otherpackage.MyConfigurerTests.java Source code

Java tutorial

  1. HOME
  2. Java
  3. otherpackage.MyConfigurerTests.java

Introduction

Here is the source code for otherpackage.MyConfigurerTests.java

Source

/*
 * Copyright 2002-2015 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package otherpackage;

import static sample.MyConfigurer.*;
import static org.assertj.core.api.Assertions.*;

import java.util.Properties;

import javax.servlet.http.HttpServletResponse;

import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.mock.web.MockFilterChain;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.FilterChainProxy;

/**
 * @author Rob Winch
 *
 */
public class MyConfigurerTests {
    @Autowired
    ConfigurableApplicationContext context;

    @Autowired
    FilterChainProxy springSecurityFilterChain;

    MockHttpServletRequest request;
    MockHttpServletResponse response;
    MockFilterChain chain;

    @Before
    public void setup() {
        request = new MockHttpServletRequest();
        response = new MockHttpServletResponse();
        chain = new MockFilterChain();
        request.setMethod("GET");
    }

    @After
    public void cleanup() {
        if (context != null) {
            context.close();
        }
    }

    @Test
    public void customConfiguerPermitAll() throws Exception {
        loadContext(Config.class);

        request.setPathInfo("/public/something");

        springSecurityFilterChain.doFilter(request, response, chain);

        assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_OK);
    }

    @Test
    public void customConfiguerFormLogin() throws Exception {
        loadContext(Config.class);
        request.setPathInfo("/requires-authentication");

        springSecurityFilterChain.doFilter(request, response, chain);

        assertThat(response.getRedirectedUrl()).endsWith("/custom");
    }

    @Test
    public void customConfiguerCustomizeDisablesCsrf() throws Exception {
        loadContext(ConfigCustomize.class);
        request.setPathInfo("/public/something");
        request.setMethod("POST");

        springSecurityFilterChain.doFilter(request, response, chain);

        assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_OK);
    }

    @Test
    public void customConfiguerCustomizeFormLogin() throws Exception {
        loadContext(ConfigCustomize.class);
        request.setPathInfo("/requires-authentication");

        springSecurityFilterChain.doFilter(request, response, chain);

        assertThat(response.getRedirectedUrl()).endsWith("/other");
    }

    @SuppressWarnings("resource")
    private void loadContext(Class<?> clazz) {
        AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext(clazz);
        context.getAutowireCapableBeanFactory().autowireBean(this);
    }

    @EnableWebSecurity
    static class Config extends WebSecurityConfigurerAdapter {

        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http.apply(myDsl()).loginPage("/custom");
        }

        @Bean
        public static PropertyPlaceholderConfigurer propertyPlaceholderConfigurer() {
            // Typically externalize this as a properties file
            Properties properties = new Properties();
            properties.setProperty("permitAllPattern", "/public/**");

            PropertyPlaceholderConfigurer propertyPlaceholderConfigurer = new PropertyPlaceholderConfigurer();
            propertyPlaceholderConfigurer.setProperties(properties);
            return propertyPlaceholderConfigurer;
        }
    }

    @EnableWebSecurity
    static class ConfigCustomize extends WebSecurityConfigurerAdapter {

        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http.apply(myDsl()).and().csrf().disable().formLogin().loginPage("/other");
        }

        @Bean
        public static PropertyPlaceholderConfigurer propertyPlaceholderConfigurer() {
            // Typically externalize this as a properties file
            Properties properties = new Properties();
            properties.setProperty("permitAllPattern", "/public/**");

            PropertyPlaceholderConfigurer propertyPlaceholderConfigurer = new PropertyPlaceholderConfigurer();
            propertyPlaceholderConfigurer.setProperties(properties);
            return propertyPlaceholderConfigurer;
        }
    }
}