/*
* Copyright 2002-2014 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.test.context.support;
import java.lang.annotation.Annotation;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.AnnotationAwareOrderComparator;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.test.context.TestSecurityContextHolder;
import org.springframework.test.context.TestContext;
import org.springframework.test.context.TestExecutionListener;
import org.springframework.test.context.jdbc.SqlScriptsTestExecutionListener;
import org.springframework.test.context.support.AbstractTestExecutionListener;
import org.springframework.util.ReflectionUtils;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
@RunWith(MockitoJUnitRunner.class)
public class WithSecurityContextTestExcecutionListenerTests {
private ConfigurableApplicationContext context;
@Mock
private TestContext testContext;
private WithSecurityContextTestExecutionListener listener;
@Before
public void setup() {
listener = new WithSecurityContextTestExecutionListener();
context = new AnnotationConfigApplicationContext(Config.class);
}
@After
public void cleanup() {
TestSecurityContextHolder.clearContext();
if (context != null) {
context.close();
}
}
@Test
@SuppressWarnings({ "rawtypes", "unchecked" })
public void beforeTestMethodNullSecurityContextNoError() throws Exception {
Class testClass = FakeTest.class;
when(testContext.getApplicationContext()).thenReturn(context);
when(testContext.getTestClass()).thenReturn(testClass);
when(testContext.getTestMethod()).thenReturn(
ReflectionUtils.findMethod(testClass, "testNoAnnotation"));
listener.beforeTestMethod(testContext);
}
@Test
@SuppressWarnings({ "rawtypes", "unchecked" })
public void beforeTestMethodNoApplicationContext() throws Exception {
Class testClass = FakeTest.class;
when(testContext.getApplicationContext()).thenThrow(new IllegalStateException());
when(testContext.getTestClass()).thenReturn(testClass);
when(testContext.getTestMethod()).thenReturn(
ReflectionUtils.findMethod(testClass, "testWithMockUser"));
listener.beforeTestMethod(testContext);
assertThat(TestSecurityContextHolder.getContext().getAuthentication().getName())
.isEqualTo("user");
}
// gh-3962
@Test
public void withSecurityContextAfterSqlScripts() {
SqlScriptsTestExecutionListener sql = new SqlScriptsTestExecutionListener();
WithSecurityContextTestExecutionListener security = new WithSecurityContextTestExecutionListener();
List<? extends TestExecutionListener> listeners = Arrays.asList(security, sql);
AnnotationAwareOrderComparator.sort(listeners);
assertThat(listeners).containsExactly(sql, security);
}
// SEC-2709
@Test
public void orderOverridden() {
AbstractTestExecutionListener otherListener = new AbstractTestExecutionListener() {
};
List<TestExecutionListener> listeners = new ArrayList<TestExecutionListener>();
listeners.add(otherListener);
listeners.add(this.listener);
AnnotationAwareOrderComparator.sort(listeners);
assertThat(listeners).containsSequence(this.listener, otherListener);
}
@Test
// gh-3837
public void handlesGenericAnnotation() throws Exception {
Method method = ReflectionUtils.findMethod(
WithSecurityContextTestExcecutionListenerTests.class,
"handlesGenericAnnotationTestMethod");
TestContext testContext = mock(TestContext.class);
when(testContext.getTestMethod()).thenReturn(method);
when(testContext.getApplicationContext())
.thenThrow(new IllegalStateException(""));
this.listener.beforeTestMethod(testContext);
assertThat(SecurityContextHolder.getContext().getAuthentication().getPrincipal())
.isInstanceOf(WithSuperClassWithSecurityContext.class);
}
@WithSuperClassWithSecurityContext
public void handlesGenericAnnotationTestMethod() {
}
@Retention(RetentionPolicy.RUNTIME)
@WithSecurityContext(factory = SuperClassWithSecurityContextFactory.class)
@interface WithSuperClassWithSecurityContext {
String username() default "WithSuperClassWithSecurityContext";
}
static class SuperClassWithSecurityContextFactory
implements WithSecurityContextFactory<Annotation> {
@Override
public SecurityContext createSecurityContext(Annotation annotation) {
SecurityContext context = SecurityContextHolder.createEmptyContext();
context.setAuthentication(new TestingAuthenticationToken(annotation, "NA"));
return context;
}
}
static class FakeTest {
public void testNoAnnotation() {
}
@WithMockUser
public void testWithMockUser() {
}
}
@Configuration
static class Config {
}
}