 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearchTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearchTests.java @@ -31,6 +31,7 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringRunner; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * Tests for FilterBasedLdapUserSearch. @@ -81,16 +82,17 @@ public class FilterBasedLdapUserSearchTests { assertThat(ben.getStringAttribute("cn")).isEqualTo("Ben Alex"); } - @Test(expected = IncorrectResultSizeDataAccessException.class) + @Test public void searchFailsOnMultipleMatches() { FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch("ou=people", "(cn=*)", this.contextSource); - locator.searchForUser("Ignored"); + assertThatExceptionOfType(IncorrectResultSizeDataAccessException.class) + .isThrownBy(() -> locator.searchForUser("Ignored")); } - @Test(expected = UsernameNotFoundException.class) + @Test public void searchForInvalidUserFails() { FilterBasedLdapUserSearch locator = new FilterBasedLdapUserSearch("ou=people", "(uid={0})", this.contextSource); - locator.searchForUser("Joe"); + assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy(() -> locator.searchForUser("Joe")); } @Test diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorTests.java index 37cb58cc02..c28438478e 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorTests.java @@ -37,6 +37,7 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringRunner; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Luke Taylor @@ -198,9 +199,9 @@ public class DefaultLdapAuthoritiesPopulatorTests { assertThat(authorities).allMatch(LdapAuthority.class::isInstance); } - @Test(expected = IllegalArgumentException.class) + @Test public void customAuthoritiesMappingFunctionThrowsIfNull() { - this.populator.setAuthorityMapper(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.populator.setAuthorityMapper(null)); } } diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManagerTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManagerTests.java index fdcbf7ba8e..ad49af13ca 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManagerTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManagerTests.java @@ -118,9 +118,9 @@ public class LdapUserDetailsManagerTests { assertThat(bob.getAuthorities()).hasSize(1); } - @Test(expected = UsernameNotFoundException.class) + @Test public void testLoadingInvalidUsernameThrowsUsernameNotFoundException() { - this.mgr.loadUserByUsername("jim"); + assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy(() -> this.mgr.loadUserByUsername("jim")); } @Test @@ -201,7 +201,7 @@ public class LdapUserDetailsManagerTests { .isTrue(); } - @Test(expected = BadCredentialsException.class) + @Test public void testPasswordChangeWithWrongOldPasswordFails() { InetOrgPerson.Essence p = new InetOrgPerson.Essence(); p.setDn("whocares"); @@ -210,13 +210,11 @@ public class LdapUserDetailsManagerTests { p.setUid("johnyossarian"); p.setPassword("yossarianspassword"); p.setAuthorities(TEST_AUTHORITIES); - this.mgr.createUser(p.createUserDetails()); - SecurityContextHolder.getContext().setAuthentication( new UsernamePasswordAuthenticationToken("johnyossarian", "yossarianspassword", TEST_AUTHORITIES)); - - this.mgr.changePassword("wrongpassword", "yossariansnewpassword"); + assertThatExceptionOfType(BadCredentialsException.class) + .isThrownBy(() -> this.mgr.changePassword("wrongpassword", "yossariansnewpassword")); } } diff --git a/ldap/src/test/java/org/springframework/security/ldap/SpringSecurityAuthenticationSourceTests.java b/ldap/src/test/java/org/springframework/security/ldap/SpringSecurityAuthenticationSourceTests.java index 1b8f25afad..9eab38ef2e 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/SpringSecurityAuthenticationSourceTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/SpringSecurityAuthenticationSourceTests.java @@ -30,6 +30,7 @@ import org.springframework.security.ldap.authentication.SpringSecurityAuthentica import org.springframework.security.ldap.userdetails.LdapUserDetailsImpl; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Luke Taylor @@ -57,11 +58,11 @@ public class SpringSecurityAuthenticationSourceTests { assertThat(source.getPrincipal()).isEqualTo(""); } - @Test(expected = IllegalArgumentException.class) + @Test public void getPrincipalRejectsNonLdapUserDetailsObject() { AuthenticationSource source = new SpringSecurityAuthenticationSource(); SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken(new Object(), "password")); - source.getPrincipal(); + assertThatIllegalArgumentException().isThrownBy(source::getPrincipal); } @Test diff --git a/ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java b/ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java index 7b083051aa..2c1a498de5 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java @@ -73,23 +73,23 @@ public class LdapAuthenticationProviderTests { () -> ldapProvider.authenticate(new UsernamePasswordAuthenticationToken("", "bobspassword"))); } - @Test(expected = BadCredentialsException.class) + @Test public void usernameNotFoundExceptionIsHiddenByDefault() { final LdapAuthenticator authenticator = mock(LdapAuthenticator.class); final UsernamePasswordAuthenticationToken joe = new UsernamePasswordAuthenticationToken("joe", "password"); given(authenticator.authenticate(joe)).willThrow(new UsernameNotFoundException("nobody")); LdapAuthenticationProvider provider = new LdapAuthenticationProvider(authenticator); - provider.authenticate(joe); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> provider.authenticate(joe)); } - @Test(expected = UsernameNotFoundException.class) + @Test public void usernameNotFoundExceptionIsNotHiddenIfConfigured() { final LdapAuthenticator authenticator = mock(LdapAuthenticator.class); final UsernamePasswordAuthenticationToken joe = new UsernamePasswordAuthenticationToken("joe", "password"); given(authenticator.authenticate(joe)).willThrow(new UsernameNotFoundException("nobody")); LdapAuthenticationProvider provider = new LdapAuthenticationProvider(authenticator); provider.setHideUserNotFoundExceptions(false); - provider.authenticate(joe); + assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy(() -> provider.authenticate(joe)); } @Test diff --git a/ldap/src/test/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProviderTests.java b/ldap/src/test/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProviderTests.java index 72846149c2..d39d75efde 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProviderTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProviderTests.java @@ -49,6 +49,7 @@ import org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAu import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.BDDMockito.given; @@ -140,14 +141,14 @@ public class ActiveDirectoryLdapAuthenticationProviderTests { assertThat(result.isAuthenticated()).isTrue(); } - @Test(expected = IllegalArgumentException.class) + @Test public void setSearchFilterNull() { - this.provider.setSearchFilter(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.provider.setSearchFilter(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setSearchFilterEmpty() { - this.provider.setSearchFilter(" "); + assertThatIllegalArgumentException().isThrownBy(() -> this.provider.setSearchFilter(" ")); } @Test @@ -164,35 +165,36 @@ public class ActiveDirectoryLdapAuthenticationProviderTests { this.provider.authenticate(new UsernamePasswordAuthenticationToken("joe@mydomain.eu", "password")); } - @Test(expected = BadCredentialsException.class) + @Test public void failedUserSearchCausesBadCredentials() throws Exception { DirContext ctx = mock(DirContext.class); given(ctx.getNameInNamespace()).willReturn(""); given(ctx.search(any(Name.class), any(String.class), any(Object[].class), any(SearchControls.class))) .willThrow(new NameNotFoundException()); this.provider.contextFactory = createContextFactoryReturning(ctx); - this.provider.authenticate(this.joe); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.provider.authenticate(this.joe)); } // SEC-2017 - @Test(expected = BadCredentialsException.class) + @Test public void noUserSearchCausesUsernameNotFound() throws Exception { DirContext ctx = mock(DirContext.class); given(ctx.getNameInNamespace()).willReturn(""); given(ctx.search(any(Name.class), any(String.class), any(Object[].class), any(SearchControls.class))) .willReturn(new EmptyEnumeration<>()); this.provider.contextFactory = createContextFactoryReturning(ctx); - this.provider.authenticate(this.joe); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.provider.authenticate(this.joe)); } // SEC-2500 - @Test(expected = BadCredentialsException.class) + @Test public void sec2500PreventAnonymousBind() { - this.provider.authenticate(new UsernamePasswordAuthenticationToken("rwinch", "")); + assertThatExceptionOfType(BadCredentialsException.class) + .isThrownBy(() -> this.provider.authenticate(new UsernamePasswordAuthenticationToken("rwinch", ""))); } + @Test @SuppressWarnings("unchecked") - @Test(expected = IncorrectResultSizeDataAccessException.class) public void duplicateUserSearchCausesError() throws Exception { DirContext ctx = mock(DirContext.class); given(ctx.getNameInNamespace()).willReturn(""); @@ -204,30 +206,31 @@ public class ActiveDirectoryLdapAuthenticationProviderTests { given(ctx.search(any(Name.class), any(String.class), any(Object[].class), any(SearchControls.class))) .willReturn(searchResults); this.provider.contextFactory = createContextFactoryReturning(ctx); - this.provider.authenticate(this.joe); + assertThatExceptionOfType(IncorrectResultSizeDataAccessException.class) + .isThrownBy(() -> this.provider.authenticate(this.joe)); } static final String msg = "[LDAP: error code 49 - 80858585: LdapErr: DSID-DECAFF0, comment: AcceptSecurityContext error, data "; - @Test(expected = BadCredentialsException.class) + @Test public void userNotFoundIsCorrectlyMapped() { this.provider.contextFactory = createContextFactoryThrowing(new AuthenticationException(msg + "525, xxxx]")); this.provider.setConvertSubErrorCodesToExceptions(true); - this.provider.authenticate(this.joe); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.provider.authenticate(this.joe)); } - @Test(expected = BadCredentialsException.class) + @Test public void incorrectPasswordIsCorrectlyMapped() { this.provider.contextFactory = createContextFactoryThrowing(new AuthenticationException(msg + "52e, xxxx]")); this.provider.setConvertSubErrorCodesToExceptions(true); - this.provider.authenticate(this.joe); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.provider.authenticate(this.joe)); } - @Test(expected = BadCredentialsException.class) + @Test public void notPermittedIsCorrectlyMapped() { this.provider.contextFactory = createContextFactoryThrowing(new AuthenticationException(msg + "530, xxxx]")); this.provider.setConvertSubErrorCodesToExceptions(true); - this.provider.authenticate(this.joe); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.provider.authenticate(this.joe)); } @Test @@ -242,47 +245,48 @@ public class ActiveDirectoryLdapAuthenticationProviderTests { .isEqualTo(dataCode)); } - @Test(expected = CredentialsExpiredException.class) + @Test public void expiredPasswordIsCorrectlyMapped() { this.provider.contextFactory = createContextFactoryThrowing(new AuthenticationException(msg + "532, xxxx]")); assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.provider.authenticate(this.joe)); this.provider.setConvertSubErrorCodesToExceptions(true); - this.provider.authenticate(this.joe); + assertThatExceptionOfType(CredentialsExpiredException.class) + .isThrownBy(() -> this.provider.authenticate(this.joe)); } - @Test(expected = DisabledException.class) + @Test public void accountDisabledIsCorrectlyMapped() { this.provider.contextFactory = createContextFactoryThrowing(new AuthenticationException(msg + "533, xxxx]")); this.provider.setConvertSubErrorCodesToExceptions(true); - this.provider.authenticate(this.joe); + assertThatExceptionOfType(DisabledException.class).isThrownBy(() -> this.provider.authenticate(this.joe)); } - @Test(expected = AccountExpiredException.class) + @Test public void accountExpiredIsCorrectlyMapped() { this.provider.contextFactory = createContextFactoryThrowing(new AuthenticationException(msg + "701, xxxx]")); this.provider.setConvertSubErrorCodesToExceptions(true); - this.provider.authenticate(this.joe); + assertThatExceptionOfType(AccountExpiredException.class).isThrownBy(() -> this.provider.authenticate(this.joe)); } - @Test(expected = LockedException.class) + @Test public void accountLockedIsCorrectlyMapped() { this.provider.contextFactory = createContextFactoryThrowing(new AuthenticationException(msg + "775, xxxx]")); this.provider.setConvertSubErrorCodesToExceptions(true); - this.provider.authenticate(this.joe); + assertThatExceptionOfType(LockedException.class).isThrownBy(() -> this.provider.authenticate(this.joe)); } - @Test(expected = BadCredentialsException.class) + @Test public void unknownErrorCodeIsCorrectlyMapped() { this.provider.contextFactory = createContextFactoryThrowing(new AuthenticationException(msg + "999, xxxx]")); this.provider.setConvertSubErrorCodesToExceptions(true); - this.provider.authenticate(this.joe); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.provider.authenticate(this.joe)); } - @Test(expected = BadCredentialsException.class) + @Test public void errorWithNoSubcodeIsHandledCleanly() { this.provider.contextFactory = createContextFactoryThrowing(new AuthenticationException(msg)); this.provider.setConvertSubErrorCodesToExceptions(true); - this.provider.authenticate(this.joe); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.provider.authenticate(this.joe)); } @Test @@ -293,13 +297,15 @@ public class ActiveDirectoryLdapAuthenticationProviderTests { }).withCauseInstanceOf(org.springframework.ldap.CommunicationException.class); } - @Test(expected = org.springframework.security.authentication.InternalAuthenticationServiceException.class) + @Test public void connectionExceptionIsWrappedInInternalException() throws Exception { ActiveDirectoryLdapAuthenticationProvider noneReachableProvider = new ActiveDirectoryLdapAuthenticationProvider( "mydomain.eu", NON_EXISTING_LDAP_PROVIDER, "dc=ad,dc=eu,dc=mydomain"); noneReachableProvider .setContextEnvironmentProperties(Collections.singletonMap("com.sun.jndi.ldap.connect.timeout", "5")); - noneReachableProvider.doAuthentication(this.joe); + assertThatExceptionOfType( + org.springframework.security.authentication.InternalAuthenticationServiceException.class) + .isThrownBy(() -> noneReachableProvider.doAuthentication(this.joe)); } @Test @@ -309,14 +315,15 @@ public class ActiveDirectoryLdapAuthenticationProviderTests { checkAuthentication("dc=ad,dc=eu,dc=mydomain", provider); } - @Test(expected = IllegalArgumentException.class) + @Test public void setContextEnvironmentPropertiesNull() { - this.provider.setContextEnvironmentProperties(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.provider.setContextEnvironmentProperties(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setContextEnvironmentPropertiesEmpty() { - this.provider.setContextEnvironmentProperties(new Hashtable<>()); + assertThatIllegalArgumentException() + .isThrownBy(() -> this.provider.setContextEnvironmentProperties(new Hashtable<>())); } @Test diff --git a/ldap/src/test/java/org/springframework/security/ldap/ppolicy/PasswordPolicyAwareContextSourceTests.java b/ldap/src/test/java/org/springframework/security/ldap/ppolicy/PasswordPolicyAwareContextSourceTests.java index 84cc77f851..3ad5e279e0 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/ppolicy/PasswordPolicyAwareContextSourceTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/ppolicy/PasswordPolicyAwareContextSourceTests.java @@ -30,6 +30,7 @@ import org.junit.Test; import org.springframework.ldap.UncategorizedLdapException; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.mockito.BDDMockito.willThrow; @@ -67,18 +68,20 @@ public class PasswordPolicyAwareContextSourceTests { assertThat(this.ctxSource.getContext("user", "ignored")).isNotNull(); } - @Test(expected = UncategorizedLdapException.class) + @Test public void standardExceptionIsPropagatedWhenExceptionRaisedAndNoControlsAreSet() throws Exception { willThrow(new NamingException("some LDAP exception")).given(this.ctx).reconnect(any(Control[].class)); - this.ctxSource.getContext("user", "ignored"); + assertThatExceptionOfType(UncategorizedLdapException.class) + .isThrownBy(() -> this.ctxSource.getContext("user", "ignored")); } - @Test(expected = PasswordPolicyException.class) + @Test public void lockedPasswordPolicyControlRaisesPasswordPolicyException() throws Exception { given(this.ctx.getResponseControls()).willReturn(new Control[] { new PasswordPolicyResponseControl(PasswordPolicyResponseControlTests.OPENLDAP_LOCKED_CTRL) }); willThrow(new NamingException("locked message")).given(this.ctx).reconnect(any(Control[].class)); - this.ctxSource.getContext("user", "ignored"); + assertThatExceptionOfType(PasswordPolicyException.class) + .isThrownBy(() -> this.ctxSource.getContext("user", "ignored")); } } diff --git a/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsServiceTests.java b/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsServiceTests.java index 3dfd7c53dd..8db2b98c57 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsServiceTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsServiceTests.java @@ -31,6 +31,7 @@ import org.springframework.security.ldap.authentication.MockUserSearch; import org.springframework.security.ldap.authentication.NullLdapAuthoritiesPopulator; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link LdapUserDetailsService} @@ -39,14 +40,15 @@ import static org.assertj.core.api.Assertions.assertThat; */ public class LdapUserDetailsServiceTests { - @Test(expected = IllegalArgumentException.class) + @Test public void rejectsNullSearchObject() { - new LdapUserDetailsService(null, new NullLdapAuthoritiesPopulator()); + assertThatIllegalArgumentException() + .isThrownBy(() -> new LdapUserDetailsService(null, new NullLdapAuthoritiesPopulator())); } - @Test(expected = IllegalArgumentException.class) + @Test public void rejectsNullAuthoritiesPopulator() { - new LdapUserDetailsService(new MockUserSearch(), null); + assertThatIllegalArgumentException().isThrownBy(() -> new LdapUserDetailsService(new MockUserSearch(), null)); } @Test diff --git a/messaging/src/test/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandlerTests.java b/messaging/src/test/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandlerTests.java index 13277bc737..6cae7045d5 100644 --- a/messaging/src/test/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandlerTests.java +++ b/messaging/src/test/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandlerTests.java @@ -36,6 +36,7 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.authority.AuthorityUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; @RunWith(MockitoJUnitRunner.class) @@ -69,9 +70,9 @@ public class DefaultMessageSecurityExpressionHandlerTests { assertThat(ExpressionUtils.evaluateAsBoolean(expression, context)).isFalse(); } - @Test(expected = IllegalArgumentException.class) + @Test public void trustResolverNull() { - this.handler.setTrustResolver(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.handler.setTrustResolver(null)); } @Test diff --git a/messaging/src/test/java/org/springframework/security/messaging/access/expression/MessageExpressionConfigAttributeTests.java b/messaging/src/test/java/org/springframework/security/messaging/access/expression/MessageExpressionConfigAttributeTests.java index 5a12f89ea9..02113a6251 100644 --- a/messaging/src/test/java/org/springframework/security/messaging/access/expression/MessageExpressionConfigAttributeTests.java +++ b/messaging/src/test/java/org/springframework/security/messaging/access/expression/MessageExpressionConfigAttributeTests.java @@ -31,6 +31,7 @@ import org.springframework.security.messaging.util.matcher.MessageMatcher; import org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; @@ -51,14 +52,15 @@ public class MessageExpressionConfigAttributeTests { this.attribute = new MessageExpressionConfigAttribute(this.expression, this.matcher); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullExpression() { - new MessageExpressionConfigAttribute(null, this.matcher); + assertThatIllegalArgumentException().isThrownBy(() -> new MessageExpressionConfigAttribute(null, this.matcher)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullMatcher() { - new MessageExpressionConfigAttribute(this.expression, null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new MessageExpressionConfigAttribute(this.expression, null)); } @Test diff --git a/messaging/src/test/java/org/springframework/security/messaging/access/expression/MessageExpressionVoterTests.java b/messaging/src/test/java/org/springframework/security/messaging/access/expression/MessageExpressionVoterTests.java index 700e2714cb..270ea4dc7a 100644 --- a/messaging/src/test/java/org/springframework/security/messaging/access/expression/MessageExpressionVoterTests.java +++ b/messaging/src/test/java/org/springframework/security/messaging/access/expression/MessageExpressionVoterTests.java @@ -36,6 +36,7 @@ import org.springframework.security.core.Authentication; import org.springframework.security.messaging.util.matcher.MessageMatcher; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.BDDMockito.given; @@ -115,9 +116,9 @@ public class MessageExpressionVoterTests { assertThat(this.voter.supports(new MessageExpressionConfigAttribute(this.expression, this.matcher))).isTrue(); } - @Test(expected = IllegalArgumentException.class) + @Test public void setExpressionHandlerNull() { - this.voter.setExpressionHandler(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.voter.setExpressionHandler(null)); } @Test diff --git a/messaging/src/test/java/org/springframework/security/messaging/access/intercept/ChannelSecurityInterceptorTests.java b/messaging/src/test/java/org/springframework/security/messaging/access/intercept/ChannelSecurityInterceptorTests.java index 94d546c32e..3e8356cd98 100644 --- a/messaging/src/test/java/org/springframework/security/messaging/access/intercept/ChannelSecurityInterceptorTests.java +++ b/messaging/src/test/java/org/springframework/security/messaging/access/intercept/ChannelSecurityInterceptorTests.java @@ -39,6 +39,8 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.BDDMockito.given; @@ -86,9 +88,9 @@ public class ChannelSecurityInterceptorTests { SecurityContextHolder.clearContext(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorMessageSecurityMetadataSourceNull() { - new ChannelSecurityInterceptor(null); + assertThatIllegalArgumentException().isThrownBy(() -> new ChannelSecurityInterceptor(null)); } @Test @@ -113,12 +115,13 @@ public class ChannelSecurityInterceptorTests { assertThat(result).isSameAs(this.message); } - @Test(expected = AccessDeniedException.class) + @Test public void preSendDeny() { given(this.source.getAttributes(this.message)).willReturn(this.attrs); willThrow(new AccessDeniedException("")).given(this.accessDecisionManager).decide(any(Authentication.class), eq(this.message), eq(this.attrs)); - this.interceptor.preSend(this.message, this.channel); + assertThatExceptionOfType(AccessDeniedException.class) + .isThrownBy(() -> this.interceptor.preSend(this.message, this.channel)); } @SuppressWarnings("unchecked") diff --git a/messaging/src/test/java/org/springframework/security/messaging/context/AuthenticationPrincipalArgumentResolverTests.java b/messaging/src/test/java/org/springframework/security/messaging/context/AuthenticationPrincipalArgumentResolverTests.java index fe3e6c2323..c8700c7cce 100644 --- a/messaging/src/test/java/org/springframework/security/messaging/context/AuthenticationPrincipalArgumentResolverTests.java +++ b/messaging/src/test/java/org/springframework/security/messaging/context/AuthenticationPrincipalArgumentResolverTests.java @@ -36,6 +36,7 @@ import org.springframework.security.core.userdetails.UserDetails; import org.springframework.util.ReflectionUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * @author Rob Winch @@ -138,16 +139,18 @@ public class AuthenticationPrincipalArgumentResolverTests { assertThat(this.resolver.resolveArgument(showUserAnnotationString(), null)).isNull(); } - @Test(expected = ClassCastException.class) + @Test public void resolveArgumentErrorOnInvalidType() throws Exception { setAuthenticationPrincipal(new CustomUserPrincipal()); - this.resolver.resolveArgument(showUserAnnotationErrorOnInvalidType(), null); + assertThatExceptionOfType(ClassCastException.class) + .isThrownBy(() -> this.resolver.resolveArgument(showUserAnnotationErrorOnInvalidType(), null)); } - @Test(expected = ClassCastException.class) + @Test public void resolveArgumentCustomserErrorOnInvalidType() throws Exception { setAuthenticationPrincipal(new CustomUserPrincipal()); - this.resolver.resolveArgument(showUserAnnotationCurrentUserErrorOnInvalidType(), null); + assertThatExceptionOfType(ClassCastException.class).isThrownBy( + () -> this.resolver.resolveArgument(showUserAnnotationCurrentUserErrorOnInvalidType(), null)); } @Test diff --git a/messaging/src/test/java/org/springframework/security/messaging/context/SecurityContextChannelInterceptorTests.java b/messaging/src/test/java/org/springframework/security/messaging/context/SecurityContextChannelInterceptorTests.java index c11683c321..7f6c93a1aa 100644 --- a/messaging/src/test/java/org/springframework/security/messaging/context/SecurityContextChannelInterceptorTests.java +++ b/messaging/src/test/java/org/springframework/security/messaging/context/SecurityContextChannelInterceptorTests.java @@ -36,6 +36,7 @@ import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.context.SecurityContextHolder; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; @RunWith(MockitoJUnitRunner.class) public class SecurityContextChannelInterceptorTests { @@ -71,9 +72,9 @@ public class SecurityContextChannelInterceptorTests { SecurityContextHolder.clearContext(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullHeader() { - new SecurityContextChannelInterceptor(null); + assertThatIllegalArgumentException().isThrownBy(() -> new SecurityContextChannelInterceptor(null)); } @Test @@ -92,9 +93,9 @@ public class SecurityContextChannelInterceptorTests { assertThat(SecurityContextHolder.getContext().getAuthentication()).isSameAs(this.authentication); } - @Test(expected = IllegalArgumentException.class) + @Test public void setAnonymousAuthenticationNull() { - this.interceptor.setAnonymousAuthentication(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.interceptor.setAnonymousAuthentication(null)); } @Test diff --git a/messaging/src/test/java/org/springframework/security/messaging/util/matcher/AndMessageMatcherTests.java b/messaging/src/test/java/org/springframework/security/messaging/util/matcher/AndMessageMatcherTests.java index 368b50d839..0b352d7f71 100644 --- a/messaging/src/test/java/org/springframework/security/messaging/util/matcher/AndMessageMatcherTests.java +++ b/messaging/src/test/java/org/springframework/security/messaging/util/matcher/AndMessageMatcherTests.java @@ -28,6 +28,8 @@ import org.mockito.junit.MockitoJUnitRunner; import org.springframework.messaging.Message; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; +import static org.assertj.core.api.Assertions.assertThatNullPointerException; import static org.mockito.BDDMockito.given; @RunWith(MockitoJUnitRunner.class) @@ -44,35 +46,37 @@ public class AndMessageMatcherTests { private MessageMatcher matcher; - @Test(expected = NullPointerException.class) + @Test public void constructorNullArray() { - new AndMessageMatcher<>((MessageMatcher[]) null); + assertThatNullPointerException().isThrownBy(() -> new AndMessageMatcher<>((MessageMatcher[]) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorArrayContainsNull() { - new AndMessageMatcher<>((MessageMatcher) null); + assertThatIllegalArgumentException().isThrownBy(() -> new AndMessageMatcher<>((MessageMatcher) null)); } + @Test @SuppressWarnings("unchecked") - @Test(expected = IllegalArgumentException.class) public void constructorEmptyArray() { - new AndMessageMatcher<>(new MessageMatcher[0]); + assertThatIllegalArgumentException().isThrownBy(() -> new AndMessageMatcher<>(new MessageMatcher[0])); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullList() { - new AndMessageMatcher<>((List>) null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new AndMessageMatcher<>((List>) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorListContainsNull() { - new AndMessageMatcher<>(Arrays.asList((MessageMatcher) null)); + assertThatIllegalArgumentException() + .isThrownBy(() -> new AndMessageMatcher<>(Arrays.asList((MessageMatcher) null))); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorEmptyList() { - new AndMessageMatcher<>(Collections.emptyList()); + assertThatIllegalArgumentException().isThrownBy(() -> new AndMessageMatcher<>(Collections.emptyList())); } @Test diff --git a/messaging/src/test/java/org/springframework/security/messaging/util/matcher/OrMessageMatcherTests.java b/messaging/src/test/java/org/springframework/security/messaging/util/matcher/OrMessageMatcherTests.java index 51aa9f3040..ddf6c198df 100644 --- a/messaging/src/test/java/org/springframework/security/messaging/util/matcher/OrMessageMatcherTests.java +++ b/messaging/src/test/java/org/springframework/security/messaging/util/matcher/OrMessageMatcherTests.java @@ -28,6 +28,8 @@ import org.mockito.junit.MockitoJUnitRunner; import org.springframework.messaging.Message; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; +import static org.assertj.core.api.Assertions.assertThatNullPointerException; import static org.mockito.BDDMockito.given; @RunWith(MockitoJUnitRunner.class) @@ -44,35 +46,37 @@ public class OrMessageMatcherTests { private MessageMatcher matcher; - @Test(expected = NullPointerException.class) + @Test public void constructorNullArray() { - new OrMessageMatcher<>((MessageMatcher[]) null); + assertThatNullPointerException().isThrownBy(() -> new OrMessageMatcher<>((MessageMatcher[]) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorArrayContainsNull() { - new OrMessageMatcher<>((MessageMatcher) null); + assertThatIllegalArgumentException().isThrownBy(() -> new OrMessageMatcher<>((MessageMatcher) null)); } + @Test @SuppressWarnings("unchecked") - @Test(expected = IllegalArgumentException.class) public void constructorEmptyArray() { - new OrMessageMatcher<>(new MessageMatcher[0]); + assertThatIllegalArgumentException().isThrownBy(() -> new OrMessageMatcher<>(new MessageMatcher[0])); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullList() { - new OrMessageMatcher<>((List>) null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OrMessageMatcher<>((List>) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorListContainsNull() { - new OrMessageMatcher<>(Arrays.asList((MessageMatcher) null)); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OrMessageMatcher<>(Arrays.asList((MessageMatcher) null))); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorEmptyList() { - new OrMessageMatcher<>(Collections.emptyList()); + assertThatIllegalArgumentException().isThrownBy(() -> new OrMessageMatcher<>(Collections.emptyList())); } @Test diff --git a/messaging/src/test/java/org/springframework/security/messaging/util/matcher/SimpDestinationMessageMatcherTests.java b/messaging/src/test/java/org/springframework/security/messaging/util/matcher/SimpDestinationMessageMatcherTests.java index 9161a95ff8..7f856c55a9 100644 --- a/messaging/src/test/java/org/springframework/security/messaging/util/matcher/SimpDestinationMessageMatcherTests.java +++ b/messaging/src/test/java/org/springframework/security/messaging/util/matcher/SimpDestinationMessageMatcherTests.java @@ -26,6 +26,7 @@ import org.springframework.util.AntPathMatcher; import org.springframework.util.PathMatcher; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; public class SimpDestinationMessageMatcherTests { @@ -42,9 +43,9 @@ public class SimpDestinationMessageMatcherTests { this.pathMatcher = new AntPathMatcher(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorPatternNull() { - new SimpDestinationMessageMatcher(null); + assertThatIllegalArgumentException().isThrownBy(() -> new SimpDestinationMessageMatcher(null)); } public void constructorOnlyPathNoError() { diff --git a/messaging/src/test/java/org/springframework/security/messaging/util/matcher/SimpMessageTypeMatcherTests.java b/messaging/src/test/java/org/springframework/security/messaging/util/matcher/SimpMessageTypeMatcherTests.java index 1f7f9c562c..438a59fb41 100644 --- a/messaging/src/test/java/org/springframework/security/messaging/util/matcher/SimpMessageTypeMatcherTests.java +++ b/messaging/src/test/java/org/springframework/security/messaging/util/matcher/SimpMessageTypeMatcherTests.java @@ -25,6 +25,7 @@ import org.springframework.messaging.simp.SimpMessageType; import org.springframework.messaging.support.MessageBuilder; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; public class SimpMessageTypeMatcherTests { @@ -35,9 +36,9 @@ public class SimpMessageTypeMatcherTests { this.matcher = new SimpMessageTypeMatcher(SimpMessageType.MESSAGE); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullType() { - new SimpMessageTypeMatcher(null); + assertThatIllegalArgumentException().isThrownBy(() -> new SimpMessageTypeMatcher(null)); } @Test diff --git a/messaging/src/test/java/org/springframework/security/messaging/web/csrf/CsrfChannelInterceptorTests.java b/messaging/src/test/java/org/springframework/security/messaging/web/csrf/CsrfChannelInterceptorTests.java index f7d1e6d76c..91b59bb251 100644 --- a/messaging/src/test/java/org/springframework/security/messaging/web/csrf/CsrfChannelInterceptorTests.java +++ b/messaging/src/test/java/org/springframework/security/messaging/web/csrf/CsrfChannelInterceptorTests.java @@ -35,6 +35,8 @@ import org.springframework.security.web.csrf.DefaultCsrfToken; import org.springframework.security.web.csrf.InvalidCsrfTokenException; import org.springframework.security.web.csrf.MissingCsrfTokenException; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; + @RunWith(MockitoJUnitRunner.class) public class CsrfChannelInterceptorTests { @@ -110,28 +112,32 @@ public class CsrfChannelInterceptorTests { this.interceptor.preSend(message(), this.channel); } - @Test(expected = InvalidCsrfTokenException.class) + @Test public void preSendNoToken() { this.messageHeaders.removeNativeHeader(this.token.getHeaderName()); - this.interceptor.preSend(message(), this.channel); + assertThatExceptionOfType(InvalidCsrfTokenException.class) + .isThrownBy(() -> this.interceptor.preSend(message(), this.channel)); } - @Test(expected = InvalidCsrfTokenException.class) + @Test public void preSendInvalidToken() { this.messageHeaders.setNativeHeader(this.token.getHeaderName(), this.token.getToken() + "invalid"); - this.interceptor.preSend(message(), this.channel); + assertThatExceptionOfType(InvalidCsrfTokenException.class) + .isThrownBy(() -> this.interceptor.preSend(message(), this.channel)); } - @Test(expected = MissingCsrfTokenException.class) + @Test public void preSendMissingToken() { this.messageHeaders.getSessionAttributes().clear(); - this.interceptor.preSend(message(), this.channel); + assertThatExceptionOfType(MissingCsrfTokenException.class) + .isThrownBy(() -> this.interceptor.preSend(message(), this.channel)); } - @Test(expected = MissingCsrfTokenException.class) + @Test public void preSendMissingTokenNullSessionAttributes() { this.messageHeaders.setSessionAttributes(null); - this.interceptor.preSend(message(), this.channel); + assertThatExceptionOfType(MissingCsrfTokenException.class) + .isThrownBy(() -> this.interceptor.preSend(message(), this.channel)); } private Message message() { diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientServiceTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientServiceTests.java index 6dbeffd490..0afeaf067e 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientServiceTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientServiceTests.java @@ -60,9 +60,9 @@ public class InMemoryOAuth2AuthorizedClientServiceTests { private InMemoryOAuth2AuthorizedClientService authorizedClientService = new InMemoryOAuth2AuthorizedClientService( this.clientRegistrationRepository); - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenClientRegistrationRepositoryIsNullThenThrowIllegalArgumentException() { - new InMemoryOAuth2AuthorizedClientService(null); + assertThatIllegalArgumentException().isThrownBy(() -> new InMemoryOAuth2AuthorizedClientService(null)); } @Test @@ -87,14 +87,16 @@ public class InMemoryOAuth2AuthorizedClientServiceTests { assertThatObject(authorizedClientService.loadAuthorizedClient(registrationId, this.principalName1)).isNotNull(); } - @Test(expected = IllegalArgumentException.class) + @Test public void loadAuthorizedClientWhenClientRegistrationIdIsNullThenThrowIllegalArgumentException() { - this.authorizedClientService.loadAuthorizedClient(null, this.principalName1); + assertThatIllegalArgumentException() + .isThrownBy(() -> this.authorizedClientService.loadAuthorizedClient(null, this.principalName1)); } - @Test(expected = IllegalArgumentException.class) + @Test public void loadAuthorizedClientWhenPrincipalNameIsNullThenThrowIllegalArgumentException() { - this.authorizedClientService.loadAuthorizedClient(this.registration1.getRegistrationId(), null); + assertThatIllegalArgumentException().isThrownBy( + () -> this.authorizedClientService.loadAuthorizedClient(this.registration1.getRegistrationId(), null)); } @Test @@ -123,14 +125,16 @@ public class InMemoryOAuth2AuthorizedClientServiceTests { assertThat(loadedAuthorizedClient).isEqualTo(authorizedClient); } - @Test(expected = IllegalArgumentException.class) + @Test public void saveAuthorizedClientWhenAuthorizedClientIsNullThenThrowIllegalArgumentException() { - this.authorizedClientService.saveAuthorizedClient(null, mock(Authentication.class)); + assertThatIllegalArgumentException() + .isThrownBy(() -> this.authorizedClientService.saveAuthorizedClient(null, mock(Authentication.class))); } - @Test(expected = IllegalArgumentException.class) + @Test public void saveAuthorizedClientWhenPrincipalIsNullThenThrowIllegalArgumentException() { - this.authorizedClientService.saveAuthorizedClient(mock(OAuth2AuthorizedClient.class), null); + assertThatIllegalArgumentException().isThrownBy( + () -> this.authorizedClientService.saveAuthorizedClient(mock(OAuth2AuthorizedClient.class), null)); } @Test @@ -145,14 +149,16 @@ public class InMemoryOAuth2AuthorizedClientServiceTests { assertThat(loadedAuthorizedClient).isEqualTo(authorizedClient); } - @Test(expected = IllegalArgumentException.class) + @Test public void removeAuthorizedClientWhenClientRegistrationIdIsNullThenThrowIllegalArgumentException() { - this.authorizedClientService.removeAuthorizedClient(null, this.principalName2); + assertThatIllegalArgumentException() + .isThrownBy(() -> this.authorizedClientService.removeAuthorizedClient(null, this.principalName2)); } - @Test(expected = IllegalArgumentException.class) + @Test public void removeAuthorizedClientWhenPrincipalNameIsNullThenThrowIllegalArgumentException() { - this.authorizedClientService.removeAuthorizedClient(this.registration3.getRegistrationId(), null); + assertThatIllegalArgumentException().isThrownBy(() -> this.authorizedClientService + .removeAuthorizedClient(this.registration3.getRegistrationId(), null)); } @Test diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientTests.java index a91d541770..91ad10b946 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientTests.java @@ -25,6 +25,7 @@ import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.TestOAuth2AccessTokens; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link OAuth2AuthorizedClient}. @@ -46,19 +47,22 @@ public class OAuth2AuthorizedClientTests { this.accessToken = TestOAuth2AccessTokens.noScopes(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenClientRegistrationIsNullThenThrowIllegalArgumentException() { - new OAuth2AuthorizedClient(null, this.principalName, this.accessToken); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OAuth2AuthorizedClient(null, this.principalName, this.accessToken)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenPrincipalNameIsNullThenThrowIllegalArgumentException() { - new OAuth2AuthorizedClient(this.clientRegistration, null, this.accessToken); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OAuth2AuthorizedClient(this.clientRegistration, null, this.accessToken)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenAccessTokenIsNullThenThrowIllegalArgumentException() { - new OAuth2AuthorizedClient(this.clientRegistration, this.principalName, null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OAuth2AuthorizedClient(this.clientRegistration, this.principalName, null)); } @Test diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2AuthenticationTokenTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2AuthenticationTokenTests.java index c250c84f06..2610078fab 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2AuthenticationTokenTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2AuthenticationTokenTests.java @@ -26,6 +26,7 @@ import org.springframework.security.core.GrantedAuthority; import org.springframework.security.oauth2.core.user.OAuth2User; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.mock; /** @@ -48,9 +49,10 @@ public class OAuth2AuthenticationTokenTests { this.authorizedClientRegistrationId = "client-registration-1"; } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenPrincipalIsNullThenThrowIllegalArgumentException() { - new OAuth2AuthenticationToken(null, this.authorities, this.authorizedClientRegistrationId); + assertThatIllegalArgumentException().isThrownBy( + () -> new OAuth2AuthenticationToken(null, this.authorities, this.authorizedClientRegistrationId)); } @Test @@ -63,9 +65,10 @@ public class OAuth2AuthenticationTokenTests { new OAuth2AuthenticationToken(this.principal, Collections.emptyList(), this.authorizedClientRegistrationId); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenAuthorizedClientRegistrationIdIsNullThenThrowIllegalArgumentException() { - new OAuth2AuthenticationToken(this.principal, this.authorities, null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OAuth2AuthenticationToken(this.principal, this.authorities, null)); } @Test diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationTokenTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationTokenTests.java index cb83eef68b..3c26b7b14e 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationTokenTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationTokenTests.java @@ -33,6 +33,7 @@ import org.springframework.security.oauth2.core.endpoint.TestOAuth2Authorization import org.springframework.security.oauth2.core.user.OAuth2User; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.mock; /** @@ -62,14 +63,16 @@ public class OAuth2LoginAuthenticationTokenTests { this.accessToken = TestOAuth2AccessTokens.noScopes(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorAuthorizationRequestResponseWhenClientRegistrationIsNullThenThrowIllegalArgumentException() { - new OAuth2LoginAuthenticationToken(null, this.authorizationExchange); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OAuth2LoginAuthenticationToken(null, this.authorizationExchange)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorAuthorizationRequestResponseWhenAuthorizationExchangeIsNullThenThrowIllegalArgumentException() { - new OAuth2LoginAuthenticationToken(this.clientRegistration, null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OAuth2LoginAuthenticationToken(this.clientRegistration, null)); } @Test @@ -85,22 +88,24 @@ public class OAuth2LoginAuthenticationTokenTests { assertThat(authentication.isAuthenticated()).isEqualTo(false); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorTokenRequestResponseWhenClientRegistrationIsNullThenThrowIllegalArgumentException() { - new OAuth2LoginAuthenticationToken(null, this.authorizationExchange, this.principal, this.authorities, - this.accessToken); + assertThatIllegalArgumentException().isThrownBy(() -> new OAuth2LoginAuthenticationToken(null, + this.authorizationExchange, this.principal, this.authorities, this.accessToken)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorTokenRequestResponseWhenAuthorizationExchangeIsNullThenThrowIllegalArgumentException() { - new OAuth2LoginAuthenticationToken(this.clientRegistration, null, this.principal, this.authorities, - this.accessToken); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OAuth2LoginAuthenticationToken(this.clientRegistration, null, this.principal, + this.authorities, this.accessToken)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorTokenRequestResponseWhenPrincipalIsNullThenThrowIllegalArgumentException() { - new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange, null, this.authorities, - this.accessToken); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OAuth2LoginAuthenticationToken(this.clientRegistration, + this.authorizationExchange, null, this.authorities, this.accessToken)); } @Test @@ -115,10 +120,11 @@ public class OAuth2LoginAuthenticationTokenTests { Collections.emptyList(), this.accessToken); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorTokenRequestResponseWhenAccessTokenIsNullThenThrowIllegalArgumentException() { - new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange, this.principal, - this.authorities, null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OAuth2LoginAuthenticationToken(this.clientRegistration, + this.authorizationExchange, this.principal, this.authorities, null)); } @Test diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationCodeGrantRequestTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationCodeGrantRequestTests.java index 28c625f841..19efce989a 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationCodeGrantRequestTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationCodeGrantRequestTests.java @@ -26,6 +26,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExch import org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationExchanges; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link OAuth2AuthorizationCodeGrantRequest}. @@ -44,14 +45,16 @@ public class OAuth2AuthorizationCodeGrantRequestTests { this.authorizationExchange = TestOAuth2AuthorizationExchanges.success(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenClientRegistrationIsNullThenThrowIllegalArgumentException() { - new OAuth2AuthorizationCodeGrantRequest(null, this.authorizationExchange); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OAuth2AuthorizationCodeGrantRequest(null, this.authorizationExchange)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenAuthorizationExchangeIsNullThenThrowIllegalArgumentException() { - new OAuth2AuthorizationCodeGrantRequest(this.clientRegistration, null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OAuth2AuthorizationCodeGrantRequest(this.clientRegistration, null)); } @Test diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveAuthorizationCodeTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveAuthorizationCodeTokenResponseClientTests.java index 8617afe600..f875b8e218 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveAuthorizationCodeTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveAuthorizationCodeTokenResponseClientTests.java @@ -42,6 +42,7 @@ import org.springframework.web.reactive.function.client.WebClient; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.atLeastOnce; import static org.mockito.Mockito.mock; @@ -268,9 +269,9 @@ public class WebClientReactiveAuthorizationCodeTokenResponseClientTests { return new MockResponse().setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE).setBody(json); } - @Test(expected = IllegalArgumentException.class) + @Test public void setWebClientNullThenIllegalArgumentException() { - this.tokenResponseClient.setWebClient(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.tokenResponseClient.setWebClient(null)); } @Test diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveClientCredentialsTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveClientCredentialsTokenResponseClientTests.java index a07e59979d..5021c34d60 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveClientCredentialsTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveClientCredentialsTokenResponseClientTests.java @@ -35,6 +35,7 @@ import org.springframework.web.reactive.function.client.WebClientResponseExcepti import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.atLeastOnce; import static org.mockito.Mockito.mock; @@ -127,9 +128,9 @@ public class WebClientReactiveClientCredentialsTokenResponseClientTests { assertThat(response.getAccessToken().getScopes()).isEqualTo(registration.getScopes()); } - @Test(expected = IllegalArgumentException.class) + @Test public void setWebClientNullThenIllegalArgumentException() { - this.client.setWebClient(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.client.setWebClient(null)); } @Test diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationTests.java index fba7dfd338..a571dcbf75 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationTests.java @@ -70,23 +70,25 @@ public class ClientRegistrationTests { return configurationMetadata; } - @Test(expected = IllegalArgumentException.class) + @Test public void buildWhenAuthorizationGrantTypeIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - ClientRegistration.withRegistrationId(REGISTRATION_ID) - .clientId(CLIENT_ID) - .clientSecret(CLIENT_SECRET) - .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) - .authorizationGrantType(null) - .redirectUri(REDIRECT_URI) - .scope(SCOPES.toArray(new String[0])) - .authorizationUri(AUTHORIZATION_URI) - .tokenUri(TOKEN_URI) - .userInfoAuthenticationMethod(AuthenticationMethod.FORM) - .jwkSetUri(JWK_SET_URI) - .clientName(CLIENT_NAME) - .build(); + ClientRegistration.withRegistrationId(REGISTRATION_ID) + .clientId(CLIENT_ID) + .clientSecret(CLIENT_SECRET) + .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) + .authorizationGrantType(null) + .redirectUri(REDIRECT_URI) + .scope(SCOPES.toArray(new String[0])) + .authorizationUri(AUTHORIZATION_URI) + .tokenUri(TOKEN_URI) + .userInfoAuthenticationMethod(AuthenticationMethod.FORM) + .jwkSetUri(JWK_SET_URI) + .clientName(CLIENT_NAME) + .build() // @formatter:on + ); } @Test @@ -126,42 +128,46 @@ public class ClientRegistrationTests { assertThat(registration.getClientName()).isEqualTo(CLIENT_NAME); } - @Test(expected = IllegalArgumentException.class) + @Test public void buildWhenAuthorizationCodeGrantRegistrationIdIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - ClientRegistration.withRegistrationId(null) - .clientId(CLIENT_ID) - .clientSecret(CLIENT_SECRET) - .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) - .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE) - .redirectUri(REDIRECT_URI) - .scope(SCOPES.toArray(new String[0])) - .authorizationUri(AUTHORIZATION_URI) - .tokenUri(TOKEN_URI) - .userInfoAuthenticationMethod(AuthenticationMethod.FORM) - .jwkSetUri(JWK_SET_URI) - .clientName(CLIENT_NAME) - .build(); + ClientRegistration.withRegistrationId(null) + .clientId(CLIENT_ID) + .clientSecret(CLIENT_SECRET) + .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) + .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE) + .redirectUri(REDIRECT_URI) + .scope(SCOPES.toArray(new String[0])) + .authorizationUri(AUTHORIZATION_URI) + .tokenUri(TOKEN_URI) + .userInfoAuthenticationMethod(AuthenticationMethod.FORM) + .jwkSetUri(JWK_SET_URI) + .clientName(CLIENT_NAME) + .build() // @formatter:on + ); } - @Test(expected = IllegalArgumentException.class) + @Test public void buildWhenAuthorizationCodeGrantClientIdIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - ClientRegistration.withRegistrationId(REGISTRATION_ID) - .clientId(null) - .clientSecret(CLIENT_SECRET) - .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) - .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE) - .redirectUri(REDIRECT_URI) - .scope(SCOPES.toArray(new String[0])) - .authorizationUri(AUTHORIZATION_URI) - .tokenUri(TOKEN_URI) - .userInfoAuthenticationMethod(AuthenticationMethod.FORM) - .jwkSetUri(JWK_SET_URI) - .clientName(CLIENT_NAME) - .build(); - // @formatter:on + ClientRegistration.withRegistrationId(REGISTRATION_ID) + .clientId(null) + .clientSecret(CLIENT_SECRET) + .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) + .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE) + .redirectUri(REDIRECT_URI) + .scope(SCOPES.toArray(new String[0])) + .authorizationUri(AUTHORIZATION_URI) + .tokenUri(TOKEN_URI) + .userInfoAuthenticationMethod(AuthenticationMethod.FORM) + .jwkSetUri(JWK_SET_URI) + .clientName(CLIENT_NAME) + .build() + // @formatter:on + ); } @Test @@ -242,23 +248,25 @@ public class ClientRegistrationTests { assertThat(clientRegistration.getClientSecret()).isEqualTo(""); } - @Test(expected = IllegalArgumentException.class) + @Test public void buildWhenAuthorizationCodeGrantRedirectUriIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - ClientRegistration.withRegistrationId(REGISTRATION_ID) - .clientId(CLIENT_ID) - .clientSecret(CLIENT_SECRET) - .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) - .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE) - .redirectUri(null) - .scope(SCOPES.toArray(new String[0])) - .authorizationUri(AUTHORIZATION_URI) - .tokenUri(TOKEN_URI) - .userInfoAuthenticationMethod(AuthenticationMethod.FORM) - .jwkSetUri(JWK_SET_URI) - .clientName(CLIENT_NAME) - .build(); + ClientRegistration.withRegistrationId(REGISTRATION_ID) + .clientId(CLIENT_ID) + .clientSecret(CLIENT_SECRET) + .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) + .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE) + .redirectUri(null) + .scope(SCOPES.toArray(new String[0])) + .authorizationUri(AUTHORIZATION_URI) + .tokenUri(TOKEN_URI) + .userInfoAuthenticationMethod(AuthenticationMethod.FORM) + .jwkSetUri(JWK_SET_URI) + .clientName(CLIENT_NAME) + .build() // @formatter:on + ); } // gh-5494 @@ -281,42 +289,46 @@ public class ClientRegistrationTests { // @formatter:on } - @Test(expected = IllegalArgumentException.class) + @Test public void buildWhenAuthorizationCodeGrantAuthorizationUriIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - ClientRegistration.withRegistrationId(REGISTRATION_ID) - .clientId(CLIENT_ID) - .clientSecret(CLIENT_SECRET) - .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) - .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE) - .redirectUri(REDIRECT_URI) - .scope(SCOPES.toArray(new String[0])) - .authorizationUri(null) - .tokenUri(TOKEN_URI) - .userInfoAuthenticationMethod(AuthenticationMethod.FORM) - .jwkSetUri(JWK_SET_URI) - .clientName(CLIENT_NAME) - .build(); + ClientRegistration.withRegistrationId(REGISTRATION_ID) + .clientId(CLIENT_ID) + .clientSecret(CLIENT_SECRET) + .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) + .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE) + .redirectUri(REDIRECT_URI) + .scope(SCOPES.toArray(new String[0])) + .authorizationUri(null) + .tokenUri(TOKEN_URI) + .userInfoAuthenticationMethod(AuthenticationMethod.FORM) + .jwkSetUri(JWK_SET_URI) + .clientName(CLIENT_NAME) + .build() // @formatter:on + ); } - @Test(expected = IllegalArgumentException.class) + @Test public void buildWhenAuthorizationCodeGrantTokenUriIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - ClientRegistration.withRegistrationId(REGISTRATION_ID) - .clientId(CLIENT_ID) - .clientSecret(CLIENT_SECRET) - .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) - .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE) - .redirectUri(REDIRECT_URI) - .scope(SCOPES.toArray(new String[0])) - .authorizationUri(AUTHORIZATION_URI) - .tokenUri(null) - .userInfoAuthenticationMethod(AuthenticationMethod.FORM) - .jwkSetUri(JWK_SET_URI) - .clientName(CLIENT_NAME) - .build(); + ClientRegistration.withRegistrationId(REGISTRATION_ID) + .clientId(CLIENT_ID) + .clientSecret(CLIENT_SECRET) + .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) + .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE) + .redirectUri(REDIRECT_URI) + .scope(SCOPES.toArray(new String[0])) + .authorizationUri(AUTHORIZATION_URI) + .tokenUri(null) + .userInfoAuthenticationMethod(AuthenticationMethod.FORM) + .jwkSetUri(JWK_SET_URI) + .clientName(CLIENT_NAME) + .build() // @formatter:on + ); } @Test @@ -441,49 +453,55 @@ public class ClientRegistrationTests { assertThat(registration.getClientName()).isEqualTo(CLIENT_NAME); } - @Test(expected = IllegalArgumentException.class) + @Test public void buildWhenImplicitGrantRegistrationIdIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - ClientRegistration.withRegistrationId(null) - .clientId(CLIENT_ID) - .authorizationGrantType(AuthorizationGrantType.IMPLICIT) - .redirectUri(REDIRECT_URI) - .scope(SCOPES.toArray(new String[0])) - .authorizationUri(AUTHORIZATION_URI) - .userInfoAuthenticationMethod(AuthenticationMethod.FORM) - .clientName(CLIENT_NAME) - .build(); + ClientRegistration.withRegistrationId(null) + .clientId(CLIENT_ID) + .authorizationGrantType(AuthorizationGrantType.IMPLICIT) + .redirectUri(REDIRECT_URI) + .scope(SCOPES.toArray(new String[0])) + .authorizationUri(AUTHORIZATION_URI) + .userInfoAuthenticationMethod(AuthenticationMethod.FORM) + .clientName(CLIENT_NAME) + .build() // @formatter:on + ); } - @Test(expected = IllegalArgumentException.class) + @Test public void buildWhenImplicitGrantClientIdIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - ClientRegistration.withRegistrationId(REGISTRATION_ID) - .clientId(null) - .authorizationGrantType(AuthorizationGrantType.IMPLICIT) - .redirectUri(REDIRECT_URI) - .scope(SCOPES.toArray(new String[0])) - .authorizationUri(AUTHORIZATION_URI) - .userInfoAuthenticationMethod(AuthenticationMethod.FORM) - .clientName(CLIENT_NAME) - .build(); + ClientRegistration.withRegistrationId(REGISTRATION_ID) + .clientId(null) + .authorizationGrantType(AuthorizationGrantType.IMPLICIT) + .redirectUri(REDIRECT_URI) + .scope(SCOPES.toArray(new String[0])) + .authorizationUri(AUTHORIZATION_URI) + .userInfoAuthenticationMethod(AuthenticationMethod.FORM) + .clientName(CLIENT_NAME) + .build() // @formatter:on + ); } - @Test(expected = IllegalArgumentException.class) + @Test public void buildWhenImplicitGrantRedirectUriIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - ClientRegistration.withRegistrationId(REGISTRATION_ID) - .clientId(CLIENT_ID) - .authorizationGrantType(AuthorizationGrantType.IMPLICIT) - .redirectUri(null) - .scope(SCOPES.toArray(new String[0])) - .authorizationUri(AUTHORIZATION_URI) - .userInfoAuthenticationMethod(AuthenticationMethod.FORM) - .clientName(CLIENT_NAME) - .build(); + ClientRegistration.withRegistrationId(REGISTRATION_ID) + .clientId(CLIENT_ID) + .authorizationGrantType(AuthorizationGrantType.IMPLICIT) + .redirectUri(null) + .scope(SCOPES.toArray(new String[0])) + .authorizationUri(AUTHORIZATION_URI) + .userInfoAuthenticationMethod(AuthenticationMethod.FORM) + .clientName(CLIENT_NAME) + .build() // @formatter:on + ); } // gh-5494 @@ -502,19 +520,21 @@ public class ClientRegistrationTests { // @formatter:on } - @Test(expected = IllegalArgumentException.class) + @Test public void buildWhenImplicitGrantAuthorizationUriIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - ClientRegistration.withRegistrationId(REGISTRATION_ID) - .clientId(CLIENT_ID) - .authorizationGrantType(AuthorizationGrantType.IMPLICIT) - .redirectUri(REDIRECT_URI) - .scope(SCOPES.toArray(new String[0])) - .authorizationUri(null) - .userInfoAuthenticationMethod(AuthenticationMethod.FORM) - .clientName(CLIENT_NAME) - .build(); + ClientRegistration.withRegistrationId(REGISTRATION_ID) + .clientId(CLIENT_ID) + .authorizationGrantType(AuthorizationGrantType.IMPLICIT) + .redirectUri(REDIRECT_URI) + .scope(SCOPES.toArray(new String[0])) + .authorizationUri(null) + .userInfoAuthenticationMethod(AuthenticationMethod.FORM) + .clientName(CLIENT_NAME) + .build() // @formatter:on + ); } @Test diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/InMemoryClientRegistrationRepositoryTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/InMemoryClientRegistrationRepositoryTests.java index e222dd63fd..ccdbadc198 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/InMemoryClientRegistrationRepositoryTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/InMemoryClientRegistrationRepositoryTests.java @@ -25,6 +25,9 @@ import java.util.Map; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; +import static org.assertj.core.api.Assertions.assertThatIllegalStateException; /** * Tests for {@link InMemoryClientRegistrationRepository}. @@ -39,21 +42,22 @@ public class InMemoryClientRegistrationRepositoryTests { private InMemoryClientRegistrationRepository clients = new InMemoryClientRegistrationRepository(this.registration); - @Test(expected = IllegalArgumentException.class) + @Test public void constructorListClientRegistrationWhenNullThenIllegalArgumentException() { - List registrations = null; - new InMemoryClientRegistrationRepository(registrations); + assertThatIllegalArgumentException() + .isThrownBy(() -> new InMemoryClientRegistrationRepository((List) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorListClientRegistrationWhenEmptyThenIllegalArgumentException() { - List registrations = Collections.emptyList(); - new InMemoryClientRegistrationRepository(registrations); + assertThatIllegalArgumentException() + .isThrownBy(() -> new InMemoryClientRegistrationRepository(Collections.emptyList())); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorMapClientRegistrationWhenNullThenIllegalArgumentException() { - new InMemoryClientRegistrationRepository((Map) null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new InMemoryClientRegistrationRepository((Map) null)); } @Test @@ -62,10 +66,10 @@ public class InMemoryClientRegistrationRepositoryTests { assertThat(clients).isEmpty(); } - @Test(expected = IllegalStateException.class) + @Test public void constructorListClientRegistrationWhenDuplicateIdThenIllegalArgumentException() { List registrations = Arrays.asList(this.registration, this.registration); - new InMemoryClientRegistrationRepository(registrations); + assertThatIllegalStateException().isThrownBy(() -> new InMemoryClientRegistrationRepository(registrations)); } @Test @@ -80,15 +84,14 @@ public class InMemoryClientRegistrationRepositoryTests { assertThat(this.clients.findByRegistrationId(id)).isNull(); } - @Test(expected = IllegalArgumentException.class) + @Test public void findByRegistrationIdWhenNullIdThenIllegalArgumentException() { - String id = null; - assertThat(this.clients.findByRegistrationId(id)); + assertThatIllegalArgumentException().isThrownBy(() -> this.clients.findByRegistrationId(null)); } - @Test(expected = UnsupportedOperationException.class) + @Test public void iteratorWhenRemoveThenThrowsUnsupportedOperationException() { - this.clients.iterator().remove(); + assertThatExceptionOfType(UnsupportedOperationException.class).isThrownBy(this.clients.iterator()::remove); } @Test diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/InMemoryReactiveClientRegistrationRepositoryTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/InMemoryReactiveClientRegistrationRepositoryTests.java index 43dbefe782..e4ec77190e 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/InMemoryReactiveClientRegistrationRepositoryTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/InMemoryReactiveClientRegistrationRepositoryTests.java @@ -25,6 +25,7 @@ import reactor.test.StepVerifier; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; +import static org.assertj.core.api.Assertions.assertThatIllegalStateException; /** * @author Rob Winch @@ -60,10 +61,11 @@ public class InMemoryReactiveClientRegistrationRepositoryTests { .isThrownBy(() -> new InMemoryReactiveClientRegistrationRepository(registrations)); } - @Test(expected = IllegalStateException.class) + @Test public void constructorListClientRegistrationWhenDuplicateIdThenIllegalArgumentException() { List registrations = Arrays.asList(this.registration, this.registration); - new InMemoryReactiveClientRegistrationRepository(registrations); + assertThatIllegalStateException() + .isThrownBy(() -> new InMemoryReactiveClientRegistrationRepository(registrations)); } @Test diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/userinfo/DelegatingOAuth2UserServiceTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/userinfo/DelegatingOAuth2UserServiceTests.java index f259c60ddf..ba78eca2fe 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/userinfo/DelegatingOAuth2UserServiceTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/userinfo/DelegatingOAuth2UserServiceTests.java @@ -24,6 +24,7 @@ import org.junit.Test; import org.springframework.security.oauth2.core.user.OAuth2User; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; @@ -35,23 +36,24 @@ import static org.mockito.Mockito.mock; */ public class DelegatingOAuth2UserServiceTests { - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenUserServicesIsNullThenThrowIllegalArgumentException() { - new DelegatingOAuth2UserService<>(null); + assertThatIllegalArgumentException().isThrownBy(() -> new DelegatingOAuth2UserService<>(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenUserServicesIsEmptyThenThrowIllegalArgumentException() { - new DelegatingOAuth2UserService<>(Collections.emptyList()); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DelegatingOAuth2UserService<>(Collections.emptyList())); } - @Test(expected = IllegalArgumentException.class) + @Test @SuppressWarnings("unchecked") public void loadUserWhenUserRequestIsNullThenThrowIllegalArgumentException() { OAuth2UserService userService = mock(OAuth2UserService.class); DelegatingOAuth2UserService delegatingUserService = new DelegatingOAuth2UserService<>( Arrays.asList(userService, userService)); - delegatingUserService.loadUser(null); + assertThatIllegalArgumentException().isThrownBy(() -> delegatingUserService.loadUser(null)); } @Test diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/HttpSessionOAuth2AuthorizationRequestRepositoryTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/HttpSessionOAuth2AuthorizationRequestRepositoryTests.java index ba329f42e9..66d6e1d90d 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/HttpSessionOAuth2AuthorizationRequestRepositoryTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/HttpSessionOAuth2AuthorizationRequestRepositoryTests.java @@ -42,9 +42,10 @@ public class HttpSessionOAuth2AuthorizationRequestRepositoryTests { private HttpSessionOAuth2AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionOAuth2AuthorizationRequestRepository(); - @Test(expected = IllegalArgumentException.class) + @Test public void loadAuthorizationRequestWhenHttpServletRequestIsNullThenThrowIllegalArgumentException() { - this.authorizationRequestRepository.loadAuthorizationRequest(null); + assertThatIllegalArgumentException() + .isThrownBy(() -> this.authorizationRequestRepository.loadAuthorizationRequest(null)); } @Test diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/AuthorizationGrantTypeTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/AuthorizationGrantTypeTests.java index d8b5aa6cd1..4aae548f07 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/AuthorizationGrantTypeTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/AuthorizationGrantTypeTests.java @@ -19,6 +19,7 @@ package org.springframework.security.oauth2.core; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link AuthorizationGrantType}. @@ -27,9 +28,9 @@ import static org.assertj.core.api.Assertions.assertThat; */ public class AuthorizationGrantTypeTests { - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenValueIsNullThenThrowIllegalArgumentException() { - new AuthorizationGrantType(null); + assertThatIllegalArgumentException().isThrownBy(() -> new AuthorizationGrantType(null)); } @Test diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/ClientAuthenticationMethodTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/ClientAuthenticationMethodTests.java index e514bf4c2e..78816f928c 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/ClientAuthenticationMethodTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/ClientAuthenticationMethodTests.java @@ -19,6 +19,7 @@ package org.springframework.security.oauth2.core; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link ClientAuthenticationMethod}. @@ -27,9 +28,9 @@ import static org.assertj.core.api.Assertions.assertThat; */ public class ClientAuthenticationMethodTests { - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenValueIsNullThenThrowIllegalArgumentException() { - new ClientAuthenticationMethod(null); + assertThatIllegalArgumentException().isThrownBy(() -> new ClientAuthenticationMethod(null)); } @Test diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/OAuth2AccessTokenTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/OAuth2AccessTokenTests.java index 984c1b7804..13fb265cf6 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/OAuth2AccessTokenTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/OAuth2AccessTokenTests.java @@ -26,6 +26,7 @@ import org.junit.Test; import org.springframework.util.SerializationUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link OAuth2AccessToken}. @@ -49,24 +50,28 @@ public class OAuth2AccessTokenTests { assertThat(OAuth2AccessToken.TokenType.BEARER.getValue()).isEqualTo("Bearer"); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenTokenTypeIsNullThenThrowIllegalArgumentException() { - new OAuth2AccessToken(null, TOKEN_VALUE, ISSUED_AT, EXPIRES_AT); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OAuth2AccessToken(null, TOKEN_VALUE, ISSUED_AT, EXPIRES_AT)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenTokenValueIsNullThenThrowIllegalArgumentException() { - new OAuth2AccessToken(TOKEN_TYPE, null, ISSUED_AT, EXPIRES_AT); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OAuth2AccessToken(TOKEN_TYPE, null, ISSUED_AT, EXPIRES_AT)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenIssuedAtAfterExpiresAtThenThrowIllegalArgumentException() { - new OAuth2AccessToken(TOKEN_TYPE, TOKEN_VALUE, Instant.from(EXPIRES_AT).plusSeconds(1), EXPIRES_AT); + assertThatIllegalArgumentException().isThrownBy(() -> new OAuth2AccessToken(TOKEN_TYPE, TOKEN_VALUE, + Instant.from(EXPIRES_AT).plusSeconds(1), EXPIRES_AT)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenExpiresAtBeforeIssuedAtThenThrowIllegalArgumentException() { - new OAuth2AccessToken(TOKEN_TYPE, TOKEN_VALUE, ISSUED_AT, Instant.from(ISSUED_AT).minusSeconds(1)); + assertThatIllegalArgumentException().isThrownBy(() -> new OAuth2AccessToken(TOKEN_TYPE, TOKEN_VALUE, ISSUED_AT, + Instant.from(ISSUED_AT).minusSeconds(1))); } @Test diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/OAuth2ErrorTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/OAuth2ErrorTests.java index fab4afdc2c..e54ae5419f 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/OAuth2ErrorTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/OAuth2ErrorTests.java @@ -19,6 +19,7 @@ package org.springframework.security.oauth2.core; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link OAuth2Error}. @@ -33,9 +34,9 @@ public class OAuth2ErrorTests { private static final String ERROR_URI = "error-uri"; - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenErrorCodeIsNullThenThrowIllegalArgumentException() { - new OAuth2Error(null, ERROR_DESCRIPTION, ERROR_URI); + assertThatIllegalArgumentException().isThrownBy(() -> new OAuth2Error(null, ERROR_DESCRIPTION, ERROR_URI)); } @Test diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponseTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponseTests.java index 1d1974f8e4..8783e29aa3 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponseTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponseTests.java @@ -28,6 +28,7 @@ import org.junit.Test; import org.springframework.security.oauth2.core.OAuth2AccessToken; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link OAuth2AccessTokenResponse}. @@ -43,24 +44,28 @@ public class OAuth2AccessTokenResponseTests { private static final long EXPIRES_IN = Instant.now().plusSeconds(5).toEpochMilli(); - @Test(expected = IllegalArgumentException.class) + @Test public void buildWhenTokenValueIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - OAuth2AccessTokenResponse.withToken(null) - .tokenType(OAuth2AccessToken.TokenType.BEARER) - .expiresIn(EXPIRES_IN) - .build(); + OAuth2AccessTokenResponse.withToken(null) + .tokenType(OAuth2AccessToken.TokenType.BEARER) + .expiresIn(EXPIRES_IN) + .build() // @formatter:on + ); } - @Test(expected = IllegalArgumentException.class) + @Test public void buildWhenTokenTypeIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - OAuth2AccessTokenResponse.withToken(TOKEN_VALUE) - .tokenType(null) - .expiresIn(EXPIRES_IN) - .build(); + OAuth2AccessTokenResponse.withToken(TOKEN_VALUE) + .tokenType(null) + .expiresIn(EXPIRES_IN) + .build() // @formatter:on + ); } @Test diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationExchangeTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationExchangeTests.java index bd134c245b..6224249d42 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationExchangeTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationExchangeTests.java @@ -19,6 +19,7 @@ package org.springframework.security.oauth2.core.endpoint; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link OAuth2AuthorizationExchange}. @@ -27,14 +28,16 @@ import static org.assertj.core.api.Assertions.assertThat; */ public class OAuth2AuthorizationExchangeTests { - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenAuthorizationRequestIsNullThenThrowIllegalArgumentException() { - new OAuth2AuthorizationExchange(null, TestOAuth2AuthorizationResponses.success().build()); + assertThatIllegalArgumentException().isThrownBy( + () -> new OAuth2AuthorizationExchange(null, TestOAuth2AuthorizationResponses.success().build())); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenAuthorizationResponseIsNullThenThrowIllegalArgumentException() { - new OAuth2AuthorizationExchange(TestOAuth2AuthorizationRequests.request().build(), null); + assertThatIllegalArgumentException().isThrownBy( + () -> new OAuth2AuthorizationExchange(TestOAuth2AuthorizationRequests.request().build(), null)); } @Test diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponseTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponseTests.java index 413fb236cd..93dbea3424 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponseTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponseTests.java @@ -19,6 +19,7 @@ package org.springframework.security.oauth2.core.endpoint; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link OAuth2AuthorizationResponse}. @@ -39,24 +40,28 @@ public class OAuth2AuthorizationResponseTests { private static final String ERROR_URI = "error-uri"; - @Test(expected = IllegalArgumentException.class) + @Test public void buildSuccessResponseWhenAuthCodeIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - OAuth2AuthorizationResponse.success(null) - .redirectUri(REDIRECT_URI) - .state(STATE) - .build(); + OAuth2AuthorizationResponse.success(null) + .redirectUri(REDIRECT_URI) + .state(STATE) + .build() // @formatter:on + ); } - @Test(expected = IllegalArgumentException.class) + @Test public void buildSuccessResponseWhenRedirectUriIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - OAuth2AuthorizationResponse.success(AUTH_CODE) - .redirectUri(null) - .state(STATE) - .build(); + OAuth2AuthorizationResponse.success(AUTH_CODE) + .redirectUri(null) + .state(STATE) + .build() // @formatter:on + ); } @Test @@ -85,35 +90,41 @@ public class OAuth2AuthorizationResponseTests { // @formatter:on } - @Test(expected = IllegalArgumentException.class) + @Test public void buildSuccessResponseWhenErrorCodeIsSetThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - OAuth2AuthorizationResponse.success(AUTH_CODE) - .redirectUri(REDIRECT_URI) - .state(STATE) - .errorCode(ERROR_CODE) - .build(); + OAuth2AuthorizationResponse.success(AUTH_CODE) + .redirectUri(REDIRECT_URI) + .state(STATE) + .errorCode(ERROR_CODE) + .build() // @formatter:on + ); } - @Test(expected = IllegalArgumentException.class) + @Test public void buildErrorResponseWhenErrorCodeIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - OAuth2AuthorizationResponse.error(null) - .redirectUri(REDIRECT_URI) - .state(STATE) - .build(); + OAuth2AuthorizationResponse.error(null) + .redirectUri(REDIRECT_URI) + .state(STATE) + .build() // @formatter:on + ); } - @Test(expected = IllegalArgumentException.class) + @Test public void buildErrorResponseWhenRedirectUriIsNullThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - OAuth2AuthorizationResponse.error(ERROR_CODE) - .redirectUri(null) - .state(STATE) - .build(); + OAuth2AuthorizationResponse.error(ERROR_CODE) + .redirectUri(null) + .state(STATE) + .build() // @formatter:on + ); } @Test @@ -148,15 +159,17 @@ public class OAuth2AuthorizationResponseTests { // @formatter:on } - @Test(expected = IllegalArgumentException.class) + @Test public void buildErrorResponseWhenAuthCodeIsSetThenThrowIllegalArgumentException() { + assertThatIllegalArgumentException().isThrownBy(() -> // @formatter:off - OAuth2AuthorizationResponse.error(ERROR_CODE) - .redirectUri(REDIRECT_URI) - .state(STATE) - .code(AUTH_CODE) - .build(); + OAuth2AuthorizationResponse.error(ERROR_CODE) + .redirectUri(REDIRECT_URI) + .state(STATE) + .code(AUTH_CODE) + .build() // @formatter:on + ); } } diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/OidcIdTokenTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/OidcIdTokenTests.java index 4f795c6f95..aa4d5ad604 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/OidcIdTokenTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/OidcIdTokenTests.java @@ -26,6 +26,7 @@ import java.util.Map; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link OidcIdToken}. @@ -101,15 +102,16 @@ public class OidcIdTokenTests { CLAIMS.put(C_HASH_CLAIM, C_HASH_VALUE); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenTokenValueIsNullThenThrowIllegalArgumentException() { - new OidcIdToken(null, Instant.ofEpochMilli(IAT_VALUE), Instant.ofEpochMilli(EXP_VALUE), CLAIMS); + assertThatIllegalArgumentException().isThrownBy( + () -> new OidcIdToken(null, Instant.ofEpochMilli(IAT_VALUE), Instant.ofEpochMilli(EXP_VALUE), CLAIMS)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenClaimsIsEmptyThenThrowIllegalArgumentException() { - new OidcIdToken(ID_TOKEN_VALUE, Instant.ofEpochMilli(IAT_VALUE), Instant.ofEpochMilli(EXP_VALUE), - Collections.emptyMap()); + assertThatIllegalArgumentException().isThrownBy(() -> new OidcIdToken(ID_TOKEN_VALUE, + Instant.ofEpochMilli(IAT_VALUE), Instant.ofEpochMilli(EXP_VALUE), Collections.emptyMap())); } @Test diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/OidcUserInfoTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/OidcUserInfoTests.java index 53fe17d28d..31d8ecd064 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/OidcUserInfoTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/OidcUserInfoTests.java @@ -24,6 +24,7 @@ import java.util.Map; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link OidcUserInfo}. @@ -149,9 +150,9 @@ public class OidcUserInfoTests { CLAIMS.put(UPDATED_AT_CLAIM, UPDATED_AT_VALUE); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenClaimsIsEmptyThenThrowIllegalArgumentException() { - new OidcUserInfo(Collections.emptyMap()); + assertThatIllegalArgumentException().isThrownBy(() -> new OidcUserInfo(Collections.emptyMap())); } @Test diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/user/DefaultOidcUserTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/user/DefaultOidcUserTests.java index 78dd8b494f..a7f21a5098 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/user/DefaultOidcUserTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/user/DefaultOidcUserTests.java @@ -32,6 +32,7 @@ import org.springframework.security.oauth2.core.oidc.OidcUserInfo; import org.springframework.security.oauth2.core.oidc.StandardClaimNames; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link DefaultOidcUser}. @@ -65,19 +66,19 @@ public class DefaultOidcUserTests { private static final OidcUserInfo USER_INFO = new OidcUserInfo(USER_INFO_CLAIMS); - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenAuthoritiesIsNullThenThrowIllegalArgumentException() { - new DefaultOidcUser(null, ID_TOKEN); + assertThatIllegalArgumentException().isThrownBy(() -> new DefaultOidcUser(null, ID_TOKEN)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenIdTokenIsNullThenThrowIllegalArgumentException() { - new DefaultOidcUser(AUTHORITIES, null); + assertThatIllegalArgumentException().isThrownBy(() -> new DefaultOidcUser(AUTHORITIES, null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenNameAttributeKeyInvalidThenThrowIllegalArgumentException() { - new DefaultOidcUser(AUTHORITIES, ID_TOKEN, "invalid"); + assertThatIllegalArgumentException().isThrownBy(() -> new DefaultOidcUser(AUTHORITIES, ID_TOKEN, "invalid")); } @Test diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/user/OidcUserAuthorityTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/user/OidcUserAuthorityTests.java index f139e6c167..16ca01f0f6 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/user/OidcUserAuthorityTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/user/OidcUserAuthorityTests.java @@ -28,6 +28,7 @@ import org.springframework.security.oauth2.core.oidc.OidcUserInfo; import org.springframework.security.oauth2.core.oidc.StandardClaimNames; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link OidcUserAuthority}. @@ -58,9 +59,9 @@ public class OidcUserAuthorityTests { private static final OidcUserInfo USER_INFO = new OidcUserInfo(USER_INFO_CLAIMS); - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenIdTokenIsNullThenThrowIllegalArgumentException() { - new OidcUserAuthority(null); + assertThatIllegalArgumentException().isThrownBy(() -> new OidcUserAuthority(null)); } @Test @@ -68,9 +69,9 @@ public class OidcUserAuthorityTests { new OidcUserAuthority(ID_TOKEN, null); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenAuthorityIsNullThenThrowIllegalArgumentException() { - new OidcUserAuthority(null, ID_TOKEN, USER_INFO); + assertThatIllegalArgumentException().isThrownBy(() -> new OidcUserAuthority(null, ID_TOKEN, USER_INFO)); } @Test diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/DefaultOAuth2UserTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/DefaultOAuth2UserTests.java index c1643e86d5..9d0e5abce1 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/DefaultOAuth2UserTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/DefaultOAuth2UserTests.java @@ -27,6 +27,7 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.util.SerializationUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link DefaultOAuth2User}. @@ -46,34 +47,39 @@ public class DefaultOAuth2UserTests { private static final Map ATTRIBUTES = Collections.singletonMap(ATTRIBUTE_NAME_KEY, USERNAME); - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenAuthoritiesIsNullThenThrowIllegalArgumentException() { - new DefaultOAuth2User(null, ATTRIBUTES, ATTRIBUTE_NAME_KEY); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DefaultOAuth2User(null, ATTRIBUTES, ATTRIBUTE_NAME_KEY)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenAuthoritiesIsEmptyThenThrowIllegalArgumentException() { - new DefaultOAuth2User(Collections.emptySet(), ATTRIBUTES, ATTRIBUTE_NAME_KEY); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DefaultOAuth2User(Collections.emptySet(), ATTRIBUTES, ATTRIBUTE_NAME_KEY)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenAttributesIsNullThenThrowIllegalArgumentException() { - new DefaultOAuth2User(AUTHORITIES, null, ATTRIBUTE_NAME_KEY); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DefaultOAuth2User(AUTHORITIES, null, ATTRIBUTE_NAME_KEY)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenAttributesIsEmptyThenThrowIllegalArgumentException() { - new DefaultOAuth2User(AUTHORITIES, Collections.emptyMap(), ATTRIBUTE_NAME_KEY); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DefaultOAuth2User(AUTHORITIES, Collections.emptyMap(), ATTRIBUTE_NAME_KEY)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenNameAttributeKeyIsNullThenThrowIllegalArgumentException() { - new DefaultOAuth2User(AUTHORITIES, ATTRIBUTES, null); + assertThatIllegalArgumentException().isThrownBy(() -> new DefaultOAuth2User(AUTHORITIES, ATTRIBUTES, null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenNameAttributeKeyIsInvalidThenThrowIllegalArgumentException() { - new DefaultOAuth2User(AUTHORITIES, ATTRIBUTES, "invalid"); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DefaultOAuth2User(AUTHORITIES, ATTRIBUTES, "invalid")); } @Test diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/OAuth2UserAuthorityTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/OAuth2UserAuthorityTests.java index b7b22d5541..b3abe28ae1 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/OAuth2UserAuthorityTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/OAuth2UserAuthorityTests.java @@ -22,6 +22,7 @@ import java.util.Map; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link OAuth2UserAuthority}. @@ -34,19 +35,20 @@ public class OAuth2UserAuthorityTests { private static final Map ATTRIBUTES = Collections.singletonMap("username", "test"); - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenAuthorityIsNullThenThrowIllegalArgumentException() { - new OAuth2UserAuthority(null, ATTRIBUTES); + assertThatIllegalArgumentException().isThrownBy(() -> new OAuth2UserAuthority(null, ATTRIBUTES)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenAttributesIsNullThenThrowIllegalArgumentException() { - new OAuth2UserAuthority(AUTHORITY, null); + assertThatIllegalArgumentException().isThrownBy(() -> new OAuth2UserAuthority(AUTHORITY, null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenAttributesIsEmptyThenThrowIllegalArgumentException() { - new OAuth2UserAuthority(AUTHORITY, Collections.emptyMap()); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OAuth2UserAuthority(AUTHORITY, Collections.emptyMap())); } @Test diff --git a/oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/JwtTests.java b/oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/JwtTests.java index cc2e99e373..7a55920883 100644 --- a/oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/JwtTests.java +++ b/oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/JwtTests.java @@ -28,6 +28,7 @@ import org.junit.Test; import org.springframework.security.oauth2.jose.jws.JwsAlgorithms; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link Jwt}. @@ -82,21 +83,22 @@ public class JwtTests { CLAIMS.put(JTI_CLAIM, JTI_VALUE); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenTokenValueIsNullThenThrowIllegalArgumentException() { - new Jwt(null, Instant.ofEpochMilli(IAT_VALUE), Instant.ofEpochMilli(EXP_VALUE), HEADERS, CLAIMS); + assertThatIllegalArgumentException().isThrownBy( + () -> new Jwt(null, Instant.ofEpochMilli(IAT_VALUE), Instant.ofEpochMilli(EXP_VALUE), HEADERS, CLAIMS)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenHeadersIsEmptyThenThrowIllegalArgumentException() { - new Jwt(JWT_TOKEN_VALUE, Instant.ofEpochMilli(IAT_VALUE), Instant.ofEpochMilli(EXP_VALUE), - Collections.emptyMap(), CLAIMS); + assertThatIllegalArgumentException().isThrownBy(() -> new Jwt(JWT_TOKEN_VALUE, Instant.ofEpochMilli(IAT_VALUE), + Instant.ofEpochMilli(EXP_VALUE), Collections.emptyMap(), CLAIMS)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenClaimsIsEmptyThenThrowIllegalArgumentException() { - new Jwt(JWT_TOKEN_VALUE, Instant.ofEpochMilli(IAT_VALUE), Instant.ofEpochMilli(EXP_VALUE), HEADERS, - Collections.emptyMap()); + assertThatIllegalArgumentException().isThrownBy(() -> new Jwt(JWT_TOKEN_VALUE, Instant.ofEpochMilli(IAT_VALUE), + Instant.ofEpochMilli(EXP_VALUE), HEADERS, Collections.emptyMap())); } @Test diff --git a/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/authentication/JwtGrantedAuthoritiesConverterTests.java b/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/authentication/JwtGrantedAuthoritiesConverterTests.java index b0de546d85..d34c2e29e5 100644 --- a/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/authentication/JwtGrantedAuthoritiesConverterTests.java +++ b/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/authentication/JwtGrantedAuthoritiesConverterTests.java @@ -28,6 +28,7 @@ import org.springframework.security.oauth2.jwt.Jwt; import org.springframework.security.oauth2.jwt.TestJwts; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests for {@link JwtGrantedAuthoritiesConverter} @@ -37,10 +38,10 @@ import static org.assertj.core.api.Assertions.assertThat; */ public class JwtGrantedAuthoritiesConverterTests { - @Test(expected = IllegalArgumentException.class) + @Test public void setAuthorityPrefixWithNullThenException() { JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter(); - jwtGrantedAuthoritiesConverter.setAuthorityPrefix(null); + assertThatIllegalArgumentException().isThrownBy(() -> jwtGrantedAuthoritiesConverter.setAuthorityPrefix(null)); } @Test diff --git a/openid/src/test/java/org/springframework/security/openid/OpenID4JavaConsumerTests.java b/openid/src/test/java/org/springframework/security/openid/OpenID4JavaConsumerTests.java index 554807ce19..fcda3df4f1 100644 --- a/openid/src/test/java/org/springframework/security/openid/OpenID4JavaConsumerTests.java +++ b/openid/src/test/java/org/springframework/security/openid/OpenID4JavaConsumerTests.java @@ -76,12 +76,13 @@ public class OpenID4JavaConsumerTests { consumer.beginConsumption(request, "", "", ""); } - @Test(expected = OpenIDConsumerException.class) + @Test public void discoveryExceptionRaisesOpenIDException() throws Exception { ConsumerManager mgr = mock(ConsumerManager.class); OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory()); given(mgr.discover(any())).willThrow(new DiscoveryException("msg")); - consumer.beginConsumption(new MockHttpServletRequest(), "", "", ""); + assertThatExceptionOfType(OpenIDConsumerException.class) + .isThrownBy(() -> consumer.beginConsumption(new MockHttpServletRequest(), "", "", "")); } @Test @@ -154,7 +155,7 @@ public class OpenID4JavaConsumerTests { assertThat(fetched.get(0).getValues()).hasSize(2); } - @Test(expected = OpenIDConsumerException.class) + @Test public void messageExceptionFetchingAttributesRaisesOpenIDException() throws Exception { OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(new NullAxFetchListFactory()); Message msg = mock(Message.class); @@ -162,13 +163,15 @@ public class OpenID4JavaConsumerTests { given(msg.hasExtension(AxMessage.OPENID_NS_AX)).willReturn(true); given(msg.getExtension(AxMessage.OPENID_NS_AX)).willThrow(new MessageException("")); given(fr.getAttributeValues("a")).willReturn(Arrays.asList("x", "y")); - consumer.fetchAxAttributes(msg, this.attributes); + assertThatExceptionOfType(OpenIDConsumerException.class) + .isThrownBy(() -> consumer.fetchAxAttributes(msg, this.attributes)); } - @Test(expected = OpenIDConsumerException.class) + @Test public void missingDiscoveryInformationThrowsException() throws Exception { OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(new NullAxFetchListFactory()); - consumer.endConsumption(new MockHttpServletRequest()); + assertThatExceptionOfType(OpenIDConsumerException.class) + .isThrownBy(() -> consumer.endConsumption(new MockHttpServletRequest())); } @Test diff --git a/remoting/src/test/java/org/springframework/security/remoting/dns/JndiDnsResolverTests.java b/remoting/src/test/java/org/springframework/security/remoting/dns/JndiDnsResolverTests.java index 9dc14e37e9..c66f25013b 100644 --- a/remoting/src/test/java/org/springframework/security/remoting/dns/JndiDnsResolverTests.java +++ b/remoting/src/test/java/org/springframework/security/remoting/dns/JndiDnsResolverTests.java @@ -27,6 +27,7 @@ import org.junit.Before; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; @@ -60,11 +61,12 @@ public class JndiDnsResolverTests { assertThat(ipAddress).isEqualTo("63.246.7.80"); } - @Test(expected = DnsEntryNotFoundException.class) + @Test public void testResolveIpAddressNotExisting() throws Exception { given(this.context.getAttributes(any(String.class), any(String[].class))) .willThrow(new NameNotFoundException("not found")); - this.dnsResolver.resolveIpAddress("notexisting.ansdansdugiuzgguzgioansdiandwq.foo"); + assertThatExceptionOfType(DnsEntryNotFoundException.class) + .isThrownBy(() -> this.dnsResolver.resolveIpAddress("notexisting.ansdansdugiuzgguzgioansdiandwq.foo")); } @Test @@ -75,11 +77,12 @@ public class JndiDnsResolverTests { assertThat(hostname).isEqualTo("kdc.springsource.com"); } - @Test(expected = DnsEntryNotFoundException.class) + @Test public void testResolveServiceEntryNotExisting() throws Exception { given(this.context.getAttributes(any(String.class), any(String[].class))) .willThrow(new NameNotFoundException("not found")); - this.dnsResolver.resolveServiceEntry("wrong", "secpod.de"); + assertThatExceptionOfType(DnsEntryNotFoundException.class) + .isThrownBy(() -> this.dnsResolver.resolveServiceEntry("wrong", "secpod.de")); } @Test @@ -92,11 +95,11 @@ public class JndiDnsResolverTests { assertThat(ipAddress).isEqualTo("63.246.7.80"); } - @Test(expected = DnsLookupException.class) + @Test public void testUnknowError() throws Exception { given(this.context.getAttributes(any(String.class), any(String[].class))) .willThrow(new NamingException("error")); - this.dnsResolver.resolveIpAddress(""); + assertThatExceptionOfType(DnsLookupException.class).isThrownBy(() -> this.dnsResolver.resolveIpAddress("")); } private BasicAttributes createSrvRecords() { diff --git a/test/src/test/java/org/springframework/security/test/context/showcase/WithMockUserTests.java b/test/src/test/java/org/springframework/security/test/context/showcase/WithMockUserTests.java index b14a95a33f..23f956e627 100644 --- a/test/src/test/java/org/springframework/security/test/context/showcase/WithMockUserTests.java +++ b/test/src/test/java/org/springframework/security/test/context/showcase/WithMockUserTests.java @@ -31,6 +31,7 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * @author Rob Winch @@ -42,9 +43,10 @@ public class WithMockUserTests { @Autowired private MessageService messageService; - @Test(expected = AuthenticationCredentialsNotFoundException.class) + @Test public void getMessageUnauthenticated() { - this.messageService.getMessage(); + assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) + .isThrownBy(() -> this.messageService.getMessage()); } @Test diff --git a/test/src/test/java/org/springframework/security/test/context/showcase/WithUserDetailsTests.java b/test/src/test/java/org/springframework/security/test/context/showcase/WithUserDetailsTests.java index cfd2a040c7..6188f54db1 100644 --- a/test/src/test/java/org/springframework/security/test/context/showcase/WithUserDetailsTests.java +++ b/test/src/test/java/org/springframework/security/test/context/showcase/WithUserDetailsTests.java @@ -36,6 +36,7 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * @author Rob Winch @@ -47,9 +48,10 @@ public class WithUserDetailsTests { @Autowired private MessageService messageService; - @Test(expected = AuthenticationCredentialsNotFoundException.class) + @Test public void getMessageUnauthenticated() { - this.messageService.getMessage(); + assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) + .isThrownBy(() -> this.messageService.getMessage()); } @Test diff --git a/test/src/test/java/org/springframework/security/test/context/support/WithMockUserSecurityContextFactoryTests.java b/test/src/test/java/org/springframework/security/test/context/support/WithMockUserSecurityContextFactoryTests.java index 56b90ca9fe..9398fa33d7 100644 --- a/test/src/test/java/org/springframework/security/test/context/support/WithMockUserSecurityContextFactoryTests.java +++ b/test/src/test/java/org/springframework/security/test/context/support/WithMockUserSecurityContextFactoryTests.java @@ -23,6 +23,8 @@ import org.mockito.Mock; import org.mockito.junit.MockitoJUnitRunner; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; +import static org.assertj.core.api.Assertions.assertThatIllegalStateException; import static org.mockito.BDDMockito.given; @RunWith(MockitoJUnitRunner.class) @@ -38,9 +40,9 @@ public class WithMockUserSecurityContextFactoryTests { this.factory = new WithMockUserSecurityContextFactory(); } - @Test(expected = IllegalArgumentException.class) + @Test public void usernameNull() { - this.factory.createSecurityContext(this.withUser); + assertThatIllegalArgumentException().isThrownBy(() -> this.factory.createSecurityContext(this.withUser)); } @Test @@ -83,20 +85,20 @@ public class WithMockUserSecurityContextFactoryTests { .extracting("authority").containsOnly("USER", "CUSTOM"); } - @Test(expected = IllegalStateException.class) + @Test public void authoritiesAndRolesInvalid() { given(this.withUser.value()).willReturn("valueUser"); given(this.withUser.roles()).willReturn(new String[] { "CUSTOM" }); given(this.withUser.authorities()).willReturn(new String[] { "USER", "CUSTOM" }); - this.factory.createSecurityContext(this.withUser); + assertThatIllegalStateException().isThrownBy(() -> this.factory.createSecurityContext(this.withUser)); } - @Test(expected = IllegalArgumentException.class) + @Test public void rolesWithRolePrefixFails() { given(this.withUser.value()).willReturn("valueUser"); given(this.withUser.roles()).willReturn(new String[] { "ROLE_FAIL" }); given(this.withUser.authorities()).willReturn(new String[] {}); - this.factory.createSecurityContext(this.withUser); + assertThatIllegalArgumentException().isThrownBy(() -> this.factory.createSecurityContext(this.withUser)); } } diff --git a/test/src/test/java/org/springframework/security/test/context/support/WithUserDetailsSecurityContextFactoryTests.java b/test/src/test/java/org/springframework/security/test/context/support/WithUserDetailsSecurityContextFactoryTests.java index 5a2d710699..716b05f694 100644 --- a/test/src/test/java/org/springframework/security/test/context/support/WithUserDetailsSecurityContextFactoryTests.java +++ b/test/src/test/java/org/springframework/security/test/context/support/WithUserDetailsSecurityContextFactoryTests.java @@ -33,6 +33,7 @@ import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.verify; @@ -61,15 +62,15 @@ public class WithUserDetailsSecurityContextFactoryTests { this.factory = new WithUserDetailsSecurityContextFactory(this.beans); } - @Test(expected = IllegalArgumentException.class) + @Test public void createSecurityContextNullValue() { - this.factory.createSecurityContext(this.withUserDetails); + assertThatIllegalArgumentException().isThrownBy(() -> this.factory.createSecurityContext(this.withUserDetails)); } - @Test(expected = IllegalArgumentException.class) + @Test public void createSecurityContextEmptyValue() { given(this.withUserDetails.value()).willReturn(""); - this.factory.createSecurityContext(this.withUserDetails); + assertThatIllegalArgumentException().isThrownBy(() -> this.factory.createSecurityContext(this.withUserDetails)); } @Test diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsUserTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsUserTests.java index 1c6fb34678..08b1205bc4 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsUserTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsUserTests.java @@ -42,6 +42,7 @@ import org.springframework.security.test.web.support.WebTestUtils; import org.springframework.security.web.context.SecurityContextRepository; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.Mockito.verify; @@ -116,9 +117,10 @@ public class SecurityMockMvcRequestPostProcessorsUserTests { this.authority2); } - @Test(expected = IllegalArgumentException.class) + @Test public void userRolesWithRolePrefixErrors() { - user("user").roles("ROLE_INVALID").postProcessRequest(this.request); + assertThatIllegalArgumentException() + .isThrownBy(() -> user("user").roles("ROLE_INVALID").postProcessRequest(this.request)); } @Test diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/response/SecurityMockMvcResultMatchersTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/response/SecurityMockMvcResultMatchersTests.java index 3441b8cbe8..336206077c 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/response/SecurityMockMvcResultMatchersTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/response/SecurityMockMvcResultMatchersTests.java @@ -40,6 +40,7 @@ import org.springframework.web.context.WebApplicationContext; import org.springframework.web.servlet.config.annotation.EnableWebMvc; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin; import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated; import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity; @@ -70,10 +71,10 @@ public class SecurityMockMvcResultMatchersTests { (auth) -> assertThat(auth).isInstanceOf(UsernamePasswordAuthenticationToken.class))); } - @Test(expected = AssertionError.class) + @Test public void withAuthenticationWhenNotMatchesThenFails() throws Exception { - this.mockMvc.perform(formLogin()).andExpect( - authenticated().withAuthentication((auth) -> assertThat(auth.getName()).isEqualTo("notmatch"))); + assertThatExceptionOfType(AssertionError.class).isThrownBy(() -> this.mockMvc.perform(formLogin()).andExpect( + authenticated().withAuthentication((auth) -> assertThat(auth.getName()).isEqualTo("notmatch")))); } // SEC-2719 @@ -87,13 +88,15 @@ public class SecurityMockMvcResultMatchersTests { // @formatter:on } - @Test(expected = AssertionError.class) + @Test public void withRolesFailsIfNotAllRoles() throws Exception { + assertThatExceptionOfType(AssertionError.class).isThrownBy(() -> // @formatter:off - this.mockMvc - .perform(formLogin()) - .andExpect(authenticated().withRoles("USER")); + this.mockMvc + .perform(formLogin()) + .andExpect(authenticated().withRoles("USER")) // @formatter:on + ); } @EnableWebSecurity diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/response/SecurityMockWithAuthoritiesMvcResultMatchersTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/response/SecurityMockWithAuthoritiesMvcResultMatchersTests.java index 82335524fb..3341b83972 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/response/SecurityMockWithAuthoritiesMvcResultMatchersTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/response/SecurityMockWithAuthoritiesMvcResultMatchersTests.java @@ -42,6 +42,7 @@ import org.springframework.web.bind.annotation.RestController; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin; import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated; import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity; @@ -69,11 +70,12 @@ public class SecurityMockWithAuthoritiesMvcResultMatchersTests { this.mockMvc.perform(formLogin()).andExpect(authenticated().withAuthorities(grantedAuthorities)); } - @Test(expected = AssertionError.class) + @Test public void withAuthoritiesFailsIfNotAllRoles() throws Exception { List grantedAuthorities = new ArrayList<>(); grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_ADMIN")); - this.mockMvc.perform(formLogin()).andExpect(authenticated().withAuthorities(grantedAuthorities)); + assertThatExceptionOfType(AssertionError.class).isThrownBy( + () -> this.mockMvc.perform(formLogin()).andExpect(authenticated().withAuthorities(grantedAuthorities))); } @EnableWebSecurity diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/setup/SecurityMockMvcConfigurerTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/setup/SecurityMockMvcConfigurerTests.java index 675a57dba2..86f5fd2d4f 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/setup/SecurityMockMvcConfigurerTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/setup/SecurityMockMvcConfigurerTests.java @@ -31,6 +31,7 @@ import org.springframework.test.web.servlet.setup.ConfigurableMockMvcBuilder; import org.springframework.web.context.WebApplicationContext; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalStateException; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.BDDMockito.given; @@ -86,11 +87,11 @@ public class SecurityMockMvcConfigurerTests { assertFilterAdded(this.filter); } - @Test(expected = IllegalStateException.class) + @Test public void beforeMockMvcCreatedNoFilter() { SecurityMockMvcConfigurer configurer = new SecurityMockMvcConfigurer(); configurer.afterConfigurerAdded(this.builder); - configurer.beforeMockMvcCreated(this.builder, this.context); + assertThatIllegalStateException().isThrownBy(() -> configurer.beforeMockMvcCreated(this.builder, this.context)); } private void assertFilterAdded(Filter filter) { diff --git a/web/src/test/java/org/springframework/security/web/DefaultRedirectStrategyTests.java b/web/src/test/java/org/springframework/security/web/DefaultRedirectStrategyTests.java index ff368d2d49..0de7aa003a 100644 --- a/web/src/test/java/org/springframework/security/web/DefaultRedirectStrategyTests.java +++ b/web/src/test/java/org/springframework/security/web/DefaultRedirectStrategyTests.java @@ -22,6 +22,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Luke Taylor @@ -52,14 +53,15 @@ public class DefaultRedirectStrategyTests { assertThat(response.getRedirectedUrl()).isEqualTo("remainder"); } - @Test(expected = IllegalArgumentException.class) + @Test public void contextRelativeShouldThrowExceptionIfURLDoesNotContainContextPath() throws Exception { DefaultRedirectStrategy rds = new DefaultRedirectStrategy(); rds.setContextRelative(true); MockHttpServletRequest request = new MockHttpServletRequest(); request.setContextPath("/context"); MockHttpServletResponse response = new MockHttpServletResponse(); - rds.sendRedirect(request, response, "https://redirectme.somewhere.else"); + assertThatIllegalArgumentException() + .isThrownBy(() -> rds.sendRedirect(request, response, "https://redirectme.somewhere.else")); } } diff --git a/web/src/test/java/org/springframework/security/web/FilterChainProxyTests.java b/web/src/test/java/org/springframework/security/web/FilterChainProxyTests.java index 6495b2c5bb..e41de62297 100644 --- a/web/src/test/java/org/springframework/security/web/FilterChainProxyTests.java +++ b/web/src/test/java/org/springframework/security/web/FilterChainProxyTests.java @@ -44,6 +44,7 @@ import org.springframework.security.web.util.matcher.RequestMatcher; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.BDDMockito.given; @@ -234,9 +235,9 @@ public class FilterChainProxyTests { assertThat(SecurityContextHolder.getContext().getAuthentication()).isNull(); } - @Test(expected = IllegalArgumentException.class) + @Test public void setRequestRejectedHandlerDoesNotAcceptNull() { - this.fcp.setRequestRejectedHandler(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.fcp.setRequestRejectedHandler(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/FilterInvocationTests.java b/web/src/test/java/org/springframework/security/web/FilterInvocationTests.java index 1e96bba4c0..5f1ceed22c 100644 --- a/web/src/test/java/org/springframework/security/web/FilterInvocationTests.java +++ b/web/src/test/java/org/springframework/security/web/FilterInvocationTests.java @@ -28,6 +28,8 @@ import org.springframework.security.web.FilterInvocation.DummyRequest; import org.springframework.security.web.util.UrlUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.mock; /** @@ -61,23 +63,25 @@ public class FilterInvocationTests { assertThat(fi.getFullRequestUrl()).isEqualTo("http://localhost/mycontext/HelloWorld/some/more/segments.html"); } - @Test(expected = IllegalArgumentException.class) + @Test public void testRejectsNullFilterChain() { MockHttpServletRequest request = new MockHttpServletRequest(null, null); MockHttpServletResponse response = new MockHttpServletResponse(); - new FilterInvocation(request, response, null); + assertThatIllegalArgumentException().isThrownBy(() -> new FilterInvocation(request, response, null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void testRejectsNullServletRequest() { MockHttpServletResponse response = new MockHttpServletResponse(); - new FilterInvocation(null, response, mock(FilterChain.class)); + assertThatIllegalArgumentException() + .isThrownBy(() -> new FilterInvocation(null, response, mock(FilterChain.class))); } - @Test(expected = IllegalArgumentException.class) + @Test public void testRejectsNullServletResponse() { MockHttpServletRequest request = new MockHttpServletRequest(null, null); - new FilterInvocation(request, null, mock(FilterChain.class)); + assertThatIllegalArgumentException() + .isThrownBy(() -> new FilterInvocation(request, null, mock(FilterChain.class))); } @Test @@ -113,9 +117,10 @@ public class FilterInvocationTests { assertThat(fi.getFullRequestUrl()).isEqualTo("http://localhost/mycontext/HelloWorld"); } - @Test(expected = UnsupportedOperationException.class) + @Test public void dummyChainRejectsInvocation() throws Exception { - FilterInvocation.DUMMY_CHAIN.doFilter(mock(HttpServletRequest.class), mock(HttpServletResponse.class)); + assertThatExceptionOfType(UnsupportedOperationException.class).isThrownBy(() -> FilterInvocation.DUMMY_CHAIN + .doFilter(mock(HttpServletRequest.class), mock(HttpServletResponse.class))); } @Test diff --git a/web/src/test/java/org/springframework/security/web/access/ExceptionTranslationFilterTests.java b/web/src/test/java/org/springframework/security/web/access/ExceptionTranslationFilterTests.java index a0b7f8db42..77b3560480 100644 --- a/web/src/test/java/org/springframework/security/web/access/ExceptionTranslationFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/access/ExceptionTranslationFilterTests.java @@ -48,6 +48,7 @@ import org.springframework.security.web.savedrequest.SavedRequest; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.willThrow; import static org.mockito.Mockito.mock; @@ -230,14 +231,15 @@ public class ExceptionTranslationFilterTests { assertThat(getSavedRequestUrl(request)).isEqualTo("http://localhost:8080/mycontext/secure/page.html"); } - @Test(expected = IllegalArgumentException.class) + @Test public void startupDetectsMissingAuthenticationEntryPoint() { - new ExceptionTranslationFilter(null); + assertThatIllegalArgumentException().isThrownBy(() -> new ExceptionTranslationFilter(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void startupDetectsMissingRequestCache() { - new ExceptionTranslationFilter(this.mockEntryPoint, null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new ExceptionTranslationFilter(this.mockEntryPoint, null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/access/channel/ChannelProcessingFilterTests.java b/web/src/test/java/org/springframework/security/web/access/channel/ChannelProcessingFilterTests.java index 76ff193adf..a436f3fdfa 100644 --- a/web/src/test/java/org/springframework/security/web/access/channel/ChannelProcessingFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/access/channel/ChannelProcessingFilterTests.java @@ -31,6 +31,7 @@ import org.springframework.security.web.FilterInvocation; import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.mock; /** @@ -40,19 +41,19 @@ import static org.mockito.Mockito.mock; */ public class ChannelProcessingFilterTests { - @Test(expected = IllegalArgumentException.class) + @Test public void testDetectsMissingChannelDecisionManager() { ChannelProcessingFilter filter = new ChannelProcessingFilter(); MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", true, "MOCK"); filter.setSecurityMetadataSource(fids); - filter.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(filter::afterPropertiesSet); } - @Test(expected = IllegalArgumentException.class) + @Test public void testDetectsMissingFilterInvocationSecurityMetadataSource() { ChannelProcessingFilter filter = new ChannelProcessingFilter(); filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "MOCK")); - filter.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(filter::afterPropertiesSet); } @Test @@ -65,14 +66,14 @@ public class ChannelProcessingFilterTests { filter.afterPropertiesSet(); } - @Test(expected = IllegalArgumentException.class) + @Test public void testDetectsUnsupportedConfigAttribute() { ChannelProcessingFilter filter = new ChannelProcessingFilter(); filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "SUPPORTS_MOCK_ONLY")); MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", true, "SUPPORTS_MOCK_ONLY", "INVALID_ATTRIBUTE"); filter.setSecurityMetadataSource(fids); - filter.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(filter::afterPropertiesSet); } @Test diff --git a/web/src/test/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandlerTests.java b/web/src/test/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandlerTests.java index b23e67c89f..88998fd95f 100644 --- a/web/src/test/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandlerTests.java +++ b/web/src/test/java/org/springframework/security/web/access/expression/DefaultWebSecurityExpressionHandlerTests.java @@ -35,6 +35,7 @@ import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.FilterInvocation; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; @@ -76,9 +77,9 @@ public class DefaultWebSecurityExpressionHandlerTests { assertThat(parser.parseExpression("@role.attribute == 'ROLE_A'").getValue(ctx, Boolean.class)).isTrue(); } - @Test(expected = IllegalArgumentException.class) + @Test public void setTrustResolverNull() { - this.handler.setTrustResolver(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.handler.setTrustResolver(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/access/expression/ExpressionBasedFilterInvocationSecurityMetadataSourceTests.java b/web/src/test/java/org/springframework/security/web/access/expression/ExpressionBasedFilterInvocationSecurityMetadataSourceTests.java index 1519245972..e4d292cbc9 100644 --- a/web/src/test/java/org/springframework/security/web/access/expression/ExpressionBasedFilterInvocationSecurityMetadataSourceTests.java +++ b/web/src/test/java/org/springframework/security/web/access/expression/ExpressionBasedFilterInvocationSecurityMetadataSourceTests.java @@ -28,6 +28,7 @@ import org.springframework.security.web.util.matcher.AnyRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Luke Taylor @@ -50,12 +51,13 @@ public class ExpressionBasedFilterInvocationSecurityMetadataSourceTests { assertThat(attribute.toString()).isEqualTo(expression); } - @Test(expected = IllegalArgumentException.class) + @Test public void invalidExpressionIsRejected() { LinkedHashMap> requestMap = new LinkedHashMap<>(); requestMap.put(AnyRequestMatcher.INSTANCE, SecurityConfig.createList("hasRole('X'")); - ExpressionBasedFilterInvocationSecurityMetadataSource mds = new ExpressionBasedFilterInvocationSecurityMetadataSource( - requestMap, new DefaultWebSecurityExpressionHandler()); + assertThatIllegalArgumentException() + .isThrownBy(() -> new ExpressionBasedFilterInvocationSecurityMetadataSource(requestMap, + new DefaultWebSecurityExpressionHandler())); } } diff --git a/web/src/test/java/org/springframework/security/web/access/intercept/DefaultFilterInvocationSecurityMetadataSourceTests.java b/web/src/test/java/org/springframework/security/web/access/intercept/DefaultFilterInvocationSecurityMetadataSourceTests.java index c054e9a483..56da271c95 100644 --- a/web/src/test/java/org/springframework/security/web/access/intercept/DefaultFilterInvocationSecurityMetadataSourceTests.java +++ b/web/src/test/java/org/springframework/security/web/access/intercept/DefaultFilterInvocationSecurityMetadataSourceTests.java @@ -32,6 +32,7 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.mock; /** @@ -87,9 +88,9 @@ public class DefaultFilterInvocationSecurityMetadataSourceTests { // sign).isEqualTo(def) } - @Test(expected = IllegalArgumentException.class) + @Test public void unknownHttpMethodIsRejected() { - createFids("/someAdminPage.html**", "UNKNOWN"); + assertThatIllegalArgumentException().isThrownBy(() -> createFids("/someAdminPage.html**", "UNKNOWN")); } @Test diff --git a/web/src/test/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptorTests.java b/web/src/test/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptorTests.java index 2fc0f1269d..72b1bdee09 100644 --- a/web/src/test/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptorTests.java +++ b/web/src/test/java/org/springframework/security/web/access/intercept/FilterSecurityInterceptorTests.java @@ -43,6 +43,7 @@ import org.springframework.security.web.FilterInvocation; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyCollection; import static org.mockito.ArgumentMatchers.eq; @@ -95,16 +96,16 @@ public class FilterSecurityInterceptorTests { SecurityContextHolder.clearContext(); } - @Test(expected = IllegalArgumentException.class) + @Test public void testEnsuresAccessDecisionManagerSupportsFilterInvocationClass() throws Exception { given(this.adm.supports(FilterInvocation.class)).willReturn(true); - this.interceptor.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(this.interceptor::afterPropertiesSet); } - @Test(expected = IllegalArgumentException.class) + @Test public void testEnsuresRunAsManagerSupportsFilterInvocationClass() throws Exception { given(this.adm.supports(FilterInvocation.class)).willReturn(false); - this.interceptor.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(this.interceptor::afterPropertiesSet); } /** diff --git a/web/src/test/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilterTests.java index d72b04cc08..2ba221c1a5 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/AbstractAuthenticationProcessingFilterTests.java @@ -398,10 +398,10 @@ public class AbstractAuthenticationProcessingFilterTests { /** * https://github.com/spring-projects/spring-security/pull/3905 */ - @Test(expected = IllegalArgumentException.class) + @Test public void setRememberMeServicesShouldntAllowNulls() { AbstractAuthenticationProcessingFilter filter = new MockAuthenticationFilter(); - filter.setRememberMeServices(null); + assertThatIllegalArgumentException().isThrownBy(() -> filter.setRememberMeServices(null)); } private class MockAuthenticationFilter extends AbstractAuthenticationProcessingFilter { diff --git a/web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java index e0e18ff2c5..6dc8ec5f8c 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/AnonymousAuthenticationFilterTests.java @@ -37,6 +37,7 @@ import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.context.SecurityContextHolder; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.assertj.core.api.Assertions.fail; import static org.mockito.Mockito.mock; @@ -59,14 +60,14 @@ public class AnonymousAuthenticationFilterTests { SecurityContextHolder.clearContext(); } - @Test(expected = IllegalArgumentException.class) + @Test public void testDetectsMissingKey() { - new AnonymousAuthenticationFilter(null); + assertThatIllegalArgumentException().isThrownBy(() -> new AnonymousAuthenticationFilter(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void testDetectsUserAttribute() { - new AnonymousAuthenticationFilter("qwerty", null, null); + assertThatIllegalArgumentException().isThrownBy(() -> new AnonymousAuthenticationFilter("qwerty", null, null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/ForwardAuthenticaionSuccessHandlerTests.java b/web/src/test/java/org/springframework/security/web/authentication/ForwardAuthenticaionSuccessHandlerTests.java index 7fa410ecbb..77d3517211 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/ForwardAuthenticaionSuccessHandlerTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/ForwardAuthenticaionSuccessHandlerTests.java @@ -23,6 +23,7 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.core.Authentication; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.mock; /** @@ -35,14 +36,14 @@ import static org.mockito.Mockito.mock; */ public class ForwardAuthenticaionSuccessHandlerTests { - @Test(expected = IllegalArgumentException.class) + @Test public void invalidForwardUrl() { - new ForwardAuthenticationSuccessHandler("aaa"); + assertThatIllegalArgumentException().isThrownBy(() -> new ForwardAuthenticationSuccessHandler("aaa")); } - @Test(expected = IllegalArgumentException.class) + @Test public void emptyForwardUrl() { - new ForwardAuthenticationSuccessHandler(""); + assertThatIllegalArgumentException().isThrownBy(() -> new ForwardAuthenticationSuccessHandler("")); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/ForwardAuthenticationFailureHandlerTests.java b/web/src/test/java/org/springframework/security/web/authentication/ForwardAuthenticationFailureHandlerTests.java index 343726228a..c9e1cf10ca 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/ForwardAuthenticationFailureHandlerTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/ForwardAuthenticationFailureHandlerTests.java @@ -24,6 +24,7 @@ import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.WebAttributes; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.mock; /** @@ -35,14 +36,14 @@ import static org.mockito.Mockito.mock; */ public class ForwardAuthenticationFailureHandlerTests { - @Test(expected = IllegalArgumentException.class) + @Test public void invalidForwardUrl() { - new ForwardAuthenticationFailureHandler("aaa"); + assertThatIllegalArgumentException().isThrownBy(() -> new ForwardAuthenticationFailureHandler("aaa")); } - @Test(expected = IllegalArgumentException.class) + @Test public void emptyForwardUrl() { - new ForwardAuthenticationFailureHandler(""); + assertThatIllegalArgumentException().isThrownBy(() -> new ForwardAuthenticationFailureHandler("")); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/HttpStatusEntryPointTests.java b/web/src/test/java/org/springframework/security/web/authentication/HttpStatusEntryPointTests.java index 150c4e1951..110fb98455 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/HttpStatusEntryPointTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/HttpStatusEntryPointTests.java @@ -25,6 +25,7 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.core.AuthenticationException; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Rob Winch @@ -50,9 +51,9 @@ public class HttpStatusEntryPointTests { this.entryPoint = new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullStatus() { - new HttpStatusEntryPoint(null); + assertThatIllegalArgumentException().isThrownBy(() -> new HttpStatusEntryPoint(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPointTests.java b/web/src/test/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPointTests.java index 72d6942ac3..8f097f69ed 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPointTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPointTests.java @@ -27,6 +27,7 @@ import org.springframework.security.MockPortResolver; import org.springframework.security.web.PortMapperImpl; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Tests {@link LoginUrlAuthenticationEntryPoint}. @@ -36,21 +37,21 @@ import static org.assertj.core.api.Assertions.assertThat; */ public class LoginUrlAuthenticationEntryPointTests { - @Test(expected = IllegalArgumentException.class) + @Test public void testDetectsMissingLoginFormUrl() { - new LoginUrlAuthenticationEntryPoint(null); + assertThatIllegalArgumentException().isThrownBy(() -> new LoginUrlAuthenticationEntryPoint(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void testDetectsMissingPortMapper() { LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint("/login"); - ep.setPortMapper(null); + assertThatIllegalArgumentException().isThrownBy(() -> ep.setPortMapper(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void testDetectsMissingPortResolver() { LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint("/login"); - ep.setPortResolver(null); + assertThatIllegalArgumentException().isThrownBy(() -> ep.setPortResolver(null)); } @Test @@ -222,12 +223,12 @@ public class LoginUrlAuthenticationEntryPointTests { assertThat(response.getRedirectedUrl()).isEqualTo(loginFormUrl); } - @Test(expected = IllegalArgumentException.class) + @Test public void absoluteLoginFormUrlCantBeUsedWithForwarding() throws Exception { final String loginFormUrl = "https://somesite.com/login"; LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint("https://somesite.com/login"); ep.setUseForward(true); - ep.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(ep::afterPropertiesSet); } } diff --git a/web/src/test/java/org/springframework/security/web/authentication/logout/CookieClearingLogoutHandlerTests.java b/web/src/test/java/org/springframework/security/web/authentication/logout/CookieClearingLogoutHandlerTests.java index 64b4f073c5..4db405ae4b 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/logout/CookieClearingLogoutHandlerTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/logout/CookieClearingLogoutHandlerTests.java @@ -25,6 +25,7 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.core.Authentication; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.mock; /** @@ -107,16 +108,12 @@ public class CookieClearingLogoutHandlerTests { } } - @Test(expected = IllegalArgumentException.class) + @Test public void invalidAge() { - MockHttpServletResponse response = new MockHttpServletResponse(); - MockHttpServletRequest request = new MockHttpServletRequest(); - request.setContextPath("/foo/bar"); Cookie cookie1 = new Cookie("my_cookie", null); cookie1.setPath("/foo"); cookie1.setMaxAge(100); - CookieClearingLogoutHandler handler = new CookieClearingLogoutHandler(cookie1); - handler.logout(request, response, mock(Authentication.class)); + assertThatIllegalArgumentException().isThrownBy(() -> new CookieClearingLogoutHandler(cookie1)); } } diff --git a/web/src/test/java/org/springframework/security/web/authentication/preauth/AbstractPreAuthenticatedProcessingFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/preauth/AbstractPreAuthenticatedProcessingFilterTests.java index 239dbd2c5f..bf851de2ae 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/preauth/AbstractPreAuthenticatedProcessingFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/preauth/AbstractPreAuthenticatedProcessingFilterTests.java @@ -42,6 +42,7 @@ import org.springframework.security.web.authentication.ForwardAuthenticationSucc import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; @@ -90,7 +91,7 @@ public class AbstractPreAuthenticatedProcessingFilterTests { } /* SEC-881 */ - @Test(expected = BadCredentialsException.class) + @Test public void exceptionIsThrownOnFailedAuthenticationIfContinueFilterChainOnUnsuccessfulAuthenticationSetToFalse() throws Exception { AuthenticationManager am = mock(AuthenticationManager.class); @@ -98,7 +99,8 @@ public class AbstractPreAuthenticatedProcessingFilterTests { this.filter.setContinueFilterChainOnUnsuccessfulAuthentication(false); this.filter.setAuthenticationManager(am); this.filter.afterPropertiesSet(); - this.filter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), mock(FilterChain.class)); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.filter + .doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), mock(FilterChain.class))); assertThat(SecurityContextHolder.getContext().getAuthentication()).isNull(); } diff --git a/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProviderTests.java b/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProviderTests.java index 19d682a852..33b19d7ba6 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProviderTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationProviderTests.java @@ -27,6 +27,8 @@ import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UsernameNotFoundException; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author TSARDD @@ -34,10 +36,10 @@ import static org.assertj.core.api.Assertions.assertThat; */ public class PreAuthenticatedAuthenticationProviderTests { - @Test(expected = IllegalArgumentException.class) + @Test public final void afterPropertiesSet() { PreAuthenticatedAuthenticationProvider provider = new PreAuthenticatedAuthenticationProvider(); - provider.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(provider::afterPropertiesSet); } @Test @@ -79,12 +81,12 @@ public class PreAuthenticatedAuthenticationProviderTests { // @TODO: Add more asserts? } - @Test(expected = UsernameNotFoundException.class) + @Test public final void authenticateUnknownUserThrowsException() throws Exception { UserDetails ud = new User("dummyUser1", "dummyPwd", true, true, true, true, AuthorityUtils.NO_AUTHORITIES); PreAuthenticatedAuthenticationProvider provider = getProvider(ud); Authentication request = new PreAuthenticatedAuthenticationToken("dummyUser2", "dummyPwd"); - provider.authenticate(request); + assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy(() -> provider.authenticate(request)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsServiceTests.java b/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsServiceTests.java index 6f66962c71..504b3a4e19 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsServiceTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedGrantedAuthoritiesUserDetailsServiceTests.java @@ -26,6 +26,7 @@ import org.springframework.security.core.authority.GrantedAuthoritiesContainer; import org.springframework.security.core.userdetails.UserDetails; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author TSARDD @@ -33,20 +34,20 @@ import static org.assertj.core.api.Assertions.assertThat; */ public class PreAuthenticatedGrantedAuthoritiesUserDetailsServiceTests { - @Test(expected = IllegalArgumentException.class) + @Test public void testGetUserDetailsInvalidType() { PreAuthenticatedGrantedAuthoritiesUserDetailsService svc = new PreAuthenticatedGrantedAuthoritiesUserDetailsService(); PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken("dummy", "dummy"); token.setDetails(new Object()); - svc.loadUserDetails(token); + assertThatIllegalArgumentException().isThrownBy(() -> svc.loadUserDetails(token)); } - @Test(expected = IllegalArgumentException.class) + @Test public void testGetUserDetailsNoDetails() { PreAuthenticatedGrantedAuthoritiesUserDetailsService svc = new PreAuthenticatedGrantedAuthoritiesUserDetailsService(); PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken("dummy", "dummy"); token.setDetails(null); - svc.loadUserDetails(token); + assertThatIllegalArgumentException().isThrownBy(() -> svc.loadUserDetails(token)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/preauth/RequestAttributeAuthenticationFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/preauth/RequestAttributeAuthenticationFilterTests.java index be8e7da266..5409381137 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/preauth/RequestAttributeAuthenticationFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/preauth/RequestAttributeAuthenticationFilterTests.java @@ -29,6 +29,7 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; @@ -44,13 +45,14 @@ public class RequestAttributeAuthenticationFilterTests { SecurityContextHolder.clearContext(); } - @Test(expected = PreAuthenticatedCredentialsNotFoundException.class) + @Test public void rejectsMissingHeader() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletResponse response = new MockHttpServletResponse(); MockFilterChain chain = new MockFilterChain(); RequestAttributeAuthenticationFilter filter = new RequestAttributeAuthenticationFilter(); - filter.doFilter(request, response, chain); + assertThatExceptionOfType(PreAuthenticatedCredentialsNotFoundException.class) + .isThrownBy(() -> filter.doFilter(request, response, chain)); } @Test @@ -119,14 +121,15 @@ public class RequestAttributeAuthenticationFilterTests { assertThat(SecurityContextHolder.getContext().getAuthentication()).isSameAs(dog); } - @Test(expected = PreAuthenticatedCredentialsNotFoundException.class) + @Test public void missingHeaderCausesException() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletResponse response = new MockHttpServletResponse(); MockFilterChain chain = new MockFilterChain(); RequestAttributeAuthenticationFilter filter = new RequestAttributeAuthenticationFilter(); filter.setAuthenticationManager(createAuthenticationManager()); - filter.doFilter(request, response, chain); + assertThatExceptionOfType(PreAuthenticatedCredentialsNotFoundException.class) + .isThrownBy(() -> filter.doFilter(request, response, chain)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/preauth/header/RequestHeaderAuthenticationFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/preauth/header/RequestHeaderAuthenticationFilterTests.java index 9742f2675b..8c449384c1 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/preauth/header/RequestHeaderAuthenticationFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/preauth/header/RequestHeaderAuthenticationFilterTests.java @@ -31,6 +31,7 @@ import org.springframework.security.web.authentication.preauth.PreAuthenticatedC import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; @@ -46,13 +47,14 @@ public class RequestHeaderAuthenticationFilterTests { SecurityContextHolder.clearContext(); } - @Test(expected = PreAuthenticatedCredentialsNotFoundException.class) + @Test public void rejectsMissingHeader() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletResponse response = new MockHttpServletResponse(); MockFilterChain chain = new MockFilterChain(); RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter(); - filter.doFilter(request, response, chain); + assertThatExceptionOfType(PreAuthenticatedCredentialsNotFoundException.class) + .isThrownBy(() -> filter.doFilter(request, response, chain)); } @Test @@ -120,14 +122,15 @@ public class RequestHeaderAuthenticationFilterTests { assertThat(SecurityContextHolder.getContext().getAuthentication()).isSameAs(dog); } - @Test(expected = PreAuthenticatedCredentialsNotFoundException.class) + @Test public void missingHeaderCausesException() throws Exception { MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletResponse response = new MockHttpServletResponse(); MockFilterChain chain = new MockFilterChain(); RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter(); filter.setAuthenticationManager(createAuthenticationManager()); - filter.doFilter(request, response, chain); + assertThatExceptionOfType(PreAuthenticatedCredentialsNotFoundException.class) + .isThrownBy(() -> filter.doFilter(request, response, chain)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/preauth/x509/SubjectDnX509PrincipalExtractorTests.java b/web/src/test/java/org/springframework/security/web/authentication/preauth/x509/SubjectDnX509PrincipalExtractorTests.java index 5d8e963c55..11c92891a1 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/preauth/x509/SubjectDnX509PrincipalExtractorTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/preauth/x509/SubjectDnX509PrincipalExtractorTests.java @@ -23,6 +23,8 @@ import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.core.SpringSecurityMessageSource; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Luke Taylor @@ -37,9 +39,10 @@ public class SubjectDnX509PrincipalExtractorTests { this.extractor.setMessageSource(new SpringSecurityMessageSource()); } - @Test(expected = IllegalArgumentException.class) + @Test public void invalidRegexFails() { - this.extractor.setSubjectDnRegex("CN=(.*?,"); // missing closing bracket on group + // missing closing bracket on group + assertThatIllegalArgumentException().isThrownBy(() -> this.extractor.setSubjectDnRegex("CN=(.*?,")); } @Test @@ -55,10 +58,11 @@ public class SubjectDnX509PrincipalExtractorTests { assertThat(principal).isEqualTo("luke@monkeymachine"); } - @Test(expected = BadCredentialsException.class) + @Test public void matchOnShoeSizeThrowsBadCredentials() throws Exception { this.extractor.setSubjectDnRegex("shoeSize=(.*?),"); - this.extractor.extractPrincipal(X509TestUtils.buildTestCertificate()); + assertThatExceptionOfType(BadCredentialsException.class) + .isThrownBy(() -> this.extractor.extractPrincipal(X509TestUtils.buildTestCertificate())); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServicesTests.java b/web/src/test/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServicesTests.java index 91607d8d6d..038c3cd163 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServicesTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServicesTests.java @@ -43,6 +43,7 @@ import org.springframework.util.ReflectionUtils; import org.springframework.util.StringUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * @author Luke Taylor @@ -62,9 +63,10 @@ public class AbstractRememberMeServicesTests { this.uds = new MockUserDetailsService(joe, false); } - @Test(expected = InvalidCookieException.class) + @Test public void nonBase64CookieShouldBeDetected() { - new MockRememberMeServices(this.uds).decodeCookie("nonBase64CookieValue%"); + assertThatExceptionOfType(InvalidCookieException.class) + .isThrownBy(() -> new MockRememberMeServices(this.uds).decodeCookie("nonBase64CookieValue%")); } @Test @@ -265,19 +267,21 @@ public class AbstractRememberMeServicesTests { assertThat(returnedCookie.getSecure()).isEqualTo(true); } - @Test(expected = CookieTheftException.class) + @Test public void cookieTheftExceptionShouldBeRethrown() { MockRememberMeServices services = new MockRememberMeServices(this.uds) { + @Override protected UserDetails processAutoLoginCookie(String[] cookieTokens, HttpServletRequest request, HttpServletResponse response) { throw new CookieTheftException("Pretending cookie was stolen"); } + }; MockHttpServletRequest request = new MockHttpServletRequest(); request.setCookies(createLoginCookie("cookie:1:2")); MockHttpServletResponse response = new MockHttpServletResponse(); - services.autoLogin(request, response); + assertThatExceptionOfType(CookieTheftException.class).isThrownBy(() -> services.autoLogin(request, response)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServicesTests.java b/web/src/test/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServicesTests.java index d9796b9089..e4b3613072 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServicesTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServicesTests.java @@ -30,6 +30,7 @@ import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * @author Luke Taylor @@ -51,33 +52,37 @@ public class PersistentTokenBasedRememberMeServicesTests { this.services.afterPropertiesSet(); } - @Test(expected = InvalidCookieException.class) + @Test public void loginIsRejectedWithWrongNumberOfCookieTokens() { - this.services.processAutoLoginCookie(new String[] { "series", "token", "extra" }, new MockHttpServletRequest(), - new MockHttpServletResponse()); + assertThatExceptionOfType(InvalidCookieException.class) + .isThrownBy(() -> this.services.processAutoLoginCookie(new String[] { "series", "token", "extra" }, + new MockHttpServletRequest(), new MockHttpServletResponse())); } - @Test(expected = RememberMeAuthenticationException.class) + @Test public void loginIsRejectedWhenNoTokenMatchingSeriesIsFound() { this.services = create(null); - this.services.processAutoLoginCookie(new String[] { "series", "token" }, new MockHttpServletRequest(), - new MockHttpServletResponse()); + assertThatExceptionOfType(RememberMeAuthenticationException.class) + .isThrownBy(() -> this.services.processAutoLoginCookie(new String[] { "series", "token" }, + new MockHttpServletRequest(), new MockHttpServletResponse())); } - @Test(expected = RememberMeAuthenticationException.class) + @Test public void loginIsRejectedWhenTokenIsExpired() { this.services = create(new PersistentRememberMeToken("joe", "series", "token", new Date(System.currentTimeMillis() - TimeUnit.SECONDS.toMillis(1) - 100))); this.services.setTokenValiditySeconds(1); - this.services.processAutoLoginCookie(new String[] { "series", "token" }, new MockHttpServletRequest(), - new MockHttpServletResponse()); + assertThatExceptionOfType(RememberMeAuthenticationException.class) + .isThrownBy(() -> this.services.processAutoLoginCookie(new String[] { "series", "token" }, + new MockHttpServletRequest(), new MockHttpServletResponse())); } - @Test(expected = CookieTheftException.class) + @Test public void cookieTheftIsDetectedWhenSeriesAndTokenDontMatch() { this.services = create(new PersistentRememberMeToken("joe", "series", "wrongtoken", new Date())); - this.services.processAutoLoginCookie(new String[] { "series", "token" }, new MockHttpServletRequest(), - new MockHttpServletResponse()); + assertThatExceptionOfType(CookieTheftException.class) + .isThrownBy(() -> this.services.processAutoLoginCookie(new String[] { "series", "token" }, + new MockHttpServletRequest(), new MockHttpServletResponse())); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/rememberme/RememberMeAuthenticationFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/rememberme/RememberMeAuthenticationFilterTests.java index 124ff6ecba..77dfd356a8 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/rememberme/RememberMeAuthenticationFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/rememberme/RememberMeAuthenticationFilterTests.java @@ -38,6 +38,7 @@ import org.springframework.security.web.authentication.RememberMeServices; import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; @@ -63,14 +64,16 @@ public class RememberMeAuthenticationFilterTests { SecurityContextHolder.clearContext(); } - @Test(expected = IllegalArgumentException.class) + @Test public void testDetectsAuthenticationManagerProperty() { - new RememberMeAuthenticationFilter(null, new NullRememberMeServices()); + assertThatIllegalArgumentException() + .isThrownBy(() -> new RememberMeAuthenticationFilter(null, new NullRememberMeServices())); } - @Test(expected = IllegalArgumentException.class) + @Test public void testDetectsRememberMeServicesProperty() { - new RememberMeAuthenticationFilter(mock(AuthenticationManager.class), null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new RememberMeAuthenticationFilter(mock(AuthenticationManager.class), null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/rememberme/TokenBasedRememberMeServicesTests.java b/web/src/test/java/org/springframework/security/web/authentication/rememberme/TokenBasedRememberMeServicesTests.java index d6b32b0ae4..d118b0f8fa 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/rememberme/TokenBasedRememberMeServicesTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/rememberme/TokenBasedRememberMeServicesTests.java @@ -37,6 +37,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.util.StringUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; @@ -200,7 +201,7 @@ public class TokenBasedRememberMeServicesTests { assertThat(returnedCookie.getMaxAge()).isZero(); } - @Test(expected = IllegalArgumentException.class) + @Test public void autoLoginClearsCookieIfUserServiceMisconfigured() { udsWillReturnNull(); Cookie cookie = new Cookie(AbstractRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY, @@ -209,7 +210,7 @@ public class TokenBasedRememberMeServicesTests { MockHttpServletRequest request = new MockHttpServletRequest(); request.setCookies(cookie); MockHttpServletResponse response = new MockHttpServletResponse(); - this.services.autoLogin(request, response); + assertThatIllegalArgumentException().isThrownBy(() -> this.services.autoLogin(request, response)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/session/CompositeSessionAuthenticationStrategyTests.java b/web/src/test/java/org/springframework/security/web/authentication/session/CompositeSessionAuthenticationStrategyTests.java index a407dc5962..9660bc7dda 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/session/CompositeSessionAuthenticationStrategyTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/session/CompositeSessionAuthenticationStrategyTests.java @@ -30,6 +30,7 @@ import org.mockito.junit.MockitoJUnitRunner; import org.springframework.security.core.Authentication; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.willThrow; import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; @@ -56,19 +57,21 @@ public class CompositeSessionAuthenticationStrategyTests { @Mock private HttpServletResponse response; - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullDelegates() { - new CompositeSessionAuthenticationStrategy(null); + assertThatIllegalArgumentException().isThrownBy(() -> new CompositeSessionAuthenticationStrategy(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorEmptyDelegates() { - new CompositeSessionAuthenticationStrategy(Collections.emptyList()); + assertThatIllegalArgumentException().isThrownBy(() -> new CompositeSessionAuthenticationStrategy( + Collections.emptyList())); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorDelegatesContainNull() { - new CompositeSessionAuthenticationStrategy(Collections.singletonList(null)); + assertThatIllegalArgumentException().isThrownBy(() -> new CompositeSessionAuthenticationStrategy( + Collections.singletonList(null))); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlAuthenticationStrategyTests.java b/web/src/test/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlAuthenticationStrategyTests.java index 7e69cbfd5d..a96e81ce51 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlAuthenticationStrategyTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/session/ConcurrentSessionControlAuthenticationStrategyTests.java @@ -36,6 +36,8 @@ import org.springframework.security.core.session.SessionInformation; import org.springframework.security.core.session.SessionRegistry; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyBoolean; import static org.mockito.BDDMockito.given; @@ -70,9 +72,9 @@ public class ConcurrentSessionControlAuthenticationStrategyTests { this.strategy = new ConcurrentSessionControlAuthenticationStrategy(this.sessionRegistry); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullRegistry() { - new ConcurrentSessionControlAuthenticationStrategy(null); + assertThatIllegalArgumentException().isThrownBy(() -> new ConcurrentSessionControlAuthenticationStrategy(null)); } @Test @@ -97,13 +99,14 @@ public class ConcurrentSessionControlAuthenticationStrategyTests { // no exception } - @Test(expected = SessionAuthenticationException.class) + @Test public void maxSessionsWithException() { given(this.sessionRegistry.getAllSessions(any(), anyBoolean())) .willReturn(Collections.singletonList(this.sessionInformation)); this.strategy.setMaximumSessions(1); this.strategy.setExceptionIfMaximumExceeded(true); - this.strategy.onAuthentication(this.authentication, this.request, this.response); + assertThatExceptionOfType(SessionAuthenticationException.class) + .isThrownBy(() -> this.strategy.onAuthentication(this.authentication, this.request, this.response)); } @Test @@ -141,9 +144,9 @@ public class ConcurrentSessionControlAuthenticationStrategyTests { assertThat(this.sessionInformation.isExpired()).isFalse(); } - @Test(expected = IllegalArgumentException.class) + @Test public void setMessageSourceNull() { - this.strategy.setMessageSource(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.strategy.setMessageSource(null)); } } diff --git a/web/src/test/java/org/springframework/security/web/authentication/session/RegisterSessionAuthenticationStrategyTests.java b/web/src/test/java/org/springframework/security/web/authentication/session/RegisterSessionAuthenticationStrategyTests.java index 34d88f80ae..20d0432d38 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/session/RegisterSessionAuthenticationStrategyTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/session/RegisterSessionAuthenticationStrategyTests.java @@ -28,6 +28,7 @@ import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.session.SessionRegistry; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.verify; /** @@ -56,9 +57,9 @@ public class RegisterSessionAuthenticationStrategyTests { this.response = new MockHttpServletResponse(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullRegistry() { - new RegisterSessionAuthenticationStrategy(null); + assertThatIllegalArgumentException().isThrownBy(() -> new RegisterSessionAuthenticationStrategy(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilterTests.java index 18ee35abdf..27f90723ef 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/switchuser/SwitchUserFilterTests.java @@ -47,6 +47,7 @@ import org.springframework.security.web.authentication.SimpleUrlAuthenticationSu import org.springframework.security.web.util.matcher.AnyRequestMatcher; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.never; @@ -181,33 +182,33 @@ public class SwitchUserFilterTests { assertThat(filter.requiresSwitchUser(request)).isTrue(); } - @Test(expected = UsernameNotFoundException.class) + @Test public void attemptSwitchToUnknownUserFails() { MockHttpServletRequest request = new MockHttpServletRequest(); request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "user-that-doesnt-exist"); SwitchUserFilter filter = new SwitchUserFilter(); filter.setUserDetailsService(new MockUserDetailsService()); - filter.attemptSwitchUser(request); + assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy(() -> filter.attemptSwitchUser(request)); } - @Test(expected = DisabledException.class) + @Test public void attemptSwitchToUserThatIsDisabledFails() { - switchToUser("mcgarrett"); + assertThatExceptionOfType(DisabledException.class).isThrownBy(() -> switchToUser("mcgarrett")); } - @Test(expected = AccountExpiredException.class) + @Test public void attemptSwitchToUserWithAccountExpiredFails() { - switchToUser("wofat"); + assertThatExceptionOfType(AccountExpiredException.class).isThrownBy(() -> switchToUser("wofat")); } - @Test(expected = CredentialsExpiredException.class) + @Test public void attemptSwitchToUserWithExpiredCredentialsFails() { - switchToUser("steve"); + assertThatExceptionOfType(CredentialsExpiredException.class).isThrownBy(() -> switchToUser("steve")); } - @Test(expected = UsernameNotFoundException.class) + @Test public void switchUserWithNullUsernameThrowsException() { - switchToUser(null); + assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy(() -> switchToUser(null)); } @Test @@ -246,22 +247,22 @@ public class SwitchUserFilterTests { assertThat(FieldUtils.getFieldValue(filter, "switchFailureUrl")).isEqualTo("/switchfailed"); } - @Test(expected = IllegalArgumentException.class) + @Test public void configMissingUserDetailsServiceFails() { SwitchUserFilter filter = new SwitchUserFilter(); filter.setSwitchUserUrl("/login/impersonate"); filter.setExitUserUrl("/logout/impersonate"); filter.setTargetUrl("/main.jsp"); - filter.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(filter::afterPropertiesSet); } - @Test(expected = IllegalArgumentException.class) + @Test public void testBadConfigMissingTargetUrl() { SwitchUserFilter filter = new SwitchUserFilter(); filter.setUserDetailsService(new MockUserDetailsService()); filter.setSwitchUserUrl("/login/impersonate"); filter.setExitUserUrl("/logout/impersonate"); - filter.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(filter::afterPropertiesSet); } @Test @@ -304,7 +305,7 @@ public class SwitchUserFilterTests { assertThat(targetAuth.getPrincipal()).isEqualTo("dano"); } - @Test(expected = AuthenticationException.class) + @Test public void exitUserWithNoCurrentUserFails() throws Exception { // no current user in secure context SecurityContextHolder.clearContext(); @@ -317,7 +318,8 @@ public class SwitchUserFilterTests { // run 'exit', expect fail due to no current user FilterChain chain = mock(FilterChain.class); MockHttpServletResponse response = new MockHttpServletResponse(); - filter.doFilter(request, response, chain); + assertThatExceptionOfType(AuthenticationException.class) + .isThrownBy(() -> filter.doFilter(request, response, chain)); verify(chain, never()).doFilter(request, response); } @@ -459,16 +461,16 @@ public class SwitchUserFilterTests { assertThat(switchAuthorityRole).isEqualTo(switchedFrom.getAuthority()); } - @Test(expected = IllegalArgumentException.class) + @Test public void setSwitchFailureUrlWhenNullThenThrowException() { SwitchUserFilter filter = new SwitchUserFilter(); - filter.setSwitchFailureUrl(null); + assertThatIllegalArgumentException().isThrownBy(() -> filter.setSwitchFailureUrl(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setSwitchFailureUrlWhenEmptyThenThrowException() { SwitchUserFilter filter = new SwitchUserFilter(); - filter.setSwitchFailureUrl(""); + assertThatIllegalArgumentException().isThrownBy(() -> filter.setSwitchFailureUrl("")); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/www/BasicAuthenticationConverterTests.java b/web/src/test/java/org/springframework/security/web/authentication/www/BasicAuthenticationConverterTests.java index ab86511eb7..461c795118 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/www/BasicAuthenticationConverterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/www/BasicAuthenticationConverterTests.java @@ -31,6 +31,7 @@ import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyZeroInteractions; @@ -83,19 +84,19 @@ public class BasicAuthenticationConverterTests { assertThat(authentication).isNull(); } - @Test(expected = BadCredentialsException.class) + @Test public void testWhenInvalidBasicAuthorizationTokenThenError() { String token = "NOT_A_VALID_TOKEN_AS_MISSING_COLON"; MockHttpServletRequest request = new MockHttpServletRequest(); request.addHeader("Authorization", "Basic " + new String(Base64.encodeBase64(token.getBytes()))); - this.converter.convert(request); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.converter.convert(request)); } - @Test(expected = BadCredentialsException.class) + @Test public void testWhenInvalidBase64ThenError() { MockHttpServletRequest request = new MockHttpServletRequest(); request.addHeader("Authorization", "Basic NOT_VALID_BASE64"); - this.converter.convert(request); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.converter.convert(request)); } @Test @@ -110,11 +111,11 @@ public class BasicAuthenticationConverterTests { assertThat(authentication.getCredentials()).isEqualTo(""); } - @Test(expected = BadCredentialsException.class) + @Test public void requestWhenEmptyBasicAuthorizationHeaderTokenThenError() { MockHttpServletRequest request = new MockHttpServletRequest(); request.addHeader("Authorization", "Basic "); - this.converter.convert(request); + assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.converter.convert(request)); } } diff --git a/web/src/test/java/org/springframework/security/web/authentication/www/BasicAuthenticationFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/www/BasicAuthenticationFilterTests.java index d31d44ffe9..c94e1520d5 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/www/BasicAuthenticationFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/www/BasicAuthenticationFilterTests.java @@ -41,6 +41,7 @@ import org.springframework.security.web.authentication.WebAuthenticationDetails; import org.springframework.web.util.WebUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.AdditionalMatchers.not; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.eq; @@ -182,14 +183,14 @@ public class BasicAuthenticationFilterTests { assertThat(SecurityContextHolder.getContext().getAuthentication()).isNull(); } - @Test(expected = IllegalArgumentException.class) + @Test public void testStartupDetectsMissingAuthenticationEntryPoint() { - new BasicAuthenticationFilter(this.manager, null); + assertThatIllegalArgumentException().isThrownBy(() -> new BasicAuthenticationFilter(this.manager, null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void testStartupDetectsMissingAuthenticationManager() { - BasicAuthenticationFilter filter = new BasicAuthenticationFilter(null); + assertThatIllegalArgumentException().isThrownBy(() -> new BasicAuthenticationFilter(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/authentication/www/DigestAuthenticationFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/www/DigestAuthenticationFilterTests.java index f716b3991d..f12b6d8916 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/www/DigestAuthenticationFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/www/DigestAuthenticationFilterTests.java @@ -43,6 +43,7 @@ import org.springframework.security.core.userdetails.cache.NullUserCache; import org.springframework.util.StringUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; @@ -290,18 +291,18 @@ public class DigestAuthenticationFilterTests { assertThat(SecurityContextHolder.getContext().getAuthentication()).isNull(); } - @Test(expected = IllegalArgumentException.class) + @Test public void startupDetectsMissingAuthenticationEntryPoint() { DigestAuthenticationFilter filter = new DigestAuthenticationFilter(); filter.setUserDetailsService(mock(UserDetailsService.class)); - filter.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(filter::afterPropertiesSet); } - @Test(expected = IllegalArgumentException.class) + @Test public void startupDetectsMissingUserDetailsService() { DigestAuthenticationFilter filter = new DigestAuthenticationFilter(); filter.setAuthenticationEntryPoint(new DigestAuthenticationEntryPoint()); - filter.afterPropertiesSet(); + assertThatIllegalArgumentException().isThrownBy(filter::afterPropertiesSet); } @Test diff --git a/web/src/test/java/org/springframework/security/web/bind/support/AuthenticationPrincipalArgumentResolverTests.java b/web/src/test/java/org/springframework/security/web/bind/support/AuthenticationPrincipalArgumentResolverTests.java index 675e68db6e..2dabd20b2e 100644 --- a/web/src/test/java/org/springframework/security/web/bind/support/AuthenticationPrincipalArgumentResolverTests.java +++ b/web/src/test/java/org/springframework/security/web/bind/support/AuthenticationPrincipalArgumentResolverTests.java @@ -36,6 +36,7 @@ import org.springframework.security.web.bind.annotation.AuthenticationPrincipal; import org.springframework.util.ReflectionUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * @author Rob Winch @@ -125,16 +126,18 @@ public class AuthenticationPrincipalArgumentResolverTests { assertThat(this.resolver.resolveArgument(showUserAnnotationString(), null, null, null)).isNull(); } - @Test(expected = ClassCastException.class) + @Test public void resolveArgumentErrorOnInvalidType() throws Exception { setAuthenticationPrincipal(new CustomUserPrincipal()); - this.resolver.resolveArgument(showUserAnnotationErrorOnInvalidType(), null, null, null); + assertThatExceptionOfType(ClassCastException.class).isThrownBy( + () -> this.resolver.resolveArgument(showUserAnnotationErrorOnInvalidType(), null, null, null)); } - @Test(expected = ClassCastException.class) + @Test public void resolveArgumentCustomserErrorOnInvalidType() throws Exception { setAuthenticationPrincipal(new CustomUserPrincipal()); - this.resolver.resolveArgument(showUserAnnotationCurrentUserErrorOnInvalidType(), null, null, null); + assertThatExceptionOfType(ClassCastException.class).isThrownBy(() -> this.resolver + .resolveArgument(showUserAnnotationCurrentUserErrorOnInvalidType(), null, null, null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/concurrent/ConcurrentSessionFilterTests.java b/web/src/test/java/org/springframework/security/web/concurrent/ConcurrentSessionFilterTests.java index fef74d42e1..61a529be93 100644 --- a/web/src/test/java/org/springframework/security/web/concurrent/ConcurrentSessionFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/concurrent/ConcurrentSessionFilterTests.java @@ -41,6 +41,7 @@ import org.springframework.security.web.session.SessionInformationExpiredStrateg import org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.eq; @@ -63,26 +64,28 @@ public class ConcurrentSessionFilterTests { SecurityContextHolder.clearContext(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorSessionRegistryWhenSessionRegistryNullThenExceptionThrown() { - new ConcurrentSessionFilter(null); + assertThatIllegalArgumentException().isThrownBy(() -> new ConcurrentSessionFilter(null)); } + @Test @SuppressWarnings("deprecation") - @Test(expected = IllegalArgumentException.class) public void constructorSessionRegistryExpiresUrlWhenInvalidUrlThenExceptionThrown() { - new ConcurrentSessionFilter(new SessionRegistryImpl(), "oops"); + assertThatIllegalArgumentException() + .isThrownBy(() -> new ConcurrentSessionFilter(new SessionRegistryImpl(), "oops")); } + @Test @SuppressWarnings("deprecation") - @Test(expected = IllegalArgumentException.class) public void constructorSessionRegistryExpiresUrlWhenSessionRegistryNullThenExceptionThrown() { - new ConcurrentSessionFilter(null, "/expired"); + assertThatIllegalArgumentException().isThrownBy(() -> new ConcurrentSessionFilter(null, "/expired")); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorSessionRegistrySessionInformationExpiredStrategyWhenStrategyIsNullThenThrowsException() { - new ConcurrentSessionFilter(new SessionRegistryImpl(), (SessionInformationExpiredStrategy) null); + assertThatIllegalArgumentException().isThrownBy( + () -> new ConcurrentSessionFilter(new SessionRegistryImpl(), (SessionInformationExpiredStrategy) null)); } @Test @@ -127,9 +130,9 @@ public class ConcurrentSessionFilterTests { + "attempted as the same user)."); } - @Test(expected = IllegalArgumentException.class) + @Test public void detectsMissingSessionRegistry() { - new ConcurrentSessionFilter(null); + assertThatIllegalArgumentException().isThrownBy(() -> new ConcurrentSessionFilter(null)); } @Test @@ -264,16 +267,16 @@ public class ConcurrentSessionFilterTests { verify(handler).logout(eq(request), eq(response), any()); } - @Test(expected = IllegalArgumentException.class) + @Test public void setLogoutHandlersWhenNullThenThrowsException() { ConcurrentSessionFilter filter = new ConcurrentSessionFilter(new SessionRegistryImpl()); - filter.setLogoutHandlers((List) null); + assertThatIllegalArgumentException().isThrownBy(() -> filter.setLogoutHandlers((List) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setLogoutHandlersWhenEmptyThenThrowsException() { ConcurrentSessionFilter filter = new ConcurrentSessionFilter(new SessionRegistryImpl()); - filter.setLogoutHandlers(new LogoutHandler[0]); + assertThatIllegalArgumentException().isThrownBy(() -> filter.setLogoutHandlers(new LogoutHandler[0])); } } diff --git a/web/src/test/java/org/springframework/security/web/context/HttpSessionSecurityContextRepositoryTests.java b/web/src/test/java/org/springframework/security/web/context/HttpSessionSecurityContextRepositoryTests.java index c3ef02ed5f..aea6eca502 100644 --- a/web/src/test/java/org/springframework/security/web/context/HttpSessionSecurityContextRepositoryTests.java +++ b/web/src/test/java/org/springframework/security/web/context/HttpSessionSecurityContextRepositoryTests.java @@ -44,6 +44,8 @@ import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContextHolder; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; +import static org.assertj.core.api.Assertions.assertThatIllegalStateException; import static org.mockito.ArgumentMatchers.anyBoolean; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; @@ -499,10 +501,10 @@ public class HttpSessionSecurityContextRepositoryTests { verify(trustResolver).isAnonymous(contextToSave.getAuthentication()); } - @Test(expected = IllegalArgumentException.class) + @Test public void setTrustResolverNull() { HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository(); - repo.setTrustResolver(null); + assertThatIllegalArgumentException().isThrownBy(() -> repo.setTrustResolver(null)); } // SEC-2578 @@ -523,14 +525,14 @@ public class HttpSessionSecurityContextRepositoryTests { .isEqualTo(context); } - @Test(expected = IllegalStateException.class) + @Test public void failsWithStandardResponse() { HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository(); MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletResponse response = new MockHttpServletResponse(); SecurityContext context = SecurityContextHolder.createEmptyContext(); context.setAuthentication(this.testToken); - repo.saveContext(context, request, response); + assertThatIllegalStateException().isThrownBy(() -> repo.saveContext(context, request, response)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/context/request/async/SecurityContextCallableProcessingInterceptorTests.java b/web/src/test/java/org/springframework/security/web/context/request/async/SecurityContextCallableProcessingInterceptorTests.java index 7a27f811b3..9281ccca24 100644 --- a/web/src/test/java/org/springframework/security/web/context/request/async/SecurityContextCallableProcessingInterceptorTests.java +++ b/web/src/test/java/org/springframework/security/web/context/request/async/SecurityContextCallableProcessingInterceptorTests.java @@ -29,6 +29,7 @@ import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.context.request.NativeWebRequest; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Rob Winch @@ -51,9 +52,9 @@ public class SecurityContextCallableProcessingInterceptorTests { SecurityContextHolder.clearContext(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNull() { - new SecurityContextCallableProcessingInterceptor(null); + assertThatIllegalArgumentException().isThrownBy(() -> new SecurityContextCallableProcessingInterceptor(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/csrf/CookieCsrfTokenRepositoryTests.java b/web/src/test/java/org/springframework/security/web/csrf/CookieCsrfTokenRepositoryTests.java index ffd64a0ff3..e204be126b 100644 --- a/web/src/test/java/org/springframework/security/web/csrf/CookieCsrfTokenRepositoryTests.java +++ b/web/src/test/java/org/springframework/security/web/csrf/CookieCsrfTokenRepositoryTests.java @@ -25,6 +25,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Rob Winch @@ -235,19 +236,19 @@ public class CookieCsrfTokenRepositoryTests { assertThat(loadToken.getToken()).isEqualTo(value); } - @Test(expected = IllegalArgumentException.class) + @Test public void setCookieNameNullIllegalArgumentException() { - this.repository.setCookieName(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.repository.setCookieName(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setParameterNameNullIllegalArgumentException() { - this.repository.setParameterName(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.repository.setParameterName(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setHeaderNameNullIllegalArgumentException() { - this.repository.setHeaderName(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.repository.setHeaderName(null)); } } diff --git a/web/src/test/java/org/springframework/security/web/csrf/CsrfAuthenticationStrategyTests.java b/web/src/test/java/org/springframework/security/web/csrf/CsrfAuthenticationStrategyTests.java index d8057e2d9e..92392722d8 100644 --- a/web/src/test/java/org/springframework/security/web/csrf/CsrfAuthenticationStrategyTests.java +++ b/web/src/test/java/org/springframework/security/web/csrf/CsrfAuthenticationStrategyTests.java @@ -30,6 +30,7 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.authentication.TestingAuthenticationToken; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.BDDMockito.given; @@ -66,9 +67,9 @@ public class CsrfAuthenticationStrategyTests { this.generatedToken = new DefaultCsrfToken("_csrf", "_csrf", "2"); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullCsrfTokenRepository() { - new CsrfAuthenticationStrategy(null); + assertThatIllegalArgumentException().isThrownBy(() -> new CsrfAuthenticationStrategy(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/csrf/CsrfFilterTests.java b/web/src/test/java/org/springframework/security/web/csrf/CsrfFilterTests.java index a0b619209f..e94eb34a87 100644 --- a/web/src/test/java/org/springframework/security/web/csrf/CsrfFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/csrf/CsrfFilterTests.java @@ -39,6 +39,7 @@ import org.springframework.security.web.access.AccessDeniedHandler; import org.springframework.security.web.util.matcher.RequestMatcher; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.BDDMockito.given; @@ -95,9 +96,9 @@ public class CsrfFilterTests { this.response = new MockHttpServletResponse(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullRepository() { - new CsrfFilter(null); + assertThatIllegalArgumentException().isThrownBy(() -> new CsrfFilter(null)); } // SEC-2276 @@ -319,14 +320,14 @@ public class CsrfFilterTests { verifyZeroInteractions(repository); } - @Test(expected = IllegalArgumentException.class) + @Test public void setRequireCsrfProtectionMatcherNull() { - this.filter.setRequireCsrfProtectionMatcher(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.filter.setRequireCsrfProtectionMatcher(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setAccessDeniedHandlerNull() { - this.filter.setAccessDeniedHandler(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.filter.setAccessDeniedHandler(null)); } private static CsrfTokenAssert assertToken(Object token) { diff --git a/web/src/test/java/org/springframework/security/web/csrf/CsrfLogoutHandlerTests.java b/web/src/test/java/org/springframework/security/web/csrf/CsrfLogoutHandlerTests.java index 3e187126d4..6ac8eae22c 100644 --- a/web/src/test/java/org/springframework/security/web/csrf/CsrfLogoutHandlerTests.java +++ b/web/src/test/java/org/springframework/security/web/csrf/CsrfLogoutHandlerTests.java @@ -26,6 +26,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.authentication.TestingAuthenticationToken; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.verify; /** @@ -51,9 +52,9 @@ public class CsrfLogoutHandlerTests { this.handler = new CsrfLogoutHandler(this.csrfTokenRepository); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullCsrfTokenRepository() { - new CsrfLogoutHandler(null); + assertThatIllegalArgumentException().isThrownBy(() -> new CsrfLogoutHandler(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/csrf/DefaultCsrfTokenTests.java b/web/src/test/java/org/springframework/security/web/csrf/DefaultCsrfTokenTests.java index 3ece0e164e..dffe2ee8d3 100644 --- a/web/src/test/java/org/springframework/security/web/csrf/DefaultCsrfTokenTests.java +++ b/web/src/test/java/org/springframework/security/web/csrf/DefaultCsrfTokenTests.java @@ -18,6 +18,8 @@ package org.springframework.security.web.csrf; import org.junit.Test; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; + /** * @author Rob Winch * @@ -30,34 +32,40 @@ public class DefaultCsrfTokenTests { private final String tokenValue = "tokenValue"; - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullHeaderName() { - new DefaultCsrfToken(null, this.parameterName, this.tokenValue); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DefaultCsrfToken(null, this.parameterName, this.tokenValue)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorEmptyHeaderName() { - new DefaultCsrfToken("", this.parameterName, this.tokenValue); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DefaultCsrfToken("", this.parameterName, this.tokenValue)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullParameterName() { - new DefaultCsrfToken(this.headerName, null, this.tokenValue); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DefaultCsrfToken(this.headerName, null, this.tokenValue)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorEmptyParameterName() { - new DefaultCsrfToken(this.headerName, "", this.tokenValue); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DefaultCsrfToken(this.headerName, "", this.tokenValue)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullTokenValue() { - new DefaultCsrfToken(this.headerName, this.parameterName, null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DefaultCsrfToken(this.headerName, this.parameterName, null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorEmptyTokenValue() { - new DefaultCsrfToken(this.headerName, this.parameterName, ""); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DefaultCsrfToken(this.headerName, this.parameterName, "")); } } diff --git a/web/src/test/java/org/springframework/security/web/csrf/HttpSessionCsrfTokenRepositoryTests.java b/web/src/test/java/org/springframework/security/web/csrf/HttpSessionCsrfTokenRepositoryTests.java index 7470c04727..3f91b5a2e5 100644 --- a/web/src/test/java/org/springframework/security/web/csrf/HttpSessionCsrfTokenRepositoryTests.java +++ b/web/src/test/java/org/springframework/security/web/csrf/HttpSessionCsrfTokenRepositoryTests.java @@ -23,6 +23,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Rob Winch @@ -116,24 +117,24 @@ public class HttpSessionCsrfTokenRepositoryTests { assertThat(this.request.getSession(false)).isNull(); } - @Test(expected = IllegalArgumentException.class) + @Test public void setSessionAttributeNameEmpty() { - this.repo.setSessionAttributeName(""); + assertThatIllegalArgumentException().isThrownBy(() -> this.repo.setSessionAttributeName("")); } - @Test(expected = IllegalArgumentException.class) + @Test public void setSessionAttributeNameNull() { - this.repo.setSessionAttributeName(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.repo.setSessionAttributeName(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setParameterNameEmpty() { - this.repo.setParameterName(""); + assertThatIllegalArgumentException().isThrownBy(() -> this.repo.setParameterName("")); } - @Test(expected = IllegalArgumentException.class) + @Test public void setParameterNameNull() { - this.repo.setParameterName(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.repo.setParameterName(null)); } } diff --git a/web/src/test/java/org/springframework/security/web/csrf/LazyCsrfTokenRepositoryTests.java b/web/src/test/java/org/springframework/security/web/csrf/LazyCsrfTokenRepositoryTests.java index f7dc6895ec..4aca691447 100644 --- a/web/src/test/java/org/springframework/security/web/csrf/LazyCsrfTokenRepositoryTests.java +++ b/web/src/test/java/org/springframework/security/web/csrf/LazyCsrfTokenRepositoryTests.java @@ -27,6 +27,7 @@ import org.mockito.Mock; import org.mockito.junit.MockitoJUnitRunner; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; @@ -59,14 +60,15 @@ public class LazyCsrfTokenRepositoryTests { given(this.request.getAttribute(HttpServletResponse.class.getName())).willReturn(this.response); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructNullDelegateThrowsIllegalArgumentException() { - new LazyCsrfTokenRepository(null); + assertThatIllegalArgumentException().isThrownBy(() -> new LazyCsrfTokenRepository(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void generateTokenNullResponseAttribute() { - this.repository.generateToken(mock(HttpServletRequest.class)); + assertThatIllegalArgumentException() + .isThrownBy(() -> this.repository.generateToken(mock(HttpServletRequest.class))); } @Test diff --git a/web/src/test/java/org/springframework/security/web/firewall/DefaultHttpFirewallTests.java b/web/src/test/java/org/springframework/security/web/firewall/DefaultHttpFirewallTests.java index cbc09f48b9..51507e2404 100644 --- a/web/src/test/java/org/springframework/security/web/firewall/DefaultHttpFirewallTests.java +++ b/web/src/test/java/org/springframework/security/web/firewall/DefaultHttpFirewallTests.java @@ -49,7 +49,7 @@ public class DefaultHttpFirewallTests { * because the pathInfo is /a/b;/1/c which ends up being /a/b/1/c while Spring MVC * will strip the ; content from requestURI before the path is URL decoded. */ - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenLowercaseEncodedPathThenException() { DefaultHttpFirewall fw = new DefaultHttpFirewall(); MockHttpServletRequest request = new MockHttpServletRequest(); @@ -57,10 +57,10 @@ public class DefaultHttpFirewallTests { request.setContextPath("/context-root"); request.setServletPath(""); request.setPathInfo("/a/b;/1/c"); // URL decoded requestURI - fw.getFirewalledRequest(request); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> fw.getFirewalledRequest(request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenUppercaseEncodedPathThenException() { DefaultHttpFirewall fw = new DefaultHttpFirewall(); MockHttpServletRequest request = new MockHttpServletRequest(); @@ -68,7 +68,7 @@ public class DefaultHttpFirewallTests { request.setContextPath("/context-root"); request.setServletPath(""); request.setPathInfo("/a/b;/1/c"); // URL decoded requestURI - fw.getFirewalledRequest(request); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> fw.getFirewalledRequest(request)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/firewall/StrictHttpFirewallTests.java b/web/src/test/java/org/springframework/security/web/firewall/StrictHttpFirewallTests.java index 9ae4704b48..a553597e79 100644 --- a/web/src/test/java/org/springframework/security/web/firewall/StrictHttpFirewallTests.java +++ b/web/src/test/java/org/springframework/security/web/firewall/StrictHttpFirewallTests.java @@ -128,76 +128,88 @@ public class StrictHttpFirewallTests { } } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenSemicolonInContextPathThenThrowsRequestRejectedException() { this.request.setContextPath(";/context"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenSemicolonInServletPathThenThrowsRequestRejectedException() { this.request.setServletPath("/spring;/"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenSemicolonInPathInfoThenThrowsRequestRejectedException() { this.request.setPathInfo("/path;/"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenSemicolonInRequestUriThenThrowsRequestRejectedException() { this.request.setRequestURI("/path;/"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenEncodedSemicolonInContextPathThenThrowsRequestRejectedException() { this.request.setContextPath("%3B/context"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenEncodedSemicolonInServletPathThenThrowsRequestRejectedException() { this.request.setServletPath("/spring%3B/"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenEncodedSemicolonInPathInfoThenThrowsRequestRejectedException() { this.request.setPathInfo("/path%3B/"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenEncodedSemicolonInRequestUriThenThrowsRequestRejectedException() { this.request.setRequestURI("/path%3B/"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenLowercaseEncodedSemicolonInContextPathThenThrowsRequestRejectedException() { this.request.setContextPath("%3b/context"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenLowercaseEncodedSemicolonInServletPathThenThrowsRequestRejectedException() { this.request.setServletPath("/spring%3b/"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenLowercaseEncodedSemicolonInPathInfoThenThrowsRequestRejectedException() { this.request.setPathInfo("/path%3b/"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenLowercaseEncodedSemicolonInRequestUriThenThrowsRequestRejectedException() { this.request.setRequestURI("/path%3b/"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } @Test @@ -290,16 +302,18 @@ public class StrictHttpFirewallTests { this.firewall.getFirewalledRequest(this.request); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenEncodedPeriodInThenThrowsRequestRejectedException() { this.request.setRequestURI("/%2E/"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenLowercaseEncodedPeriodInThenThrowsRequestRejectedException() { this.request.setRequestURI("/%2e/"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } @Test @@ -309,10 +323,11 @@ public class StrictHttpFirewallTests { this.firewall.getFirewalledRequest(this.request); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenExceedsLowerboundAsciiThenException() { this.request.setRequestURI("/\u0019"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } @Test @@ -327,22 +342,25 @@ public class StrictHttpFirewallTests { this.firewall.getFirewalledRequest(this.request); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenExceedsUpperboundAsciiThenException() { this.request.setRequestURI("/\u007f"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenContainsNullThenException() { this.request.setRequestURI("/\0"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenContainsEncodedNullThenException() { this.request.setRequestURI("/something%00/"); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } /** @@ -350,22 +368,24 @@ public class StrictHttpFirewallTests { * because the pathInfo is /a/b;/1/c which ends up being /a/b/1/c while Spring MVC * will strip the ; content from requestURI before the path is URL decoded. */ - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenLowercaseEncodedPathThenException() { this.request.setRequestURI("/context-root/a/b;%2f1/c"); this.request.setContextPath("/context-root"); this.request.setServletPath(""); this.request.setPathInfo("/a/b;/1/c"); // URL decoded requestURI - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenUppercaseEncodedPathThenException() { this.request.setRequestURI("/context-root/a/b;%2F1/c"); this.request.setContextPath("/context-root"); this.request.setServletPath(""); this.request.setPathInfo("/a/b;/1/c"); // URL decoded requestURI - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } @Test @@ -536,133 +556,138 @@ public class StrictHttpFirewallTests { this.firewall.getFirewalledRequest(this.request); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestWhenUntrustedDomainThenException() { this.request.addHeader("Host", "example.org"); this.firewall.setAllowedHostnames((hostname) -> hostname.equals("myexample.org")); - this.firewall.getFirewalledRequest(this.request); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> this.firewall.getFirewalledRequest(this.request)); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetHeaderWhenNotAllowedHeaderNameThenException() { this.firewall.setAllowedHeaderNames((name) -> !name.equals("bad name")); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getHeader("bad name"); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeader("bad name")); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetHeaderWhenNotAllowedHeaderValueThenException() { this.request.addHeader("good name", "bad value"); this.firewall.setAllowedHeaderValues((value) -> !value.equals("bad value")); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getHeader("good name"); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeader("good name")); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetDateHeaderWhenControlCharacterInHeaderNameThenException() { this.request.addHeader("Bad\0Name", "some value"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getDateHeader("Bad\0Name"); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getDateHeader("Bad\0Name")); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetIntHeaderWhenControlCharacterInHeaderNameThenException() { this.request.addHeader("Bad\0Name", "some value"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getIntHeader("Bad\0Name"); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getIntHeader("Bad\0Name")); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetHeaderWhenControlCharacterInHeaderNameThenException() { this.request.addHeader("Bad\0Name", "some value"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getHeader("Bad\0Name"); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeader("Bad\0Name")); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetHeaderWhenUndefinedCharacterInHeaderNameThenException() { this.request.addHeader("Bad\uFFFEName", "some value"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getHeader("Bad\uFFFEName"); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeader("Bad\uFFFEName")); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetHeadersWhenControlCharacterInHeaderNameThenException() { this.request.addHeader("Bad\0Name", "some value"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getHeaders("Bad\0Name"); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeaders("Bad\0Name")); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetHeaderNamesWhenControlCharacterInHeaderNameThenException() { this.request.addHeader("Bad\0Name", "some value"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getHeaderNames().nextElement(); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> request.getHeaderNames().nextElement()); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetHeaderWhenControlCharacterInHeaderValueThenException() { this.request.addHeader("Something", "bad\0value"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getHeader("Something"); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeader("Something")); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetHeaderWhenUndefinedCharacterInHeaderValueThenException() { this.request.addHeader("Something", "bad\uFFFEvalue"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getHeader("Something"); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeader("Something")); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetHeadersWhenControlCharacterInHeaderValueThenException() { this.request.addHeader("Something", "bad\0value"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getHeaders("Something").nextElement(); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> request.getHeaders("Something").nextElement()); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetParameterWhenControlCharacterInParameterNameThenException() { this.request.addParameter("Bad\0Name", "some value"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getParameter("Bad\0Name"); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getParameter("Bad\0Name")); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetParameterMapWhenControlCharacterInParameterNameThenException() { this.request.addParameter("Bad\0Name", "some value"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getParameterMap(); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(request::getParameterMap); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetParameterNamesWhenControlCharacterInParameterNameThenException() { this.request.addParameter("Bad\0Name", "some value"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getParameterNames().nextElement(); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(request.getParameterNames()::nextElement); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetParameterNamesWhenUndefinedCharacterInParameterNameThenException() { this.request.addParameter("Bad\uFFFEName", "some value"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getParameterNames().nextElement(); + assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(request.getParameterNames()::nextElement); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetParameterValuesWhenNotAllowedInParameterValueThenException() { this.firewall.setAllowedParameterValues((value) -> !value.equals("bad value")); this.request.addParameter("Something", "bad value"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getParameterValues("Something"); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> request.getParameterValues("Something")); } - @Test(expected = RequestRejectedException.class) + @Test public void getFirewalledRequestGetParameterValuesWhenNotAllowedInParameterNameThenException() { this.firewall.setAllowedParameterNames((value) -> !value.equals("bad name")); this.request.addParameter("bad name", "good value"); HttpServletRequest request = this.firewall.getFirewalledRequest(this.request); - request.getParameterValues("bad name"); + assertThatExceptionOfType(RequestRejectedException.class) + .isThrownBy(() -> request.getParameterValues("bad name")); } } diff --git a/web/src/test/java/org/springframework/security/web/header/HeaderWriterFilterTests.java b/web/src/test/java/org/springframework/security/web/header/HeaderWriterFilterTests.java index 6da7e6a2b7..76ce8510e2 100644 --- a/web/src/test/java/org/springframework/security/web/header/HeaderWriterFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/header/HeaderWriterFilterTests.java @@ -34,6 +34,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoMoreInteractions; @@ -55,15 +56,14 @@ public class HeaderWriterFilterTests { @Mock private HeaderWriter writer2; - @Test(expected = IllegalArgumentException.class) + @Test public void noHeadersConfigured() { - List headerWriters = new ArrayList<>(); - new HeaderWriterFilter(headerWriters); + assertThatIllegalArgumentException().isThrownBy(() -> new HeaderWriterFilter(new ArrayList<>())); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullWriters() { - new HeaderWriterFilter(null); + assertThatIllegalArgumentException().isThrownBy(() -> new HeaderWriterFilter(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/header/writers/ContentSecurityPolicyHeaderWriterTests.java b/web/src/test/java/org/springframework/security/web/header/writers/ContentSecurityPolicyHeaderWriterTests.java index 2aebd2af5b..45d18315ab 100644 --- a/web/src/test/java/org/springframework/security/web/header/writers/ContentSecurityPolicyHeaderWriterTests.java +++ b/web/src/test/java/org/springframework/security/web/header/writers/ContentSecurityPolicyHeaderWriterTests.java @@ -23,6 +23,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Joe Grandja @@ -102,10 +103,10 @@ public class ContentSecurityPolicyHeaderWriterTests { assertThat(this.response.getHeader("Content-Security-Policy-Report-Only")).isEqualTo(policyDirectives); } - @Test(expected = IllegalArgumentException.class) + @Test public void writeHeadersContentSecurityPolicyInvalid() { - this.writer = new ContentSecurityPolicyHeaderWriter(""); - this.writer = new ContentSecurityPolicyHeaderWriter(null); + assertThatIllegalArgumentException().isThrownBy(() -> new ContentSecurityPolicyHeaderWriter("")); + assertThatIllegalArgumentException().isThrownBy(() -> new ContentSecurityPolicyHeaderWriter(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/header/writers/DelegatingRequestMatcherHeaderWriterTests.java b/web/src/test/java/org/springframework/security/web/header/writers/DelegatingRequestMatcherHeaderWriterTests.java index 8e4124f983..7e375b890c 100644 --- a/web/src/test/java/org/springframework/security/web/header/writers/DelegatingRequestMatcherHeaderWriterTests.java +++ b/web/src/test/java/org/springframework/security/web/header/writers/DelegatingRequestMatcherHeaderWriterTests.java @@ -27,6 +27,7 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.web.header.HeaderWriter; import org.springframework.security.web.util.matcher.RequestMatcher; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; @@ -57,14 +58,16 @@ public class DelegatingRequestMatcherHeaderWriterTests { this.headerWriter = new DelegatingRequestMatcherHeaderWriter(this.matcher, this.delegate); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullRequestMatcher() { - new DelegatingRequestMatcherHeaderWriter(null, this.delegate); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DelegatingRequestMatcherHeaderWriter(null, this.delegate)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullDelegate() { - new DelegatingRequestMatcherHeaderWriter(this.matcher, null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new DelegatingRequestMatcherHeaderWriter(this.matcher, null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/header/writers/HpkpHeaderWriterTests.java b/web/src/test/java/org/springframework/security/web/header/writers/HpkpHeaderWriterTests.java index 537a65a2b8..362891a84d 100644 --- a/web/src/test/java/org/springframework/security/web/header/writers/HpkpHeaderWriterTests.java +++ b/web/src/test/java/org/springframework/security/web/header/writers/HpkpHeaderWriterTests.java @@ -29,6 +29,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Tim Ysewyn @@ -166,19 +167,20 @@ public class HpkpHeaderWriterTests { assertThat(this.response.getHeaderNames()).isEmpty(); } - @Test(expected = IllegalArgumentException.class) + @Test public void setMaxAgeInSecondsToNegative() { - this.writer.setMaxAgeInSeconds(-1); + assertThatIllegalArgumentException().isThrownBy(() -> this.writer.setMaxAgeInSeconds(-1)); } - @Test(expected = IllegalArgumentException.class) + @Test public void addSha256PinsWithNullPin() { - this.writer.addSha256Pins("d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM=", null); + assertThatIllegalArgumentException() + .isThrownBy(() -> this.writer.addSha256Pins("d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM=", null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setIncorrectReportUri() { - this.writer.setReportUri("some url here..."); + assertThatIllegalArgumentException().isThrownBy(() -> this.writer.setReportUri("some url here...")); } @Test diff --git a/web/src/test/java/org/springframework/security/web/header/writers/HstsHeaderWriterTests.java b/web/src/test/java/org/springframework/security/web/header/writers/HstsHeaderWriterTests.java index dd006b845d..8b7ea413ef 100644 --- a/web/src/test/java/org/springframework/security/web/header/writers/HstsHeaderWriterTests.java +++ b/web/src/test/java/org/springframework/security/web/header/writers/HstsHeaderWriterTests.java @@ -24,6 +24,7 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.web.util.matcher.AnyRequestMatcher; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Rob Winch @@ -124,14 +125,14 @@ public class HstsHeaderWriterTests { .isEqualTo("max-age=31536000 ; includeSubDomains"); } - @Test(expected = IllegalArgumentException.class) + @Test public void setMaxAgeInSecondsToNegative() { - this.writer.setMaxAgeInSeconds(-1); + assertThatIllegalArgumentException().isThrownBy(() -> this.writer.setMaxAgeInSeconds(-1)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setRequestMatcherToNull() { - this.writer.setRequestMatcher(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.writer.setRequestMatcher(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/header/writers/ReferrerPolicyHeaderWriterTests.java b/web/src/test/java/org/springframework/security/web/header/writers/ReferrerPolicyHeaderWriterTests.java index b11c344fc3..2d5f6a7b40 100644 --- a/web/src/test/java/org/springframework/security/web/header/writers/ReferrerPolicyHeaderWriterTests.java +++ b/web/src/test/java/org/springframework/security/web/header/writers/ReferrerPolicyHeaderWriterTests.java @@ -24,6 +24,7 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Eddú Meléndez @@ -64,9 +65,9 @@ public class ReferrerPolicyHeaderWriterTests { assertThat(this.response.getHeader("Referrer-Policy")).isEqualTo("same-origin"); } - @Test(expected = IllegalArgumentException.class) + @Test public void writeHeaderReferrerPolicyInvalid() { - this.writer = new ReferrerPolicyHeaderWriter(null); + assertThatIllegalArgumentException().isThrownBy(() -> new ReferrerPolicyHeaderWriter(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/header/writers/StaticHeaderWriterTests.java b/web/src/test/java/org/springframework/security/web/header/writers/StaticHeaderWriterTests.java index 33c077d51d..863e0f4f29 100644 --- a/web/src/test/java/org/springframework/security/web/header/writers/StaticHeaderWriterTests.java +++ b/web/src/test/java/org/springframework/security/web/header/writers/StaticHeaderWriterTests.java @@ -27,6 +27,7 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.web.header.Header; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Test for the {@code StaticHeadersWriter} @@ -48,29 +49,29 @@ public class StaticHeaderWriterTests { this.response = new MockHttpServletResponse(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullHeaders() { - new StaticHeadersWriter(null); + assertThatIllegalArgumentException().isThrownBy(() -> new StaticHeadersWriter(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorEmptyHeaders() { - new StaticHeadersWriter(Collections.
emptyList()); + assertThatIllegalArgumentException().isThrownBy(() -> new StaticHeadersWriter(Collections.
emptyList())); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullHeaderName() { - new StaticHeadersWriter(null, "value1"); + assertThatIllegalArgumentException().isThrownBy(() -> new StaticHeadersWriter(null, "value1")); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullHeaderValues() { - new StaticHeadersWriter("name", (String[]) null); + assertThatIllegalArgumentException().isThrownBy(() -> new StaticHeadersWriter("name", (String[]) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorContainsNullHeaderValue() { - new StaticHeadersWriter("name", "value1", null); + assertThatIllegalArgumentException().isThrownBy(() -> new StaticHeadersWriter("name", "value1", null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/header/writers/XXssProtectionHeaderWriterTests.java b/web/src/test/java/org/springframework/security/web/header/writers/XXssProtectionHeaderWriterTests.java index c4525989d4..3bbba80c85 100644 --- a/web/src/test/java/org/springframework/security/web/header/writers/XXssProtectionHeaderWriterTests.java +++ b/web/src/test/java/org/springframework/security/web/header/writers/XXssProtectionHeaderWriterTests.java @@ -23,6 +23,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Rob Winch @@ -78,11 +79,11 @@ public class XXssProtectionHeaderWriterTests { assertThat(this.response.getHeaderValues("X-XSS-Protection")).containsOnly("0"); } - @Test(expected = IllegalArgumentException.class) + @Test public void setBlockTrueWithEnabledFalse() { this.writer.setBlock(false); this.writer.setEnabled(false); - this.writer.setBlock(true); + assertThatIllegalArgumentException().isThrownBy(() -> this.writer.setBlock(true)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/header/writers/frameoptions/FrameOptionsHeaderWriterTests.java b/web/src/test/java/org/springframework/security/web/header/writers/frameoptions/FrameOptionsHeaderWriterTests.java index 2bf5e2abdb..3e3079df1a 100644 --- a/web/src/test/java/org/springframework/security/web/header/writers/frameoptions/FrameOptionsHeaderWriterTests.java +++ b/web/src/test/java/org/springframework/security/web/header/writers/frameoptions/FrameOptionsHeaderWriterTests.java @@ -27,6 +27,7 @@ import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter.XFrameOptionsMode; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; /** @@ -51,19 +52,20 @@ public class FrameOptionsHeaderWriterTests { this.response = new MockHttpServletResponse(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullMode() { - new XFrameOptionsHeaderWriter((XFrameOptionsMode) null); + assertThatIllegalArgumentException().isThrownBy(() -> new XFrameOptionsHeaderWriter((XFrameOptionsMode) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorAllowFromNoAllowFromStrategy() { - new XFrameOptionsHeaderWriter(XFrameOptionsMode.ALLOW_FROM); + assertThatIllegalArgumentException() + .isThrownBy(() -> new XFrameOptionsHeaderWriter(XFrameOptionsMode.ALLOW_FROM)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullAllowFromStrategy() { - new XFrameOptionsHeaderWriter((AllowFromStrategy) null); + assertThatIllegalArgumentException().isThrownBy(() -> new XFrameOptionsHeaderWriter((AllowFromStrategy) null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/header/writers/frameoptions/RegExpAllowFromStrategyTests.java b/web/src/test/java/org/springframework/security/web/header/writers/frameoptions/RegExpAllowFromStrategyTests.java index 95dc5791c9..bfdc47fde4 100644 --- a/web/src/test/java/org/springframework/security/web/header/writers/frameoptions/RegExpAllowFromStrategyTests.java +++ b/web/src/test/java/org/springframework/security/web/header/writers/frameoptions/RegExpAllowFromStrategyTests.java @@ -23,20 +23,22 @@ import org.junit.Test; import org.springframework.mock.web.MockHttpServletRequest; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Marten Deinum */ public class RegExpAllowFromStrategyTests { - @Test(expected = PatternSyntaxException.class) + @Test public void invalidRegularExpressionShouldLeadToException() { - new RegExpAllowFromStrategy("[a-z"); + assertThatExceptionOfType(PatternSyntaxException.class).isThrownBy(() -> new RegExpAllowFromStrategy("[a-z")); } - @Test(expected = IllegalArgumentException.class) + @Test public void nullRegularExpressionShouldLeadToException() { - new RegExpAllowFromStrategy(null); + assertThatIllegalArgumentException().isThrownBy(() -> new RegExpAllowFromStrategy(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/header/writers/frameoptions/WhiteListedAllowFromStrategyTests.java b/web/src/test/java/org/springframework/security/web/header/writers/frameoptions/WhiteListedAllowFromStrategyTests.java index 3ccc08ed73..ca93c8d3b4 100644 --- a/web/src/test/java/org/springframework/security/web/header/writers/frameoptions/WhiteListedAllowFromStrategyTests.java +++ b/web/src/test/java/org/springframework/security/web/header/writers/frameoptions/WhiteListedAllowFromStrategyTests.java @@ -24,6 +24,7 @@ import org.junit.Test; import org.springframework.mock.web.MockHttpServletRequest; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * Test for the {@code WhiteListedAllowFromStrategy}. @@ -33,14 +34,14 @@ import static org.assertj.core.api.Assertions.assertThat; */ public class WhiteListedAllowFromStrategyTests { - @Test(expected = IllegalArgumentException.class) + @Test public void emptyListShouldThrowException() { - new WhiteListedAllowFromStrategy(new ArrayList<>()); + assertThatIllegalArgumentException().isThrownBy(() -> new WhiteListedAllowFromStrategy(new ArrayList<>())); } - @Test(expected = IllegalArgumentException.class) + @Test public void nullListShouldThrowException() { - new WhiteListedAllowFromStrategy(null); + assertThatIllegalArgumentException().isThrownBy(() -> new WhiteListedAllowFromStrategy(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/jackson2/DefaultCsrfTokenMixinTests.java b/web/src/test/java/org/springframework/security/web/jackson2/DefaultCsrfTokenMixinTests.java index f6ec0dedc5..d14dc83e3a 100644 --- a/web/src/test/java/org/springframework/security/web/jackson2/DefaultCsrfTokenMixinTests.java +++ b/web/src/test/java/org/springframework/security/web/jackson2/DefaultCsrfTokenMixinTests.java @@ -27,6 +27,7 @@ import org.skyscreamer.jsonassert.JSONAssert; import org.springframework.security.web.csrf.DefaultCsrfToken; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * @author Jitendra Singh @@ -58,16 +59,18 @@ public class DefaultCsrfTokenMixinTests extends AbstractMixinTests { assertThat(token.getToken()).isEqualTo("1"); } - @Test(expected = JsonMappingException.class) + @Test public void defaultCsrfTokenDeserializeWithoutClassTest() throws IOException { String tokenJson = "{\"headerName\": \"csrf-header\", \"parameterName\": \"_csrf\", \"token\": \"1\"}"; - this.mapper.readValue(tokenJson, DefaultCsrfToken.class); + assertThatExceptionOfType(JsonMappingException.class) + .isThrownBy(() -> this.mapper.readValue(tokenJson, DefaultCsrfToken.class)); } - @Test(expected = JsonMappingException.class) + @Test public void defaultCsrfTokenDeserializeNullValuesTest() throws IOException { String tokenJson = "{\"@class\": \"org.springframework.security.web.csrf.DefaultCsrfToken\", \"headerName\": \"\", \"parameterName\": null, \"token\": \"1\"}"; - this.mapper.readValue(tokenJson, DefaultCsrfToken.class); + assertThatExceptionOfType(JsonMappingException.class) + .isThrownBy(() -> this.mapper.readValue(tokenJson, DefaultCsrfToken.class)); } } diff --git a/web/src/test/java/org/springframework/security/web/method/annotation/AuthenticationPrincipalArgumentResolverTests.java b/web/src/test/java/org/springframework/security/web/method/annotation/AuthenticationPrincipalArgumentResolverTests.java index 31b97dc145..dfd3d504ca 100644 --- a/web/src/test/java/org/springframework/security/web/method/annotation/AuthenticationPrincipalArgumentResolverTests.java +++ b/web/src/test/java/org/springframework/security/web/method/annotation/AuthenticationPrincipalArgumentResolverTests.java @@ -36,6 +36,7 @@ import org.springframework.security.core.userdetails.UserDetails; import org.springframework.util.ReflectionUtils; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * @author Rob Winch @@ -141,16 +142,18 @@ public class AuthenticationPrincipalArgumentResolverTests { assertThat(this.resolver.resolveArgument(showUserAnnotationString(), null, null, null)).isNull(); } - @Test(expected = ClassCastException.class) + @Test public void resolveArgumentErrorOnInvalidType() throws Exception { setAuthenticationPrincipal(new CustomUserPrincipal()); - this.resolver.resolveArgument(showUserAnnotationErrorOnInvalidType(), null, null, null); + assertThatExceptionOfType(ClassCastException.class).isThrownBy( + () -> this.resolver.resolveArgument(showUserAnnotationErrorOnInvalidType(), null, null, null)); } - @Test(expected = ClassCastException.class) + @Test public void resolveArgumentCustomserErrorOnInvalidType() throws Exception { setAuthenticationPrincipal(new CustomUserPrincipal()); - this.resolver.resolveArgument(showUserAnnotationCurrentUserErrorOnInvalidType(), null, null, null); + assertThatExceptionOfType(ClassCastException.class).isThrownBy(() -> this.resolver + .resolveArgument(showUserAnnotationCurrentUserErrorOnInvalidType(), null, null, null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/savedrequest/SavedRequestAwareWrapperTests.java b/web/src/test/java/org/springframework/security/web/savedrequest/SavedRequestAwareWrapperTests.java index b1d0d23a45..1463067b4e 100644 --- a/web/src/test/java/org/springframework/security/web/savedrequest/SavedRequestAwareWrapperTests.java +++ b/web/src/test/java/org/springframework/security/web/savedrequest/SavedRequestAwareWrapperTests.java @@ -29,6 +29,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.security.web.PortResolverImpl; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; public class SavedRequestAwareWrapperTests { @@ -144,12 +145,12 @@ public class SavedRequestAwareWrapperTests { assertThat(wrapper.getDateHeader("nonexistent")).isEqualTo(-1L); } - @Test(expected = IllegalArgumentException.class) + @Test public void invalidDateHeaderIsRejected() { MockHttpServletRequest request = new MockHttpServletRequest(); request.addHeader("header", "notadate"); SavedRequestAwareWrapper wrapper = createWrapper(request, new MockHttpServletRequest()); - wrapper.getDateHeader("header"); + assertThatIllegalArgumentException().isThrownBy(() -> wrapper.getDateHeader("header")); } @Test diff --git a/web/src/test/java/org/springframework/security/web/server/DefaultServerRedirectStrategyTests.java b/web/src/test/java/org/springframework/security/web/server/DefaultServerRedirectStrategyTests.java index eaf5c1ece7..9b6d03637e 100644 --- a/web/src/test/java/org/springframework/security/web/server/DefaultServerRedirectStrategyTests.java +++ b/web/src/test/java/org/springframework/security/web/server/DefaultServerRedirectStrategyTests.java @@ -29,6 +29,7 @@ import org.springframework.mock.web.server.MockServerWebExchange; import org.springframework.web.server.ServerWebExchange; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.verifyZeroInteractions; /** @@ -45,14 +46,14 @@ public class DefaultServerRedirectStrategyTests { private DefaultServerRedirectStrategy strategy = new DefaultServerRedirectStrategy(); - @Test(expected = IllegalArgumentException.class) + @Test public void sendRedirectWhenLocationNullThenException() { - this.strategy.sendRedirect(this.exchange, null); + assertThatIllegalArgumentException().isThrownBy(() -> this.strategy.sendRedirect(this.exchange, null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void sendRedirectWhenExchangeNullThenException() { - this.strategy.sendRedirect(null, this.location); + assertThatIllegalArgumentException().isThrownBy(() -> this.strategy.sendRedirect(null, this.location)); } @Test @@ -106,9 +107,9 @@ public class DefaultServerRedirectStrategyTests { assertThat(this.exchange.getResponse().getHeaders().getLocation()).hasPath(this.location.getPath()); } - @Test(expected = IllegalArgumentException.class) + @Test public void setHttpStatusWhenNullThenException() { - this.strategy.setHttpStatus(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.strategy.setHttpStatus(null)); } private static MockServerWebExchange exchange(MockServerHttpRequest.BaseBuilder request) { diff --git a/web/src/test/java/org/springframework/security/web/server/WebFilterExchangeTests.java b/web/src/test/java/org/springframework/security/web/server/WebFilterExchangeTests.java index b896310add..7ee9c3a83d 100644 --- a/web/src/test/java/org/springframework/security/web/server/WebFilterExchangeTests.java +++ b/web/src/test/java/org/springframework/security/web/server/WebFilterExchangeTests.java @@ -25,6 +25,7 @@ import org.springframework.web.server.ServerWebExchange; import org.springframework.web.server.WebFilterChain; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Rob Winch @@ -39,16 +40,14 @@ public class WebFilterExchangeTests { @Mock private WebFilterChain chain; - @Test(expected = IllegalArgumentException.class) + @Test public void constructorServerWebExchangeWebFilterChainWhenExchangeNullThenException() { - this.exchange = null; - new WebFilterExchange(this.exchange, this.chain); + assertThatIllegalArgumentException().isThrownBy(() -> new WebFilterExchange(null, this.chain)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorServerWebExchangeWebFilterChainWhenChainNullThenException() { - this.chain = null; - new WebFilterExchange(this.exchange, this.chain); + assertThatIllegalArgumentException().isThrownBy(() -> new WebFilterExchange(this.exchange, null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationConverterServerWebExchangeMatcherTests.java b/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationConverterServerWebExchangeMatcherTests.java index 314dff7107..ee694ac81d 100644 --- a/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationConverterServerWebExchangeMatcherTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationConverterServerWebExchangeMatcherTests.java @@ -30,6 +30,7 @@ import org.springframework.security.core.Authentication; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.assertj.core.api.Assertions.assertThatNullPointerException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; @@ -57,9 +58,10 @@ public class AuthenticationConverterServerWebExchangeMatcherTests { this.matcher = new AuthenticationConverterServerWebExchangeMatcher(this.converter); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorConverterWhenConverterNullThenThrowsException() { - new AuthenticationConverterServerWebExchangeMatcher(null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new AuthenticationConverterServerWebExchangeMatcher(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java b/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java index 863cc1183a..55986a3565 100644 --- a/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java @@ -36,6 +36,7 @@ import org.springframework.test.web.reactive.server.WebTestClient; import org.springframework.web.server.ServerWebExchange; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.BDDMockito.given; @@ -235,9 +236,9 @@ public class AuthenticationWebFilterTests { verifyZeroInteractions(this.successHandler, this.failureHandler); } - @Test(expected = IllegalArgumentException.class) + @Test public void setRequiresAuthenticationMatcherWhenNullThenException() { - this.filter.setRequiresAuthenticationMatcher(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.filter.setRequiresAuthenticationMatcher(null)); } } diff --git a/web/src/test/java/org/springframework/security/web/server/authentication/HttpBasicServerAuthenticationEntryPointTests.java b/web/src/test/java/org/springframework/security/web/server/authentication/HttpBasicServerAuthenticationEntryPointTests.java index 43c8828e48..5c93b43241 100644 --- a/web/src/test/java/org/springframework/security/web/server/authentication/HttpBasicServerAuthenticationEntryPointTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authentication/HttpBasicServerAuthenticationEntryPointTests.java @@ -29,6 +29,7 @@ import org.springframework.security.core.AuthenticationException; import org.springframework.web.server.ServerWebExchange; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.verifyZeroInteractions; /** @@ -70,9 +71,9 @@ public class HttpBasicServerAuthenticationEntryPointTests { .containsOnly("Basic realm=\"Custom\""); } - @Test(expected = IllegalArgumentException.class) + @Test public void setRealmWhenNullThenException() { - this.entryPoint.setRealm(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.entryPoint.setRealm(null)); } private static MockServerWebExchange exchange(MockServerHttpRequest.BaseBuilder request) { diff --git a/web/src/test/java/org/springframework/security/web/server/authentication/ReactivePreAuthenticatedAuthenticationManagerTests.java b/web/src/test/java/org/springframework/security/web/server/authentication/ReactivePreAuthenticatedAuthenticationManagerTests.java index 2fb7ea2f87..8f4c001558 100644 --- a/web/src/test/java/org/springframework/security/web/server/authentication/ReactivePreAuthenticatedAuthenticationManagerTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authentication/ReactivePreAuthenticatedAuthenticationManagerTests.java @@ -32,6 +32,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; @@ -68,35 +69,40 @@ public class ReactivePreAuthenticatedAuthenticationManagerTests { assertThat(authentication.isAuthenticated()).isEqualTo(true); } - @Test(expected = UsernameNotFoundException.class) + @Test public void returnsNullForNonExistingAccount() { given(this.mockUserDetailsService.findByUsername(anyString())).willReturn(Mono.empty()); - this.manager.authenticate(tokenForUser(this.nonExistingAccount.getUsername())).block(); + assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy( + () -> this.manager.authenticate(tokenForUser(this.nonExistingAccount.getUsername())).block()); } - @Test(expected = LockedException.class) + @Test public void throwsExceptionForLockedAccount() { given(this.mockUserDetailsService.findByUsername(anyString())).willReturn(Mono.just(this.lockedAccount)); - this.manager.authenticate(tokenForUser(this.lockedAccount.getUsername())).block(); + assertThatExceptionOfType(LockedException.class) + .isThrownBy(() -> this.manager.authenticate(tokenForUser(this.lockedAccount.getUsername())).block()); } - @Test(expected = DisabledException.class) + @Test public void throwsExceptionForDisabledAccount() { given(this.mockUserDetailsService.findByUsername(anyString())).willReturn(Mono.just(this.disabledAccount)); - this.manager.authenticate(tokenForUser(this.disabledAccount.getUsername())).block(); + assertThatExceptionOfType(DisabledException.class) + .isThrownBy(() -> this.manager.authenticate(tokenForUser(this.disabledAccount.getUsername())).block()); } - @Test(expected = AccountExpiredException.class) + @Test public void throwsExceptionForExpiredAccount() { given(this.mockUserDetailsService.findByUsername(anyString())).willReturn(Mono.just(this.expiredAccount)); - this.manager.authenticate(tokenForUser(this.expiredAccount.getUsername())).block(); + assertThatExceptionOfType(AccountExpiredException.class) + .isThrownBy(() -> this.manager.authenticate(tokenForUser(this.expiredAccount.getUsername())).block()); } - @Test(expected = CredentialsExpiredException.class) + @Test public void throwsExceptionForAccountWithExpiredCredentials() { given(this.mockUserDetailsService.findByUsername(anyString())) .willReturn(Mono.just(this.accountWithExpiredCredentials)); - this.manager.authenticate(tokenForUser(this.accountWithExpiredCredentials.getUsername())).block(); + assertThatExceptionOfType(CredentialsExpiredException.class).isThrownBy(() -> this.manager + .authenticate(tokenForUser(this.accountWithExpiredCredentials.getUsername())).block()); } private Authentication tokenForUser(String username) { diff --git a/web/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationEntryPointTests.java b/web/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationEntryPointTests.java index d48160c43f..8e46b77c62 100644 --- a/web/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationEntryPointTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationEntryPointTests.java @@ -31,6 +31,7 @@ import org.springframework.security.web.server.ServerRedirectStrategy; import org.springframework.web.server.ServerWebExchange; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; @@ -55,9 +56,9 @@ public class RedirectServerAuthenticationEntryPointTests { private AuthenticationException exception = new AuthenticationCredentialsNotFoundException( "Authentication Required"); - @Test(expected = IllegalArgumentException.class) + @Test public void constructorStringWhenNullLocationThenException() { - new RedirectServerAuthenticationEntryPoint(null); + assertThatIllegalArgumentException().isThrownBy(() -> new RedirectServerAuthenticationEntryPoint(null)); } @Test @@ -86,9 +87,9 @@ public class RedirectServerAuthenticationEntryPointTests { redirectResult.assertWasSubscribed(); } - @Test(expected = IllegalArgumentException.class) + @Test public void setRedirectStrategyWhenNullThenException() { - this.entryPoint.setRedirectStrategy(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.entryPoint.setRedirectStrategy(null)); } } diff --git a/web/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationFailureHandlerTests.java b/web/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationFailureHandlerTests.java index 6f0cb185a0..ba12f17c66 100644 --- a/web/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationFailureHandlerTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationFailureHandlerTests.java @@ -33,6 +33,7 @@ import org.springframework.security.web.server.WebFilterExchange; import org.springframework.web.server.handler.DefaultWebFilterChain; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; @@ -56,9 +57,9 @@ public class RedirectServerAuthenticationFailureHandlerTests { private AuthenticationException exception = new AuthenticationCredentialsNotFoundException( "Authentication Required"); - @Test(expected = IllegalArgumentException.class) + @Test public void constructorStringWhenNullLocationThenException() { - new RedirectServerAuthenticationEntryPoint(null); + assertThatIllegalArgumentException().isThrownBy(() -> new RedirectServerAuthenticationEntryPoint(null)); } @Test @@ -87,9 +88,9 @@ public class RedirectServerAuthenticationFailureHandlerTests { redirectResult.assertWasSubscribed(); } - @Test(expected = IllegalArgumentException.class) + @Test public void setRedirectStrategyWhenNullThenException() { - this.handler.setRedirectStrategy(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.handler.setRedirectStrategy(null)); } private WebFilterExchange createExchange() { diff --git a/web/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationSuccessHandlerTests.java b/web/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationSuccessHandlerTests.java index 6a4054b620..7178642c56 100644 --- a/web/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationSuccessHandlerTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authentication/RedirectServerAuthenticationSuccessHandlerTests.java @@ -34,6 +34,7 @@ import org.springframework.web.server.ServerWebExchange; import org.springframework.web.server.WebFilterChain; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.BDDMockito.given; @@ -62,9 +63,9 @@ public class RedirectServerAuthenticationSuccessHandlerTests { private RedirectServerAuthenticationSuccessHandler handler = new RedirectServerAuthenticationSuccessHandler(); - @Test(expected = IllegalArgumentException.class) + @Test public void constructorStringWhenNullLocationThenException() { - new RedirectServerAuthenticationEntryPoint(null); + assertThatIllegalArgumentException().isThrownBy(() -> new RedirectServerAuthenticationEntryPoint(null)); } @Test @@ -96,14 +97,14 @@ public class RedirectServerAuthenticationSuccessHandlerTests { verify(this.redirectStrategy).sendRedirect(any(), eq(this.location)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setRedirectStrategyWhenNullThenException() { - this.handler.setRedirectStrategy(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.handler.setRedirectStrategy(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setLocationWhenNullThenException() { - this.handler.setLocation(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.handler.setLocation(null)); } } diff --git a/web/src/test/java/org/springframework/security/web/server/authentication/ServerAuthenticationEntryPointFailureHandlerTests.java b/web/src/test/java/org/springframework/security/web/server/authentication/ServerAuthenticationEntryPointFailureHandlerTests.java index ffa96d4e38..45b4fa5b62 100644 --- a/web/src/test/java/org/springframework/security/web/server/authentication/ServerAuthenticationEntryPointFailureHandlerTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authentication/ServerAuthenticationEntryPointFailureHandlerTests.java @@ -30,6 +30,7 @@ import org.springframework.web.server.ServerWebExchange; import org.springframework.web.server.WebFilterChain; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; /** @@ -54,10 +55,9 @@ public class ServerAuthenticationEntryPointFailureHandlerTests { @InjectMocks private ServerAuthenticationEntryPointFailureHandler handler; - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenNullEntryPointThenException() { - this.authenticationEntryPoint = null; - new ServerAuthenticationEntryPointFailureHandler(this.authenticationEntryPoint); + assertThatIllegalArgumentException().isThrownBy(() -> new ServerAuthenticationEntryPointFailureHandler(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/server/authentication/ServerFormLoginAuthenticationConverterTests.java b/web/src/test/java/org/springframework/security/web/server/authentication/ServerFormLoginAuthenticationConverterTests.java index 49d6866fde..2d9b33ac18 100644 --- a/web/src/test/java/org/springframework/security/web/server/authentication/ServerFormLoginAuthenticationConverterTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authentication/ServerFormLoginAuthenticationConverterTests.java @@ -29,6 +29,7 @@ import org.springframework.util.MultiValueMap; import org.springframework.web.server.ServerWebExchange; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; /** @@ -86,14 +87,14 @@ public class ServerFormLoginAuthenticationConverterTests { assertThat(authentication.getAuthorities()).isEmpty(); } - @Test(expected = IllegalArgumentException.class) + @Test public void setUsernameParameterWhenNullThenIllegalArgumentException() { - this.converter.setUsernameParameter(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.converter.setUsernameParameter(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setPasswordParameterWhenNullThenIllegalArgumentException() { - this.converter.setPasswordParameter(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.converter.setPasswordParameter(null)); } } diff --git a/web/src/test/java/org/springframework/security/web/server/authentication/SwitchUserWebFilterTests.java b/web/src/test/java/org/springframework/security/web/server/authentication/SwitchUserWebFilterTests.java index c15a8de07b..898d543c2c 100644 --- a/web/src/test/java/org/springframework/security/web/server/authentication/SwitchUserWebFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authentication/SwitchUserWebFilterTests.java @@ -26,6 +26,7 @@ import org.mockito.ArgumentCaptor; import org.mockito.Mock; import org.mockito.junit.MockitoJUnitRunner; import reactor.core.publisher.Mono; +import reactor.util.context.Context; import org.springframework.http.HttpMethod; import org.springframework.mock.http.server.reactive.MockServerHttpRequest; @@ -179,12 +180,11 @@ public class SwitchUserWebFilterTests { .from(MockServerHttpRequest.post("/login/impersonate")); final WebFilterChain chain = mock(WebFilterChain.class); final SecurityContextImpl securityContext = new SecurityContextImpl(mock(Authentication.class)); - assertThatIllegalArgumentException() - .isThrownBy(() -> this.switchUserWebFilter.filter(exchange, chain) - .subscriberContext( - ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext))) - .block()) - .withMessage("The userName can not be null."); + assertThatIllegalArgumentException().isThrownBy(() -> { + Context securityContextHolder = ReactiveSecurityContextHolder + .withSecurityContext(Mono.just(securityContext)); + this.switchUserWebFilter.filter(exchange, chain).subscriberContext(securityContextHolder).block(); + }).withMessage("The userName can not be null."); verifyNoInteractions(chain); } @@ -216,12 +216,11 @@ public class SwitchUserWebFilterTests { final SecurityContextImpl securityContext = new SecurityContextImpl(mock(Authentication.class)); final UserDetails switchUserDetails = switchUserDetails(targetUsername, false); given(this.userDetailsService.findByUsername(any(String.class))).willReturn(Mono.just(switchUserDetails)); - assertThatExceptionOfType(DisabledException.class) - .isThrownBy( - () -> this.switchUserWebFilter.filter(exchange, chain) - .subscriberContext( - ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext))) - .block()); + assertThatExceptionOfType(DisabledException.class).isThrownBy(() -> { + Context securityContextHolder = ReactiveSecurityContextHolder + .withSecurityContext(Mono.just(securityContext)); + this.switchUserWebFilter.filter(exchange, chain).subscriberContext(securityContextHolder).block(); + }); verifyNoInteractions(chain); } @@ -264,12 +263,11 @@ public class SwitchUserWebFilterTests { "origCredentials"); final WebFilterChain chain = mock(WebFilterChain.class); final SecurityContextImpl securityContext = new SecurityContextImpl(originalAuthentication); - assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class) - .isThrownBy(() -> this.switchUserWebFilter.filter(exchange, chain) - .subscriberContext( - ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext))) - .block()) - .withMessage("Could not find original Authentication object"); + assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class).isThrownBy(() -> { + Context securityContextHolder = ReactiveSecurityContextHolder + .withSecurityContext(Mono.just(securityContext)); + this.switchUserWebFilter.filter(exchange, chain).subscriberContext(securityContextHolder).block(); + }).withMessage("Could not find original Authentication object"); verifyNoInteractions(chain); } diff --git a/web/src/test/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilterTests.java b/web/src/test/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilterTests.java index 4e6a9c7285..847edc204a 100644 --- a/web/src/test/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authorization/ExceptionTranslationWebFilterTests.java @@ -35,6 +35,7 @@ import org.springframework.web.server.ServerWebExchange; import org.springframework.web.server.WebFilterChain; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; @@ -128,14 +129,14 @@ public class ExceptionTranslationWebFilterTests { this.entryPointPublisher.assertWasNotSubscribed(); } - @Test(expected = IllegalArgumentException.class) + @Test public void setAccessDeniedHandlerWhenNullThenException() { - this.filter.setAccessDeniedHandler(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.filter.setAccessDeniedHandler(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setAuthenticationEntryPointWhenNullThenException() { - this.filter.setAuthenticationEntryPoint(null); + assertThatIllegalArgumentException().isThrownBy(() -> this.filter.setAuthenticationEntryPoint(null)); } } diff --git a/web/src/test/java/org/springframework/security/web/server/authorization/HttpStatusServerAccessDeniedHandlerTests.java b/web/src/test/java/org/springframework/security/web/server/authorization/HttpStatusServerAccessDeniedHandlerTests.java index 08cde18541..ade1054efa 100644 --- a/web/src/test/java/org/springframework/security/web/server/authorization/HttpStatusServerAccessDeniedHandlerTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authorization/HttpStatusServerAccessDeniedHandlerTests.java @@ -28,6 +28,7 @@ import org.springframework.security.access.AccessDeniedException; import org.springframework.web.server.ServerWebExchange; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.Mockito.verifyZeroInteractions; /** @@ -46,9 +47,9 @@ public class HttpStatusServerAccessDeniedHandlerTests { private AccessDeniedException exception = new AccessDeniedException("Forbidden"); - @Test(expected = IllegalArgumentException.class) + @Test public void constructorHttpStatusWhenNullThenException() { - new HttpStatusServerAccessDeniedHandler(null); + assertThatIllegalArgumentException().isThrownBy(() -> new HttpStatusServerAccessDeniedHandler(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/server/context/ReactorContextWebFilterTests.java b/web/src/test/java/org/springframework/security/web/server/context/ReactorContextWebFilterTests.java index ccc686bf6c..b03bcc4705 100644 --- a/web/src/test/java/org/springframework/security/web/server/context/ReactorContextWebFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/server/context/ReactorContextWebFilterTests.java @@ -38,6 +38,7 @@ import org.springframework.web.server.WebFilterChain; import org.springframework.web.server.handler.DefaultWebFilterChain; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; @@ -69,10 +70,9 @@ public class ReactorContextWebFilterTests { given(this.repository.load(any())).willReturn(this.securityContext.mono()); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullSecurityContextRepository() { - ServerSecurityContextRepository repository = null; - new ReactorContextWebFilter(repository); + assertThatIllegalArgumentException().isThrownBy(() -> new ReactorContextWebFilter(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/server/jackson2/DefaultCsrfServerTokenMixinTests.java b/web/src/test/java/org/springframework/security/web/server/jackson2/DefaultCsrfServerTokenMixinTests.java index 3a1a9f246e..54c3e41275 100644 --- a/web/src/test/java/org/springframework/security/web/server/jackson2/DefaultCsrfServerTokenMixinTests.java +++ b/web/src/test/java/org/springframework/security/web/server/jackson2/DefaultCsrfServerTokenMixinTests.java @@ -28,6 +28,7 @@ import org.springframework.security.web.jackson2.AbstractMixinTests; import org.springframework.security.web.server.csrf.DefaultCsrfToken; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; /** * @author Boris Finkelshteyn @@ -59,16 +60,18 @@ public class DefaultCsrfServerTokenMixinTests extends AbstractMixinTests { assertThat(token.getToken()).isEqualTo("1"); } - @Test(expected = JsonMappingException.class) + @Test public void defaultCsrfTokenDeserializeWithoutClassTest() throws IOException { String tokenJson = "{\"headerName\": \"csrf-header\", \"parameterName\": \"_csrf\", \"token\": \"1\"}"; - this.mapper.readValue(tokenJson, DefaultCsrfToken.class); + assertThatExceptionOfType(JsonMappingException.class) + .isThrownBy(() -> this.mapper.readValue(tokenJson, DefaultCsrfToken.class)); } - @Test(expected = JsonMappingException.class) + @Test public void defaultCsrfTokenDeserializeNullValuesTest() throws IOException { String tokenJson = "{\"@class\": \"org.springframework.security.web.server.csrf.DefaultCsrfToken\", \"headerName\": \"\", \"parameterName\": null, \"token\": \"1\"}"; - this.mapper.readValue(tokenJson, DefaultCsrfToken.class); + assertThatExceptionOfType(JsonMappingException.class) + .isThrownBy(() -> this.mapper.readValue(tokenJson, DefaultCsrfToken.class)); } } diff --git a/web/src/test/java/org/springframework/security/web/server/util/matcher/MediaTypeServerWebExchangeMatcherTests.java b/web/src/test/java/org/springframework/security/web/server/util/matcher/MediaTypeServerWebExchangeMatcherTests.java index 57b0fa3ba1..3b651accce 100644 --- a/web/src/test/java/org/springframework/security/web/server/util/matcher/MediaTypeServerWebExchangeMatcherTests.java +++ b/web/src/test/java/org/springframework/security/web/server/util/matcher/MediaTypeServerWebExchangeMatcherTests.java @@ -27,6 +27,7 @@ import org.springframework.mock.web.server.MockServerWebExchange; import org.springframework.web.server.ServerWebExchange; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Rob Winch @@ -36,28 +37,28 @@ public class MediaTypeServerWebExchangeMatcherTests { private MediaTypeServerWebExchangeMatcher matcher; - @Test(expected = IllegalArgumentException.class) + @Test public void constructorMediaTypeArrayWhenNullThenThrowsIllegalArgumentException() { MediaType[] types = null; - new MediaTypeServerWebExchangeMatcher(types); + assertThatIllegalArgumentException().isThrownBy(() -> new MediaTypeServerWebExchangeMatcher(types)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorMediaTypeArrayWhenContainsNullThenThrowsIllegalArgumentException() { MediaType[] types = { null }; - new MediaTypeServerWebExchangeMatcher(types); + assertThatIllegalArgumentException().isThrownBy(() -> new MediaTypeServerWebExchangeMatcher(types)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorMediaTypeListWhenNullThenThrowsIllegalArgumentException() { List types = null; - new MediaTypeServerWebExchangeMatcher(types); + assertThatIllegalArgumentException().isThrownBy(() -> new MediaTypeServerWebExchangeMatcher(types)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorMediaTypeListWhenContainsNullThenThrowsIllegalArgumentException() { List types = Collections.singletonList(null); - new MediaTypeServerWebExchangeMatcher(types); + assertThatIllegalArgumentException().isThrownBy(() -> new MediaTypeServerWebExchangeMatcher(types)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/server/util/matcher/PathMatcherServerWebExchangeMatcherTests.java b/web/src/test/java/org/springframework/security/web/server/util/matcher/PathMatcherServerWebExchangeMatcherTests.java index 3bf61f4487..517919ec01 100644 --- a/web/src/test/java/org/springframework/security/web/server/util/matcher/PathMatcherServerWebExchangeMatcherTests.java +++ b/web/src/test/java/org/springframework/security/web/server/util/matcher/PathMatcherServerWebExchangeMatcherTests.java @@ -32,6 +32,7 @@ import org.springframework.web.server.session.DefaultWebSessionManager; import org.springframework.web.util.pattern.PathPattern; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.verifyZeroInteractions; @@ -65,14 +66,16 @@ public class PathMatcherServerWebExchangeMatcherTests { this.matcher = new PathPatternParserServerWebExchangeMatcher(this.pattern); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorPatternWhenPatternNullThenThrowsException() { - new PathPatternParserServerWebExchangeMatcher((PathPattern) null); + assertThatIllegalArgumentException() + .isThrownBy(() -> new PathPatternParserServerWebExchangeMatcher((PathPattern) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorPatternAndMethodWhenPatternNullThenThrowsException() { - new PathPatternParserServerWebExchangeMatcher((PathPattern) null, HttpMethod.GET); + assertThatIllegalArgumentException() + .isThrownBy(() -> new PathPatternParserServerWebExchangeMatcher((PathPattern) null, HttpMethod.GET)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/session/HttpSessionEventPublisherTests.java b/web/src/test/java/org/springframework/security/web/session/HttpSessionEventPublisherTests.java index be04e536eb..effa61b207 100644 --- a/web/src/test/java/org/springframework/security/web/session/HttpSessionEventPublisherTests.java +++ b/web/src/test/java/org/springframework/security/web/session/HttpSessionEventPublisherTests.java @@ -26,6 +26,7 @@ import org.springframework.web.context.WebApplicationContext; import org.springframework.web.context.support.StaticWebApplicationContext; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalStateException; /** * The HttpSessionEventPublisher tests @@ -94,32 +95,31 @@ public class HttpSessionEventPublisherTests { } // SEC-2599 - @Test(expected = IllegalStateException.class) + @Test public void sessionCreatedNullApplicationContext() { HttpSessionEventPublisher publisher = new HttpSessionEventPublisher(); MockServletContext servletContext = new MockServletContext(); MockHttpSession session = new MockHttpSession(servletContext); HttpSessionEvent event = new HttpSessionEvent(session); - publisher.sessionCreated(event); + assertThatIllegalStateException().isThrownBy(() -> publisher.sessionCreated(event)); } - // SEC-2599 - @Test(expected = IllegalStateException.class) + @Test // SEC-2599 public void sessionDestroyedNullApplicationContext() { HttpSessionEventPublisher publisher = new HttpSessionEventPublisher(); MockServletContext servletContext = new MockServletContext(); MockHttpSession session = new MockHttpSession(servletContext); HttpSessionEvent event = new HttpSessionEvent(session); - publisher.sessionDestroyed(event); + assertThatIllegalStateException().isThrownBy(() -> publisher.sessionDestroyed(event)); } - @Test(expected = IllegalStateException.class) + @Test public void sessionIdChangeNullApplicationContext() { HttpSessionEventPublisher publisher = new HttpSessionEventPublisher(); MockServletContext servletContext = new MockServletContext(); MockHttpSession session = new MockHttpSession(servletContext); HttpSessionEvent event = new HttpSessionEvent(session); - publisher.sessionIdChanged(event, "oldSessionId"); + assertThatIllegalStateException().isThrownBy(() -> publisher.sessionIdChanged(event, "oldSessionId")); } } diff --git a/web/src/test/java/org/springframework/security/web/session/SessionInformationExpiredEventTests.java b/web/src/test/java/org/springframework/security/web/session/SessionInformationExpiredEventTests.java index 51fcf650e3..0ec42fcff4 100644 --- a/web/src/test/java/org/springframework/security/web/session/SessionInformationExpiredEventTests.java +++ b/web/src/test/java/org/springframework/security/web/session/SessionInformationExpiredEventTests.java @@ -24,27 +24,30 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.core.session.SessionInformation; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; + /** * @author Rob Winch * @since 4.2 */ public class SessionInformationExpiredEventTests { - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenSessionInformationNullThenThrowsException() { - new SessionInformationExpiredEvent(null, new MockHttpServletRequest(), new MockHttpServletResponse()); + assertThatIllegalArgumentException().isThrownBy(() -> new SessionInformationExpiredEvent(null, + new MockHttpServletRequest(), new MockHttpServletResponse())); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenRequestNullThenThrowsException() { - new SessionInformationExpiredEvent(new SessionInformation("fake", "sessionId", new Date()), null, - new MockHttpServletResponse()); + assertThatIllegalArgumentException().isThrownBy(() -> new SessionInformationExpiredEvent( + new SessionInformation("fake", "sessionId", new Date()), null, new MockHttpServletResponse())); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenResponseNullThenThrowsException() { - new SessionInformationExpiredEvent(new SessionInformation("fake", "sessionId", new Date()), - new MockHttpServletRequest(), null); + assertThatIllegalArgumentException().isThrownBy(() -> new SessionInformationExpiredEvent( + new SessionInformation("fake", "sessionId", new Date()), new MockHttpServletRequest(), null)); } } diff --git a/web/src/test/java/org/springframework/security/web/session/SessionManagementFilterTests.java b/web/src/test/java/org/springframework/security/web/session/SessionManagementFilterTests.java index ad25c72ab3..7d5cc504a1 100644 --- a/web/src/test/java/org/springframework/security/web/session/SessionManagementFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/session/SessionManagementFilterTests.java @@ -36,6 +36,7 @@ import org.springframework.security.web.authentication.session.SessionAuthentica import org.springframework.security.web.context.SecurityContextRepository; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.mockito.BDDMockito.willThrow; @@ -161,11 +162,11 @@ public class SessionManagementFilterTests { verify(trustResolver).isAnonymous(any(Authentication.class)); } - @Test(expected = IllegalArgumentException.class) + @Test public void setTrustResolverNull() { SecurityContextRepository repo = mock(SecurityContextRepository.class); SessionManagementFilter filter = new SessionManagementFilter(repo); - filter.setTrustResolver(null); + assertThatIllegalArgumentException().isThrownBy(() -> filter.setTrustResolver(null)); } private void authenticateUser() { diff --git a/web/src/test/java/org/springframework/security/web/util/TextEscapeUtilsTests.java b/web/src/test/java/org/springframework/security/web/util/TextEscapeUtilsTests.java index c3be88a3ed..b5d045b4ca 100644 --- a/web/src/test/java/org/springframework/security/web/util/TextEscapeUtilsTests.java +++ b/web/src/test/java/org/springframework/security/web/util/TextEscapeUtilsTests.java @@ -19,6 +19,7 @@ package org.springframework.security.web.util; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; public class TextEscapeUtilsTests { @@ -36,19 +37,19 @@ public class TextEscapeUtilsTests { assertThat(TextEscapeUtils.escapeEntities(null)).isNull(); } - @Test(expected = IllegalArgumentException.class) + @Test public void invalidLowSurrogateIsDetected() { - TextEscapeUtils.escapeEntities("abc\uDCCCdef"); + assertThatIllegalArgumentException().isThrownBy(() -> TextEscapeUtils.escapeEntities("abc\uDCCCdef")); } - @Test(expected = IllegalArgumentException.class) + @Test public void missingLowSurrogateIsDetected() { - TextEscapeUtils.escapeEntities("abc\uD888a"); + assertThatIllegalArgumentException().isThrownBy(() -> TextEscapeUtils.escapeEntities("abc\uD888a")); } - @Test(expected = IllegalArgumentException.class) + @Test public void highSurrogateAtEndOfStringIsRejected() { - TextEscapeUtils.escapeEntities("abc\uD888"); + assertThatIllegalArgumentException().isThrownBy(() -> TextEscapeUtils.escapeEntities("abc\uD888")); } /** diff --git a/web/src/test/java/org/springframework/security/web/util/matcher/AndRequestMatcherTests.java b/web/src/test/java/org/springframework/security/web/util/matcher/AndRequestMatcherTests.java index a10b26b3e4..08a2f851d1 100644 --- a/web/src/test/java/org/springframework/security/web/util/matcher/AndRequestMatcherTests.java +++ b/web/src/test/java/org/springframework/security/web/util/matcher/AndRequestMatcherTests.java @@ -28,6 +28,8 @@ import org.mockito.Mock; import org.mockito.junit.MockitoJUnitRunner; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; +import static org.assertj.core.api.Assertions.assertThatNullPointerException; import static org.mockito.BDDMockito.given; /** @@ -48,34 +50,36 @@ public class AndRequestMatcherTests { private RequestMatcher matcher; - @Test(expected = NullPointerException.class) + @Test public void constructorNullArray() { - new AndRequestMatcher((RequestMatcher[]) null); + assertThatNullPointerException().isThrownBy(() -> new AndRequestMatcher((RequestMatcher[]) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorArrayContainsNull() { - new AndRequestMatcher((RequestMatcher) null); + assertThatIllegalArgumentException().isThrownBy(() -> new AndRequestMatcher((RequestMatcher) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorEmptyArray() { - new AndRequestMatcher(new RequestMatcher[0]); + assertThatIllegalArgumentException().isThrownBy(() -> new AndRequestMatcher(new RequestMatcher[0])); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullList() { - new AndRequestMatcher((List) null); + assertThatIllegalArgumentException().isThrownBy(() -> new AndRequestMatcher((List) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorListContainsNull() { - new AndRequestMatcher(Arrays.asList((RequestMatcher) null)); + assertThatIllegalArgumentException() + .isThrownBy(() -> new AndRequestMatcher(Arrays.asList((RequestMatcher) null))); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorEmptyList() { - new AndRequestMatcher(Collections.emptyList()); + assertThatIllegalArgumentException() + .isThrownBy(() -> new AndRequestMatcher(Collections.emptyList())); } @Test diff --git a/web/src/test/java/org/springframework/security/web/util/matcher/MediaTypeRequestMatcherTests.java b/web/src/test/java/org/springframework/security/web/util/matcher/MediaTypeRequestMatcherTests.java index 7a9fe12bfa..1c3a60220d 100644 --- a/web/src/test/java/org/springframework/security/web/util/matcher/MediaTypeRequestMatcherTests.java +++ b/web/src/test/java/org/springframework/security/web/util/matcher/MediaTypeRequestMatcherTests.java @@ -33,6 +33,7 @@ import org.springframework.web.accept.ContentNegotiationStrategy; import org.springframework.web.context.request.NativeWebRequest; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; @@ -55,41 +56,45 @@ public class MediaTypeRequestMatcherTests { this.request = new MockHttpServletRequest(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenNullCNSThenIAE() { ContentNegotiationStrategy c = null; - new MediaTypeRequestMatcher(c, MediaType.ALL); + assertThatIllegalArgumentException().isThrownBy(() -> new MediaTypeRequestMatcher(c, MediaType.ALL)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullCNSSet() { - new MediaTypeRequestMatcher(null, Collections.singleton(MediaType.ALL)); + assertThatIllegalArgumentException() + .isThrownBy(() -> new MediaTypeRequestMatcher(null, Collections.singleton(MediaType.ALL))); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNoVarargs() { - new MediaTypeRequestMatcher(this.negotiationStrategy); + assertThatIllegalArgumentException().isThrownBy(() -> new MediaTypeRequestMatcher(this.negotiationStrategy)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullMediaTypes() { Collection mediaTypes = null; - new MediaTypeRequestMatcher(this.negotiationStrategy, mediaTypes); + assertThatIllegalArgumentException() + .isThrownBy(() -> new MediaTypeRequestMatcher(this.negotiationStrategy, mediaTypes)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorEmtpyMediaTypes() { - new MediaTypeRequestMatcher(this.negotiationStrategy, Collections.emptyList()); + assertThatIllegalArgumentException().isThrownBy( + () -> new MediaTypeRequestMatcher(this.negotiationStrategy, Collections.emptyList())); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenEmptyMediaTypeThenIAE() { - new MediaTypeRequestMatcher(); + assertThatIllegalArgumentException().isThrownBy(() -> new MediaTypeRequestMatcher()); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorWhenEmptyMediaTypeCollectionThenIAE() { - new MediaTypeRequestMatcher(Collections.emptyList()); + assertThatIllegalArgumentException() + .isThrownBy(() -> new MediaTypeRequestMatcher(Collections.emptyList())); } @Test diff --git a/web/src/test/java/org/springframework/security/web/util/matcher/NegatedRequestMatcherTests.java b/web/src/test/java/org/springframework/security/web/util/matcher/NegatedRequestMatcherTests.java index 1a738c4a42..39fae1ed4c 100644 --- a/web/src/test/java/org/springframework/security/web/util/matcher/NegatedRequestMatcherTests.java +++ b/web/src/test/java/org/springframework/security/web/util/matcher/NegatedRequestMatcherTests.java @@ -24,6 +24,7 @@ import org.mockito.Mock; import org.mockito.junit.MockitoJUnitRunner; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.mockito.BDDMockito.given; /** @@ -41,9 +42,9 @@ public class NegatedRequestMatcherTests { private RequestMatcher matcher; - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNull() { - new NegatedRequestMatcher(null); + assertThatIllegalArgumentException().isThrownBy(() -> new NegatedRequestMatcher(null)); } @Test diff --git a/web/src/test/java/org/springframework/security/web/util/matcher/OrRequestMatcherTests.java b/web/src/test/java/org/springframework/security/web/util/matcher/OrRequestMatcherTests.java index 291b97c2fb..c67b961de5 100644 --- a/web/src/test/java/org/springframework/security/web/util/matcher/OrRequestMatcherTests.java +++ b/web/src/test/java/org/springframework/security/web/util/matcher/OrRequestMatcherTests.java @@ -28,6 +28,8 @@ import org.mockito.Mock; import org.mockito.junit.MockitoJUnitRunner; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; +import static org.assertj.core.api.Assertions.assertThatNullPointerException; import static org.mockito.BDDMockito.given; /** @@ -48,34 +50,36 @@ public class OrRequestMatcherTests { private RequestMatcher matcher; - @Test(expected = NullPointerException.class) + @Test public void constructorNullArray() { - new OrRequestMatcher((RequestMatcher[]) null); + assertThatNullPointerException().isThrownBy(() -> new OrRequestMatcher((RequestMatcher[]) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorArrayContainsNull() { - new OrRequestMatcher((RequestMatcher) null); + assertThatIllegalArgumentException().isThrownBy(() -> new OrRequestMatcher((RequestMatcher) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorEmptyArray() { - new OrRequestMatcher(new RequestMatcher[0]); + assertThatIllegalArgumentException().isThrownBy(() -> new OrRequestMatcher(new RequestMatcher[0])); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullList() { - new OrRequestMatcher((List) null); + assertThatIllegalArgumentException().isThrownBy(() -> new OrRequestMatcher((List) null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorListContainsNull() { - new OrRequestMatcher(Arrays.asList((RequestMatcher) null)); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OrRequestMatcher(Arrays.asList((RequestMatcher) null))); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorEmptyList() { - new OrRequestMatcher(Collections.emptyList()); + assertThatIllegalArgumentException() + .isThrownBy(() -> new OrRequestMatcher(Collections.emptyList())); } @Test diff --git a/web/src/test/java/org/springframework/security/web/util/matcher/RequestHeaderRequestMatcherTests.java b/web/src/test/java/org/springframework/security/web/util/matcher/RequestHeaderRequestMatcherTests.java index e677059a9b..b27767f1c3 100644 --- a/web/src/test/java/org/springframework/security/web/util/matcher/RequestHeaderRequestMatcherTests.java +++ b/web/src/test/java/org/springframework/security/web/util/matcher/RequestHeaderRequestMatcherTests.java @@ -22,6 +22,7 @@ import org.junit.Test; import org.springframework.mock.web.MockHttpServletRequest; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; /** * @author Rob Winch @@ -40,14 +41,14 @@ public class RequestHeaderRequestMatcherTests { this.request = new MockHttpServletRequest(); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullHeaderName() { - new RequestHeaderRequestMatcher(null); + assertThatIllegalArgumentException().isThrownBy(() -> new RequestHeaderRequestMatcher(null)); } - @Test(expected = IllegalArgumentException.class) + @Test public void constructorNullHeaderNameNonNullHeaderValue() { - new RequestHeaderRequestMatcher(null, "v"); + assertThatIllegalArgumentException().isThrownBy(() -> new RequestHeaderRequestMatcher(null, "v")); } @Test