我一直在尝试为Spring MVC应用程序编写集成测试。我们正在使用oAuth2进行身份验证。
Spring在这种情况下为我们提供了一个Principal实例,我们用它来确定我们必须将哪些实体发送回客户端。在我们的控制器中,我们有一个端点:
@RequestMapping("/bookings")
public @ResponseBody ResponseEntity<List<ThirdPartyBooking>> getBookings(Principal principal) {
OAuth2Authentication auth = (OAuth2Authentication) principal;
OAuth2AuthenticationDetails authDetails = (OAuthAuthenticationDetails) auth.getDetails();
// Extract stuff from the details...
}
现在,在我们的测试中,我想确保我们只为经过身份验证的用户发送预订。可以在下面找到测试代码:
@RunWith(SpringJUnit4ClassRunner.class)
@SpringApplicationConfiguration(classes = {ThirdPartyBookingServiceConfiguration.class})
@WebAppConfiguration
@Component
public abstract class RepositoryTestBase {
@Resource
private WebApplicationContext context;
private MockMvc mockMvc;
@Before
public void setUp() {
mockMvc = MockMvcBuilders.webAppContextSetup(context).build();
}
@Test
public void shouldOnlyReturnUserBookings() throws Exception {
MockHttpServletResponse result = mockMvc.perform(MockMvcRequestBuilders.get("/bookings").principal(???)).andReturn().getResponse();
// Validate the response
}
}
如何在OAuth2Authentication上插入????
答案 0 :(得分:2)
我使用 RequestPostProcessor 进行测试验证。只需添加存根令牌即可:
@Component
public class OAuthHelper {
@Autowired
AuthorizationServerTokenServices tokenservice;
public RequestPostProcessor addBearerToken(final String username, String... authorities)
{
return mockRequest -> {
OAuth2Request oauth2Request = new OAuth2Request( null, "client-id",
null, true, null, null, null, null, null );
Authentication userauth = new TestingAuthenticationToken( username, null, authorities);
OAuth2Authentication oauth2auth = new OAuth2Authentication(oauth2Request, userauth);
OAuth2AccessToken token = tokenservice.createAccessToken(oauth2auth);
mockRequest.addHeader("Authorization", "Bearer " + token.getValue());
return mockRequest;
};
}
}
并在测试中使用它:
accessToken = authHelper.addBearerToken( TEST_USER, TEST_ROLE );
mockMvc.perform( get( "/cats" ).with( accessToken ) )