Remove spring-session-sample-javaconfig-rest

Works around a compatability issue for now.

Issue gh-2201
This commit is contained in:
Rob Winch
2022-11-09 12:44:31 -06:00
parent 94b441c676
commit b229103d8c
15 changed files with 0 additions and 642 deletions

View File

@@ -1,112 +0,0 @@
/*
* Copyright 2014-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package rest;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.testcontainers.containers.GenericContainer;
import sample.SecurityConfig;
import sample.mvc.MvcConfig;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
import org.springframework.security.test.context.support.WithMockUser;
import org.springframework.session.Session;
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
import org.springframework.session.web.http.HeaderHttpSessionIdResolver;
import org.springframework.session.web.http.HttpSessionIdResolver;
import org.springframework.session.web.http.SessionRepositoryFilter;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit.jupiter.SpringExtension;
import org.springframework.test.context.web.WebAppConfiguration;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user;
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
@ExtendWith(SpringExtension.class)
@ContextConfiguration(classes = { RestMockMvcTests.Config.class, SecurityConfig.class, MvcConfig.class })
@WebAppConfiguration
class RestMockMvcTests {
private static final String DOCKER_IMAGE = "redis:7.0.4-alpine";
@Autowired
private SessionRepositoryFilter<? extends Session> sessionRepositoryFilter;
@Autowired
private WebApplicationContext context;
private MockMvc mvc;
@BeforeEach
void setup() {
this.mvc = MockMvcBuilders.webAppContextSetup(this.context).alwaysDo(print())
.addFilters(this.sessionRepositoryFilter).apply(springSecurity()).build();
}
@Test
void noSessionOnNoCredentials() throws Exception {
this.mvc.perform(get("/")).andExpect(header().doesNotExist("X-Auth-Token"))
.andExpect(status().isUnauthorized());
}
@WithMockUser
@Test
void autheticatedAnnotation() throws Exception {
this.mvc.perform(get("/")).andExpect(content().string("{\"username\":\"user\"}"));
}
@Test
void autheticatedRequestPostProcessor() throws Exception {
this.mvc.perform(get("/").with(user("user"))).andExpect(content().string("{\"username\":\"user\"}"));
}
@Configuration
@EnableRedisHttpSession
static class Config {
@Bean
GenericContainer redisContainer() {
GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE).withExposedPorts(6379);
redisContainer.start();
return redisContainer;
}
@Bean
LettuceConnectionFactory redisConnectionFactory() {
return new LettuceConnectionFactory(redisContainer().getHost(), redisContainer().getFirstMappedPort());
}
@Bean
HttpSessionIdResolver httpSessionIdResolver() {
return HeaderHttpSessionIdResolver.xAuthToken();
}
}
}

View File

@@ -1,125 +0,0 @@
/*
* Copyright 2014-2019 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package sample;
import java.util.Base64;
import java.util.Collections;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.RestTemplate;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
/**
* @author Pool Dolorier
*/
class RestTests {
private static final String AUTHORIZATION = "Authorization";
private static final String BASIC = "Basic ";
private static final String X_AUTH_TOKEN = "X-Auth-Token";
private RestTemplate restTemplate;
private String baseUrl;
@BeforeEach
void setUp() {
this.baseUrl = "http://localhost:" + System.getProperty("app.port");
this.restTemplate = new RestTemplate();
}
@Test
void unauthenticatedUserSentToLogInPage() {
HttpHeaders headers = new HttpHeaders();
headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
assertThatExceptionOfType(HttpClientErrorException.class)
.isThrownBy(() -> getForUser(this.baseUrl + "/", headers, String.class))
.satisfies((e) -> assertThat(e.getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED));
}
@Test
void authenticateWithBasicWorks() {
String auth = getAuth("user", "password");
HttpHeaders headers = getHttpHeaders();
headers.set(AUTHORIZATION, BASIC + auth);
ResponseEntity<User> entity = getForUser(this.baseUrl + "/", headers, User.class);
assertThat(entity.getStatusCode()).isEqualTo(HttpStatus.OK);
assertThat(entity.getHeaders().containsKey(X_AUTH_TOKEN)).isTrue();
assertThat(entity.getBody().getUsername()).isEqualTo("user");
}
@Test
void authenticateWithXAuthTokenWorks() {
String auth = getAuth("user", "password");
HttpHeaders headers = getHttpHeaders();
headers.set(AUTHORIZATION, BASIC + auth);
ResponseEntity<User> entity = getForUser(this.baseUrl + "/", headers, User.class);
String token = entity.getHeaders().getFirst(X_AUTH_TOKEN);
HttpHeaders authTokenHeader = new HttpHeaders();
authTokenHeader.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
authTokenHeader.set(X_AUTH_TOKEN, token);
ResponseEntity<User> authTokenResponse = getForUser(this.baseUrl + "/", authTokenHeader, User.class);
assertThat(authTokenResponse.getStatusCode()).isEqualTo(HttpStatus.OK);
assertThat(authTokenResponse.getBody().getUsername()).isEqualTo("user");
}
@Test
void logout() {
String auth = getAuth("user", "password");
HttpHeaders headers = getHttpHeaders();
headers.set(AUTHORIZATION, BASIC + auth);
ResponseEntity<User> entity = getForUser(this.baseUrl + "/", headers, User.class);
String token = entity.getHeaders().getFirst(X_AUTH_TOKEN);
HttpHeaders logoutHeader = getHttpHeaders();
logoutHeader.set(X_AUTH_TOKEN, token);
ResponseEntity<User> logoutResponse = getForUser(this.baseUrl + "/logout", logoutHeader, User.class);
assertThat(logoutResponse.getStatusCode()).isEqualTo(HttpStatus.NO_CONTENT);
}
private <T> ResponseEntity<T> getForUser(String resourceUrl, HttpHeaders headers, Class<T> type) {
return this.restTemplate.exchange(resourceUrl, HttpMethod.GET, new HttpEntity<T>(headers), type);
}
private HttpHeaders getHttpHeaders() {
HttpHeaders headers = new HttpHeaders();
headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
return headers;
}
private String getAuth(String user, String password) {
String auth = user + ":" + password;
return Base64.getEncoder().encodeToString(auth.getBytes());
}
}

View File

@@ -1,34 +0,0 @@
/*
* Copyright 2014-2019 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package sample;
/**
* @author Pool Dolorier
*/
public class User {
private String username;
public String getUsername() {
return this.username;
}
public void setUsername(String username) {
this.username = username;
}
}