Commit c64b086

committed

Add SecurityAssertions

This commit introduces a simple, internal test API for verifying aspects of an Authentication, like its name and authorities. Closes gh-17844

1 parent de10e08 commit c64b086Copy full SHA for c64b086

File tree

15 files changed

+180

-108

lines changed

config/src/test/java/org/springframework/security/config/annotation
- authentication
  - AuthenticationManagerBuilderTests.java
- web/configurers/oauth2
  - client
    - OAuth2LoginConfigurerTests.java
  - server/resource
    - OAuth2ResourceServerConfigurerTests.java
core/src/test/java/org/springframework/security/authentication
- SecurityAssertions.java
ldap
- spring-security-ldap.gradle
- src/test/java/org/springframework/security/ldap/authentication/ad
  - ActiveDirectoryLdapAuthenticationProviderTests.java
oauth2
- oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication
  - OAuth2LoginAuthenticationProviderTests.java
- oauth2-resource-server
  - spring-security-oauth2-resource-server.gradle
  - src/test/java/org/springframework/security/oauth2/server/resource/authentication
saml2/saml2-service-provider/src/opensaml5Test/java/org/springframework/security/saml2/provider/service/authentication
- OpenSaml5AuthenticationProviderTests.java

15 files changed

+180

-108

lines changed

`‎config/src/test/java/org/springframework/security/config/annotation/authentication/AuthenticationManagerBuilderTests.java`

Lines changed: 3 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -32,6 +32,7 @@`
`32`	`32`	`import org.springframework.security.authentication.AuthenticationManager;`
`33`	`33`	`import org.springframework.security.authentication.AuthenticationProvider;`
`34`	`34`	`import org.springframework.security.authentication.ProviderManager;`
	`35`	`+import org.springframework.security.authentication.SecurityAssertions;`
`35`	`36`	`import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;`
`36`	`37`	`import org.springframework.security.authentication.dao.DaoAuthenticationProvider;`
`37`	`38`	`import org.springframework.security.config.ObjectPostProcessor;`
`@@ -44,7 +45,6 @@`
`44`	`45`	`import org.springframework.security.config.test.SpringTestContextExtension;`
`45`	`46`	`import org.springframework.security.core.Authentication;`
`46`	`47`	`import org.springframework.security.core.AuthenticationException;`
`47`		`-import org.springframework.security.core.GrantedAuthority;`
`48`	`48`	`import org.springframework.security.core.userdetails.PasswordEncodedUser;`
`49`	`49`	`import org.springframework.security.core.userdetails.UserDetailsService;`
`50`	`50`	`import org.springframework.security.crypto.password.NoOpPasswordEncoder;`
`@@ -107,8 +107,7 @@ public void getAuthenticationManagerWhenGlobalPasswordEncoderBeanThenUsed() thro`
`107`	`107`	`.getAuthenticationManager();`
`108`	`108`	`Authentication auth = manager`
`109`	`109`	`.authenticate(UsernamePasswordAuthenticationToken.unauthenticated("user", "password"));`
`110`		`- assertThat(auth.getName()).isEqualTo("user");`
`111`		`- assertThat(auth.getAuthorities()).extracting(GrantedAuthority::getAuthority).containsOnly("ROLE_USER");`
	`110`	`+ SecurityAssertions.assertThat(auth).name("user").hasAuthority("ROLE_USER");`
`112`	`111`	`}`
`113`	`112`
`114`	`113`	`@Test`
`@@ -119,8 +118,7 @@ public void getAuthenticationManagerWhenProtectedPasswordEncoderBeanThenUsed() t`
`119`	`118`	`.getAuthenticationManager();`
`120`	`119`	`Authentication auth = manager`
`121`	`120`	`.authenticate(UsernamePasswordAuthenticationToken.unauthenticated("user", "password"));`
`122`		`- assertThat(auth.getName()).isEqualTo("user");`
`123`		`- assertThat(auth.getAuthorities()).extracting(GrantedAuthority::getAuthority).containsOnly("ROLE_USER");`
	`121`	`+ SecurityAssertions.assertThat(auth).name("user").hasAuthority("ROLE_USER");`
`124`	`122`	`}`
`125`	`123`
`126`	`124`	`@Test`

`‎config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java`

Lines changed: 21 additions & 43 deletions

Original file line number	Diff line number	Diff line change
`@@ -45,6 +45,7 @@`
`45`	`45`	`import org.springframework.mock.web.MockHttpServletRequest;`
`46`	`46`	`import org.springframework.mock.web.MockHttpServletResponse;`
`47`	`47`	`import org.springframework.security.authentication.AuthenticationProvider;`
	`48`	`+import org.springframework.security.authentication.SecurityAssertions;`
`48`	`49`	`import org.springframework.security.authentication.event.AuthenticationSuccessEvent;`
`49`	`50`	`import org.springframework.security.config.Customizer;`
`50`	`51`	`import org.springframework.security.config.ObjectPostProcessor;`
`@@ -217,10 +218,9 @@ public void oauth2Login() throws Exception {`
`217`	`218`	`Authentication authentication = this.securityContextRepository`
`218`	`219`	`.loadContext(new HttpRequestResponseHolder(this.request, this.response))`
`219`	`220`	`.getAuthentication();`
`220`		`- assertThat(authentication.getAuthorities()).hasSize(1);`
`221`		`- assertThat(authentication.getAuthorities()).first()`
`222`		`- .isInstanceOf(OAuth2UserAuthority.class)`
`223`		`- .hasToString("OAUTH2_USER");`
	`221`	`+ SecurityAssertions.assertThat(authentication)`
	`222`	`+ .hasAuthority("OAUTH2_USER")`
	`223`	`+ .isInstanceOf(OAuth2UserAuthority.class);`
`224`	`224`	`}`
`225`	`225`
`226`	`226`	`@Test`
`@@ -234,10 +234,9 @@ public void requestWhenCustomSecurityContextHolderStrategyThenUses() throws Exce`
`234`	`234`	`Authentication authentication = this.securityContextRepository`
`235`	`235`	`.loadContext(new HttpRequestResponseHolder(this.request, this.response))`
`236`	`236`	`.getAuthentication();`
`237`		`- assertThat(authentication.getAuthorities()).hasSize(1);`
`238`		`- assertThat(authentication.getAuthorities()).first()`
`239`		`- .isInstanceOf(OAuth2UserAuthority.class)`
`240`		`- .hasToString("OAUTH2_USER");`
	`237`	`+ SecurityAssertions.assertThat(authentication)`
	`238`	`+ .hasAuthority("OAUTH2_USER")`
	`239`	`+ .isInstanceOf(OAuth2UserAuthority.class);`
`241`	`240`	`SecurityContextHolderStrategy strategy = this.context.getBean(SecurityContextHolderStrategy.class);`
`242`	`241`	`verify(strategy, atLeastOnce()).getDeferredContext();`
`243`	`242`	`SecurityContextChangedListener listener = this.context.getBean(SecurityContextChangedListener.class);`
`@@ -255,10 +254,9 @@ public void requestWhenOauth2LoginInLambdaThenAuthenticationContainsOauth2UserAu`
`255`	`254`	`Authentication authentication = this.securityContextRepository`
`256`	`255`	`.loadContext(new HttpRequestResponseHolder(this.request, this.response))`
`257`	`256`	`.getAuthentication();`
`258`		`- assertThat(authentication.getAuthorities()).hasSize(1);`
`259`		`- assertThat(authentication.getAuthorities()).first()`
`260`		`- .isInstanceOf(OAuth2UserAuthority.class)`
`261`		`- .hasToString("OAUTH2_USER");`
	`257`	`+ SecurityAssertions.assertThat(authentication)`
	`258`	`+ .hasAuthority("OAUTH2_USER")`
	`259`	`+ .isInstanceOf(OAuth2UserAuthority.class);`
`262`	`260`	`}`
`263`	`261`
`264`	`262`	`// gh-6009`
`@@ -296,9 +294,7 @@ public void oauth2LoginCustomWithConfigurer() throws Exception {`
`296`	`294`	`Authentication authentication = this.securityContextRepository`
`297`	`295`	`.loadContext(new HttpRequestResponseHolder(this.request, this.response))`
`298`	`296`	`.getAuthentication();`
`299`		`- assertThat(authentication.getAuthorities()).hasSize(2);`
`300`		`- assertThat(authentication.getAuthorities()).first().hasToString("OAUTH2_USER");`
`301`		`- assertThat(authentication.getAuthorities()).last().hasToString("ROLE_OAUTH2_USER");`
	`297`	`+ SecurityAssertions.assertThat(authentication).hasAuthorities("OAUTH2_USER", "ROLE_OAUTH2_USER");`
`302`	`298`	`}`
`303`	`299`
`304`	`300`	`@Test`
`@@ -317,9 +313,7 @@ public void oauth2LoginCustomWithBeanRegistration() throws Exception {`
`317`	`313`	`Authentication authentication = this.securityContextRepository`
`318`	`314`	`.loadContext(new HttpRequestResponseHolder(this.request, this.response))`
`319`	`315`	`.getAuthentication();`
`320`		`- assertThat(authentication.getAuthorities()).hasSize(2);`
`321`		`- assertThat(authentication.getAuthorities()).first().hasToString("OAUTH2_USER");`
`322`		`- assertThat(authentication.getAuthorities()).last().hasToString("ROLE_OAUTH2_USER");`
	`316`	`+ SecurityAssertions.assertThat(authentication).hasAuthorities("OAUTH2_USER", "ROLE_OAUTH2_USER");`
`323`	`317`	`}`
`324`	`318`
`325`	`319`	`@Test`
`@@ -338,9 +332,7 @@ public void oauth2LoginCustomWithUserServiceBeanRegistration() throws Exception`
`338`	`332`	`Authentication authentication = this.securityContextRepository`
`339`	`333`	`.loadContext(new HttpRequestResponseHolder(this.request, this.response))`
`340`	`334`	`.getAuthentication();`
`341`		`- assertThat(authentication.getAuthorities()).hasSize(2);`
`342`		`- assertThat(authentication.getAuthorities()).first().hasToString("OAUTH2_USER");`
`343`		`- assertThat(authentication.getAuthorities()).last().hasToString("ROLE_OAUTH2_USER");`
	`335`	`+ SecurityAssertions.assertThat(authentication).hasAuthorities("OAUTH2_USER", "ROLE_OAUTH2_USER");`
`344`	`336`	`}`
`345`	`337`
`346`	`338`	`// gh-5488`
`@@ -361,10 +353,9 @@ public void oauth2LoginConfigLoginProcessingUrl() throws Exception {`
`361`	`353`	`Authentication authentication = this.securityContextRepository`
`362`	`354`	`.loadContext(new HttpRequestResponseHolder(this.request, this.response))`
`363`	`355`	`.getAuthentication();`
`364`		`- assertThat(authentication.getAuthorities()).hasSize(1);`
`365`		`- assertThat(authentication.getAuthorities()).first()`
`366`		`- .isInstanceOf(OAuth2UserAuthority.class)`
`367`		`- .hasToString("OAUTH2_USER");`
	`356`	`+ SecurityAssertions.assertThat(authentication)`
	`357`	`+ .hasAuthority("OAUTH2_USER")`
	`358`	`+ .isInstanceOf(OAuth2UserAuthority.class);`
`368`	`359`	`}`
`369`	`360`
`370`	`361`	`// gh-5521`
`@@ -570,10 +561,7 @@ public void oidcLogin() throws Exception {`
`570`	`561`	`Authentication authentication = this.securityContextRepository`
`571`	`562`	`.loadContext(new HttpRequestResponseHolder(this.request, this.response))`
`572`	`563`	`.getAuthentication();`
`573`		`- assertThat(authentication.getAuthorities()).hasSize(1);`
`574`		`- assertThat(authentication.getAuthorities()).first()`
`575`		`- .isInstanceOf(OidcUserAuthority.class)`
`576`		`- .hasToString("OIDC_USER");`
	`564`	`+ SecurityAssertions.assertThat(authentication).hasAuthority("OIDC_USER").isInstanceOf(OidcUserAuthority.class);`
`577`	`565`	`}`
`578`	`566`
`579`	`567`	`@Test`
`@@ -593,9 +581,7 @@ public void requestWhenOauth2LoginInLambdaAndOidcThenAuthenticationContainsOidcU`
`593`	`581`	`.loadContext(new HttpRequestResponseHolder(this.request, this.response))`
`594`	`582`	`.getAuthentication();`
`595`	`583`	`assertThat(authentication.getAuthorities()).hasSize(1);`
`596`		`- assertThat(authentication.getAuthorities()).first()`
`597`		`- .isInstanceOf(OidcUserAuthority.class)`
`598`		`- .hasToString("OIDC_USER");`
	`584`	`+ SecurityAssertions.assertThat(authentication).hasAuthority("OIDC_USER").isInstanceOf(OidcUserAuthority.class);`
`599`	`585`	`}`
`600`	`586`
`601`	`587`	`@Test`
`@@ -614,9 +600,7 @@ public void oidcLoginCustomWithConfigurer() throws Exception {`
`614`	`600`	`Authentication authentication = this.securityContextRepository`
`615`	`601`	`.loadContext(new HttpRequestResponseHolder(this.request, this.response))`
`616`	`602`	`.getAuthentication();`
`617`		`- assertThat(authentication.getAuthorities()).hasSize(2);`
`618`		`- assertThat(authentication.getAuthorities()).first().hasToString("OIDC_USER");`
`619`		`- assertThat(authentication.getAuthorities()).last().hasToString("ROLE_OIDC_USER");`
	`603`	`+ SecurityAssertions.assertThat(authentication).hasAuthorities("OIDC_USER", "ROLE_OIDC_USER");`
`620`	`604`	`}`
`621`	`605`
`622`	`606`	`@Test`
`@@ -635,9 +619,7 @@ public void oidcLoginCustomWithBeanRegistration() throws Exception {`
`635`	`619`	`Authentication authentication = this.securityContextRepository`
`636`	`620`	`.loadContext(new HttpRequestResponseHolder(this.request, this.response))`
`637`	`621`	`.getAuthentication();`
`638`		`- assertThat(authentication.getAuthorities()).hasSize(2);`
`639`		`- assertThat(authentication.getAuthorities()).first().hasToString("OIDC_USER");`
`640`		`- assertThat(authentication.getAuthorities()).last().hasToString("ROLE_OIDC_USER");`
	`622`	`+ SecurityAssertions.assertThat(authentication).hasAuthorities("OIDC_USER", "ROLE_OIDC_USER");`
`641`	`623`	`}`
`642`	`624`
`643`	`625`	`@Test`
`@@ -690,11 +672,7 @@ public void oidcLoginWhenOAuth2ClientBeansConfiguredThenNotShared() throws Excep`
`690`	`672`	`Authentication authentication = this.securityContextRepository`
`691`	`673`	`.loadContext(new HttpRequestResponseHolder(this.request, this.response))`
`692`	`674`	`.getAuthentication();`
`693`		`- assertThat(authentication.getAuthorities()).hasSize(1);`
`694`		`- assertThat(authentication.getAuthorities()).first()`
`695`		`- .isInstanceOf(OidcUserAuthority.class)`
`696`		`- .hasToString("OIDC_USER");`
`697`		`-`
	`675`	`+ SecurityAssertions.assertThat(authentication).hasAuthority("OIDC_USER").isInstanceOf(OidcUserAuthority.class);`
`698`	`676`	`// Ensure shared objects set for OAuth2 Client are not used`
`699`	`677`	`ClientRegistrationRepository clientRegistrationRepository = this.spring.getContext()`
`700`	`678`	`.getBean(ClientRegistrationRepository.class);`

`‎config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -2674,6 +2674,7 @@ String authenticated(Authentication authentication) {`
`2674`	`2674`	`String requiresReadScope(JwtAuthenticationToken token) {`
`2675`	`2675`	`return token.getAuthorities()`
`2676`	`2676`	`.stream()`
	`2677`	`+ .filter((ga) -> ga.getAuthority().startsWith("SCOPE_"))`
`2677`	`2678`	`.map(GrantedAuthority::getAuthority)`
`2678`	`2679`	`.collect(Collectors.toList())`
`2679`	`2680`	`.toString();`

`‎core/src/test/java/org/springframework/security/authentication/SecurityAssertions.java`

Lines changed: 100 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,100 @@`
	`1`	`+/*`
	`2`	`+ * Copyright 2004-present the original author or authors.`
	`3`	`+ *`
	`4`	`+ * Licensed under the Apache License, Version 2.0 (the "License");`
	`5`	`+ * you may not use this file except in compliance with the License.`
	`6`	`+ * You may obtain a copy of the License at`
	`7`	`+ *`
	`8`	`+ * https://www.apache.org/licenses/LICENSE-2.0`
	`9`	`+ *`
	`10`	`+ * Unless required by applicable law or agreed to in writing, software`
	`11`	`+ * distributed under the License is distributed on an "AS IS" BASIS,`
	`12`	`+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
	`13`	`+ * See the License for the specific language governing permissions and`
	`14`	`+ * limitations under the License.`
	`15`	`+ */`
	`16`	`+`
	`17`	`+package org.springframework.security.authentication;`
	`18`	`+`
	`19`	`+import java.util.Arrays;`
	`20`	`+import java.util.Collection;`
	`21`	`+import java.util.List;`
	`22`	`+import java.util.Set;`
	`23`	`+import java.util.function.Predicate;`
	`24`	`+`
	`25`	`+import org.assertj.core.api.AbstractObjectAssert;`
	`26`	`+import org.assertj.core.api.Assertions;`
	`27`	`+import org.assertj.core.api.CollectionAssert;`
	`28`	`+import org.assertj.core.api.Condition;`
	`29`	`+import org.assertj.core.api.ObjectAssert;`
	`30`	`+import org.jspecify.annotations.NullMarked;`
	`31`	`+import org.jspecify.annotations.Nullable;`
	`32`	`+`
	`33`	`+import org.springframework.security.core.Authentication;`
	`34`	`+import org.springframework.security.core.GrantedAuthority;`
	`35`	`+import org.springframework.security.core.authority.AuthorityUtils;`
	`36`	`+`
	`37`	`+@NullMarked`
	`38`	`+public final class SecurityAssertions {`
	`39`	`+`
	`40`	`+ private SecurityAssertions() {`
	`41`	`+`
	`42`	`+ }`
	`43`	`+`
	`44`	`+ public static AuthenticationAssert assertThat(@Nullable Authentication authentication) {`
	`45`	`+ Assertions.assertThat(authentication).isNotNull();`
	`46`	`+ return new AuthenticationAssert(authentication);`
	`47`	`+ }`
	`48`	`+`
	`49`	`+ public static final class AuthenticationAssert extends AbstractObjectAssert<AuthenticationAssert, Authentication> {`
	`50`	`+`
	`51`	`+ private final Authentication authentication;`
	`52`	`+`
	`53`	`+ private AuthenticationAssert(Authentication authentication) {`
	`54`	`+ super(authentication, AuthenticationAssert.class);`
	`55`	`+ this.authentication = authentication;`
	`56`	`+ }`
	`57`	`+`
	`58`	`+ public AuthenticationAssert name(String name) {`
	`59`	`+ Assertions.assertThat(this.authentication.getName()).isEqualTo(name);`
	`60`	`+ return this;`
	`61`	`+ }`
	`62`	`+`
	`63`	`+ public ObjectAssert<GrantedAuthority> hasAuthority(String authority) {`
	`64`	`+ Collection<? extends GrantedAuthority> actual = this.authentication.getAuthorities();`
	`65`	`+ for (GrantedAuthority element : actual) {`
	`66`	`+ if (element.getAuthority().equals(authority)) {`
	`67`	`+ return new ObjectAssert<>(element);`
	`68`	`+ }`
	`69`	`+ }`
	`70`	`+ throw new AssertionError(actual + " does not contain " + authority + " as expected");`
	`71`	`+ }`
	`72`	`+`
	`73`	`+ public CollectionAssert<GrantedAuthority> hasAuthorities(String... authorities) {`
	`74`	`+ HasAuthoritiesPredicate test = new HasAuthoritiesPredicate(authorities);`
	`75`	`+ return authorities().has(new Condition<>(test, "contains %s", Arrays.toString(authorities)));`
	`76`	`+ }`
	`77`	`+`
	`78`	`+ public CollectionAssert<GrantedAuthority> authorities() {`
	`79`	`+ return new CollectionAssert<>(this.authentication.getAuthorities());`
	`80`	`+ }`
	`81`	`+`
	`82`	`+ }`
	`83`	`+`
	`84`	`+ private static final class HasAuthoritiesPredicate implements Predicate<Collection<? extends GrantedAuthority>> {`
	`85`	`+`
	`86`	`+ private final Collection<String> expected;`
	`87`	`+`
	`88`	`+ private HasAuthoritiesPredicate(String... expected) {`
	`89`	`+ this.expected = List.of(expected);`
	`90`	`+ }`
	`91`	`+`
	`92`	`+ @Override`
	`93`	`+ public boolean test(Collection<? extends GrantedAuthority> actual) {`
	`94`	`+ Set<String> asString = AuthorityUtils.authorityListToSet(actual);`
	`95`	`+ return asString.containsAll(this.expected);`
	`96`	`+ }`
	`97`	`+`
	`98`	`+ }`
	`99`	`+`
	`100`	`+}`

`‎ldap/spring-security-ldap.gradle`

Lines changed: 2 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,8 @@ dependencies {`
`19`	`19`	`exclude(group: 'org.springframework.data', module: 'spring-data-commons')`
`20`	`20`	`}`
`21`	`21`
`22`		`- testImplementation project(':spring-security-test')`
	`22`	`+ testImplementation project(path : ':spring-security-core', configuration : 'tests')`
	`23`	`+ testImplementation project(":spring-security-test")`
`23`	`24`	`testImplementation 'org.slf4j:slf4j-api'`
`24`	`25`	`testImplementation "org.assertj:assertj-core"`
`25`	`26`	`testImplementation "org.junit.jupiter:junit-jupiter-api"`

`‎ldap/src/test/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProviderTests.java`

Lines changed: 3 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -42,6 +42,7 @@`
`42`	`42`	`import org.springframework.security.authentication.DisabledException;`
`43`	`43`	`import org.springframework.security.authentication.InternalAuthenticationServiceException;`
`44`	`44`	`import org.springframework.security.authentication.LockedException;`
	`45`	`+import org.springframework.security.authentication.SecurityAssertions;`
`45`	`46`	`import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;`
`46`	`47`	`import org.springframework.security.core.Authentication;`
`47`	`48`	`import org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider.ContextFactory;`
`@@ -357,10 +358,10 @@ private void checkAuthentication(String rootDn, ActiveDirectoryLdapAuthenticatio`
`357`	`358`	`.willReturn(new MockNamingEnumeration(sr));`
`358`	`359`	`provider.contextFactory = createContextFactoryReturning(this.ctx);`
`359`	`360`	`Authentication result = provider.authenticate(this.joe);`
`360`		`- assertThat(result.getAuthorities()).isEmpty();`
	`361`	`+ SecurityAssertions.assertThat(result).authorities().doesNotHaveToString("Admin");`
`361`	`362`	`dca.addAttributeValue("memberOf", "CN=Admin,CN=Users,DC=mydomain,DC=eu");`
`362`	`363`	`result = provider.authenticate(this.joe);`
`363`		`- assertThat(result.getAuthorities()).hasSize(1);`
	`364`	`+ SecurityAssertions.assertThat(result).hasAuthority("Admin");`
`364`	`365`	`}`
`365`	`366`
`366`	`367`	`static class MockNamingEnumeration implements NamingEnumeration<SearchResult> {`

`‎oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationProviderTests.java`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -165,7 +165,7 @@ public void authenticateWhenLoginSuccessThenReturnAuthentication() {`
`165`	`165`	`assertThat(authentication.isAuthenticated()).isTrue();`
`166`	`166`	`assertThat(authentication.getPrincipal()).isEqualTo(principal);`
`167`	`167`	`assertThat(authentication.getCredentials()).isEqualTo("");`
`168`		`- assertThat(authentication.getAuthorities()).isEqualTo(authorities);`
	`168`	`+ assertThat(authentication.getAuthorities()).containsAll(authorities);`
`169`	`169`	`assertThat(authentication.getClientRegistration()).isEqualTo(this.clientRegistration);`
`170`	`170`	`assertThat(authentication.getAuthorizationExchange()).isEqualTo(this.authorizationExchange);`
`171`	`171`	`assertThat(authentication.getAccessToken()).isEqualTo(accessTokenResponse.getAccessToken());`

`‎oauth2/oauth2-resource-server/spring-security-oauth2-resource-server.gradle`

Lines changed: 2 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -14,6 +14,7 @@ dependencies {`
`14`	`14`
`15`	`15`	`provided 'jakarta.servlet:jakarta.servlet-api'`
`16`	`16`
	`17`	`+ testImplementation project(path : ':spring-security-core', configuration : 'tests')`
`17`	`18`	`testImplementation project(path: ':spring-security-oauth2-jose', configuration: 'tests')`
`18`	`19`	`testImplementation 'com.squareup.okhttp3:mockwebserver'`
`19`	`20`	`testImplementation 'com.fasterxml.jackson.core:jackson-databind'`
`@@ -27,5 +28,6 @@ dependencies {`
`27`	`28`	`testImplementation "org.mockito:mockito-junit-jupiter"`
`28`	`29`	`testImplementation "org.springframework:spring-test"`
`29`	`30`
	`31`	`+`
`30`	`32`	`testRuntimeOnly 'org.junit.platform:junit-platform-launcher'`
`31`	`33`	`}`

`‎oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationConverterTests.java`

Lines changed: 3 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -23,6 +23,7 @@`
`23`	`23`
`24`	`24`	`import org.springframework.core.convert.converter.Converter;`
`25`	`25`	`import org.springframework.security.authentication.AbstractAuthenticationToken;`
	`26`	`+import org.springframework.security.authentication.SecurityAssertions;`
`26`	`27`	`import org.springframework.security.core.GrantedAuthority;`
`27`	`28`	`import org.springframework.security.core.authority.SimpleGrantedAuthority;`
`28`	`29`	`import org.springframework.security.oauth2.jwt.Jwt;`
`@@ -46,9 +47,7 @@ public class JwtAuthenticationConverterTests {`
`46`	`47`	`public void convertWhenDefaultGrantedAuthoritiesConverterSet() {`
`47`	`48`	`Jwt jwt = TestJwts.jwt().claim("scope", "message:read message:write").build();`
`48`	`49`	`AbstractAuthenticationToken authentication = this.jwtAuthenticationConverter.convert(jwt);`
`49`		`- Collection<GrantedAuthority> authorities = authentication.getAuthorities();`
`50`		`- assertThat(authorities).containsExactly(new SimpleGrantedAuthority("SCOPE_message:read"),`
`51`		`- new SimpleGrantedAuthority("SCOPE_message:write"));`
	`50`	`+ SecurityAssertions.assertThat(authentication).hasAuthorities("SCOPE_message:read", "SCOPE_message:write");`
`52`	`51`	`}`
`53`	`52`
`54`	`53`	`@Test`
`@@ -65,8 +64,7 @@ public void convertWithOverriddenGrantedAuthoritiesConverter() {`
`65`	`64`	`.asList(new SimpleGrantedAuthority("blah"));`
`66`	`65`	`this.jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(grantedAuthoritiesConverter);`
`67`	`66`	`AbstractAuthenticationToken authentication = this.jwtAuthenticationConverter.convert(jwt);`
`68`		`- Collection<GrantedAuthority> authorities = authentication.getAuthorities();`
`69`		`- assertThat(authorities).containsExactly(new SimpleGrantedAuthority("blah"));`
	`67`	`+ SecurityAssertions.assertThat(authentication).hasAuthority("blah");`
`70`	`68`	`}`
`71`	`69`
`72`	`70`	`@Test`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit c64b086

File tree

15 files changed

15 files changed

`‎config/src/test/java/org/springframework/security/config/annotation/authentication/AuthenticationManagerBuilderTests.java`

`‎config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java`

`‎config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java`

`‎core/src/test/java/org/springframework/security/authentication/SecurityAssertions.java`

`‎ldap/spring-security-ldap.gradle`

`‎ldap/src/test/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProviderTests.java`

`‎oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationProviderTests.java`

`‎oauth2/oauth2-resource-server/spring-security-oauth2-resource-server.gradle`

`‎oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationConverterTests.java`

0 commit comments