单元测试Springboot MockMvc返回403 Forbidden
[英]Unit test Springboot MockMvc returns 403 Forbidden
问题描述
我编写了一个测试 UsersController 的单元测试。 UsersControllerTest.findUser 工作正常,但 UsersControllerTest.insertGetModifyDelete 却不行。
在测试日志中,我可以看到 POST 请求与 UsersController 的任何方法都不匹配,但我不明白为什么。 你能帮我解决这个问题吗?
这是我的 rest java class:
@RestController
@RequestMapping("/users")
public class UsersController {
private final UsersService usersService;
@Autowired
public UsersController(UsersService usersService) {
this.usersService = usersService;
}
@GetMapping(value="/{email}", produces="application/json")
public User get(@PathVariable @Email String email) {
return usersService.findByEmail(email);
}
@PostMapping(consumes="application/json", produces="application/json")
@ResponseBody
public ResponseEntity<String> insert(@RequestBody @Valid User user){
usersService.insert(user);
return ResponseEntity.ok(user.getEmail());
}
@DeleteMapping(value="/{email}", consumes="application/json", produces="application/json")
public ResponseEntity<String> delete(@PathVariable @Email String email) {
usersService.delete(email);
return ResponseEntity.ok(email);
}
@PutMapping(value="/{email}", consumes="application/json", produces="application/json")
public ResponseEntity<User> update(@PathVariable @Email String email, @RequestBody @Valid User user) {
usersService.update(email, user);
return ResponseEntity.ok(user);
}
}
我用两种方法进行了一项测试。 一个正在返回 http 代码 200,但另一个返回 403。
@RunWith(SpringRunner.class)
@SpringBootTest
@AutoConfigureMockMvc
@WithMockUser(username = "user", roles = "USER")
public class UsersControllerTest {
@Autowired
private MockMvc mockMvc;
@Test
public void findUser() throws Exception {
mockMvc.perform(get("/users/{email}", new Object[] {"boy@test.com"})).andExpect(status().isOk()).andExpect(jsonPath("$.email", equalTo("boy@test.com"))).andExpect(jsonPath("$.userName", equalTo("boy")));
}
@Test
public void insertGetModifyDelete() throws Exception {
User user = new User("userName", "email@email.com");
ObjectMapper mapper = new ObjectMapper();
String json = mapper.writeValueAsString(user);
mockMvc.perform(post("/users").content(json).contentType(MediaType.APPLICATION_JSON).accept(MediaType.APPLICATION_JSON)).andExpect(status().isOk());
mockMvc.perform(put("/users/{email}", new Object[] {user.getEmail()}).content(json)).andDo(print()).andExpect(status().isOk());
mockMvc.perform(delete("/users/{email}", new Object[] {user.getEmail()}).content(json)).andDo(print()).andExpect(status().isOk());
}
}
这是测试的 output:
MockHttpServletRequest:
HTTP Method = GET
Request URI = /users/boy@test.com
Parameters = {}
Headers = {}
Body = null
Session Attrs = {SPRING_SECURITY_CONTEXT=org.springframework.security.core.context.SecurityContextImpl@ca25360: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ca25360: Principal: org.springframework.security.core.userdetails.User@36ebcb: Username: user; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_USER}
Handler:
Type = es.tododev.fairtasks.rest.UsersController
Method = public es.tododev.fairtasks.dto.User es.tododev.fairtasks.rest.UsersController.get(java.lang.String)
Async:
Async started = false
Async result = null
Resolved Exception:
Type = null
ModelAndView:
View name = null
View = null
Model = null
FlashMap:
Attributes = null
MockHttpServletResponse:
Status = 200
Error message = null
Headers = {Content-Disposition=[inline;filename=f.txt], Content-Type=[application/json;charset=UTF-8], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY]}
Content type = application/json;charset=UTF-8
Body = {"userName":"boy","email":"boy@test.com"}
Forwarded URL = null
Redirected URL = null
Cookies = []
MockHttpServletRequest:
HTTP Method = POST
Request URI = /users
Parameters = {}
Headers = {Content-Type=[application/json;charset=UTF-8], Accept=[application/json]}
Body = {"userName":"userName","email":"email@email.com"}
Session Attrs = {org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository.CSRF_TOKEN=org.springframework.security.web.csrf.DefaultCsrfToken@66944c7c, SPRING_SECURITY_CONTEXT=org.springframework.security.core.context.SecurityContextImpl@ca25360: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ca25360: Principal: org.springframework.security.core.userdetails.User@36ebcb: Username: user; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_USER}
Handler:
Type = null
Async:
Async started = false
Async result = null
Resolved Exception:
Type = null
ModelAndView:
View name = null
View = null
Model = null
FlashMap:
Attributes = null
MockHttpServletResponse:
Status = 403
Error message = Forbidden
Headers = {X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY]}
Content type = null
Body =
Forwarded URL = null
Redirected URL = null
Cookies = []
[ERROR] Tests run: 2, Failures: 1, Errors: 0, Skipped: 0, Time elapsed: 6.155 s <<< FAILURE! - in es.tododev.fairtasks.rest.UsersControllerTest
[ERROR] insertGetModifyDelete(es.tododev.fairtasks.rest.UsersControllerTest) Time elapsed: 0.028 s <<< FAILURE!
java.lang.AssertionError: Status expected:<200> but was:<403>
at es.tododev.fairtasks.rest.UsersControllerTest.insertGetModifyDelete(UsersControllerTest.java:48)
3 个解决方案
解决方案1
20 2019-07-17 05:58:43
我用@AutoConfigureMockMvc(addFilters = false)解决了这个问题。 请确保这不会损害您的 HTTP 堆栈上的其他功能。
解决方案2
19 已采纳 2018-11-20 07:11:09
你可以尝试调试这个程序。我认为问题发生在“mockMvc”对象不是自动连接的。mockMvc 对象应该在程序运行之前从 WebApplicationContext 加载。
@Autowired
private WebApplicationContext webApplicationContext
@Before()
public void setup()
{
//Init MockMvc Object and build
mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext).build();
}
解决方案3
2 2022-12-05 18:10:51
使用 CSRF 保护时,必须提供 CSRF 令牌,否则将返回 403 状态。 我在测试中修复了这个问题,具体方法是根据文档向任何不安全的 HTTP 方法(POST、PUT、DELETE)添加一个 CSRF 令牌。
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
[...]
mvc.perform(post("/").with(csrf()));
mvc.perform(put("/").with(csrf()));
mvc.perform(delete("/").with(csrf()));
angularjs中的Spring Security返回禁止登录的403
[英]Spring security in angularjs returns 403 forbidden for login
单元测试 - 使用 MockMvc 使用 @RequestHeader 和 HashMap 测试 controller
[英]Unit Test - Using MockMvc to test the controller with @RequestHeader with HashMap
Spring Boot 单元测试 MockMVC 抛出 BadRequest 即使存在 API
[英]Spring Boot Unit Test MockMVC throws BadRequest eventhough there exists API for it
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Springboot单元测试MockMvc返回403 Forbidden
Springboot Junit 测试期望 200 但禁止获得 403
AWS SQS - SpringBoot - 403 禁止
SpringBoot:使用Cassandra进行单元测试
SpringBoot 单元测试配置
Spring 过滤器链未应用于单元测试 MockMvc
angularjs中的Spring Security返回禁止登录的403
单元测试 - 使用 MockMvc 使用 @RequestHeader 和 HashMap 测试 controller
使用MockMvc测试SpringBoot
Spring Boot 单元测试 MockMVC 抛出 BadRequest 即使存在 API
相关标签