Grails如何对异常执行单元测试

Question

我正在尝试测试该帐户过期异常。

def authfail() {
    String msg = ''
    def exception = session[WebAttributes.AUTHENTICATION_EXCEPTION]

//        println("print exception: ${exception} | ${session} | ${springSecurityService.getCurrentUser()}")
    if (exception) {
        if (exception instanceof AccountExpiredException) {
            msg = message(code: 'springSecurity.errors.login.expired')
        }
        else if (exception instanceof CredentialsExpiredException) {
            msg = message(code: 'springSecurity.errors.login.passwordExpired')
        }
        else if (exception instanceof DisabledException) {
            msg = message(code: 'springSecurity.errors.login.disabled')
        }
        else {
            msg = message(code: 'springSecurity.errors.login.fail')
        }
    }

    if (springSecurityService.isAjax(request)) {
        render([error: msg] as JSON)
    }
    else {
        flash.message = msg
        redirect action: 'auth', params: params
    }
}

我尝试在上面写测试用例，然后才意识到自己被卡住了，因为我不知道如何触发过期的登录，这样才能满足引发AccountExceptionExpired异常的单元测试条件。

void "test authFail"() {

when:
    session."${WebAttributes.AUTHENTICATION_EXCEPTION}" = new AccountExpiredException( 'This account has expired' )
    def logexp = controller.authfail()
then:
    logexp == 'springSecurity.errors.login.expired'
when:
    session."${WebAttributes.AUTHENTICATION_EXCEPTION}" = new CredentialsExpiredException( 'This credentials have expired' )
    def passexp = controller.authfail()
then:
    passexp == 'springSecurity.errors.login.passwordExpired'
when:
    session."${WebAttributes.AUTHENTICATION_EXCEPTION}" = new DisabledException( 'The account is disabled' )
    def logdis = controller.authfail()
then:
    logdis == 'springSecurity.errors.login.disabled'
when:
    session."${WebAttributes.AUTHENTICATION_EXCEPTION}" = new UnsupportedOperationException( 'Sorry, we were not able to find a user with that username and password.' )
    def logfail = controller.authfail()
then:
    logfail == 'springSecurity.errors.login.fail'
when:
    controller.authfail()
then:
    1 * springSecurityService.isAjax( _ ) >> true
    controller.response.json == [error :'springSecurity.errors.login.fail']

    }
}

Answer 1

以下将测试您的大多数方法：

import grails.plugin.springsecurity.SpringSecurityService
import grails.test.mixin.TestFor
import org.springframework.security.authentication.AccountExpiredException
import org.springframework.security.authentication.CredentialsExpiredException
import org.springframework.security.authentication.DisabledException
import org.springframework.security.web.WebAttributes
import spock.lang.Specification

@TestFor(YourController)
class YourControllerSpec extends Specification {

def springSecurityService = Mock( SpringSecurityService )

void setup() {
    controller.springSecurityService = springSecurityService
}

void "test authFail"() {
    given:
        session."${WebAttributes.AUTHENTICATION_EXCEPTION}" = new AccountExpiredException( 'This account has expired' )
    when:
        controller.authfail()
    then:
        flash.message == 'springSecurity.errors.login.expired'
    when:
        session."${WebAttributes.AUTHENTICATION_EXCEPTION}" = new CredentialsExpiredException( 'This credentials have expired' )
        controller.authfail()
    then:
        flash.message == 'springSecurity.errors.login.passwordExpired'
    when:
        session."${WebAttributes.AUTHENTICATION_EXCEPTION}" = new DisabledException( 'The account is disabled' )
        controller.authfail()
    then:
        flash.message == 'springSecurity.errors.login.disabled'
    when:
        session."${WebAttributes.AUTHENTICATION_EXCEPTION}" = new UnsupportedOperationException( 'Bad stuff' )
        controller.authfail()
    then:
        flash.message == 'springSecurity.errors.login.fail'
    when:
        controller.authfail()
    then:
        1 * springSecurityService.isAjax( _ ) >> true
        response.json == [error :'springSecurity.errors.login.fail']
}
}

会话只是一个映射，我们向其中添加了字符串常量的键和异常的值。 对于所有测试，除最后一个测试外，我们都进入最后一个else块，在最终测试中，我们为“ isAjax”返回true。

Answer 2

虽然这不是Grails，但它是SpringBoot 2.0。

如果将failureHandler暴露为bean，则可以对其进行监视。

@SpyBean
AuthenticationFailureHandler failureHandler;

并简单地验证是否已引发异常

Mockito.verify(failureHandler).onAuthenticationFailure(
    any(),
    any(),
    any(AccountExpiredException.class)
);

一个简单的测试如下所示：

@Test
public void accountExpired() throws Exception {
    doReturn(user
        .username("expired")
        .accountExpired(true)
        .build()
    ).when(userDetailsService).loadUserByUsername(any(String.class));
    mvc.perform(
        MockMvcRequestBuilders.post("/login")
            .param("username", "expired")
            .param("password", "password")
    )
        .andExpect(status().is4xxClientError())
        .andExpect(unauthenticated())
    ;
    Mockito.verify(failureHandler).onAuthenticationFailure(
        any(),
        any(),
        any(AccountExpiredException.class)
    );
}

所有示例均位于https://github.com/fhanik/spring-security-community/