Replace expected @Test attributes with AssertJ
Replace JUnit expected @Test attributes with AssertJ calls.
This commit is contained in:
committed by
Josh Cummings
parent
20baa7d409
commit
c502312719
@@ -22,6 +22,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
@@ -52,14 +53,15 @@ public class DefaultRedirectStrategyTests {
|
||||
assertThat(response.getRedirectedUrl()).isEqualTo("remainder");
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void contextRelativeShouldThrowExceptionIfURLDoesNotContainContextPath() throws Exception {
|
||||
DefaultRedirectStrategy rds = new DefaultRedirectStrategy();
|
||||
rds.setContextRelative(true);
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setContextPath("/context");
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
rds.sendRedirect(request, response, "https://redirectme.somewhere.else");
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> rds.sendRedirect(request, response, "https://redirectme.somewhere.else"));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -44,6 +44,7 @@ import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
@@ -234,9 +235,9 @@ public class FilterChainProxyTests {
|
||||
assertThat(SecurityContextHolder.getContext().getAuthentication()).isNull();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setRequestRejectedHandlerDoesNotAcceptNull() {
|
||||
this.fcp.setRequestRejectedHandler(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.fcp.setRequestRejectedHandler(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -28,6 +28,8 @@ import org.springframework.security.web.FilterInvocation.DummyRequest;
|
||||
import org.springframework.security.web.util.UrlUtils;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
||||
/**
|
||||
@@ -61,23 +63,25 @@ public class FilterInvocationTests {
|
||||
assertThat(fi.getFullRequestUrl()).isEqualTo("http://localhost/mycontext/HelloWorld/some/more/segments.html");
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testRejectsNullFilterChain() {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest(null, null);
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
new FilterInvocation(request, response, null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new FilterInvocation(request, response, null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testRejectsNullServletRequest() {
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
new FilterInvocation(null, response, mock(FilterChain.class));
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new FilterInvocation(null, response, mock(FilterChain.class)));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testRejectsNullServletResponse() {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest(null, null);
|
||||
new FilterInvocation(request, null, mock(FilterChain.class));
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new FilterInvocation(request, null, mock(FilterChain.class)));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -113,9 +117,10 @@ public class FilterInvocationTests {
|
||||
assertThat(fi.getFullRequestUrl()).isEqualTo("http://localhost/mycontext/HelloWorld");
|
||||
}
|
||||
|
||||
@Test(expected = UnsupportedOperationException.class)
|
||||
@Test
|
||||
public void dummyChainRejectsInvocation() throws Exception {
|
||||
FilterInvocation.DUMMY_CHAIN.doFilter(mock(HttpServletRequest.class), mock(HttpServletResponse.class));
|
||||
assertThatExceptionOfType(UnsupportedOperationException.class).isThrownBy(() -> FilterInvocation.DUMMY_CHAIN
|
||||
.doFilter(mock(HttpServletRequest.class), mock(HttpServletResponse.class)));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -48,6 +48,7 @@ import org.springframework.security.web.savedrequest.SavedRequest;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.willThrow;
|
||||
import static org.mockito.Mockito.mock;
|
||||
@@ -230,14 +231,15 @@ public class ExceptionTranslationFilterTests {
|
||||
assertThat(getSavedRequestUrl(request)).isEqualTo("http://localhost:8080/mycontext/secure/page.html");
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void startupDetectsMissingAuthenticationEntryPoint() {
|
||||
new ExceptionTranslationFilter(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new ExceptionTranslationFilter(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void startupDetectsMissingRequestCache() {
|
||||
new ExceptionTranslationFilter(this.mockEntryPoint, null);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new ExceptionTranslationFilter(this.mockEntryPoint, null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -31,6 +31,7 @@ import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
||||
/**
|
||||
@@ -40,19 +41,19 @@ import static org.mockito.Mockito.mock;
|
||||
*/
|
||||
public class ChannelProcessingFilterTests {
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testDetectsMissingChannelDecisionManager() {
|
||||
ChannelProcessingFilter filter = new ChannelProcessingFilter();
|
||||
MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", true, "MOCK");
|
||||
filter.setSecurityMetadataSource(fids);
|
||||
filter.afterPropertiesSet();
|
||||
assertThatIllegalArgumentException().isThrownBy(filter::afterPropertiesSet);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testDetectsMissingFilterInvocationSecurityMetadataSource() {
|
||||
ChannelProcessingFilter filter = new ChannelProcessingFilter();
|
||||
filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "MOCK"));
|
||||
filter.afterPropertiesSet();
|
||||
assertThatIllegalArgumentException().isThrownBy(filter::afterPropertiesSet);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -65,14 +66,14 @@ public class ChannelProcessingFilterTests {
|
||||
filter.afterPropertiesSet();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testDetectsUnsupportedConfigAttribute() {
|
||||
ChannelProcessingFilter filter = new ChannelProcessingFilter();
|
||||
filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "SUPPORTS_MOCK_ONLY"));
|
||||
MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", true,
|
||||
"SUPPORTS_MOCK_ONLY", "INVALID_ATTRIBUTE");
|
||||
filter.setSecurityMetadataSource(fids);
|
||||
filter.afterPropertiesSet();
|
||||
assertThatIllegalArgumentException().isThrownBy(filter::afterPropertiesSet);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -35,6 +35,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
|
||||
@@ -76,9 +77,9 @@ public class DefaultWebSecurityExpressionHandlerTests {
|
||||
assertThat(parser.parseExpression("@role.attribute == 'ROLE_A'").getValue(ctx, Boolean.class)).isTrue();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setTrustResolverNull() {
|
||||
this.handler.setTrustResolver(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.handler.setTrustResolver(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -28,6 +28,7 @@ import org.springframework.security.web.util.matcher.AnyRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
@@ -50,12 +51,13 @@ public class ExpressionBasedFilterInvocationSecurityMetadataSourceTests {
|
||||
assertThat(attribute.toString()).isEqualTo(expression);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void invalidExpressionIsRejected() {
|
||||
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
|
||||
requestMap.put(AnyRequestMatcher.INSTANCE, SecurityConfig.createList("hasRole('X'"));
|
||||
ExpressionBasedFilterInvocationSecurityMetadataSource mds = new ExpressionBasedFilterInvocationSecurityMetadataSource(
|
||||
requestMap, new DefaultWebSecurityExpressionHandler());
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new ExpressionBasedFilterInvocationSecurityMetadataSource(requestMap,
|
||||
new DefaultWebSecurityExpressionHandler()));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -32,6 +32,7 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
||||
/**
|
||||
@@ -87,9 +88,9 @@ public class DefaultFilterInvocationSecurityMetadataSourceTests {
|
||||
// sign).isEqualTo(def)
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void unknownHttpMethodIsRejected() {
|
||||
createFids("/someAdminPage.html**", "UNKNOWN");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> createFids("/someAdminPage.html**", "UNKNOWN"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -43,6 +43,7 @@ import org.springframework.security.web.FilterInvocation;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.anyCollection;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
@@ -95,16 +96,16 @@ public class FilterSecurityInterceptorTests {
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testEnsuresAccessDecisionManagerSupportsFilterInvocationClass() throws Exception {
|
||||
given(this.adm.supports(FilterInvocation.class)).willReturn(true);
|
||||
this.interceptor.afterPropertiesSet();
|
||||
assertThatIllegalArgumentException().isThrownBy(this.interceptor::afterPropertiesSet);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testEnsuresRunAsManagerSupportsFilterInvocationClass() throws Exception {
|
||||
given(this.adm.supports(FilterInvocation.class)).willReturn(false);
|
||||
this.interceptor.afterPropertiesSet();
|
||||
assertThatIllegalArgumentException().isThrownBy(this.interceptor::afterPropertiesSet);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -398,10 +398,10 @@ public class AbstractAuthenticationProcessingFilterTests {
|
||||
/**
|
||||
* https://github.com/spring-projects/spring-security/pull/3905
|
||||
*/
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setRememberMeServicesShouldntAllowNulls() {
|
||||
AbstractAuthenticationProcessingFilter filter = new MockAuthenticationFilter();
|
||||
filter.setRememberMeServices(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> filter.setRememberMeServices(null));
|
||||
}
|
||||
|
||||
private class MockAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
|
||||
|
||||
@@ -37,6 +37,7 @@ import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.assertj.core.api.Assertions.fail;
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
||||
@@ -59,14 +60,14 @@ public class AnonymousAuthenticationFilterTests {
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testDetectsMissingKey() {
|
||||
new AnonymousAuthenticationFilter(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new AnonymousAuthenticationFilter(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testDetectsUserAttribute() {
|
||||
new AnonymousAuthenticationFilter("qwerty", null, null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new AnonymousAuthenticationFilter("qwerty", null, null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -23,6 +23,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.core.Authentication;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
||||
/**
|
||||
@@ -35,14 +36,14 @@ import static org.mockito.Mockito.mock;
|
||||
*/
|
||||
public class ForwardAuthenticaionSuccessHandlerTests {
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void invalidForwardUrl() {
|
||||
new ForwardAuthenticationSuccessHandler("aaa");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new ForwardAuthenticationSuccessHandler("aaa"));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void emptyForwardUrl() {
|
||||
new ForwardAuthenticationSuccessHandler("");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new ForwardAuthenticationSuccessHandler(""));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -24,6 +24,7 @@ import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.WebAttributes;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
||||
/**
|
||||
@@ -35,14 +36,14 @@ import static org.mockito.Mockito.mock;
|
||||
*/
|
||||
public class ForwardAuthenticationFailureHandlerTests {
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void invalidForwardUrl() {
|
||||
new ForwardAuthenticationFailureHandler("aaa");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new ForwardAuthenticationFailureHandler("aaa"));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void emptyForwardUrl() {
|
||||
new ForwardAuthenticationFailureHandler("");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new ForwardAuthenticationFailureHandler(""));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -25,6 +25,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@@ -50,9 +51,9 @@ public class HttpStatusEntryPointTests {
|
||||
this.entryPoint = new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullStatus() {
|
||||
new HttpStatusEntryPoint(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new HttpStatusEntryPoint(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -27,6 +27,7 @@ import org.springframework.security.MockPortResolver;
|
||||
import org.springframework.security.web.PortMapperImpl;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* Tests {@link LoginUrlAuthenticationEntryPoint}.
|
||||
@@ -36,21 +37,21 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
*/
|
||||
public class LoginUrlAuthenticationEntryPointTests {
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testDetectsMissingLoginFormUrl() {
|
||||
new LoginUrlAuthenticationEntryPoint(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new LoginUrlAuthenticationEntryPoint(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testDetectsMissingPortMapper() {
|
||||
LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint("/login");
|
||||
ep.setPortMapper(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> ep.setPortMapper(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testDetectsMissingPortResolver() {
|
||||
LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint("/login");
|
||||
ep.setPortResolver(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> ep.setPortResolver(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -222,12 +223,12 @@ public class LoginUrlAuthenticationEntryPointTests {
|
||||
assertThat(response.getRedirectedUrl()).isEqualTo(loginFormUrl);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void absoluteLoginFormUrlCantBeUsedWithForwarding() throws Exception {
|
||||
final String loginFormUrl = "https://somesite.com/login";
|
||||
LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint("https://somesite.com/login");
|
||||
ep.setUseForward(true);
|
||||
ep.afterPropertiesSet();
|
||||
assertThatIllegalArgumentException().isThrownBy(ep::afterPropertiesSet);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -25,6 +25,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.core.Authentication;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
||||
/**
|
||||
@@ -107,16 +108,12 @@ public class CookieClearingLogoutHandlerTests {
|
||||
}
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void invalidAge() {
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setContextPath("/foo/bar");
|
||||
Cookie cookie1 = new Cookie("my_cookie", null);
|
||||
cookie1.setPath("/foo");
|
||||
cookie1.setMaxAge(100);
|
||||
CookieClearingLogoutHandler handler = new CookieClearingLogoutHandler(cookie1);
|
||||
handler.logout(request, response, mock(Authentication.class));
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new CookieClearingLogoutHandler(cookie1));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -42,6 +42,7 @@ import org.springframework.security.web.authentication.ForwardAuthenticationSucc
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
@@ -90,7 +91,7 @@ public class AbstractPreAuthenticatedProcessingFilterTests {
|
||||
}
|
||||
|
||||
/* SEC-881 */
|
||||
@Test(expected = BadCredentialsException.class)
|
||||
@Test
|
||||
public void exceptionIsThrownOnFailedAuthenticationIfContinueFilterChainOnUnsuccessfulAuthenticationSetToFalse()
|
||||
throws Exception {
|
||||
AuthenticationManager am = mock(AuthenticationManager.class);
|
||||
@@ -98,7 +99,8 @@ public class AbstractPreAuthenticatedProcessingFilterTests {
|
||||
this.filter.setContinueFilterChainOnUnsuccessfulAuthentication(false);
|
||||
this.filter.setAuthenticationManager(am);
|
||||
this.filter.afterPropertiesSet();
|
||||
this.filter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), mock(FilterChain.class));
|
||||
assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.filter
|
||||
.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), mock(FilterChain.class)));
|
||||
assertThat(SecurityContextHolder.getContext().getAuthentication()).isNull();
|
||||
}
|
||||
|
||||
|
||||
@@ -27,6 +27,8 @@ import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author TSARDD
|
||||
@@ -34,10 +36,10 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
*/
|
||||
public class PreAuthenticatedAuthenticationProviderTests {
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public final void afterPropertiesSet() {
|
||||
PreAuthenticatedAuthenticationProvider provider = new PreAuthenticatedAuthenticationProvider();
|
||||
provider.afterPropertiesSet();
|
||||
assertThatIllegalArgumentException().isThrownBy(provider::afterPropertiesSet);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -79,12 +81,12 @@ public class PreAuthenticatedAuthenticationProviderTests {
|
||||
// @TODO: Add more asserts?
|
||||
}
|
||||
|
||||
@Test(expected = UsernameNotFoundException.class)
|
||||
@Test
|
||||
public final void authenticateUnknownUserThrowsException() throws Exception {
|
||||
UserDetails ud = new User("dummyUser1", "dummyPwd", true, true, true, true, AuthorityUtils.NO_AUTHORITIES);
|
||||
PreAuthenticatedAuthenticationProvider provider = getProvider(ud);
|
||||
Authentication request = new PreAuthenticatedAuthenticationToken("dummyUser2", "dummyPwd");
|
||||
provider.authenticate(request);
|
||||
assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy(() -> provider.authenticate(request));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -26,6 +26,7 @@ import org.springframework.security.core.authority.GrantedAuthoritiesContainer;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author TSARDD
|
||||
@@ -33,20 +34,20 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
*/
|
||||
public class PreAuthenticatedGrantedAuthoritiesUserDetailsServiceTests {
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testGetUserDetailsInvalidType() {
|
||||
PreAuthenticatedGrantedAuthoritiesUserDetailsService svc = new PreAuthenticatedGrantedAuthoritiesUserDetailsService();
|
||||
PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken("dummy", "dummy");
|
||||
token.setDetails(new Object());
|
||||
svc.loadUserDetails(token);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> svc.loadUserDetails(token));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testGetUserDetailsNoDetails() {
|
||||
PreAuthenticatedGrantedAuthoritiesUserDetailsService svc = new PreAuthenticatedGrantedAuthoritiesUserDetailsService();
|
||||
PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken("dummy", "dummy");
|
||||
token.setDetails(null);
|
||||
svc.loadUserDetails(token);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> svc.loadUserDetails(token));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -29,6 +29,7 @@ import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
@@ -44,13 +45,14 @@ public class RequestAttributeAuthenticationFilterTests {
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
|
||||
@Test(expected = PreAuthenticatedCredentialsNotFoundException.class)
|
||||
@Test
|
||||
public void rejectsMissingHeader() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
MockFilterChain chain = new MockFilterChain();
|
||||
RequestAttributeAuthenticationFilter filter = new RequestAttributeAuthenticationFilter();
|
||||
filter.doFilter(request, response, chain);
|
||||
assertThatExceptionOfType(PreAuthenticatedCredentialsNotFoundException.class)
|
||||
.isThrownBy(() -> filter.doFilter(request, response, chain));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -119,14 +121,15 @@ public class RequestAttributeAuthenticationFilterTests {
|
||||
assertThat(SecurityContextHolder.getContext().getAuthentication()).isSameAs(dog);
|
||||
}
|
||||
|
||||
@Test(expected = PreAuthenticatedCredentialsNotFoundException.class)
|
||||
@Test
|
||||
public void missingHeaderCausesException() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
MockFilterChain chain = new MockFilterChain();
|
||||
RequestAttributeAuthenticationFilter filter = new RequestAttributeAuthenticationFilter();
|
||||
filter.setAuthenticationManager(createAuthenticationManager());
|
||||
filter.doFilter(request, response, chain);
|
||||
assertThatExceptionOfType(PreAuthenticatedCredentialsNotFoundException.class)
|
||||
.isThrownBy(() -> filter.doFilter(request, response, chain));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -31,6 +31,7 @@ import org.springframework.security.web.authentication.preauth.PreAuthenticatedC
|
||||
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
@@ -46,13 +47,14 @@ public class RequestHeaderAuthenticationFilterTests {
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
|
||||
@Test(expected = PreAuthenticatedCredentialsNotFoundException.class)
|
||||
@Test
|
||||
public void rejectsMissingHeader() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
MockFilterChain chain = new MockFilterChain();
|
||||
RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter();
|
||||
filter.doFilter(request, response, chain);
|
||||
assertThatExceptionOfType(PreAuthenticatedCredentialsNotFoundException.class)
|
||||
.isThrownBy(() -> filter.doFilter(request, response, chain));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -120,14 +122,15 @@ public class RequestHeaderAuthenticationFilterTests {
|
||||
assertThat(SecurityContextHolder.getContext().getAuthentication()).isSameAs(dog);
|
||||
}
|
||||
|
||||
@Test(expected = PreAuthenticatedCredentialsNotFoundException.class)
|
||||
@Test
|
||||
public void missingHeaderCausesException() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
MockFilterChain chain = new MockFilterChain();
|
||||
RequestHeaderAuthenticationFilter filter = new RequestHeaderAuthenticationFilter();
|
||||
filter.setAuthenticationManager(createAuthenticationManager());
|
||||
filter.doFilter(request, response, chain);
|
||||
assertThatExceptionOfType(PreAuthenticatedCredentialsNotFoundException.class)
|
||||
.isThrownBy(() -> filter.doFilter(request, response, chain));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -23,6 +23,8 @@ import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.core.SpringSecurityMessageSource;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
@@ -37,9 +39,10 @@ public class SubjectDnX509PrincipalExtractorTests {
|
||||
this.extractor.setMessageSource(new SpringSecurityMessageSource());
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void invalidRegexFails() {
|
||||
this.extractor.setSubjectDnRegex("CN=(.*?,"); // missing closing bracket on group
|
||||
// missing closing bracket on group
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.extractor.setSubjectDnRegex("CN=(.*?,"));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -55,10 +58,11 @@ public class SubjectDnX509PrincipalExtractorTests {
|
||||
assertThat(principal).isEqualTo("luke@monkeymachine");
|
||||
}
|
||||
|
||||
@Test(expected = BadCredentialsException.class)
|
||||
@Test
|
||||
public void matchOnShoeSizeThrowsBadCredentials() throws Exception {
|
||||
this.extractor.setSubjectDnRegex("shoeSize=(.*?),");
|
||||
this.extractor.extractPrincipal(X509TestUtils.buildTestCertificate());
|
||||
assertThatExceptionOfType(BadCredentialsException.class)
|
||||
.isThrownBy(() -> this.extractor.extractPrincipal(X509TestUtils.buildTestCertificate()));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -43,6 +43,7 @@ import org.springframework.util.ReflectionUtils;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
@@ -62,9 +63,10 @@ public class AbstractRememberMeServicesTests {
|
||||
this.uds = new MockUserDetailsService(joe, false);
|
||||
}
|
||||
|
||||
@Test(expected = InvalidCookieException.class)
|
||||
@Test
|
||||
public void nonBase64CookieShouldBeDetected() {
|
||||
new MockRememberMeServices(this.uds).decodeCookie("nonBase64CookieValue%");
|
||||
assertThatExceptionOfType(InvalidCookieException.class)
|
||||
.isThrownBy(() -> new MockRememberMeServices(this.uds).decodeCookie("nonBase64CookieValue%"));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -265,19 +267,21 @@ public class AbstractRememberMeServicesTests {
|
||||
assertThat(returnedCookie.getSecure()).isEqualTo(true);
|
||||
}
|
||||
|
||||
@Test(expected = CookieTheftException.class)
|
||||
@Test
|
||||
public void cookieTheftExceptionShouldBeRethrown() {
|
||||
MockRememberMeServices services = new MockRememberMeServices(this.uds) {
|
||||
|
||||
@Override
|
||||
protected UserDetails processAutoLoginCookie(String[] cookieTokens, HttpServletRequest request,
|
||||
HttpServletResponse response) {
|
||||
throw new CookieTheftException("Pretending cookie was stolen");
|
||||
}
|
||||
|
||||
};
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setCookies(createLoginCookie("cookie:1:2"));
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
services.autoLogin(request, response);
|
||||
assertThatExceptionOfType(CookieTheftException.class).isThrownBy(() -> services.autoLogin(request, response));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -30,6 +30,7 @@ import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
|
||||
/**
|
||||
* @author Luke Taylor
|
||||
@@ -51,33 +52,37 @@ public class PersistentTokenBasedRememberMeServicesTests {
|
||||
this.services.afterPropertiesSet();
|
||||
}
|
||||
|
||||
@Test(expected = InvalidCookieException.class)
|
||||
@Test
|
||||
public void loginIsRejectedWithWrongNumberOfCookieTokens() {
|
||||
this.services.processAutoLoginCookie(new String[] { "series", "token", "extra" }, new MockHttpServletRequest(),
|
||||
new MockHttpServletResponse());
|
||||
assertThatExceptionOfType(InvalidCookieException.class)
|
||||
.isThrownBy(() -> this.services.processAutoLoginCookie(new String[] { "series", "token", "extra" },
|
||||
new MockHttpServletRequest(), new MockHttpServletResponse()));
|
||||
}
|
||||
|
||||
@Test(expected = RememberMeAuthenticationException.class)
|
||||
@Test
|
||||
public void loginIsRejectedWhenNoTokenMatchingSeriesIsFound() {
|
||||
this.services = create(null);
|
||||
this.services.processAutoLoginCookie(new String[] { "series", "token" }, new MockHttpServletRequest(),
|
||||
new MockHttpServletResponse());
|
||||
assertThatExceptionOfType(RememberMeAuthenticationException.class)
|
||||
.isThrownBy(() -> this.services.processAutoLoginCookie(new String[] { "series", "token" },
|
||||
new MockHttpServletRequest(), new MockHttpServletResponse()));
|
||||
}
|
||||
|
||||
@Test(expected = RememberMeAuthenticationException.class)
|
||||
@Test
|
||||
public void loginIsRejectedWhenTokenIsExpired() {
|
||||
this.services = create(new PersistentRememberMeToken("joe", "series", "token",
|
||||
new Date(System.currentTimeMillis() - TimeUnit.SECONDS.toMillis(1) - 100)));
|
||||
this.services.setTokenValiditySeconds(1);
|
||||
this.services.processAutoLoginCookie(new String[] { "series", "token" }, new MockHttpServletRequest(),
|
||||
new MockHttpServletResponse());
|
||||
assertThatExceptionOfType(RememberMeAuthenticationException.class)
|
||||
.isThrownBy(() -> this.services.processAutoLoginCookie(new String[] { "series", "token" },
|
||||
new MockHttpServletRequest(), new MockHttpServletResponse()));
|
||||
}
|
||||
|
||||
@Test(expected = CookieTheftException.class)
|
||||
@Test
|
||||
public void cookieTheftIsDetectedWhenSeriesAndTokenDontMatch() {
|
||||
this.services = create(new PersistentRememberMeToken("joe", "series", "wrongtoken", new Date()));
|
||||
this.services.processAutoLoginCookie(new String[] { "series", "token" }, new MockHttpServletRequest(),
|
||||
new MockHttpServletResponse());
|
||||
assertThatExceptionOfType(CookieTheftException.class)
|
||||
.isThrownBy(() -> this.services.processAutoLoginCookie(new String[] { "series", "token" },
|
||||
new MockHttpServletRequest(), new MockHttpServletResponse()));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -38,6 +38,7 @@ import org.springframework.security.web.authentication.RememberMeServices;
|
||||
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
@@ -63,14 +64,16 @@ public class RememberMeAuthenticationFilterTests {
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testDetectsAuthenticationManagerProperty() {
|
||||
new RememberMeAuthenticationFilter(null, new NullRememberMeServices());
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new RememberMeAuthenticationFilter(null, new NullRememberMeServices()));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testDetectsRememberMeServicesProperty() {
|
||||
new RememberMeAuthenticationFilter(mock(AuthenticationManager.class), null);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new RememberMeAuthenticationFilter(mock(AuthenticationManager.class), null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -37,6 +37,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
@@ -200,7 +201,7 @@ public class TokenBasedRememberMeServicesTests {
|
||||
assertThat(returnedCookie.getMaxAge()).isZero();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void autoLoginClearsCookieIfUserServiceMisconfigured() {
|
||||
udsWillReturnNull();
|
||||
Cookie cookie = new Cookie(AbstractRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY,
|
||||
@@ -209,7 +210,7 @@ public class TokenBasedRememberMeServicesTests {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.setCookies(cookie);
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
this.services.autoLogin(request, response);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.services.autoLogin(request, response));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -30,6 +30,7 @@ import org.mockito.junit.MockitoJUnitRunner;
|
||||
import org.springframework.security.core.Authentication;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.BDDMockito.willThrow;
|
||||
import static org.mockito.Mockito.times;
|
||||
import static org.mockito.Mockito.verify;
|
||||
@@ -56,19 +57,21 @@ public class CompositeSessionAuthenticationStrategyTests {
|
||||
@Mock
|
||||
private HttpServletResponse response;
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullDelegates() {
|
||||
new CompositeSessionAuthenticationStrategy(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new CompositeSessionAuthenticationStrategy(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorEmptyDelegates() {
|
||||
new CompositeSessionAuthenticationStrategy(Collections.<SessionAuthenticationStrategy>emptyList());
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new CompositeSessionAuthenticationStrategy(
|
||||
Collections.<SessionAuthenticationStrategy>emptyList()));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorDelegatesContainNull() {
|
||||
new CompositeSessionAuthenticationStrategy(Collections.<SessionAuthenticationStrategy>singletonList(null));
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new CompositeSessionAuthenticationStrategy(
|
||||
Collections.<SessionAuthenticationStrategy>singletonList(null)));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -36,6 +36,8 @@ import org.springframework.security.core.session.SessionInformation;
|
||||
import org.springframework.security.core.session.SessionRegistry;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.anyBoolean;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
@@ -70,9 +72,9 @@ public class ConcurrentSessionControlAuthenticationStrategyTests {
|
||||
this.strategy = new ConcurrentSessionControlAuthenticationStrategy(this.sessionRegistry);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullRegistry() {
|
||||
new ConcurrentSessionControlAuthenticationStrategy(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new ConcurrentSessionControlAuthenticationStrategy(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -97,13 +99,14 @@ public class ConcurrentSessionControlAuthenticationStrategyTests {
|
||||
// no exception
|
||||
}
|
||||
|
||||
@Test(expected = SessionAuthenticationException.class)
|
||||
@Test
|
||||
public void maxSessionsWithException() {
|
||||
given(this.sessionRegistry.getAllSessions(any(), anyBoolean()))
|
||||
.willReturn(Collections.<SessionInformation>singletonList(this.sessionInformation));
|
||||
this.strategy.setMaximumSessions(1);
|
||||
this.strategy.setExceptionIfMaximumExceeded(true);
|
||||
this.strategy.onAuthentication(this.authentication, this.request, this.response);
|
||||
assertThatExceptionOfType(SessionAuthenticationException.class)
|
||||
.isThrownBy(() -> this.strategy.onAuthentication(this.authentication, this.request, this.response));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -141,9 +144,9 @@ public class ConcurrentSessionControlAuthenticationStrategyTests {
|
||||
assertThat(this.sessionInformation.isExpired()).isFalse();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setMessageSourceNull() {
|
||||
this.strategy.setMessageSource(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.strategy.setMessageSource(null));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -28,6 +28,7 @@ import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.session.SessionRegistry;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.verify;
|
||||
|
||||
/**
|
||||
@@ -56,9 +57,9 @@ public class RegisterSessionAuthenticationStrategyTests {
|
||||
this.response = new MockHttpServletResponse();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullRegistry() {
|
||||
new RegisterSessionAuthenticationStrategy(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new RegisterSessionAuthenticationStrategy(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -47,6 +47,7 @@ import org.springframework.security.web.authentication.SimpleUrlAuthenticationSu
|
||||
import org.springframework.security.web.util.matcher.AnyRequestMatcher;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.never;
|
||||
@@ -181,33 +182,33 @@ public class SwitchUserFilterTests {
|
||||
assertThat(filter.requiresSwitchUser(request)).isTrue();
|
||||
}
|
||||
|
||||
@Test(expected = UsernameNotFoundException.class)
|
||||
@Test
|
||||
public void attemptSwitchToUnknownUserFails() {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "user-that-doesnt-exist");
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setUserDetailsService(new MockUserDetailsService());
|
||||
filter.attemptSwitchUser(request);
|
||||
assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy(() -> filter.attemptSwitchUser(request));
|
||||
}
|
||||
|
||||
@Test(expected = DisabledException.class)
|
||||
@Test
|
||||
public void attemptSwitchToUserThatIsDisabledFails() {
|
||||
switchToUser("mcgarrett");
|
||||
assertThatExceptionOfType(DisabledException.class).isThrownBy(() -> switchToUser("mcgarrett"));
|
||||
}
|
||||
|
||||
@Test(expected = AccountExpiredException.class)
|
||||
@Test
|
||||
public void attemptSwitchToUserWithAccountExpiredFails() {
|
||||
switchToUser("wofat");
|
||||
assertThatExceptionOfType(AccountExpiredException.class).isThrownBy(() -> switchToUser("wofat"));
|
||||
}
|
||||
|
||||
@Test(expected = CredentialsExpiredException.class)
|
||||
@Test
|
||||
public void attemptSwitchToUserWithExpiredCredentialsFails() {
|
||||
switchToUser("steve");
|
||||
assertThatExceptionOfType(CredentialsExpiredException.class).isThrownBy(() -> switchToUser("steve"));
|
||||
}
|
||||
|
||||
@Test(expected = UsernameNotFoundException.class)
|
||||
@Test
|
||||
public void switchUserWithNullUsernameThrowsException() {
|
||||
switchToUser(null);
|
||||
assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy(() -> switchToUser(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -246,22 +247,22 @@ public class SwitchUserFilterTests {
|
||||
assertThat(FieldUtils.getFieldValue(filter, "switchFailureUrl")).isEqualTo("/switchfailed");
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void configMissingUserDetailsServiceFails() {
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setSwitchUserUrl("/login/impersonate");
|
||||
filter.setExitUserUrl("/logout/impersonate");
|
||||
filter.setTargetUrl("/main.jsp");
|
||||
filter.afterPropertiesSet();
|
||||
assertThatIllegalArgumentException().isThrownBy(filter::afterPropertiesSet);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testBadConfigMissingTargetUrl() {
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setUserDetailsService(new MockUserDetailsService());
|
||||
filter.setSwitchUserUrl("/login/impersonate");
|
||||
filter.setExitUserUrl("/logout/impersonate");
|
||||
filter.afterPropertiesSet();
|
||||
assertThatIllegalArgumentException().isThrownBy(filter::afterPropertiesSet);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -304,7 +305,7 @@ public class SwitchUserFilterTests {
|
||||
assertThat(targetAuth.getPrincipal()).isEqualTo("dano");
|
||||
}
|
||||
|
||||
@Test(expected = AuthenticationException.class)
|
||||
@Test
|
||||
public void exitUserWithNoCurrentUserFails() throws Exception {
|
||||
// no current user in secure context
|
||||
SecurityContextHolder.clearContext();
|
||||
@@ -317,7 +318,8 @@ public class SwitchUserFilterTests {
|
||||
// run 'exit', expect fail due to no current user
|
||||
FilterChain chain = mock(FilterChain.class);
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
filter.doFilter(request, response, chain);
|
||||
assertThatExceptionOfType(AuthenticationException.class)
|
||||
.isThrownBy(() -> filter.doFilter(request, response, chain));
|
||||
verify(chain, never()).doFilter(request, response);
|
||||
}
|
||||
|
||||
@@ -459,16 +461,16 @@ public class SwitchUserFilterTests {
|
||||
assertThat(switchAuthorityRole).isEqualTo(switchedFrom.getAuthority());
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setSwitchFailureUrlWhenNullThenThrowException() {
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setSwitchFailureUrl(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> filter.setSwitchFailureUrl(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setSwitchFailureUrlWhenEmptyThenThrowException() {
|
||||
SwitchUserFilter filter = new SwitchUserFilter();
|
||||
filter.setSwitchFailureUrl("");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> filter.setSwitchFailureUrl(""));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -31,6 +31,7 @@ import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.verifyZeroInteractions;
|
||||
@@ -83,19 +84,19 @@ public class BasicAuthenticationConverterTests {
|
||||
assertThat(authentication).isNull();
|
||||
}
|
||||
|
||||
@Test(expected = BadCredentialsException.class)
|
||||
@Test
|
||||
public void testWhenInvalidBasicAuthorizationTokenThenError() {
|
||||
String token = "NOT_A_VALID_TOKEN_AS_MISSING_COLON";
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addHeader("Authorization", "Basic " + new String(Base64.encodeBase64(token.getBytes())));
|
||||
this.converter.convert(request);
|
||||
assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.converter.convert(request));
|
||||
}
|
||||
|
||||
@Test(expected = BadCredentialsException.class)
|
||||
@Test
|
||||
public void testWhenInvalidBase64ThenError() {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addHeader("Authorization", "Basic NOT_VALID_BASE64");
|
||||
this.converter.convert(request);
|
||||
assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.converter.convert(request));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -110,11 +111,11 @@ public class BasicAuthenticationConverterTests {
|
||||
assertThat(authentication.getCredentials()).isEqualTo("");
|
||||
}
|
||||
|
||||
@Test(expected = BadCredentialsException.class)
|
||||
@Test
|
||||
public void requestWhenEmptyBasicAuthorizationHeaderTokenThenError() {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addHeader("Authorization", "Basic ");
|
||||
this.converter.convert(request);
|
||||
assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> this.converter.convert(request));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -41,6 +41,7 @@ import org.springframework.security.web.authentication.WebAuthenticationDetails;
|
||||
import org.springframework.web.util.WebUtils;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.AdditionalMatchers.not;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
@@ -182,14 +183,14 @@ public class BasicAuthenticationFilterTests {
|
||||
assertThat(SecurityContextHolder.getContext().getAuthentication()).isNull();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testStartupDetectsMissingAuthenticationEntryPoint() {
|
||||
new BasicAuthenticationFilter(this.manager, null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new BasicAuthenticationFilter(this.manager, null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void testStartupDetectsMissingAuthenticationManager() {
|
||||
BasicAuthenticationFilter filter = new BasicAuthenticationFilter(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new BasicAuthenticationFilter(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -43,6 +43,7 @@ import org.springframework.security.core.userdetails.cache.NullUserCache;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.times;
|
||||
import static org.mockito.Mockito.verify;
|
||||
@@ -290,18 +291,18 @@ public class DigestAuthenticationFilterTests {
|
||||
assertThat(SecurityContextHolder.getContext().getAuthentication()).isNull();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void startupDetectsMissingAuthenticationEntryPoint() {
|
||||
DigestAuthenticationFilter filter = new DigestAuthenticationFilter();
|
||||
filter.setUserDetailsService(mock(UserDetailsService.class));
|
||||
filter.afterPropertiesSet();
|
||||
assertThatIllegalArgumentException().isThrownBy(filter::afterPropertiesSet);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void startupDetectsMissingUserDetailsService() {
|
||||
DigestAuthenticationFilter filter = new DigestAuthenticationFilter();
|
||||
filter.setAuthenticationEntryPoint(new DigestAuthenticationEntryPoint());
|
||||
filter.afterPropertiesSet();
|
||||
assertThatIllegalArgumentException().isThrownBy(filter::afterPropertiesSet);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -36,6 +36,7 @@ import org.springframework.security.web.bind.annotation.AuthenticationPrincipal;
|
||||
import org.springframework.util.ReflectionUtils;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@@ -125,16 +126,18 @@ public class AuthenticationPrincipalArgumentResolverTests {
|
||||
assertThat(this.resolver.resolveArgument(showUserAnnotationString(), null, null, null)).isNull();
|
||||
}
|
||||
|
||||
@Test(expected = ClassCastException.class)
|
||||
@Test
|
||||
public void resolveArgumentErrorOnInvalidType() throws Exception {
|
||||
setAuthenticationPrincipal(new CustomUserPrincipal());
|
||||
this.resolver.resolveArgument(showUserAnnotationErrorOnInvalidType(), null, null, null);
|
||||
assertThatExceptionOfType(ClassCastException.class).isThrownBy(
|
||||
() -> this.resolver.resolveArgument(showUserAnnotationErrorOnInvalidType(), null, null, null));
|
||||
}
|
||||
|
||||
@Test(expected = ClassCastException.class)
|
||||
@Test
|
||||
public void resolveArgumentCustomserErrorOnInvalidType() throws Exception {
|
||||
setAuthenticationPrincipal(new CustomUserPrincipal());
|
||||
this.resolver.resolveArgument(showUserAnnotationCurrentUserErrorOnInvalidType(), null, null, null);
|
||||
assertThatExceptionOfType(ClassCastException.class).isThrownBy(() -> this.resolver
|
||||
.resolveArgument(showUserAnnotationCurrentUserErrorOnInvalidType(), null, null, null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -41,6 +41,7 @@ import org.springframework.security.web.session.SessionInformationExpiredStrateg
|
||||
import org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.anyString;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
@@ -63,26 +64,28 @@ public class ConcurrentSessionFilterTests {
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorSessionRegistryWhenSessionRegistryNullThenExceptionThrown() {
|
||||
new ConcurrentSessionFilter(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new ConcurrentSessionFilter(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
@SuppressWarnings("deprecation")
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
public void constructorSessionRegistryExpiresUrlWhenInvalidUrlThenExceptionThrown() {
|
||||
new ConcurrentSessionFilter(new SessionRegistryImpl(), "oops");
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new ConcurrentSessionFilter(new SessionRegistryImpl(), "oops"));
|
||||
}
|
||||
|
||||
@Test
|
||||
@SuppressWarnings("deprecation")
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
public void constructorSessionRegistryExpiresUrlWhenSessionRegistryNullThenExceptionThrown() {
|
||||
new ConcurrentSessionFilter(null, "/expired");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new ConcurrentSessionFilter(null, "/expired"));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorSessionRegistrySessionInformationExpiredStrategyWhenStrategyIsNullThenThrowsException() {
|
||||
new ConcurrentSessionFilter(new SessionRegistryImpl(), (SessionInformationExpiredStrategy) null);
|
||||
assertThatIllegalArgumentException().isThrownBy(
|
||||
() -> new ConcurrentSessionFilter(new SessionRegistryImpl(), (SessionInformationExpiredStrategy) null));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -127,9 +130,9 @@ public class ConcurrentSessionFilterTests {
|
||||
+ "attempted as the same user).");
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void detectsMissingSessionRegistry() {
|
||||
new ConcurrentSessionFilter(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new ConcurrentSessionFilter(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -264,16 +267,16 @@ public class ConcurrentSessionFilterTests {
|
||||
verify(handler).logout(eq(request), eq(response), any());
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setLogoutHandlersWhenNullThenThrowsException() {
|
||||
ConcurrentSessionFilter filter = new ConcurrentSessionFilter(new SessionRegistryImpl());
|
||||
filter.setLogoutHandlers((List<LogoutHandler>) null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> filter.setLogoutHandlers((List<LogoutHandler>) null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setLogoutHandlersWhenEmptyThenThrowsException() {
|
||||
ConcurrentSessionFilter filter = new ConcurrentSessionFilter(new SessionRegistryImpl());
|
||||
filter.setLogoutHandlers(new LogoutHandler[0]);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> filter.setLogoutHandlers(new LogoutHandler[0]));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -44,6 +44,8 @@ import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalStateException;
|
||||
import static org.mockito.ArgumentMatchers.anyBoolean;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
@@ -499,10 +501,10 @@ public class HttpSessionSecurityContextRepositoryTests {
|
||||
verify(trustResolver).isAnonymous(contextToSave.getAuthentication());
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setTrustResolverNull() {
|
||||
HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository();
|
||||
repo.setTrustResolver(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> repo.setTrustResolver(null));
|
||||
}
|
||||
|
||||
// SEC-2578
|
||||
@@ -523,14 +525,14 @@ public class HttpSessionSecurityContextRepositoryTests {
|
||||
.isEqualTo(context);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalStateException.class)
|
||||
@Test
|
||||
public void failsWithStandardResponse() {
|
||||
HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository();
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
SecurityContext context = SecurityContextHolder.createEmptyContext();
|
||||
context.setAuthentication(this.testToken);
|
||||
repo.saveContext(context, request, response);
|
||||
assertThatIllegalStateException().isThrownBy(() -> repo.saveContext(context, request, response));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -29,6 +29,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.context.request.NativeWebRequest;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@@ -51,9 +52,9 @@ public class SecurityContextCallableProcessingInterceptorTests {
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNull() {
|
||||
new SecurityContextCallableProcessingInterceptor(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new SecurityContextCallableProcessingInterceptor(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -25,6 +25,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@@ -235,19 +236,19 @@ public class CookieCsrfTokenRepositoryTests {
|
||||
assertThat(loadToken.getToken()).isEqualTo(value);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setCookieNameNullIllegalArgumentException() {
|
||||
this.repository.setCookieName(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.repository.setCookieName(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setParameterNameNullIllegalArgumentException() {
|
||||
this.repository.setParameterName(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.repository.setParameterName(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setHeaderNameNullIllegalArgumentException() {
|
||||
this.repository.setHeaderName(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.repository.setHeaderName(null));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -30,6 +30,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
@@ -66,9 +67,9 @@ public class CsrfAuthenticationStrategyTests {
|
||||
this.generatedToken = new DefaultCsrfToken("_csrf", "_csrf", "2");
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullCsrfTokenRepository() {
|
||||
new CsrfAuthenticationStrategy(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new CsrfAuthenticationStrategy(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -39,6 +39,7 @@ import org.springframework.security.web.access.AccessDeniedHandler;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
@@ -95,9 +96,9 @@ public class CsrfFilterTests {
|
||||
this.response = new MockHttpServletResponse();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullRepository() {
|
||||
new CsrfFilter(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new CsrfFilter(null));
|
||||
}
|
||||
|
||||
// SEC-2276
|
||||
@@ -319,14 +320,14 @@ public class CsrfFilterTests {
|
||||
verifyZeroInteractions(repository);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setRequireCsrfProtectionMatcherNull() {
|
||||
this.filter.setRequireCsrfProtectionMatcher(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.filter.setRequireCsrfProtectionMatcher(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setAccessDeniedHandlerNull() {
|
||||
this.filter.setAccessDeniedHandler(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.filter.setAccessDeniedHandler(null));
|
||||
}
|
||||
|
||||
private static CsrfTokenAssert assertToken(Object token) {
|
||||
|
||||
@@ -26,6 +26,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.verify;
|
||||
|
||||
/**
|
||||
@@ -51,9 +52,9 @@ public class CsrfLogoutHandlerTests {
|
||||
this.handler = new CsrfLogoutHandler(this.csrfTokenRepository);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullCsrfTokenRepository() {
|
||||
new CsrfLogoutHandler(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new CsrfLogoutHandler(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -18,6 +18,8 @@ package org.springframework.security.web.csrf;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*
|
||||
@@ -30,34 +32,40 @@ public class DefaultCsrfTokenTests {
|
||||
|
||||
private final String tokenValue = "tokenValue";
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullHeaderName() {
|
||||
new DefaultCsrfToken(null, this.parameterName, this.tokenValue);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new DefaultCsrfToken(null, this.parameterName, this.tokenValue));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorEmptyHeaderName() {
|
||||
new DefaultCsrfToken("", this.parameterName, this.tokenValue);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new DefaultCsrfToken("", this.parameterName, this.tokenValue));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullParameterName() {
|
||||
new DefaultCsrfToken(this.headerName, null, this.tokenValue);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new DefaultCsrfToken(this.headerName, null, this.tokenValue));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorEmptyParameterName() {
|
||||
new DefaultCsrfToken(this.headerName, "", this.tokenValue);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new DefaultCsrfToken(this.headerName, "", this.tokenValue));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullTokenValue() {
|
||||
new DefaultCsrfToken(this.headerName, this.parameterName, null);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new DefaultCsrfToken(this.headerName, this.parameterName, null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorEmptyTokenValue() {
|
||||
new DefaultCsrfToken(this.headerName, this.parameterName, "");
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new DefaultCsrfToken(this.headerName, this.parameterName, ""));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -23,6 +23,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@@ -116,24 +117,24 @@ public class HttpSessionCsrfTokenRepositoryTests {
|
||||
assertThat(this.request.getSession(false)).isNull();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setSessionAttributeNameEmpty() {
|
||||
this.repo.setSessionAttributeName("");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.repo.setSessionAttributeName(""));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setSessionAttributeNameNull() {
|
||||
this.repo.setSessionAttributeName(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.repo.setSessionAttributeName(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setParameterNameEmpty() {
|
||||
this.repo.setParameterName("");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.repo.setParameterName(""));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setParameterNameNull() {
|
||||
this.repo.setParameterName(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.repo.setParameterName(null));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -27,6 +27,7 @@ import org.mockito.Mock;
|
||||
import org.mockito.junit.MockitoJUnitRunner;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
@@ -59,14 +60,15 @@ public class LazyCsrfTokenRepositoryTests {
|
||||
given(this.request.getAttribute(HttpServletResponse.class.getName())).willReturn(this.response);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructNullDelegateThrowsIllegalArgumentException() {
|
||||
new LazyCsrfTokenRepository(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new LazyCsrfTokenRepository(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void generateTokenNullResponseAttribute() {
|
||||
this.repository.generateToken(mock(HttpServletRequest.class));
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> this.repository.generateToken(mock(HttpServletRequest.class)));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -49,7 +49,7 @@ public class DefaultHttpFirewallTests {
|
||||
* because the pathInfo is /a/b;/1/c which ends up being /a/b/1/c while Spring MVC
|
||||
* will strip the ; content from requestURI before the path is URL decoded.
|
||||
*/
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenLowercaseEncodedPathThenException() {
|
||||
DefaultHttpFirewall fw = new DefaultHttpFirewall();
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
@@ -57,10 +57,10 @@ public class DefaultHttpFirewallTests {
|
||||
request.setContextPath("/context-root");
|
||||
request.setServletPath("");
|
||||
request.setPathInfo("/a/b;/1/c"); // URL decoded requestURI
|
||||
fw.getFirewalledRequest(request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> fw.getFirewalledRequest(request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenUppercaseEncodedPathThenException() {
|
||||
DefaultHttpFirewall fw = new DefaultHttpFirewall();
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
@@ -68,7 +68,7 @@ public class DefaultHttpFirewallTests {
|
||||
request.setContextPath("/context-root");
|
||||
request.setServletPath("");
|
||||
request.setPathInfo("/a/b;/1/c"); // URL decoded requestURI
|
||||
fw.getFirewalledRequest(request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> fw.getFirewalledRequest(request));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -128,76 +128,88 @@ public class StrictHttpFirewallTests {
|
||||
}
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenSemicolonInContextPathThenThrowsRequestRejectedException() {
|
||||
this.request.setContextPath(";/context");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenSemicolonInServletPathThenThrowsRequestRejectedException() {
|
||||
this.request.setServletPath("/spring;/");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenSemicolonInPathInfoThenThrowsRequestRejectedException() {
|
||||
this.request.setPathInfo("/path;/");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenSemicolonInRequestUriThenThrowsRequestRejectedException() {
|
||||
this.request.setRequestURI("/path;/");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenEncodedSemicolonInContextPathThenThrowsRequestRejectedException() {
|
||||
this.request.setContextPath("%3B/context");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenEncodedSemicolonInServletPathThenThrowsRequestRejectedException() {
|
||||
this.request.setServletPath("/spring%3B/");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenEncodedSemicolonInPathInfoThenThrowsRequestRejectedException() {
|
||||
this.request.setPathInfo("/path%3B/");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenEncodedSemicolonInRequestUriThenThrowsRequestRejectedException() {
|
||||
this.request.setRequestURI("/path%3B/");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenLowercaseEncodedSemicolonInContextPathThenThrowsRequestRejectedException() {
|
||||
this.request.setContextPath("%3b/context");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenLowercaseEncodedSemicolonInServletPathThenThrowsRequestRejectedException() {
|
||||
this.request.setServletPath("/spring%3b/");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenLowercaseEncodedSemicolonInPathInfoThenThrowsRequestRejectedException() {
|
||||
this.request.setPathInfo("/path%3b/");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenLowercaseEncodedSemicolonInRequestUriThenThrowsRequestRejectedException() {
|
||||
this.request.setRequestURI("/path%3b/");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -290,16 +302,18 @@ public class StrictHttpFirewallTests {
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenEncodedPeriodInThenThrowsRequestRejectedException() {
|
||||
this.request.setRequestURI("/%2E/");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenLowercaseEncodedPeriodInThenThrowsRequestRejectedException() {
|
||||
this.request.setRequestURI("/%2e/");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -309,10 +323,11 @@ public class StrictHttpFirewallTests {
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenExceedsLowerboundAsciiThenException() {
|
||||
this.request.setRequestURI("/\u0019");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -327,22 +342,25 @@ public class StrictHttpFirewallTests {
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenExceedsUpperboundAsciiThenException() {
|
||||
this.request.setRequestURI("/\u007f");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenContainsNullThenException() {
|
||||
this.request.setRequestURI("/\0");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenContainsEncodedNullThenException() {
|
||||
this.request.setRequestURI("/something%00/");
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -350,22 +368,24 @@ public class StrictHttpFirewallTests {
|
||||
* because the pathInfo is /a/b;/1/c which ends up being /a/b/1/c while Spring MVC
|
||||
* will strip the ; content from requestURI before the path is URL decoded.
|
||||
*/
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenLowercaseEncodedPathThenException() {
|
||||
this.request.setRequestURI("/context-root/a/b;%2f1/c");
|
||||
this.request.setContextPath("/context-root");
|
||||
this.request.setServletPath("");
|
||||
this.request.setPathInfo("/a/b;/1/c"); // URL decoded requestURI
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenUppercaseEncodedPathThenException() {
|
||||
this.request.setRequestURI("/context-root/a/b;%2F1/c");
|
||||
this.request.setContextPath("/context-root");
|
||||
this.request.setServletPath("");
|
||||
this.request.setPathInfo("/a/b;/1/c"); // URL decoded requestURI
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -536,133 +556,138 @@ public class StrictHttpFirewallTests {
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestWhenUntrustedDomainThenException() {
|
||||
this.request.addHeader("Host", "example.org");
|
||||
this.firewall.setAllowedHostnames((hostname) -> hostname.equals("myexample.org"));
|
||||
this.firewall.getFirewalledRequest(this.request);
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetHeaderWhenNotAllowedHeaderNameThenException() {
|
||||
this.firewall.setAllowedHeaderNames((name) -> !name.equals("bad name"));
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getHeader("bad name");
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeader("bad name"));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetHeaderWhenNotAllowedHeaderValueThenException() {
|
||||
this.request.addHeader("good name", "bad value");
|
||||
this.firewall.setAllowedHeaderValues((value) -> !value.equals("bad value"));
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getHeader("good name");
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeader("good name"));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetDateHeaderWhenControlCharacterInHeaderNameThenException() {
|
||||
this.request.addHeader("Bad\0Name", "some value");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getDateHeader("Bad\0Name");
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getDateHeader("Bad\0Name"));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetIntHeaderWhenControlCharacterInHeaderNameThenException() {
|
||||
this.request.addHeader("Bad\0Name", "some value");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getIntHeader("Bad\0Name");
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getIntHeader("Bad\0Name"));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetHeaderWhenControlCharacterInHeaderNameThenException() {
|
||||
this.request.addHeader("Bad\0Name", "some value");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getHeader("Bad\0Name");
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeader("Bad\0Name"));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetHeaderWhenUndefinedCharacterInHeaderNameThenException() {
|
||||
this.request.addHeader("Bad\uFFFEName", "some value");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getHeader("Bad\uFFFEName");
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeader("Bad\uFFFEName"));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetHeadersWhenControlCharacterInHeaderNameThenException() {
|
||||
this.request.addHeader("Bad\0Name", "some value");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getHeaders("Bad\0Name");
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeaders("Bad\0Name"));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetHeaderNamesWhenControlCharacterInHeaderNameThenException() {
|
||||
this.request.addHeader("Bad\0Name", "some value");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getHeaderNames().nextElement();
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> request.getHeaderNames().nextElement());
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetHeaderWhenControlCharacterInHeaderValueThenException() {
|
||||
this.request.addHeader("Something", "bad\0value");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getHeader("Something");
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeader("Something"));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetHeaderWhenUndefinedCharacterInHeaderValueThenException() {
|
||||
this.request.addHeader("Something", "bad\uFFFEvalue");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getHeader("Something");
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeader("Something"));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetHeadersWhenControlCharacterInHeaderValueThenException() {
|
||||
this.request.addHeader("Something", "bad\0value");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getHeaders("Something").nextElement();
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> request.getHeaders("Something").nextElement());
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetParameterWhenControlCharacterInParameterNameThenException() {
|
||||
this.request.addParameter("Bad\0Name", "some value");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getParameter("Bad\0Name");
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getParameter("Bad\0Name"));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetParameterMapWhenControlCharacterInParameterNameThenException() {
|
||||
this.request.addParameter("Bad\0Name", "some value");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getParameterMap();
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(request::getParameterMap);
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetParameterNamesWhenControlCharacterInParameterNameThenException() {
|
||||
this.request.addParameter("Bad\0Name", "some value");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getParameterNames().nextElement();
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(request.getParameterNames()::nextElement);
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetParameterNamesWhenUndefinedCharacterInParameterNameThenException() {
|
||||
this.request.addParameter("Bad\uFFFEName", "some value");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getParameterNames().nextElement();
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(request.getParameterNames()::nextElement);
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetParameterValuesWhenNotAllowedInParameterValueThenException() {
|
||||
this.firewall.setAllowedParameterValues((value) -> !value.equals("bad value"));
|
||||
this.request.addParameter("Something", "bad value");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getParameterValues("Something");
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> request.getParameterValues("Something"));
|
||||
}
|
||||
|
||||
@Test(expected = RequestRejectedException.class)
|
||||
@Test
|
||||
public void getFirewalledRequestGetParameterValuesWhenNotAllowedInParameterNameThenException() {
|
||||
this.firewall.setAllowedParameterNames((value) -> !value.equals("bad name"));
|
||||
this.request.addParameter("bad name", "good value");
|
||||
HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
|
||||
request.getParameterValues("bad name");
|
||||
assertThatExceptionOfType(RequestRejectedException.class)
|
||||
.isThrownBy(() -> request.getParameterValues("bad name"));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -34,6 +34,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.verifyNoMoreInteractions;
|
||||
@@ -55,15 +56,14 @@ public class HeaderWriterFilterTests {
|
||||
@Mock
|
||||
private HeaderWriter writer2;
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void noHeadersConfigured() {
|
||||
List<HeaderWriter> headerWriters = new ArrayList<>();
|
||||
new HeaderWriterFilter(headerWriters);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new HeaderWriterFilter(new ArrayList<>()));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullWriters() {
|
||||
new HeaderWriterFilter(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new HeaderWriterFilter(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -23,6 +23,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Joe Grandja
|
||||
@@ -102,10 +103,10 @@ public class ContentSecurityPolicyHeaderWriterTests {
|
||||
assertThat(this.response.getHeader("Content-Security-Policy-Report-Only")).isEqualTo(policyDirectives);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void writeHeadersContentSecurityPolicyInvalid() {
|
||||
this.writer = new ContentSecurityPolicyHeaderWriter("");
|
||||
this.writer = new ContentSecurityPolicyHeaderWriter(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new ContentSecurityPolicyHeaderWriter(""));
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new ContentSecurityPolicyHeaderWriter(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -27,6 +27,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.web.header.HeaderWriter;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.times;
|
||||
import static org.mockito.Mockito.verify;
|
||||
@@ -57,14 +58,16 @@ public class DelegatingRequestMatcherHeaderWriterTests {
|
||||
this.headerWriter = new DelegatingRequestMatcherHeaderWriter(this.matcher, this.delegate);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullRequestMatcher() {
|
||||
new DelegatingRequestMatcherHeaderWriter(null, this.delegate);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new DelegatingRequestMatcherHeaderWriter(null, this.delegate));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullDelegate() {
|
||||
new DelegatingRequestMatcherHeaderWriter(this.matcher, null);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new DelegatingRequestMatcherHeaderWriter(this.matcher, null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -29,6 +29,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Tim Ysewyn
|
||||
@@ -166,19 +167,20 @@ public class HpkpHeaderWriterTests {
|
||||
assertThat(this.response.getHeaderNames()).isEmpty();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setMaxAgeInSecondsToNegative() {
|
||||
this.writer.setMaxAgeInSeconds(-1);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.writer.setMaxAgeInSeconds(-1));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void addSha256PinsWithNullPin() {
|
||||
this.writer.addSha256Pins("d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM=", null);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> this.writer.addSha256Pins("d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM=", null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setIncorrectReportUri() {
|
||||
this.writer.setReportUri("some url here...");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.writer.setReportUri("some url here..."));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -24,6 +24,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.web.util.matcher.AnyRequestMatcher;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@@ -124,14 +125,14 @@ public class HstsHeaderWriterTests {
|
||||
.isEqualTo("max-age=31536000 ; includeSubDomains");
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setMaxAgeInSecondsToNegative() {
|
||||
this.writer.setMaxAgeInSeconds(-1);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.writer.setMaxAgeInSeconds(-1));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setRequestMatcherToNull() {
|
||||
this.writer.setRequestMatcher(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.writer.setRequestMatcher(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -24,6 +24,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter.ReferrerPolicy;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Eddú Meléndez
|
||||
@@ -64,9 +65,9 @@ public class ReferrerPolicyHeaderWriterTests {
|
||||
assertThat(this.response.getHeader("Referrer-Policy")).isEqualTo("same-origin");
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void writeHeaderReferrerPolicyInvalid() {
|
||||
this.writer = new ReferrerPolicyHeaderWriter(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new ReferrerPolicyHeaderWriter(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -27,6 +27,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.web.header.Header;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* Test for the {@code StaticHeadersWriter}
|
||||
@@ -48,29 +49,29 @@ public class StaticHeaderWriterTests {
|
||||
this.response = new MockHttpServletResponse();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullHeaders() {
|
||||
new StaticHeadersWriter(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new StaticHeadersWriter(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorEmptyHeaders() {
|
||||
new StaticHeadersWriter(Collections.<Header>emptyList());
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new StaticHeadersWriter(Collections.<Header>emptyList()));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullHeaderName() {
|
||||
new StaticHeadersWriter(null, "value1");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new StaticHeadersWriter(null, "value1"));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullHeaderValues() {
|
||||
new StaticHeadersWriter("name", (String[]) null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new StaticHeadersWriter("name", (String[]) null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorContainsNullHeaderValue() {
|
||||
new StaticHeadersWriter("name", "value1", null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new StaticHeadersWriter("name", "value1", null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -23,6 +23,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@@ -78,11 +79,11 @@ public class XXssProtectionHeaderWriterTests {
|
||||
assertThat(this.response.getHeaderValues("X-XSS-Protection")).containsOnly("0");
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setBlockTrueWithEnabledFalse() {
|
||||
this.writer.setBlock(false);
|
||||
this.writer.setEnabled(false);
|
||||
this.writer.setBlock(true);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.writer.setBlock(true));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -27,6 +27,7 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter.XFrameOptionsMode;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
|
||||
/**
|
||||
@@ -51,19 +52,20 @@ public class FrameOptionsHeaderWriterTests {
|
||||
this.response = new MockHttpServletResponse();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullMode() {
|
||||
new XFrameOptionsHeaderWriter((XFrameOptionsMode) null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new XFrameOptionsHeaderWriter((XFrameOptionsMode) null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorAllowFromNoAllowFromStrategy() {
|
||||
new XFrameOptionsHeaderWriter(XFrameOptionsMode.ALLOW_FROM);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new XFrameOptionsHeaderWriter(XFrameOptionsMode.ALLOW_FROM));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullAllowFromStrategy() {
|
||||
new XFrameOptionsHeaderWriter((AllowFromStrategy) null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new XFrameOptionsHeaderWriter((AllowFromStrategy) null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -23,20 +23,22 @@ import org.junit.Test;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Marten Deinum
|
||||
*/
|
||||
public class RegExpAllowFromStrategyTests {
|
||||
|
||||
@Test(expected = PatternSyntaxException.class)
|
||||
@Test
|
||||
public void invalidRegularExpressionShouldLeadToException() {
|
||||
new RegExpAllowFromStrategy("[a-z");
|
||||
assertThatExceptionOfType(PatternSyntaxException.class).isThrownBy(() -> new RegExpAllowFromStrategy("[a-z"));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void nullRegularExpressionShouldLeadToException() {
|
||||
new RegExpAllowFromStrategy(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new RegExpAllowFromStrategy(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -24,6 +24,7 @@ import org.junit.Test;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* Test for the {@code WhiteListedAllowFromStrategy}.
|
||||
@@ -33,14 +34,14 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
*/
|
||||
public class WhiteListedAllowFromStrategyTests {
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void emptyListShouldThrowException() {
|
||||
new WhiteListedAllowFromStrategy(new ArrayList<>());
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new WhiteListedAllowFromStrategy(new ArrayList<>()));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void nullListShouldThrowException() {
|
||||
new WhiteListedAllowFromStrategy(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new WhiteListedAllowFromStrategy(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -27,6 +27,7 @@ import org.skyscreamer.jsonassert.JSONAssert;
|
||||
import org.springframework.security.web.csrf.DefaultCsrfToken;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
|
||||
/**
|
||||
* @author Jitendra Singh
|
||||
@@ -58,16 +59,18 @@ public class DefaultCsrfTokenMixinTests extends AbstractMixinTests {
|
||||
assertThat(token.getToken()).isEqualTo("1");
|
||||
}
|
||||
|
||||
@Test(expected = JsonMappingException.class)
|
||||
@Test
|
||||
public void defaultCsrfTokenDeserializeWithoutClassTest() throws IOException {
|
||||
String tokenJson = "{\"headerName\": \"csrf-header\", \"parameterName\": \"_csrf\", \"token\": \"1\"}";
|
||||
this.mapper.readValue(tokenJson, DefaultCsrfToken.class);
|
||||
assertThatExceptionOfType(JsonMappingException.class)
|
||||
.isThrownBy(() -> this.mapper.readValue(tokenJson, DefaultCsrfToken.class));
|
||||
}
|
||||
|
||||
@Test(expected = JsonMappingException.class)
|
||||
@Test
|
||||
public void defaultCsrfTokenDeserializeNullValuesTest() throws IOException {
|
||||
String tokenJson = "{\"@class\": \"org.springframework.security.web.csrf.DefaultCsrfToken\", \"headerName\": \"\", \"parameterName\": null, \"token\": \"1\"}";
|
||||
this.mapper.readValue(tokenJson, DefaultCsrfToken.class);
|
||||
assertThatExceptionOfType(JsonMappingException.class)
|
||||
.isThrownBy(() -> this.mapper.readValue(tokenJson, DefaultCsrfToken.class));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -36,6 +36,7 @@ import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.util.ReflectionUtils;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@@ -141,16 +142,18 @@ public class AuthenticationPrincipalArgumentResolverTests {
|
||||
assertThat(this.resolver.resolveArgument(showUserAnnotationString(), null, null, null)).isNull();
|
||||
}
|
||||
|
||||
@Test(expected = ClassCastException.class)
|
||||
@Test
|
||||
public void resolveArgumentErrorOnInvalidType() throws Exception {
|
||||
setAuthenticationPrincipal(new CustomUserPrincipal());
|
||||
this.resolver.resolveArgument(showUserAnnotationErrorOnInvalidType(), null, null, null);
|
||||
assertThatExceptionOfType(ClassCastException.class).isThrownBy(
|
||||
() -> this.resolver.resolveArgument(showUserAnnotationErrorOnInvalidType(), null, null, null));
|
||||
}
|
||||
|
||||
@Test(expected = ClassCastException.class)
|
||||
@Test
|
||||
public void resolveArgumentCustomserErrorOnInvalidType() throws Exception {
|
||||
setAuthenticationPrincipal(new CustomUserPrincipal());
|
||||
this.resolver.resolveArgument(showUserAnnotationCurrentUserErrorOnInvalidType(), null, null, null);
|
||||
assertThatExceptionOfType(ClassCastException.class).isThrownBy(() -> this.resolver
|
||||
.resolveArgument(showUserAnnotationCurrentUserErrorOnInvalidType(), null, null, null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -29,6 +29,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.security.web.PortResolverImpl;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
public class SavedRequestAwareWrapperTests {
|
||||
|
||||
@@ -144,12 +145,12 @@ public class SavedRequestAwareWrapperTests {
|
||||
assertThat(wrapper.getDateHeader("nonexistent")).isEqualTo(-1L);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void invalidDateHeaderIsRejected() {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addHeader("header", "notadate");
|
||||
SavedRequestAwareWrapper wrapper = createWrapper(request, new MockHttpServletRequest());
|
||||
wrapper.getDateHeader("header");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> wrapper.getDateHeader("header"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -29,6 +29,7 @@ import org.springframework.mock.web.server.MockServerWebExchange;
|
||||
import org.springframework.web.server.ServerWebExchange;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.verifyZeroInteractions;
|
||||
|
||||
/**
|
||||
@@ -45,14 +46,14 @@ public class DefaultServerRedirectStrategyTests {
|
||||
|
||||
private DefaultServerRedirectStrategy strategy = new DefaultServerRedirectStrategy();
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void sendRedirectWhenLocationNullThenException() {
|
||||
this.strategy.sendRedirect(this.exchange, null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.strategy.sendRedirect(this.exchange, null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void sendRedirectWhenExchangeNullThenException() {
|
||||
this.strategy.sendRedirect(null, this.location);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.strategy.sendRedirect(null, this.location));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -106,9 +107,9 @@ public class DefaultServerRedirectStrategyTests {
|
||||
assertThat(this.exchange.getResponse().getHeaders().getLocation()).hasPath(this.location.getPath());
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setHttpStatusWhenNullThenException() {
|
||||
this.strategy.setHttpStatus(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.strategy.setHttpStatus(null));
|
||||
}
|
||||
|
||||
private static MockServerWebExchange exchange(MockServerHttpRequest.BaseBuilder<?> request) {
|
||||
|
||||
@@ -25,6 +25,7 @@ import org.springframework.web.server.ServerWebExchange;
|
||||
import org.springframework.web.server.WebFilterChain;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@@ -39,16 +40,14 @@ public class WebFilterExchangeTests {
|
||||
@Mock
|
||||
private WebFilterChain chain;
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorServerWebExchangeWebFilterChainWhenExchangeNullThenException() {
|
||||
this.exchange = null;
|
||||
new WebFilterExchange(this.exchange, this.chain);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new WebFilterExchange(null, this.chain));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorServerWebExchangeWebFilterChainWhenChainNullThenException() {
|
||||
this.chain = null;
|
||||
new WebFilterExchange(this.exchange, this.chain);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new WebFilterExchange(this.exchange, null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -30,6 +30,7 @@ import org.springframework.security.core.Authentication;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.assertj.core.api.Assertions.assertThatNullPointerException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
@@ -57,9 +58,10 @@ public class AuthenticationConverterServerWebExchangeMatcherTests {
|
||||
this.matcher = new AuthenticationConverterServerWebExchangeMatcher(this.converter);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorConverterWhenConverterNullThenThrowsException() {
|
||||
new AuthenticationConverterServerWebExchangeMatcher(null);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new AuthenticationConverterServerWebExchangeMatcher(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -36,6 +36,7 @@ import org.springframework.test.web.reactive.server.WebTestClient;
|
||||
import org.springframework.web.server.ServerWebExchange;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
@@ -235,9 +236,9 @@ public class AuthenticationWebFilterTests {
|
||||
verifyZeroInteractions(this.successHandler, this.failureHandler);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setRequiresAuthenticationMatcherWhenNullThenException() {
|
||||
this.filter.setRequiresAuthenticationMatcher(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.filter.setRequiresAuthenticationMatcher(null));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -29,6 +29,7 @@ import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.web.server.ServerWebExchange;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.verifyZeroInteractions;
|
||||
|
||||
/**
|
||||
@@ -70,9 +71,9 @@ public class HttpBasicServerAuthenticationEntryPointTests {
|
||||
.containsOnly("Basic realm=\"Custom\"");
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setRealmWhenNullThenException() {
|
||||
this.entryPoint.setRealm(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.entryPoint.setRealm(null));
|
||||
}
|
||||
|
||||
private static MockServerWebExchange exchange(MockServerHttpRequest.BaseBuilder<?> request) {
|
||||
|
||||
@@ -32,6 +32,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.mockito.ArgumentMatchers.anyString;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
@@ -68,35 +69,40 @@ public class ReactivePreAuthenticatedAuthenticationManagerTests {
|
||||
assertThat(authentication.isAuthenticated()).isEqualTo(true);
|
||||
}
|
||||
|
||||
@Test(expected = UsernameNotFoundException.class)
|
||||
@Test
|
||||
public void returnsNullForNonExistingAccount() {
|
||||
given(this.mockUserDetailsService.findByUsername(anyString())).willReturn(Mono.empty());
|
||||
this.manager.authenticate(tokenForUser(this.nonExistingAccount.getUsername())).block();
|
||||
assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy(
|
||||
() -> this.manager.authenticate(tokenForUser(this.nonExistingAccount.getUsername())).block());
|
||||
}
|
||||
|
||||
@Test(expected = LockedException.class)
|
||||
@Test
|
||||
public void throwsExceptionForLockedAccount() {
|
||||
given(this.mockUserDetailsService.findByUsername(anyString())).willReturn(Mono.just(this.lockedAccount));
|
||||
this.manager.authenticate(tokenForUser(this.lockedAccount.getUsername())).block();
|
||||
assertThatExceptionOfType(LockedException.class)
|
||||
.isThrownBy(() -> this.manager.authenticate(tokenForUser(this.lockedAccount.getUsername())).block());
|
||||
}
|
||||
|
||||
@Test(expected = DisabledException.class)
|
||||
@Test
|
||||
public void throwsExceptionForDisabledAccount() {
|
||||
given(this.mockUserDetailsService.findByUsername(anyString())).willReturn(Mono.just(this.disabledAccount));
|
||||
this.manager.authenticate(tokenForUser(this.disabledAccount.getUsername())).block();
|
||||
assertThatExceptionOfType(DisabledException.class)
|
||||
.isThrownBy(() -> this.manager.authenticate(tokenForUser(this.disabledAccount.getUsername())).block());
|
||||
}
|
||||
|
||||
@Test(expected = AccountExpiredException.class)
|
||||
@Test
|
||||
public void throwsExceptionForExpiredAccount() {
|
||||
given(this.mockUserDetailsService.findByUsername(anyString())).willReturn(Mono.just(this.expiredAccount));
|
||||
this.manager.authenticate(tokenForUser(this.expiredAccount.getUsername())).block();
|
||||
assertThatExceptionOfType(AccountExpiredException.class)
|
||||
.isThrownBy(() -> this.manager.authenticate(tokenForUser(this.expiredAccount.getUsername())).block());
|
||||
}
|
||||
|
||||
@Test(expected = CredentialsExpiredException.class)
|
||||
@Test
|
||||
public void throwsExceptionForAccountWithExpiredCredentials() {
|
||||
given(this.mockUserDetailsService.findByUsername(anyString()))
|
||||
.willReturn(Mono.just(this.accountWithExpiredCredentials));
|
||||
this.manager.authenticate(tokenForUser(this.accountWithExpiredCredentials.getUsername())).block();
|
||||
assertThatExceptionOfType(CredentialsExpiredException.class).isThrownBy(() -> this.manager
|
||||
.authenticate(tokenForUser(this.accountWithExpiredCredentials.getUsername())).block());
|
||||
}
|
||||
|
||||
private Authentication tokenForUser(String username) {
|
||||
|
||||
@@ -31,6 +31,7 @@ import org.springframework.security.web.server.ServerRedirectStrategy;
|
||||
import org.springframework.web.server.ServerWebExchange;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
|
||||
@@ -55,9 +56,9 @@ public class RedirectServerAuthenticationEntryPointTests {
|
||||
private AuthenticationException exception = new AuthenticationCredentialsNotFoundException(
|
||||
"Authentication Required");
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorStringWhenNullLocationThenException() {
|
||||
new RedirectServerAuthenticationEntryPoint(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new RedirectServerAuthenticationEntryPoint(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -86,9 +87,9 @@ public class RedirectServerAuthenticationEntryPointTests {
|
||||
redirectResult.assertWasSubscribed();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setRedirectStrategyWhenNullThenException() {
|
||||
this.entryPoint.setRedirectStrategy(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.entryPoint.setRedirectStrategy(null));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -33,6 +33,7 @@ import org.springframework.security.web.server.WebFilterExchange;
|
||||
import org.springframework.web.server.handler.DefaultWebFilterChain;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
|
||||
@@ -56,9 +57,9 @@ public class RedirectServerAuthenticationFailureHandlerTests {
|
||||
private AuthenticationException exception = new AuthenticationCredentialsNotFoundException(
|
||||
"Authentication Required");
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorStringWhenNullLocationThenException() {
|
||||
new RedirectServerAuthenticationEntryPoint(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new RedirectServerAuthenticationEntryPoint(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -87,9 +88,9 @@ public class RedirectServerAuthenticationFailureHandlerTests {
|
||||
redirectResult.assertWasSubscribed();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setRedirectStrategyWhenNullThenException() {
|
||||
this.handler.setRedirectStrategy(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.handler.setRedirectStrategy(null));
|
||||
}
|
||||
|
||||
private WebFilterExchange createExchange() {
|
||||
|
||||
@@ -34,6 +34,7 @@ import org.springframework.web.server.ServerWebExchange;
|
||||
import org.springframework.web.server.WebFilterChain;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
@@ -62,9 +63,9 @@ public class RedirectServerAuthenticationSuccessHandlerTests {
|
||||
|
||||
private RedirectServerAuthenticationSuccessHandler handler = new RedirectServerAuthenticationSuccessHandler();
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorStringWhenNullLocationThenException() {
|
||||
new RedirectServerAuthenticationEntryPoint(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new RedirectServerAuthenticationEntryPoint(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -96,14 +97,14 @@ public class RedirectServerAuthenticationSuccessHandlerTests {
|
||||
verify(this.redirectStrategy).sendRedirect(any(), eq(this.location));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setRedirectStrategyWhenNullThenException() {
|
||||
this.handler.setRedirectStrategy(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.handler.setRedirectStrategy(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setLocationWhenNullThenException() {
|
||||
this.handler.setLocation(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.handler.setLocation(null));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -30,6 +30,7 @@ import org.springframework.web.server.ServerWebExchange;
|
||||
import org.springframework.web.server.WebFilterChain;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
|
||||
/**
|
||||
@@ -54,10 +55,9 @@ public class ServerAuthenticationEntryPointFailureHandlerTests {
|
||||
@InjectMocks
|
||||
private ServerAuthenticationEntryPointFailureHandler handler;
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorWhenNullEntryPointThenException() {
|
||||
this.authenticationEntryPoint = null;
|
||||
new ServerAuthenticationEntryPointFailureHandler(this.authenticationEntryPoint);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new ServerAuthenticationEntryPointFailureHandler(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -29,6 +29,7 @@ import org.springframework.util.MultiValueMap;
|
||||
import org.springframework.web.server.ServerWebExchange;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
|
||||
/**
|
||||
@@ -86,14 +87,14 @@ public class ServerFormLoginAuthenticationConverterTests {
|
||||
assertThat(authentication.getAuthorities()).isEmpty();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setUsernameParameterWhenNullThenIllegalArgumentException() {
|
||||
this.converter.setUsernameParameter(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.converter.setUsernameParameter(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setPasswordParameterWhenNullThenIllegalArgumentException() {
|
||||
this.converter.setPasswordParameter(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.converter.setPasswordParameter(null));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -26,6 +26,7 @@ import org.mockito.ArgumentCaptor;
|
||||
import org.mockito.Mock;
|
||||
import org.mockito.junit.MockitoJUnitRunner;
|
||||
import reactor.core.publisher.Mono;
|
||||
import reactor.util.context.Context;
|
||||
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
|
||||
@@ -179,12 +180,11 @@ public class SwitchUserWebFilterTests {
|
||||
.from(MockServerHttpRequest.post("/login/impersonate"));
|
||||
final WebFilterChain chain = mock(WebFilterChain.class);
|
||||
final SecurityContextImpl securityContext = new SecurityContextImpl(mock(Authentication.class));
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> this.switchUserWebFilter.filter(exchange, chain)
|
||||
.subscriberContext(
|
||||
ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext)))
|
||||
.block())
|
||||
.withMessage("The userName can not be null.");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> {
|
||||
Context securityContextHolder = ReactiveSecurityContextHolder
|
||||
.withSecurityContext(Mono.just(securityContext));
|
||||
this.switchUserWebFilter.filter(exchange, chain).subscriberContext(securityContextHolder).block();
|
||||
}).withMessage("The userName can not be null.");
|
||||
verifyNoInteractions(chain);
|
||||
}
|
||||
|
||||
@@ -216,12 +216,11 @@ public class SwitchUserWebFilterTests {
|
||||
final SecurityContextImpl securityContext = new SecurityContextImpl(mock(Authentication.class));
|
||||
final UserDetails switchUserDetails = switchUserDetails(targetUsername, false);
|
||||
given(this.userDetailsService.findByUsername(any(String.class))).willReturn(Mono.just(switchUserDetails));
|
||||
assertThatExceptionOfType(DisabledException.class)
|
||||
.isThrownBy(
|
||||
() -> this.switchUserWebFilter.filter(exchange, chain)
|
||||
.subscriberContext(
|
||||
ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext)))
|
||||
.block());
|
||||
assertThatExceptionOfType(DisabledException.class).isThrownBy(() -> {
|
||||
Context securityContextHolder = ReactiveSecurityContextHolder
|
||||
.withSecurityContext(Mono.just(securityContext));
|
||||
this.switchUserWebFilter.filter(exchange, chain).subscriberContext(securityContextHolder).block();
|
||||
});
|
||||
verifyNoInteractions(chain);
|
||||
}
|
||||
|
||||
@@ -264,12 +263,11 @@ public class SwitchUserWebFilterTests {
|
||||
"origCredentials");
|
||||
final WebFilterChain chain = mock(WebFilterChain.class);
|
||||
final SecurityContextImpl securityContext = new SecurityContextImpl(originalAuthentication);
|
||||
assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class)
|
||||
.isThrownBy(() -> this.switchUserWebFilter.filter(exchange, chain)
|
||||
.subscriberContext(
|
||||
ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext)))
|
||||
.block())
|
||||
.withMessage("Could not find original Authentication object");
|
||||
assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class).isThrownBy(() -> {
|
||||
Context securityContextHolder = ReactiveSecurityContextHolder
|
||||
.withSecurityContext(Mono.just(securityContext));
|
||||
this.switchUserWebFilter.filter(exchange, chain).subscriberContext(securityContextHolder).block();
|
||||
}).withMessage("Could not find original Authentication object");
|
||||
verifyNoInteractions(chain);
|
||||
}
|
||||
|
||||
|
||||
@@ -35,6 +35,7 @@ import org.springframework.web.server.ServerWebExchange;
|
||||
import org.springframework.web.server.WebFilterChain;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
|
||||
@@ -128,14 +129,14 @@ public class ExceptionTranslationWebFilterTests {
|
||||
this.entryPointPublisher.assertWasNotSubscribed();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setAccessDeniedHandlerWhenNullThenException() {
|
||||
this.filter.setAccessDeniedHandler(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.filter.setAccessDeniedHandler(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setAuthenticationEntryPointWhenNullThenException() {
|
||||
this.filter.setAuthenticationEntryPoint(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.filter.setAuthenticationEntryPoint(null));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -28,6 +28,7 @@ import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.web.server.ServerWebExchange;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.Mockito.verifyZeroInteractions;
|
||||
|
||||
/**
|
||||
@@ -46,9 +47,9 @@ public class HttpStatusServerAccessDeniedHandlerTests {
|
||||
|
||||
private AccessDeniedException exception = new AccessDeniedException("Forbidden");
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorHttpStatusWhenNullThenException() {
|
||||
new HttpStatusServerAccessDeniedHandler(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new HttpStatusServerAccessDeniedHandler(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -38,6 +38,7 @@ import org.springframework.web.server.WebFilterChain;
|
||||
import org.springframework.web.server.handler.DefaultWebFilterChain;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
|
||||
@@ -69,10 +70,9 @@ public class ReactorContextWebFilterTests {
|
||||
given(this.repository.load(any())).willReturn(this.securityContext.mono());
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullSecurityContextRepository() {
|
||||
ServerSecurityContextRepository repository = null;
|
||||
new ReactorContextWebFilter(repository);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new ReactorContextWebFilter(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -28,6 +28,7 @@ import org.springframework.security.web.jackson2.AbstractMixinTests;
|
||||
import org.springframework.security.web.server.csrf.DefaultCsrfToken;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
|
||||
/**
|
||||
* @author Boris Finkelshteyn
|
||||
@@ -59,16 +60,18 @@ public class DefaultCsrfServerTokenMixinTests extends AbstractMixinTests {
|
||||
assertThat(token.getToken()).isEqualTo("1");
|
||||
}
|
||||
|
||||
@Test(expected = JsonMappingException.class)
|
||||
@Test
|
||||
public void defaultCsrfTokenDeserializeWithoutClassTest() throws IOException {
|
||||
String tokenJson = "{\"headerName\": \"csrf-header\", \"parameterName\": \"_csrf\", \"token\": \"1\"}";
|
||||
this.mapper.readValue(tokenJson, DefaultCsrfToken.class);
|
||||
assertThatExceptionOfType(JsonMappingException.class)
|
||||
.isThrownBy(() -> this.mapper.readValue(tokenJson, DefaultCsrfToken.class));
|
||||
}
|
||||
|
||||
@Test(expected = JsonMappingException.class)
|
||||
@Test
|
||||
public void defaultCsrfTokenDeserializeNullValuesTest() throws IOException {
|
||||
String tokenJson = "{\"@class\": \"org.springframework.security.web.server.csrf.DefaultCsrfToken\", \"headerName\": \"\", \"parameterName\": null, \"token\": \"1\"}";
|
||||
this.mapper.readValue(tokenJson, DefaultCsrfToken.class);
|
||||
assertThatExceptionOfType(JsonMappingException.class)
|
||||
.isThrownBy(() -> this.mapper.readValue(tokenJson, DefaultCsrfToken.class));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -27,6 +27,7 @@ import org.springframework.mock.web.server.MockServerWebExchange;
|
||||
import org.springframework.web.server.ServerWebExchange;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@@ -36,28 +37,28 @@ public class MediaTypeServerWebExchangeMatcherTests {
|
||||
|
||||
private MediaTypeServerWebExchangeMatcher matcher;
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorMediaTypeArrayWhenNullThenThrowsIllegalArgumentException() {
|
||||
MediaType[] types = null;
|
||||
new MediaTypeServerWebExchangeMatcher(types);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new MediaTypeServerWebExchangeMatcher(types));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorMediaTypeArrayWhenContainsNullThenThrowsIllegalArgumentException() {
|
||||
MediaType[] types = { null };
|
||||
new MediaTypeServerWebExchangeMatcher(types);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new MediaTypeServerWebExchangeMatcher(types));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorMediaTypeListWhenNullThenThrowsIllegalArgumentException() {
|
||||
List<MediaType> types = null;
|
||||
new MediaTypeServerWebExchangeMatcher(types);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new MediaTypeServerWebExchangeMatcher(types));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorMediaTypeListWhenContainsNullThenThrowsIllegalArgumentException() {
|
||||
List<MediaType> types = Collections.singletonList(null);
|
||||
new MediaTypeServerWebExchangeMatcher(types);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new MediaTypeServerWebExchangeMatcher(types));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -32,6 +32,7 @@ import org.springframework.web.server.session.DefaultWebSessionManager;
|
||||
import org.springframework.web.util.pattern.PathPattern;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.verifyZeroInteractions;
|
||||
@@ -65,14 +66,16 @@ public class PathMatcherServerWebExchangeMatcherTests {
|
||||
this.matcher = new PathPatternParserServerWebExchangeMatcher(this.pattern);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorPatternWhenPatternNullThenThrowsException() {
|
||||
new PathPatternParserServerWebExchangeMatcher((PathPattern) null);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new PathPatternParserServerWebExchangeMatcher((PathPattern) null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorPatternAndMethodWhenPatternNullThenThrowsException() {
|
||||
new PathPatternParserServerWebExchangeMatcher((PathPattern) null, HttpMethod.GET);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new PathPatternParserServerWebExchangeMatcher((PathPattern) null, HttpMethod.GET));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -26,6 +26,7 @@ import org.springframework.web.context.WebApplicationContext;
|
||||
import org.springframework.web.context.support.StaticWebApplicationContext;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalStateException;
|
||||
|
||||
/**
|
||||
* The HttpSessionEventPublisher tests
|
||||
@@ -94,32 +95,31 @@ public class HttpSessionEventPublisherTests {
|
||||
}
|
||||
|
||||
// SEC-2599
|
||||
@Test(expected = IllegalStateException.class)
|
||||
@Test
|
||||
public void sessionCreatedNullApplicationContext() {
|
||||
HttpSessionEventPublisher publisher = new HttpSessionEventPublisher();
|
||||
MockServletContext servletContext = new MockServletContext();
|
||||
MockHttpSession session = new MockHttpSession(servletContext);
|
||||
HttpSessionEvent event = new HttpSessionEvent(session);
|
||||
publisher.sessionCreated(event);
|
||||
assertThatIllegalStateException().isThrownBy(() -> publisher.sessionCreated(event));
|
||||
}
|
||||
|
||||
// SEC-2599
|
||||
@Test(expected = IllegalStateException.class)
|
||||
@Test // SEC-2599
|
||||
public void sessionDestroyedNullApplicationContext() {
|
||||
HttpSessionEventPublisher publisher = new HttpSessionEventPublisher();
|
||||
MockServletContext servletContext = new MockServletContext();
|
||||
MockHttpSession session = new MockHttpSession(servletContext);
|
||||
HttpSessionEvent event = new HttpSessionEvent(session);
|
||||
publisher.sessionDestroyed(event);
|
||||
assertThatIllegalStateException().isThrownBy(() -> publisher.sessionDestroyed(event));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalStateException.class)
|
||||
@Test
|
||||
public void sessionIdChangeNullApplicationContext() {
|
||||
HttpSessionEventPublisher publisher = new HttpSessionEventPublisher();
|
||||
MockServletContext servletContext = new MockServletContext();
|
||||
MockHttpSession session = new MockHttpSession(servletContext);
|
||||
HttpSessionEvent event = new HttpSessionEvent(session);
|
||||
publisher.sessionIdChanged(event, "oldSessionId");
|
||||
assertThatIllegalStateException().isThrownBy(() -> publisher.sessionIdChanged(event, "oldSessionId"));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -24,27 +24,30 @@ import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.core.session.SessionInformation;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
* @since 4.2
|
||||
*/
|
||||
public class SessionInformationExpiredEventTests {
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorWhenSessionInformationNullThenThrowsException() {
|
||||
new SessionInformationExpiredEvent(null, new MockHttpServletRequest(), new MockHttpServletResponse());
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new SessionInformationExpiredEvent(null,
|
||||
new MockHttpServletRequest(), new MockHttpServletResponse()));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorWhenRequestNullThenThrowsException() {
|
||||
new SessionInformationExpiredEvent(new SessionInformation("fake", "sessionId", new Date()), null,
|
||||
new MockHttpServletResponse());
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new SessionInformationExpiredEvent(
|
||||
new SessionInformation("fake", "sessionId", new Date()), null, new MockHttpServletResponse()));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorWhenResponseNullThenThrowsException() {
|
||||
new SessionInformationExpiredEvent(new SessionInformation("fake", "sessionId", new Date()),
|
||||
new MockHttpServletRequest(), null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new SessionInformationExpiredEvent(
|
||||
new SessionInformation("fake", "sessionId", new Date()), new MockHttpServletRequest(), null));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -36,6 +36,7 @@ import org.springframework.security.web.authentication.session.SessionAuthentica
|
||||
import org.springframework.security.web.context.SecurityContextRepository;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.BDDMockito.willThrow;
|
||||
@@ -161,11 +162,11 @@ public class SessionManagementFilterTests {
|
||||
verify(trustResolver).isAnonymous(any(Authentication.class));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void setTrustResolverNull() {
|
||||
SecurityContextRepository repo = mock(SecurityContextRepository.class);
|
||||
SessionManagementFilter filter = new SessionManagementFilter(repo);
|
||||
filter.setTrustResolver(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> filter.setTrustResolver(null));
|
||||
}
|
||||
|
||||
private void authenticateUser() {
|
||||
|
||||
@@ -19,6 +19,7 @@ package org.springframework.security.web.util;
|
||||
import org.junit.Test;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
public class TextEscapeUtilsTests {
|
||||
|
||||
@@ -36,19 +37,19 @@ public class TextEscapeUtilsTests {
|
||||
assertThat(TextEscapeUtils.escapeEntities(null)).isNull();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void invalidLowSurrogateIsDetected() {
|
||||
TextEscapeUtils.escapeEntities("abc\uDCCCdef");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> TextEscapeUtils.escapeEntities("abc\uDCCCdef"));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void missingLowSurrogateIsDetected() {
|
||||
TextEscapeUtils.escapeEntities("abc\uD888a");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> TextEscapeUtils.escapeEntities("abc\uD888a"));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void highSurrogateAtEndOfStringIsRejected() {
|
||||
TextEscapeUtils.escapeEntities("abc\uD888");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> TextEscapeUtils.escapeEntities("abc\uD888"));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -28,6 +28,8 @@ import org.mockito.Mock;
|
||||
import org.mockito.junit.MockitoJUnitRunner;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.assertj.core.api.Assertions.assertThatNullPointerException;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
|
||||
/**
|
||||
@@ -48,34 +50,36 @@ public class AndRequestMatcherTests {
|
||||
|
||||
private RequestMatcher matcher;
|
||||
|
||||
@Test(expected = NullPointerException.class)
|
||||
@Test
|
||||
public void constructorNullArray() {
|
||||
new AndRequestMatcher((RequestMatcher[]) null);
|
||||
assertThatNullPointerException().isThrownBy(() -> new AndRequestMatcher((RequestMatcher[]) null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorArrayContainsNull() {
|
||||
new AndRequestMatcher((RequestMatcher) null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new AndRequestMatcher((RequestMatcher) null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorEmptyArray() {
|
||||
new AndRequestMatcher(new RequestMatcher[0]);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new AndRequestMatcher(new RequestMatcher[0]));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullList() {
|
||||
new AndRequestMatcher((List<RequestMatcher>) null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new AndRequestMatcher((List<RequestMatcher>) null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorListContainsNull() {
|
||||
new AndRequestMatcher(Arrays.asList((RequestMatcher) null));
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new AndRequestMatcher(Arrays.asList((RequestMatcher) null)));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorEmptyList() {
|
||||
new AndRequestMatcher(Collections.<RequestMatcher>emptyList());
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new AndRequestMatcher(Collections.<RequestMatcher>emptyList()));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -33,6 +33,7 @@ import org.springframework.web.accept.ContentNegotiationStrategy;
|
||||
import org.springframework.web.context.request.NativeWebRequest;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
|
||||
@@ -55,41 +56,45 @@ public class MediaTypeRequestMatcherTests {
|
||||
this.request = new MockHttpServletRequest();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorWhenNullCNSThenIAE() {
|
||||
ContentNegotiationStrategy c = null;
|
||||
new MediaTypeRequestMatcher(c, MediaType.ALL);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new MediaTypeRequestMatcher(c, MediaType.ALL));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullCNSSet() {
|
||||
new MediaTypeRequestMatcher(null, Collections.singleton(MediaType.ALL));
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new MediaTypeRequestMatcher(null, Collections.singleton(MediaType.ALL)));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNoVarargs() {
|
||||
new MediaTypeRequestMatcher(this.negotiationStrategy);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new MediaTypeRequestMatcher(this.negotiationStrategy));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullMediaTypes() {
|
||||
Collection<MediaType> mediaTypes = null;
|
||||
new MediaTypeRequestMatcher(this.negotiationStrategy, mediaTypes);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new MediaTypeRequestMatcher(this.negotiationStrategy, mediaTypes));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorEmtpyMediaTypes() {
|
||||
new MediaTypeRequestMatcher(this.negotiationStrategy, Collections.<MediaType>emptyList());
|
||||
assertThatIllegalArgumentException().isThrownBy(
|
||||
() -> new MediaTypeRequestMatcher(this.negotiationStrategy, Collections.<MediaType>emptyList()));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorWhenEmptyMediaTypeThenIAE() {
|
||||
new MediaTypeRequestMatcher();
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new MediaTypeRequestMatcher());
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorWhenEmptyMediaTypeCollectionThenIAE() {
|
||||
new MediaTypeRequestMatcher(Collections.<MediaType>emptyList());
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new MediaTypeRequestMatcher(Collections.<MediaType>emptyList()));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -24,6 +24,7 @@ import org.mockito.Mock;
|
||||
import org.mockito.junit.MockitoJUnitRunner;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
|
||||
/**
|
||||
@@ -41,9 +42,9 @@ public class NegatedRequestMatcherTests {
|
||||
|
||||
private RequestMatcher matcher;
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNull() {
|
||||
new NegatedRequestMatcher(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new NegatedRequestMatcher(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -28,6 +28,8 @@ import org.mockito.Mock;
|
||||
import org.mockito.junit.MockitoJUnitRunner;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.assertj.core.api.Assertions.assertThatNullPointerException;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
|
||||
/**
|
||||
@@ -48,34 +50,36 @@ public class OrRequestMatcherTests {
|
||||
|
||||
private RequestMatcher matcher;
|
||||
|
||||
@Test(expected = NullPointerException.class)
|
||||
@Test
|
||||
public void constructorNullArray() {
|
||||
new OrRequestMatcher((RequestMatcher[]) null);
|
||||
assertThatNullPointerException().isThrownBy(() -> new OrRequestMatcher((RequestMatcher[]) null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorArrayContainsNull() {
|
||||
new OrRequestMatcher((RequestMatcher) null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new OrRequestMatcher((RequestMatcher) null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorEmptyArray() {
|
||||
new OrRequestMatcher(new RequestMatcher[0]);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new OrRequestMatcher(new RequestMatcher[0]));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullList() {
|
||||
new OrRequestMatcher((List<RequestMatcher>) null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new OrRequestMatcher((List<RequestMatcher>) null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorListContainsNull() {
|
||||
new OrRequestMatcher(Arrays.asList((RequestMatcher) null));
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new OrRequestMatcher(Arrays.asList((RequestMatcher) null)));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorEmptyList() {
|
||||
new OrRequestMatcher(Collections.<RequestMatcher>emptyList());
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new OrRequestMatcher(Collections.<RequestMatcher>emptyList()));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -22,6 +22,7 @@ import org.junit.Test;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@@ -40,14 +41,14 @@ public class RequestHeaderRequestMatcherTests {
|
||||
this.request = new MockHttpServletRequest();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullHeaderName() {
|
||||
new RequestHeaderRequestMatcher(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new RequestHeaderRequestMatcher(null));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
@Test
|
||||
public void constructorNullHeaderNameNonNullHeaderValue() {
|
||||
new RequestHeaderRequestMatcher(null, "v");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> new RequestHeaderRequestMatcher(null, "v"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
Reference in New Issue
Block a user