Removal of jmock test dependency and upgrading of mockito version to 1.8.5. Minor adjustments to other build deps and configurations (e.g. prevent groovy from being used as a transitive dep, since we only use it for tests).

This commit is contained in:
Luke Taylor
2010-08-18 02:32:43 +01:00
parent aafc5f9038
commit 3c02989d67
22 changed files with 215 additions and 398 deletions

View File

@@ -15,13 +15,12 @@
package org.springframework.security.web.access.intercept;
import java.util.List;
import static org.mockito.Matchers.any;
import static org.mockito.Mockito.*;
import java.util.*;
import javax.servlet.FilterChain;
import org.jmock.Expectations;
import org.jmock.Mockery;
import org.jmock.integration.junit4.JUnit4Mockery;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
@@ -38,17 +37,15 @@ import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
/**
* Tests {@link FilterSecurityInterceptor}.
*
* @author Ben Alex
* @author Luke Taylor
*/
public class FilterSecurityInterceptorTests {
private Mockery jmock = new JUnit4Mockery();
private AuthenticationManager am;
private AccessDecisionManager adm;
private FilterInvocationSecurityMetadataSource ods;
@@ -62,11 +59,11 @@ public class FilterSecurityInterceptorTests {
@Before
public final void setUp() throws Exception {
interceptor = new FilterSecurityInterceptor();
am = jmock.mock(AuthenticationManager.class);
ods = jmock.mock(FilterInvocationSecurityMetadataSource.class);
adm = jmock.mock(AccessDecisionManager.class);
ram = jmock.mock(RunAsManager.class);
publisher = jmock.mock(ApplicationEventPublisher.class);
am = mock(AuthenticationManager.class);
ods = mock(FilterInvocationSecurityMetadataSource.class);
adm = mock(AccessDecisionManager.class);
ram = mock(RunAsManager.class);
publisher = mock(ApplicationEventPublisher.class);
interceptor.setAuthenticationManager(am);
interceptor.setSecurityMetadataSource(ods);
interceptor.setAccessDecisionManager(adm);
@@ -82,19 +79,13 @@ public class FilterSecurityInterceptorTests {
@Test(expected=IllegalArgumentException.class)
public void testEnsuresAccessDecisionManagerSupportsFilterInvocationClass() throws Exception {
jmock.checking(new Expectations() {{
ignoring(ods);
allowing(adm).supports(FilterInvocation.class); will(returnValue(false));
}});
when(adm.supports(FilterInvocation.class)).thenReturn(true);
interceptor.afterPropertiesSet();
}
@Test(expected=IllegalArgumentException.class)
public void testEnsuresRunAsManagerSupportsFilterInvocationClass() throws Exception {
jmock.checking(new Expectations() {{
ignoring(ods);
allowing(ram).supports(FilterInvocation.class); will(returnValue(false));
}});
when(adm.supports(FilterInvocation.class)).thenReturn(false);
interceptor.afterPropertiesSet();
}
@@ -113,19 +104,14 @@ public class FilterSecurityInterceptorTests {
SecurityContextHolder.getContext().setAuthentication(token);
// Create and test our secure object
final FilterChain chain = jmock.mock(FilterChain.class);
final FilterChain chain = mock(FilterChain.class);
final FilterInvocation fi = new FilterInvocation(request, response, chain);
final List<ConfigAttribute> attributes = SecurityConfig.createList("MOCK_OK");
jmock.checking(new Expectations() {{
ignoring(ram);
allowing(ods).getAttributes(fi); will(returnValue(attributes));
oneOf(adm).decide(token, fi, attributes);
// Setup our expectation that the filter chain will be invoked, as access is granted
oneOf(chain).doFilter(request, response);
oneOf(publisher).publishEvent(with(aNonNull(AuthorizedEvent.class)));
}});
when(ods.getAttributes(fi)).thenReturn(attributes);
interceptor.invoke(fi);
verify(publisher).publishEvent(any(AuthorizedEvent.class));
}
}

View File

@@ -16,17 +16,15 @@
package org.springframework.security.web.authentication.rememberme;
import static org.junit.Assert.*;
import static org.mockito.Matchers.any;
import static org.mockito.Mockito.*;
import static org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices.*;
import java.util.Date;
import java.util.*;
import javax.servlet.http.Cookie;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.jmock.Expectations;
import org.jmock.Mockery;
import org.jmock.integration.junit4.JUnit4Mockery;
import org.junit.Before;
import org.junit.Test;
import org.springframework.mock.web.MockHttpServletRequest;
@@ -38,7 +36,6 @@ import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;
import org.springframework.util.StringUtils;
/**
@@ -47,30 +44,27 @@ import org.springframework.util.StringUtils;
* @author Ben Alex
*/
public class TokenBasedRememberMeServicesTests {
private Mockery jmock = new JUnit4Mockery();
private UserDetailsService uds;
private UserDetails user = new User("someone", "password", true, true, true, true,
AuthorityUtils.createAuthorityList("ROLE_ABC"));
private TokenBasedRememberMeServices services;
private Expectations udsWillReturnUser;
private Expectations udsWillThrowNotFound;
//~ Methods ========================================================================================================
@Before
public void createTokenBasedRememberMeServices() {
services = new TokenBasedRememberMeServices();
uds = jmock.mock(UserDetailsService.class);
uds = mock(UserDetailsService.class);
services.setKey("key");
services.setUserDetailsService(uds);
udsWillReturnUser = new Expectations() {{
oneOf(uds).loadUserByUsername(with(aNonNull(String.class))); will(returnValue(user));
}};
udsWillThrowNotFound = new Expectations() {{
oneOf(uds).loadUserByUsername(with(aNonNull(String.class)));
will(throwException(new UsernameNotFoundException("")));
}};
}
void udsWillReturnUser() {
when(uds.loadUserByUsername(any(String.class))).thenReturn(user);
}
void udsWillThrowNotFound() {
when(uds.loadUserByUsername(any(String.class))).thenThrow(new UsernameNotFoundException(""));
}
private long determineExpiryTimeFromBased64EncodedToken(String validToken) {
@@ -79,8 +73,8 @@ public class TokenBasedRememberMeServicesTests {
if (cookieTokens.length == 3) {
try {
return new Long(cookieTokens[1]).longValue();
} catch (NumberFormatException nfe) {}
return Long.parseLong(cookieTokens[1]);
} catch (NumberFormatException ignored) {}
}
return -1;
@@ -89,11 +83,10 @@ public class TokenBasedRememberMeServicesTests {
private String generateCorrectCookieContentForToken(long expiryTime, String username, String password, String key) {
// format is:
// username + ":" + expiryTime + ":" + Md5Hex(username + ":" + expiryTime + ":" + password + ":" + key)
String signatureValue = new String(DigestUtils.md5Hex(username + ":" + expiryTime + ":" + password + ":" + key));
String signatureValue = DigestUtils.md5Hex(username + ":" + expiryTime + ":" + password + ":" + key);
String tokenValue = username + ":" + expiryTime + ":" + signatureValue;
String tokenValueBase64 = new String(Base64.encodeBase64(tokenValue.getBytes()));
return tokenValueBase64;
return new String(Base64.encodeBase64(tokenValue.getBytes()));
}
@Test
@@ -110,7 +103,7 @@ public class TokenBasedRememberMeServicesTests {
public void autoLoginIgnoresUnrelatedCookie() throws Exception {
Cookie cookie = new Cookie("unrelated_cookie", "foobar");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
request.setCookies(cookie);
MockHttpServletResponse response = new MockHttpServletResponse();
Authentication result = services.autoLogin(request, response);
@@ -124,7 +117,7 @@ public class TokenBasedRememberMeServicesTests {
Cookie cookie = new Cookie(SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
generateCorrectCookieContentForToken(System.currentTimeMillis() - 1000000, "someone", "password", "key"));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
request.setCookies(cookie);
MockHttpServletResponse response = new MockHttpServletResponse();
@@ -139,7 +132,7 @@ public class TokenBasedRememberMeServicesTests {
Cookie cookie = new Cookie(SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
new String(Base64.encodeBase64("x".getBytes())));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
request.setCookies(cookie);
MockHttpServletResponse response = new MockHttpServletResponse();
assertNull(services.autoLogin(request, response));
@@ -154,7 +147,7 @@ public class TokenBasedRememberMeServicesTests {
Cookie cookie = new Cookie(SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
"NOT_BASE_64_ENCODED");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
request.setCookies(cookie);
MockHttpServletResponse response = new MockHttpServletResponse();
assertNull(services.autoLogin(request, response));
@@ -166,12 +159,12 @@ public class TokenBasedRememberMeServicesTests {
@Test
public void autoLoginClearsCookieIfSignatureBlocksDoesNotMatchExpectedValue() throws Exception {
jmock.checking(udsWillReturnUser);
udsWillReturnUser();
Cookie cookie = new Cookie(SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password",
"WRONG_KEY"));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
request.setCookies(cookie);
MockHttpServletResponse response = new MockHttpServletResponse();
@@ -187,7 +180,7 @@ public class TokenBasedRememberMeServicesTests {
Cookie cookie = new Cookie(SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
new String(Base64.encodeBase64("username:NOT_A_NUMBER:signature".getBytes())));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
request.setCookies(cookie);
MockHttpServletResponse response = new MockHttpServletResponse();
assertNull(services.autoLogin(request, response));
@@ -199,11 +192,11 @@ public class TokenBasedRememberMeServicesTests {
@Test
public void autoLoginClearsCookieIfUserNotFound() throws Exception {
jmock.checking(udsWillThrowNotFound);
udsWillThrowNotFound();
Cookie cookie = new Cookie(SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password", "key"));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
request.setCookies(cookie);
MockHttpServletResponse response = new MockHttpServletResponse();
@@ -216,11 +209,11 @@ public class TokenBasedRememberMeServicesTests {
@Test
public void autoLoginWithValidTokenAndUserSucceeds() throws Exception {
jmock.checking(udsWillReturnUser);
udsWillReturnUser();
Cookie cookie = new Cookie(SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
generateCorrectCookieContentForToken(System.currentTimeMillis() + 1000000, "someone", "password", "key"));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setCookies(new Cookie[] {cookie});
request.setCookies(cookie);
MockHttpServletResponse response = new MockHttpServletResponse();

View File

@@ -19,8 +19,7 @@ import static org.junit.Assert.*;
import static org.mockito.Mockito.*;
import java.io.IOException;
import java.util.Map;
import java.util.*;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
@@ -28,9 +27,6 @@ import javax.servlet.ServletRequest;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.jmock.Expectations;
import org.jmock.Mockery;
import org.jmock.integration.junit4.JUnit4Mockery;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
@@ -88,22 +84,17 @@ public class DigestAuthenticationFilterTests {
final boolean expectChainToProceed) throws ServletException, IOException {
final MockHttpServletResponse response = new MockHttpServletResponse();
Mockery jmockContext = new JUnit4Mockery();
final FilterChain chain = jmockContext.mock(FilterChain.class);
jmockContext.checking(new Expectations() {{
exactly(expectChainToProceed ? 1 : 0).of(chain).doFilter(request, response);
}});
final FilterChain chain = mock(FilterChain.class);
filter.doFilter(request, response, chain);
jmockContext.assertIsSatisfied();
verify(chain, times(expectChainToProceed ? 1 : 0)).doFilter(request, response);
return response;
}
private static String generateNonce(int validitySeconds) {
long expiryTime = System.currentTimeMillis() + (validitySeconds * 1000);
String signatureValue = new String(DigestUtils.md5Hex(expiryTime + ":" + KEY));
String signatureValue = DigestUtils.md5Hex(expiryTime + ":" + KEY);
String nonceValue = expiryTime + ":" + signatureValue;
return new String(Base64.encodeBase64(nonceValue.getBytes()));

View File

@@ -1,22 +1,15 @@
package org.springframework.security.web.context;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.fail;
import static org.junit.Assert.*;
import static org.mockito.Matchers.any;
import static org.mockito.Mockito.*;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jmock.Expectations;
import org.jmock.Mockery;
import org.jmock.integration.junit4.JUnit4Mockery;
import org.junit.After;
import org.junit.Test;
import org.springframework.mock.web.MockHttpServletRequest;
@@ -27,7 +20,6 @@ import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextImpl;
public class SecurityContextPersistenceFilterTests {
Mockery jmock = new JUnit4Mockery();
TestingAuthenticationToken testToken = new TestingAuthenticationToken("someone", "passwd", "ROLE_A");
@After
@@ -37,31 +29,25 @@ public class SecurityContextPersistenceFilterTests {
@Test
public void contextIsClearedAfterChainProceeds() throws Exception {
final FilterChain chain = jmock.mock(FilterChain.class);
final FilterChain chain = mock(FilterChain.class);
final MockHttpServletRequest request = new MockHttpServletRequest();
final MockHttpServletResponse response = new MockHttpServletResponse();
SecurityContextPersistenceFilter filter = new SecurityContextPersistenceFilter();
SecurityContextHolder.getContext().setAuthentication(testToken);
jmock.checking(new Expectations() {{
oneOf(chain).doFilter(with(aNonNull(HttpServletRequest.class)), with(aNonNull(HttpServletResponse.class)));
}});
filter.doFilter(request, response, chain);
verify(chain).doFilter(any(ServletRequest.class), any(ServletResponse.class));
assertNull(SecurityContextHolder.getContext().getAuthentication());
}
@Test
public void contextIsStillClearedIfExceptionIsThrowByFilterChain() throws Exception {
final FilterChain chain = jmock.mock(FilterChain.class);
final FilterChain chain = mock(FilterChain.class);
final MockHttpServletRequest request = new MockHttpServletRequest();
final MockHttpServletResponse response = new MockHttpServletResponse();
SecurityContextPersistenceFilter filter = new SecurityContextPersistenceFilter();
SecurityContextHolder.getContext().setAuthentication(testToken);
jmock.checking(new Expectations() {{
oneOf(chain).doFilter(with(aNonNull(HttpServletRequest.class)), with(aNonNull(HttpServletResponse.class)));
will(throwException(new IOException()));
}});
doThrow(new IOException()).when(chain).doFilter(any(ServletRequest.class), any(ServletResponse.class));
try {
filter.doFilter(request, response, chain);
fail();
@@ -81,13 +67,10 @@ public class SecurityContextPersistenceFilterTests {
final SecurityContext scExpectedAfter = new SecurityContextImpl();
scExpectedAfter.setAuthentication(testToken);
scBefore.setAuthentication(beforeAuth);
final SecurityContextRepository repo = jmock.mock(SecurityContextRepository.class);
final SecurityContextRepository repo = mock(SecurityContextRepository.class);
filter.setSecurityContextRepository(repo);
jmock.checking(new Expectations() {{
oneOf(repo).loadContext(with(aNonNull(HttpRequestResponseHolder.class))); will(returnValue(scBefore));
oneOf(repo).saveContext(scExpectedAfter, request, response);
}});
when(repo.loadContext(any(HttpRequestResponseHolder.class))).thenReturn(scBefore);
final FilterChain chain = new FilterChain() {
public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
@@ -99,30 +82,25 @@ public class SecurityContextPersistenceFilterTests {
filter.doFilter(request, response, chain);
jmock.assertIsSatisfied();
verify(repo).saveContext(scExpectedAfter, request, response);
}
@Test
public void filterIsNotAppliedAgainIfFilterAppliedAttributeIsSet() throws Exception {
final FilterChain chain = jmock.mock(FilterChain.class);
final FilterChain chain = mock(FilterChain.class);
final MockHttpServletRequest request = new MockHttpServletRequest();
final MockHttpServletResponse response = new MockHttpServletResponse();
SecurityContextPersistenceFilter filter = new SecurityContextPersistenceFilter();
filter.setSecurityContextRepository(jmock.mock(SecurityContextRepository.class));
jmock.checking(new Expectations() {{
oneOf(chain).doFilter(request, response);
}});
filter.setSecurityContextRepository(mock(SecurityContextRepository.class));
request.setAttribute(SecurityContextPersistenceFilter.FILTER_APPLIED, Boolean.TRUE);
filter.doFilter(request, response, chain);
jmock.assertIsSatisfied();
verify(chain).doFilter(request, response);
}
@Test
public void sessionIsEagerlyCreatedWhenConfigured() throws Exception {
final FilterChain chain = jmock.mock(FilterChain.class);
jmock.checking(new Expectations() {{ ignoring(chain); }});
final FilterChain chain = mock(FilterChain.class);
final MockHttpServletRequest request = new MockHttpServletRequest();
final MockHttpServletResponse response = new MockHttpServletResponse();
SecurityContextPersistenceFilter filter = new SecurityContextPersistenceFilter();

View File

@@ -15,17 +15,15 @@
package org.springframework.security.web.servletapi;
import static org.mockito.Matchers.any;
import static org.mockito.Mockito.*;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletResponse;
import org.jmock.Expectations;
import org.jmock.Mockery;
import org.jmock.integration.junit4.JUnit4Mockery;
import org.junit.Test;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter;
import org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper;
/**
@@ -34,7 +32,6 @@ import org.springframework.security.web.servletapi.SecurityContextHolderAwareReq
* @author Ben Alex
*/
public class SecurityContextHolderAwareRequestFilterTests {
Mockery jmock = new JUnit4Mockery();
//~ Methods ========================================================================================================
@@ -42,19 +39,15 @@ public class SecurityContextHolderAwareRequestFilterTests {
public void expectedRequestWrapperClassIsUsed() throws Exception {
SecurityContextHolderAwareRequestFilter filter = new SecurityContextHolderAwareRequestFilter();
filter.setRolePrefix("ROLE_");
// filter.init(jmock.mock(FilterConfig.class));
final FilterChain filterChain = jmock.mock(FilterChain.class);
jmock.checking(new Expectations() {{
exactly(2).of(filterChain).doFilter(
with(aNonNull(SecurityContextHolderAwareRequestWrapper.class)), with(aNonNull(HttpServletResponse.class)));
}});
final FilterChain filterChain = mock(FilterChain.class);
filter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), filterChain);
// Now re-execute the filter, ensuring our replacement wrapper is still used
filter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), filterChain);
verify(filterChain, times(2)).doFilter(any(SecurityContextHolderAwareRequestWrapper.class), any(HttpServletResponse.class));
filter.destroy();
}
}