SpringBoot REST控制器测试类单独通过,但在一起运行时失败

时间:2017-04-14 21:07:15

标签: java rest spring-boot spring-security rest-assured

  

上下文

     

我有一个spring-boot java8服务,它接受REST调用并响应数据。我正在编写一个自定义授权过滤器,用于检查HTTP标头并决定数据,并决定用户是否有权从此服务请求数据。 

import lombok.extern.slf4j.Slf4j;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@WebFilter
@Slf4j
public class AuthorizationFilter implements Filter {

    public static final String UNAUTHORIZED_MESSAGE = "AuthorizationFilter : Empty or Invalid Authorization Header";

    ServletContext context;

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
       context =  filterConfig.getServletContext();
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse res = (HttpServletResponse) response;

        if(ValidationUtil.isAuthorized(req)){
            chain.doFilter(request,response);
        } else {
            log.error(UNAUTHORIZED_MESSAGE);
            res.sendError(401, UNAUTHORIZED_MESSAGE);
        }
    }

    @Override
    public void destroy() {}
}
  

我使用rest-assured进行测试以测试AuthHeader是否设置正确。这是每个测试类的基本格式:

import io.restassured.response.Response;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.boot.context.embedded.LocalServerPort;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.junit4.SpringRunner;
import java.util.ArrayList;
import static io.restassured.RestAssured.given;
import static org.assertj.core.api.Assertions.assertThat;

    @RunWith(SpringRunner.class)
    @SpringBootTest(
        classes={Application.class},
        webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT
    )
    public class AuthorizationTest {

        @LocalServerPort
        private int port;

        @Test(timeout=10000)
        public void shouldRespondWithUnauthorizedWhenNoAuthHeader() {
            given().port(port)
                .param("productKeys", PRODUCT_KEY_1)
                .param("productKeys", PRODUCT_KEY_2)
                .get(ITEM_PRICE_ENDPOINT)
                .then()
                .assertThat()
                .statusCode(401);
        }

        @Test(timeout=10000)
        public void shouldRespondWithUnauthorizedWhenAuthHeaderIsIncorrect() {
            Response response = given().port(port)
                    .header("Accept", "application/json"    )
                    .header("Authorization", "anything")
                    .param("productKeys", PRODUCT_KEY_1)
                    .param("productKeys", PRODUCT_KEY_2)
                    .get(ITEM_PRICE_ENDPOINT)
                    .then()
                    .assertThat()
                    .statusCode(401)
                    .extract()
                    .response();

            assertThat(response.<String>path("message")).isEqualTo("You're Unauthorized to view this resource");
        }

        @Test(timeout=10000)
        public void shouldRespondWithDataWhenAuthHeaderFormatIsCorrect() {
            Response response = given().port(port)
                    .header("Accept", "application/json")
                    .header("Authorization", correctAuthHeader)
                    .param("productKeys", PRODUCT_KEY_1)
                    .param("productKeys", PRODUCT_KEY_2)
                    .get(ITEM_PRICE_ENDPOINT)
                    .then()
                    .assertThat()
                    .statusCode(200)
                    .extract()
                    .response();

            assertThat(response.<ArrayList>path("rows")).isNotEmpty();
        }
    }
  

问题:

     

运行整套测试gradle clean build(7个测试类,每个w / 2或3个测试)FAILS在运行每个测试时单独PASSES < / p>      

我理解默认情况下spring加载并缓存ApplicationContext文件,这样它就不必为每次测试重新加载,但我不确定这会如何影响REST请求。 (https://docs.spring.io/spring/docs/current/spring-framework-reference/html/integration-testing.html#testcontext-framework

任何想法?

  

技术:

     
      
  • Java 8
    •   
  • org.springframework.boot:弹簧引导起动试验:1.4.RELEASE
    •   
  • org.springframework.boot:spring-boot-starter-web
    •   
     

注意:

     

我们选择不使用Spring安全过滤器,因为很快就会在服务前面的API网关中实现这种安全级别。

0 个答案:

没有答案
相关问题
最新问题