stackoom
  简体   繁体   中英

Mocking @AuthenticationPrincipal for a unit test

 原文  2020-10-26 18:52:00       java/ spring/ unit-testing/ authentication/ lombok

Question

I am new to spring and lombok. I am working on a unit test for a controller where the method uses @AuthenticationPrincipal. From what I have read it passes the information of the authenticated user into the method. Is there a way to mock this for the unit test?

1 answers

solution1
 4 ACCPTED  2020-10-29 17:20:24

The easiest solution that comes to mind is @WithMockUser . It does what you asked for. But, in case you are not satisfied with it, you can create an annotation and tune it to your needs.

I am assuming that you have tried @WithMockUser and it really didn't fit your needs.

There are three important tasks. The first is creating an annotation followed by creating a class that represents a user of your system and finally creating SecurityContextFactory .

  1. Let's start with the annotation
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;

import org.springframework.security.test.context.support.WithSecurityContext;

@Retention(RetentionPolicy.RUNTIME)
@WithSecurityContext(factory = WithMockAaronSecurityContextFactory.class)
public @interface WithAaronUser {
    String username() default "TestUser";
    String[] roles() default { "ROLE_ADMIN" };
}
  1. A mock user class
import java.util.Collection;
import java.util.stream.Collectors;
import java.util.stream.Stream;

import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;

public class MockUserDetails {

    private String username;
    private Collection<? extends GrantedAuthority> authorities;
    
    public MockUserDetails(String username, String[] roles) {
        this.username = username;
        this.authorities = Stream.of(roles)
                .map(role -> new SimpleGrantedAuthority(role)).collect(Collectors.toSet());
    }

    public String getUsername() {
        return username;
    }

    public Collection<? extends GrantedAuthority> getAuthorities() {
        return authorities;
    }
}

3 Finally the SecurityContextFactory . Note that the implementation uses the same factory class ( WithSecurityContextFactory ) that @WithMockUser uses.

import java.io.Serializable;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;

import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
import org.springframework.security.test.context.support.WithSecurityContextFactory;

public class WithMockAaronSecurityContextFactory implements WithSecurityContextFactory<WithAaronUser> {

    @Override
    public SecurityContext createSecurityContext(WithAaronUser user) {

        MockUserDetails principal = new MockUserDetails(user.username(), user.roles());

        MockHttpServletRequest request = new MockHttpServletRequest();
        request.setServerName("www.example.com");
        request.setRequestURI("/token");
        request.setQueryString("param1=value1&param");
        request.setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_VALUE, "mocked_token");
        OAuth2AuthenticationDetails authDetails = new OAuth2AuthenticationDetails(request);
        
        Map<String, String> decodedDetails = new HashMap<>();
        decodedDetails.put("first_name", "Jean-Claude");
        decodedDetails.put("last_name", "Van Damme");
        authDetails.setDecodedDetails(decodedDetails);
        
        
        UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(principal.getUsername(), "password", principal.getAuthorities());
        auth.setDetails(authDetails);
        
        
        List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_ADMIN");
        OAuth2Request oAuth2Request = new OAuth2Request(Collections.emptyMap(), "", authorities, true, Collections.emptySet(), Collections.emptySet(), "http://somethig.com", Collections.emptySet(), Collections.emptyMap());
                    
                    
        OAuth2Authentication oAuth = new OAuth2Authentication(getOauth2Request(), auth);
        oAuth.setDetails(authDetails);
            
        SecurityContext context = SecurityContextHolder.createEmptyContext();
        context.setAuthentication(oAuth);
        return context;
    }
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Unit test a method with mocking Java, unit test mocking mxbean Mocking java object for unit test mocking Executorservice field in unit test Mocking Activity Lifecycle for RxJava in unit test Mocking Glide in Unit Test to avoid NullPointerException Mocking Network response for unit test case Unit test definition - Scope and Mocking external dependencies Java: Mocking http/https calls in unit test Unit test: Mocking framework vs Stub implementation
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM