[英]How do I write an integration test for a REST API secured with OAuth2 in JUnit5?
I have a client service like this,我有这样的客户服务,
@Service
public class PersonClientService {
private final String EXTERNAL_API;
private RestTemplate restTemplate;
@Autowired
public PersonClientService(RestTemplate restTemplate, @Value("${person.url}") String apiUrl) {
this.restTemplate = restTemplate;
EXTERNAL_API = apiUrl
}
public ResponseDTO createData(PersonDTO personDTO) throws Exception {
try {
HttpEntity<PersonDTO> input = new HttpEntity<>(personDTO);
ResponseEntity<ResponseDTO> restponseDTO = restTemplate.exchange(EXTERNAL_API, HttpMethod.POST, input, ResponseDTO.class);
return responseDTO.getBody();
} catch(Exception e) {
//catch exception
}
}
}
Now the rest template here that I am using is secured with OAuth2 implementation and it is using client_id
and secret
with grant_type
as client_credentials
to generate a token and then using this token as header to call the EXTERNAL_API
现在,我在这里使用的其余模板通过 OAuth2 实现得到保护,它使用
client_id
和secret
以及grant_type
作为client_credentials
来生成令牌,然后使用这个令牌作为标头来调用EXTERNAL_API
I am following this guide here but it's not really helpful since it is using JUnit4 and I am on JUnit5: https://www.baeldung.com/oauth-api-testing-with-spring-mvc我在这里遵循本指南,但它并没有真正的帮助,因为它使用的是 JUnit4,而我使用的是 JUnit5: https ://www.baeldung.com/oauth-api-testing-with-spring-mvc
I'm confused.我很困惑。 What do you want to test?
你想测试什么?
The sample you link is achieving controller unit-testing with mockmvc.您链接的示例是使用 mockmvc 实现控制器单元测试。
They use an annotation which loads security context.他们使用加载安全上下文的注释。 As a consequence test security context must be configured for the request to reach controller endpoint.
因此,必须为到达控制器端点的请求配置测试安全上下文。
I don't see any security rules on your service (@PreAuthorize or something) => you don't need any security context, just don't load security config.我在您的服务上看不到任何安全规则(@PreAuthorize 或其他东西)=>您不需要任何安全上下文,只是不要加载安全配置。
If you add security rules you want to unit test, load security config and setup test security context (either explicitly or with something like https://github.com/ch4mpy/spring-addons/tree/master/samples/webmvc-jwtauthenticationtoken/src/test/java/com/c4_soft/springaddons/samples/webmvc_jwtauthenticationtoken )如果您添加要进行单元测试的安全规则,请加载安全配置并设置测试安全上下文(显式或使用类似https://github.com/ch4mpy/spring-addons/tree/master/samples/webmvc-jwtauthenticationtoken/ src/test/java/com/c4_soft/springaddons/samples/webmvc_jwtauthenticationtoken )
The call to external service is a complete different story: the external service is running with a different security context than the one attached to your tested service thread).对外部服务的调用是一个完全不同的故事:外部服务运行的安全上下文与附加到您测试的服务线程的安全上下文不同)。 Either:
任何一个:
@MockBean RestTemplate
(and configure mock for the Rest call your service is issuing) => unit test @MockBean RestTemplate
(并为您的服务发出的 Rest 调用配置模拟)=> 单元测试 You should not start with integration test.您不应该从集成测试开始。 Unit test are for more stable and easier to maintain.
单元测试是为了更稳定和更容易维护。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.