Add SecurityContextHolderStrategy to new repository
In 6.0, RequestAttributeSecurityContextRepository will be the default implementation of SecurityContextRepository. This commit adds the ability to configure a custom SecurityContextHolderStrategy, similar to other components. Issue gh-11060 Closes gh-11895
This commit is contained in:
@@ -25,9 +25,15 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.authentication.TestAuthentication;
|
||||
import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.core.context.SecurityContextHolderStrategy;
|
||||
import org.springframework.security.core.context.SecurityContextImpl;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.verifyNoMoreInteractions;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@@ -42,6 +48,15 @@ class RequestAttributeSecurityContextRepositoryTests {
|
||||
|
||||
private SecurityContext expectedSecurityContext = new SecurityContextImpl(TestAuthentication.authenticatedUser());
|
||||
|
||||
@Test
|
||||
void setSecurityContextHolderStrategyWhenNullThenThrowsIllegalArgumentException() {
|
||||
// @formatter:off
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> this.repository.setSecurityContextHolderStrategy(null))
|
||||
.withMessage("securityContextHolderStrategy cannot be null");
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
@Test
|
||||
void saveContextAndLoadContextThenFound() {
|
||||
this.repository.saveContext(this.expectedSecurityContext, this.request, this.response);
|
||||
@@ -82,4 +97,16 @@ class RequestAttributeSecurityContextRepositoryTests {
|
||||
assertThat(context).isEqualTo(SecurityContextHolder.createEmptyContext());
|
||||
}
|
||||
|
||||
@Test
|
||||
void loadContextWhenCustomSecurityContextHolderStrategySetThenUsed() {
|
||||
SecurityContextHolderStrategy securityContextHolderStrategy = mock(SecurityContextHolderStrategy.class);
|
||||
given(securityContextHolderStrategy.createEmptyContext()).willReturn(new SecurityContextImpl());
|
||||
this.repository.setSecurityContextHolderStrategy(securityContextHolderStrategy);
|
||||
|
||||
Supplier<SecurityContext> deferredContext = this.repository.loadContext(this.request);
|
||||
assertThat(deferredContext.get()).isNotNull();
|
||||
verify(securityContextHolderStrategy).createEmptyContext();
|
||||
verifyNoMoreInteractions(securityContextHolderStrategy);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user