Migrate to assertThatExceptionOfType
Consistently use `assertThatExceptionOfType(...).isThrownBy(...)` rather than `assertThatCode` or `assertThatThrownBy`. This aligns with Spring Boot and Spring Cloud. It also allows the convenience `assertThatIllegalArgument` and `assertThatIllegalState` methods to be used. Issue gh-8945
This commit is contained in:
@@ -47,7 +47,7 @@ import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
|
||||
import org.springframework.security.web.savedrequest.SavedRequest;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatThrownBy;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.fail;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.willThrow;
|
||||
@@ -282,8 +282,8 @@ public class ExceptionTranslationFilterTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
ExceptionTranslationFilter filter = new ExceptionTranslationFilter(this.mockEntryPoint);
|
||||
assertThatThrownBy(() -> filter.doFilter(request, response, chain)).isInstanceOf(ServletException.class)
|
||||
.hasCauseInstanceOf(AccessDeniedException.class);
|
||||
assertThatExceptionOfType(ServletException.class).isThrownBy(() -> filter.doFilter(request, response, chain))
|
||||
.withCauseInstanceOf(AccessDeniedException.class);
|
||||
verifyZeroInteractions(this.mockEntryPoint);
|
||||
}
|
||||
|
||||
|
||||
@@ -19,7 +19,7 @@ package org.springframework.security.web.access.intercept;
|
||||
import org.junit.Test;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatThrownBy;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
@@ -64,8 +64,8 @@ public class RequestKeyTests {
|
||||
*/
|
||||
@Test
|
||||
public void keysWithNullUrlFailsAssertion() {
|
||||
assertThatThrownBy(() -> new RequestKey(null, null)).isInstanceOf(IllegalArgumentException.class)
|
||||
.hasMessage("url cannot be null");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new RequestKey(null, null))
|
||||
.withMessage("url cannot be null");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -18,7 +18,7 @@ package org.springframework.security.web.authentication.switchuser;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThatThrownBy;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Clement Ng
|
||||
@@ -26,20 +26,16 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy;
|
||||
*/
|
||||
public class SwitchUserGrantedAuthorityTests {
|
||||
|
||||
/**
|
||||
*/
|
||||
@Test
|
||||
public void authorityWithNullRoleFailsAssertion() {
|
||||
assertThatThrownBy(() -> new SwitchUserGrantedAuthority(null, null))
|
||||
.isInstanceOf(IllegalArgumentException.class).hasMessage("role cannot be null");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new SwitchUserGrantedAuthority(null, null))
|
||||
.withMessage("role cannot be null");
|
||||
}
|
||||
|
||||
/**
|
||||
*/
|
||||
@Test
|
||||
public void authorityWithNullSourceFailsAssertion() {
|
||||
assertThatThrownBy(() -> new SwitchUserGrantedAuthority("role", null))
|
||||
.isInstanceOf(IllegalArgumentException.class).hasMessage("source cannot be null");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new SwitchUserGrantedAuthority("role", null))
|
||||
.withMessage("source cannot be null");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -37,7 +37,8 @@ import org.springframework.web.context.ContextLoaderListener;
|
||||
import org.springframework.web.filter.DelegatingFilterProxy;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatCode;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalStateException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.anyString;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
@@ -145,10 +146,9 @@ public class AbstractSecurityWebApplicationInitializerTests {
|
||||
@Test
|
||||
public void onStartupWhenSpringSecurityFilterChainAlreadyRegisteredThenException() {
|
||||
ServletContext context = mock(ServletContext.class);
|
||||
assertThatCode(() -> new AbstractSecurityWebApplicationInitializer() {
|
||||
}.onStartup(context)).isInstanceOf(IllegalStateException.class)
|
||||
.hasMessage("Duplicate Filter registration for 'springSecurityFilterChain'. "
|
||||
+ "Check to ensure the Filter is only configured once.");
|
||||
assertThatIllegalStateException().isThrownBy(() -> new AbstractSecurityWebApplicationInitializer() {
|
||||
}.onStartup(context)).withMessage("Duplicate Filter registration for 'springSecurityFilterChain'. "
|
||||
+ "Check to ensure the Filter is only configured once.");
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -182,13 +182,15 @@ public class AbstractSecurityWebApplicationInitializerTests {
|
||||
FilterRegistration.Dynamic registration = mock(FilterRegistration.Dynamic.class);
|
||||
ArgumentCaptor<DelegatingFilterProxy> proxyCaptor = ArgumentCaptor.forClass(DelegatingFilterProxy.class);
|
||||
given(context.addFilter(eq("springSecurityFilterChain"), proxyCaptor.capture())).willReturn(registration);
|
||||
assertThatCode(() -> new AbstractSecurityWebApplicationInitializer() {
|
||||
assertThatIllegalStateException().isThrownBy(() -> new AbstractSecurityWebApplicationInitializer() {
|
||||
|
||||
@Override
|
||||
protected void afterSpringSecurityFilterChain(ServletContext servletContext) {
|
||||
insertFilters(context, filter1);
|
||||
}
|
||||
}.onStartup(context)).isInstanceOf(IllegalStateException.class).hasMessage(
|
||||
"Duplicate Filter registration for 'object'. " + "Check to ensure the Filter is only configured once.");
|
||||
|
||||
}.onStartup(context)).withMessage(
|
||||
"Duplicate Filter registration for 'object'. Check to ensure the Filter is only configured once.");
|
||||
assertProxyDefaults(proxyCaptor.getValue());
|
||||
verify(registration).addMappingForUrlPatterns(DEFAULT_DISPATCH, false, "/*");
|
||||
verify(context).addFilter(anyString(), eq(filter1));
|
||||
@@ -200,13 +202,14 @@ public class AbstractSecurityWebApplicationInitializerTests {
|
||||
FilterRegistration.Dynamic registration = mock(FilterRegistration.Dynamic.class);
|
||||
ArgumentCaptor<DelegatingFilterProxy> proxyCaptor = ArgumentCaptor.forClass(DelegatingFilterProxy.class);
|
||||
given(context.addFilter(eq("springSecurityFilterChain"), proxyCaptor.capture())).willReturn(registration);
|
||||
assertThatCode(() -> new AbstractSecurityWebApplicationInitializer() {
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new AbstractSecurityWebApplicationInitializer() {
|
||||
|
||||
@Override
|
||||
protected void afterSpringSecurityFilterChain(ServletContext servletContext) {
|
||||
insertFilters(context);
|
||||
}
|
||||
}.onStartup(context)).isInstanceOf(IllegalArgumentException.class)
|
||||
.hasMessage("filters cannot be null or empty");
|
||||
|
||||
}.onStartup(context)).withMessage("filters cannot be null or empty");
|
||||
assertProxyDefaults(proxyCaptor.getValue());
|
||||
}
|
||||
|
||||
@@ -218,13 +221,14 @@ public class AbstractSecurityWebApplicationInitializerTests {
|
||||
ArgumentCaptor<DelegatingFilterProxy> proxyCaptor = ArgumentCaptor.forClass(DelegatingFilterProxy.class);
|
||||
given(context.addFilter(eq("springSecurityFilterChain"), proxyCaptor.capture())).willReturn(registration);
|
||||
given(context.addFilter(anyString(), eq(filter))).willReturn(registration);
|
||||
assertThatCode(() -> new AbstractSecurityWebApplicationInitializer() {
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new AbstractSecurityWebApplicationInitializer() {
|
||||
|
||||
@Override
|
||||
protected void afterSpringSecurityFilterChain(ServletContext servletContext) {
|
||||
insertFilters(context, filter, null);
|
||||
}
|
||||
}.onStartup(context)).isInstanceOf(IllegalArgumentException.class)
|
||||
.hasMessageContaining("filters cannot contain null values");
|
||||
|
||||
}.onStartup(context)).withMessageContaining("filters cannot contain null values");
|
||||
verify(context, times(2)).addFilter(anyString(), any(Filter.class));
|
||||
}
|
||||
|
||||
@@ -258,12 +262,14 @@ public class AbstractSecurityWebApplicationInitializerTests {
|
||||
FilterRegistration.Dynamic registration = mock(FilterRegistration.Dynamic.class);
|
||||
ArgumentCaptor<DelegatingFilterProxy> proxyCaptor = ArgumentCaptor.forClass(DelegatingFilterProxy.class);
|
||||
given(context.addFilter(eq("springSecurityFilterChain"), proxyCaptor.capture())).willReturn(registration);
|
||||
assertThatCode(() -> new AbstractSecurityWebApplicationInitializer() {
|
||||
assertThatIllegalStateException().isThrownBy(() -> new AbstractSecurityWebApplicationInitializer() {
|
||||
|
||||
@Override
|
||||
protected void afterSpringSecurityFilterChain(ServletContext servletContext) {
|
||||
appendFilters(context, filter1);
|
||||
}
|
||||
}.onStartup(context)).isInstanceOf(IllegalStateException.class).hasMessage(
|
||||
|
||||
}.onStartup(context)).withMessage(
|
||||
"Duplicate Filter registration for 'object'. " + "Check to ensure the Filter is only configured once.");
|
||||
assertProxyDefaults(proxyCaptor.getValue());
|
||||
verify(registration).addMappingForUrlPatterns(DEFAULT_DISPATCH, false, "/*");
|
||||
@@ -276,13 +282,14 @@ public class AbstractSecurityWebApplicationInitializerTests {
|
||||
FilterRegistration.Dynamic registration = mock(FilterRegistration.Dynamic.class);
|
||||
ArgumentCaptor<DelegatingFilterProxy> proxyCaptor = ArgumentCaptor.forClass(DelegatingFilterProxy.class);
|
||||
given(context.addFilter(eq("springSecurityFilterChain"), proxyCaptor.capture())).willReturn(registration);
|
||||
assertThatCode(() -> new AbstractSecurityWebApplicationInitializer() {
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new AbstractSecurityWebApplicationInitializer() {
|
||||
|
||||
@Override
|
||||
protected void afterSpringSecurityFilterChain(ServletContext servletContext) {
|
||||
appendFilters(context);
|
||||
}
|
||||
}.onStartup(context)).isInstanceOf(IllegalArgumentException.class)
|
||||
.hasMessage("filters cannot be null or empty");
|
||||
|
||||
}.onStartup(context)).withMessage("filters cannot be null or empty");
|
||||
assertProxyDefaults(proxyCaptor.getValue());
|
||||
}
|
||||
|
||||
@@ -294,13 +301,14 @@ public class AbstractSecurityWebApplicationInitializerTests {
|
||||
ArgumentCaptor<DelegatingFilterProxy> proxyCaptor = ArgumentCaptor.forClass(DelegatingFilterProxy.class);
|
||||
given(context.addFilter(eq("springSecurityFilterChain"), proxyCaptor.capture())).willReturn(registration);
|
||||
given(context.addFilter(anyString(), eq(filter))).willReturn(registration);
|
||||
assertThatCode(() -> new AbstractSecurityWebApplicationInitializer() {
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new AbstractSecurityWebApplicationInitializer() {
|
||||
|
||||
@Override
|
||||
protected void afterSpringSecurityFilterChain(ServletContext servletContext) {
|
||||
appendFilters(context, filter, null);
|
||||
}
|
||||
}.onStartup(context)).isInstanceOf(IllegalArgumentException.class)
|
||||
.hasMessageContaining("filters cannot contain null values");
|
||||
|
||||
}.onStartup(context)).withMessageContaining("filters cannot contain null values");
|
||||
verify(context, times(2)).addFilter(anyString(), any(Filter.class));
|
||||
}
|
||||
|
||||
|
||||
@@ -26,8 +26,7 @@ import org.junit.Test;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThatCode;
|
||||
import static org.assertj.core.api.Assertions.assertThatThrownBy;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.fail;
|
||||
|
||||
/**
|
||||
@@ -46,32 +45,32 @@ public class StrictHttpFirewallTests {
|
||||
@Test
|
||||
public void getFirewalledRequestWhenInvalidMethodThenThrowsRequestRejectedException() {
|
||||
this.request.setMethod("INVALID");
|
||||
assertThatThrownBy(() -> this.firewall.getFirewalledRequest(this.request))
|
||||
.isInstanceOf(RequestRejectedException.class);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
// blocks XST attacks
|
||||
@Test
|
||||
public void getFirewalledRequestWhenTraceMethodThenThrowsRequestRejectedException() {
|
||||
this.request.setMethod(HttpMethod.TRACE.name());
|
||||
assertThatThrownBy(() -> this.firewall.getFirewalledRequest(this.request))
|
||||
.isInstanceOf(RequestRejectedException.class);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test
|
||||
// blocks XST attack if request is forwarded to a Microsoft IIS web server
|
||||
public void getFirewalledRequestWhenTrackMethodThenThrowsRequestRejectedException() {
|
||||
this.request.setMethod("TRACK");
|
||||
assertThatThrownBy(() -> this.firewall.getFirewalledRequest(this.request))
|
||||
.isInstanceOf(RequestRejectedException.class);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test
|
||||
// HTTP methods are case sensitive
|
||||
public void getFirewalledRequestWhenLowercaseGetThenThrowsRequestRejectedException() {
|
||||
this.request.setMethod("get");
|
||||
assertThatThrownBy(() -> this.firewall.getFirewalledRequest(this.request))
|
||||
.isInstanceOf(RequestRejectedException.class);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -79,7 +78,7 @@ public class StrictHttpFirewallTests {
|
||||
List<String> allowedMethods = Arrays.asList("DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT");
|
||||
for (String allowedMethod : allowedMethods) {
|
||||
this.request = new MockHttpServletRequest(allowedMethod, "");
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(this.request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -87,7 +86,7 @@ public class StrictHttpFirewallTests {
|
||||
public void getFirewalledRequestWhenInvalidMethodAndAnyMethodThenNoException() {
|
||||
this.firewall.setUnsafeAllowAnyHttpMethod(true);
|
||||
this.request.setMethod("INVALID");
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(this.request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -419,7 +418,7 @@ public class StrictHttpFirewallTests {
|
||||
request.setContextPath("/context-root");
|
||||
request.setServletPath("");
|
||||
request.setPathInfo("/a/b//c");
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(request);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -431,7 +430,7 @@ public class StrictHttpFirewallTests {
|
||||
request.setContextPath("/context-root");
|
||||
request.setServletPath("");
|
||||
request.setPathInfo("/a/b//c");
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(request);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -443,7 +442,7 @@ public class StrictHttpFirewallTests {
|
||||
request.setContextPath("/context-root");
|
||||
request.setServletPath("");
|
||||
request.setPathInfo("/a/b//c");
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(request);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -455,7 +454,7 @@ public class StrictHttpFirewallTests {
|
||||
request.setContextPath("/context-root");
|
||||
request.setServletPath("");
|
||||
request.setPathInfo("/a/b//c");
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(request);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -464,7 +463,7 @@ public class StrictHttpFirewallTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("GET", "");
|
||||
request.setRequestURI("/context-root/a/b%2F%2Fc");
|
||||
this.firewall.getEncodedUrlBlacklist().removeAll(Arrays.asList("%2F%2F"));
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(request);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -473,7 +472,7 @@ public class StrictHttpFirewallTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("GET", "");
|
||||
request.setRequestURI("/context-root/a/b%2f%2fc");
|
||||
this.firewall.getEncodedUrlBlacklist().removeAll(Arrays.asList("%2f%2f"));
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(request);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -482,7 +481,7 @@ public class StrictHttpFirewallTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("GET", "");
|
||||
request.setRequestURI("/context-root/a/b%2f%2Fc");
|
||||
this.firewall.getEncodedUrlBlacklist().removeAll(Arrays.asList("%2f%2F"));
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(request);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -491,7 +490,7 @@ public class StrictHttpFirewallTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("GET", "");
|
||||
request.setRequestURI("/context-root/a/b%2F%2fc");
|
||||
this.firewall.getEncodedUrlBlacklist().removeAll(Arrays.asList("%2F%2f"));
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(request);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -499,7 +498,7 @@ public class StrictHttpFirewallTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("GET", "");
|
||||
request.setPathInfo("/a/b//c");
|
||||
this.firewall.getDecodedUrlBlacklist().removeAll(Arrays.asList("//"));
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(request);
|
||||
}
|
||||
|
||||
// blocklist
|
||||
@@ -509,7 +508,7 @@ public class StrictHttpFirewallTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("GET", "");
|
||||
request.setRequestURI("/context-root/a/b%2F%2Fc");
|
||||
this.firewall.getEncodedUrlBlocklist().removeAll(Arrays.asList("%2F%2F"));
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(request);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -518,7 +517,7 @@ public class StrictHttpFirewallTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("GET", "");
|
||||
request.setRequestURI("/context-root/a/b%2f%2fc");
|
||||
this.firewall.getEncodedUrlBlocklist().removeAll(Arrays.asList("%2f%2f"));
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(request);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -527,7 +526,7 @@ public class StrictHttpFirewallTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("GET", "");
|
||||
request.setRequestURI("/context-root/a/b%2f%2Fc");
|
||||
this.firewall.getEncodedUrlBlocklist().removeAll(Arrays.asList("%2f%2F"));
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(request);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -536,7 +535,7 @@ public class StrictHttpFirewallTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("GET", "");
|
||||
request.setRequestURI("/context-root/a/b%2F%2fc");
|
||||
this.firewall.getEncodedUrlBlocklist().removeAll(Arrays.asList("%2F%2f"));
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(request);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -544,14 +543,14 @@ public class StrictHttpFirewallTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("GET", "");
|
||||
request.setPathInfo("/a/b//c");
|
||||
this.firewall.getDecodedUrlBlocklist().removeAll(Arrays.asList("//"));
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(request);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void getFirewalledRequestWhenTrustedDomainThenNoException() {
|
||||
this.request.addHeader("Host", "example.org");
|
||||
this.firewall.setAllowedHostnames((hostname) -> hostname.equals("example.org"));
|
||||
assertThatCode(() -> this.firewall.getFirewalledRequest(this.request)).doesNotThrowAnyException();
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
|
||||
@@ -26,7 +26,7 @@ import org.junit.Test;
|
||||
|
||||
import org.springframework.security.web.header.HeaderWriter;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThatCode;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
|
||||
@@ -52,8 +52,7 @@ public class CompositeHeaderWriterTests {
|
||||
|
||||
@Test
|
||||
public void constructorWhenPassingEmptyListThenThrowsException() {
|
||||
assertThatCode(() -> new CompositeHeaderWriter(Collections.emptyList()))
|
||||
.isInstanceOf(IllegalArgumentException.class);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new CompositeHeaderWriter(Collections.emptyList()));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -23,7 +23,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatThrownBy;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* Tests for {@link FeaturePolicyHeaderWriter}.
|
||||
@@ -59,14 +59,14 @@ public class FeaturePolicyHeaderWriterTests {
|
||||
|
||||
@Test
|
||||
public void createWriterWithNullDirectivesShouldThrowException() {
|
||||
assertThatThrownBy(() -> new FeaturePolicyHeaderWriter(null)).isInstanceOf(IllegalArgumentException.class)
|
||||
.hasMessage("policyDirectives must not be null or empty");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new FeaturePolicyHeaderWriter(null))
|
||||
.withMessage("policyDirectives must not be null or empty");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void createWriterWithEmptyDirectivesShouldThrowException() {
|
||||
assertThatThrownBy(() -> new FeaturePolicyHeaderWriter("")).isInstanceOf(IllegalArgumentException.class)
|
||||
.hasMessage("policyDirectives must not be null or empty");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new FeaturePolicyHeaderWriter(""))
|
||||
.withMessage("policyDirectives must not be null or empty");
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -40,7 +40,7 @@ import org.springframework.web.reactive.BindingContext;
|
||||
import org.springframework.web.server.ServerWebExchange;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatThrownBy;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
@@ -183,7 +183,7 @@ public class AuthenticationPrincipalArgumentResolverTests {
|
||||
given(this.authentication.getPrincipal()).willReturn("user");
|
||||
Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange)
|
||||
.subscriberContext(ReactiveSecurityContextHolder.withAuthentication(this.authentication));
|
||||
assertThatThrownBy(() -> argument.block()).isInstanceOf(ClassCastException.class);
|
||||
assertThatExceptionOfType(ClassCastException.class).isThrownBy(() -> argument.block());
|
||||
}
|
||||
|
||||
void authenticationPrincipal(@AuthenticationPrincipal String principal,
|
||||
|
||||
@@ -27,7 +27,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatThrownBy;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Zeeshan Adnan
|
||||
@@ -61,8 +61,7 @@ public class CookieRequestCacheTests {
|
||||
@Test
|
||||
public void setRequestMatcherWhenRequestMatcherIsSetNullThenThrowsIllegalArgumentException() {
|
||||
CookieRequestCache cookieRequestCache = new CookieRequestCache();
|
||||
assertThatThrownBy(() -> cookieRequestCache.setRequestMatcher(null))
|
||||
.isInstanceOf(IllegalArgumentException.class);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> cookieRequestCache.setRequestMatcher(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -29,7 +29,8 @@ import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatCode;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.assertThatNullPointerException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
|
||||
@@ -82,13 +83,13 @@ public class AuthenticationConverterServerWebExchangeMatcherTests {
|
||||
@Test
|
||||
public void matchesWhenNullThenThrowsException() {
|
||||
given(this.converter.convert(any())).willReturn(null);
|
||||
assertThatCode(() -> this.matcher.matches(this.exchange).block()).isInstanceOf(NullPointerException.class);
|
||||
assertThatNullPointerException().isThrownBy(() -> this.matcher.matches(this.exchange).block());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void matchesWhenExceptionThenPropagates() {
|
||||
given(this.converter.convert(any())).willThrow(RuntimeException.class);
|
||||
assertThatCode(() -> this.matcher.matches(this.exchange).block()).isInstanceOf(RuntimeException.class);
|
||||
assertThatExceptionOfType(RuntimeException.class).isThrownBy(() -> this.matcher.matches(this.exchange).block());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -33,7 +33,7 @@ import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.server.WebFilterExchange;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatThrownBy;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
|
||||
@@ -68,16 +68,14 @@ public class DelegatingServerAuthenticationSuccessHandlerTests {
|
||||
|
||||
@Test
|
||||
public void constructorWhenNullThenIllegalArgumentException() {
|
||||
assertThatThrownBy(
|
||||
() -> new DelegatingServerAuthenticationSuccessHandler((ServerAuthenticationSuccessHandler[]) null))
|
||||
.isInstanceOf(IllegalArgumentException.class);
|
||||
assertThatIllegalArgumentException().isThrownBy(
|
||||
() -> new DelegatingServerAuthenticationSuccessHandler((ServerAuthenticationSuccessHandler[]) null));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenEmptyThenIllegalArgumentException() {
|
||||
assertThatThrownBy(
|
||||
() -> new DelegatingServerAuthenticationSuccessHandler(new ServerAuthenticationSuccessHandler[0]))
|
||||
.isInstanceOf(IllegalArgumentException.class);
|
||||
assertThatIllegalArgumentException().isThrownBy(
|
||||
() -> new DelegatingServerAuthenticationSuccessHandler(new ServerAuthenticationSuccessHandler[0]));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -34,7 +34,7 @@ import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.server.WebFilterExchange;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatThrownBy;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
|
||||
@@ -71,23 +71,23 @@ public class DelegatingServerLogoutHandlerTests {
|
||||
|
||||
@Test
|
||||
public void constructorWhenNullVargsThenIllegalArgumentException() {
|
||||
assertThatThrownBy(() -> new DelegatingServerLogoutHandler((ServerLogoutHandler[]) null))
|
||||
.isExactlyInstanceOf(IllegalArgumentException.class).hasMessage("delegates cannot be null or empty")
|
||||
.hasNoCause();
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new DelegatingServerLogoutHandler((ServerLogoutHandler[]) null))
|
||||
.withMessage("delegates cannot be null or empty").withNoCause();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenNullListThenIllegalArgumentException() {
|
||||
assertThatThrownBy(() -> new DelegatingServerLogoutHandler((List<ServerLogoutHandler>) null))
|
||||
.isExactlyInstanceOf(IllegalArgumentException.class).hasMessage("delegates cannot be null or empty")
|
||||
.hasNoCause();
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new DelegatingServerLogoutHandler((List<ServerLogoutHandler>) null))
|
||||
.withMessage("delegates cannot be null or empty").withNoCause();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenEmptyThenIllegalArgumentException() {
|
||||
assertThatThrownBy(() -> new DelegatingServerLogoutHandler(new ServerLogoutHandler[0]))
|
||||
.isExactlyInstanceOf(IllegalArgumentException.class).hasMessage("delegates cannot be null or empty")
|
||||
.hasNoCause();
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new DelegatingServerLogoutHandler(new ServerLogoutHandler[0]))
|
||||
.withMessage("delegates cannot be null or empty").withNoCause();
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -32,7 +32,8 @@ import org.springframework.web.server.ServerWebExchange;
|
||||
import org.springframework.web.server.WebFilterChain;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatCode;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalStateException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
@@ -110,8 +111,7 @@ public class HttpsRedirectWebFilterTests {
|
||||
@Test
|
||||
public void filterWhenRequestIsInsecureAndNoPortMappingThenThrowsIllegalState() {
|
||||
ServerWebExchange exchange = get("http://localhost:1234");
|
||||
assertThatCode(() -> this.filter.filter(exchange, this.chain).block())
|
||||
.isInstanceOf(IllegalStateException.class);
|
||||
assertThatIllegalStateException().isThrownBy(() -> this.filter.filter(exchange, this.chain).block());
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -124,13 +124,12 @@ public class HttpsRedirectWebFilterTests {
|
||||
|
||||
@Test
|
||||
public void setRequiresTransportSecurityMatcherWhenSetWithNullValueThenThrowsIllegalArgument() {
|
||||
assertThatCode(() -> this.filter.setRequiresHttpsRedirectMatcher(null))
|
||||
.isInstanceOf(IllegalArgumentException.class);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.filter.setRequiresHttpsRedirectMatcher(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void setPortMapperWhenSetWithNullValueThenThrowsIllegalArgument() {
|
||||
assertThatCode(() -> this.filter.setPortMapper(null)).isInstanceOf(IllegalArgumentException.class);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.filter.setPortMapper(null));
|
||||
}
|
||||
|
||||
private String redirectedUrl(ServerWebExchange exchange) {
|
||||
|
||||
@@ -22,7 +22,7 @@ import org.junit.Test;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatCode;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
@@ -92,18 +92,17 @@ public class IpAddressMatcherTests {
|
||||
@Test
|
||||
public void ipv4RequiredAddressMaskTooLongThenIllegalArgumentException() {
|
||||
String ipv4AddressWithTooLongMask = "192.168.1.104/33";
|
||||
assertThatCode(() -> new IpAddressMatcher(ipv4AddressWithTooLongMask))
|
||||
.isInstanceOf(IllegalArgumentException.class).hasMessage(
|
||||
String.format("IP address %s is too short for bitmask of " + "length %d", "192.168.1.104", 33));
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new IpAddressMatcher(ipv4AddressWithTooLongMask))
|
||||
.withMessage(String.format("IP address %s is too short for bitmask of length %d", "192.168.1.104", 33));
|
||||
}
|
||||
|
||||
// SEC-2576
|
||||
@Test
|
||||
public void ipv6RequiredAddressMaskTooLongThenIllegalArgumentException() {
|
||||
String ipv6AddressWithTooLongMask = "fe80::21f:5bff:fe33:bd68/129";
|
||||
assertThatCode(() -> new IpAddressMatcher(ipv6AddressWithTooLongMask))
|
||||
.isInstanceOf(IllegalArgumentException.class).hasMessage(String.format(
|
||||
"IP address %s is too short for bitmask of " + "length %d", "fe80::21f:5bff:fe33:bd68", 129));
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new IpAddressMatcher(ipv6AddressWithTooLongMask))
|
||||
.withMessage(String.format("IP address %s is too short for bitmask of length %d",
|
||||
"fe80::21f:5bff:fe33:bd68", 129));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user