我需要编写一个jUnit测试用例,它会因“ / contextpath / oauth2 / token?grant_type = password”而不断失败。
@RunWith(SpringRunner.class)
@WebAppConfiguration
@AutoConfigureMockMvc
@SpringBootTest(classes = UserAuthApplication.class)
class UserAuthApplicationTests {
@Autowired
private MockMvc mockMvc;
private String obtainAccessToken(final String username, final String password) throws Exception {
MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
params.add("grant_type", "password");
params.add("username", username);
params.add("password", password);
ResultActions result = mockMvc
.perform(post("/userauth/oauth/token").params(params).with(httpBasic("user-test","testp"))
.accept("application/json"))
.andExpect(status().isOk())
.andExpect((ResultMatcher) content());
String resultString = result.andReturn().getResponse().getContentAsString();
JacksonJsonParser jsonParser = new JacksonJsonParser();
return jsonParser.parseMap(resultString).get("access_token").toString();
}
@Test
public void tokenNotGiven_whenGetSecureRequest_thenUnauthorized() throws Exception {
mockMvc.perform(get("/userauth/apis/v1/users").param("email", ""))
.andExpect(status().isUnauthorized());
}
@Test
public void givenValidUserCredentials_whenGetSecureRequest_thenAuthorized() throws Exception {
String accessToken = obtainAccessToken("test@gmail.com", "test1");
mockMvc.perform(get("/userauth/apis/v1/users")
.header("Authorization", "Bearer " + accessToken)
.param("email", ""))
.andExpect(status().isOk());
mockMvc.perform(get("/userauth/apis/v1/users")
.header("Authorization", "Bearer " + accessToken)
.param("email", ""))
.andExpect(status().isOk())
.andExpect((ResultMatcher) content().contentType("application/json;charset=UTF-8"))
.andExpect(jsonPath("$.success", is(true)));
}
}
当我在测试用例上运行时,它给了我以下错误:
MockHttpServletRequest:
HTTP Method = POST
Request URI = /userauth/oauth/token
Parameters = {grant_type=[password], username=[test@gmail.com], password=[test1]}
Headers = [Accept:"application/json", Authorization:"Basic dXNlci1hdXRoOm1hbm9q"]
Body = null
Session Attrs = {}
Handler:
Type = null
Async:
Async started = false
Async result = null
Resolved Exception:
Type = null
ModelAndView:
View name = null
View = null
Model = null
FlashMap:
Attributes = null
MockHttpServletResponse:
Status = 401
Error message = null
Headers = [Vary:"Origin", "Access-Control-Request-Method", "Access-Control-Request-Headers", Content-Type:"application/json", X-Content-Type-Options:"nosniff", X-XSS-Protection:"1; mode=block", Cache-Control:"no-cache, no-store, max-age=0, must-revalidate", Pragma:"no-cache", Expires:"0", X-Frame-Options:"DENY"]
Content type = application/json
Body = {"status":"UNAUTHORIZED","message":"Full authentication is required to access this resource"}
Forwarded URL = null
Redirected URL = null
Cookies = []
期望它应该生成令牌,就像在邮递员中一样,即使在基于ReactJS的应用程序中也能够生成并正常工作,但仅在jUnit中失败。
答案 0 :(得分:0)
MockMvc
的好处是您可以在模拟的Servlet环境中工作,并使用案例使用Spring Security Test支持来基本上在SecurityContext
中设置用户。如果您 just 要测试HTTP端点,这将使您不必准备任何令牌。
确保项目中具有以下依赖项:
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
然后,您可以在测试方法级别使用@WithMockUser(username="mike")
,也可以在通过MockMvc
执行请求时使用:
this.mockMvc
.perform(get("/userauth/apis/v1/users")
.with(SecurityMockMvcRequestPostProcessors.jwt()
.jwt(YOUR_JWT_HERE) // also optional
.authorities(new SimpleGrantedAuthority("ROLE_ADMIN")))) // also optional
.andExpect(status().isOk());
如果您仍然想测试安全性流程,建议您在测试中使用@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
,而不要使用MockMvc
。然后,您可以使用自动配置的TestRestTemplate
或WebTestClient
,然后先执行令牌检索,然后使用 real Servlet环境访问您的端点。