Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to mock security context in tests if I disabled authorizarion

Tags:

java

spring

integration-testing

spring-security

security-context

I have tests like this:

@RunWith(SpringRunner.class)
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
@ActiveProfiles("test")
public class MyTests {

    @Autowired
    private TestRestTemplate restTemplate;
    ....

In tests I disabled authentification/authorizaton

But in code I use following:

Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

But it is reason why tests fails.

How can I mock it my tests?

P.S.

This one doesn't work:

@Test
public void testUpdateWithoutNameAndEmail() {
    Authentication authentication = Mockito.mock(Authentication.class);
    SecurityContext securityContext = Mockito.mock(SecurityContext.class);
    Mockito.when(securityContext.getAuthentication()).thenReturn(authentication);
    SecurityContextHolder.setContext(securityContext);
    Mockito.when(authentication.getName()).thenReturn("aName");

    restTemplate.exchange(..

SecurityContextHolder.getContext().getAuthentication() returns null in code

and this one too:

@Autowired
private TestRestTemplate restTemplate;
@Test
@WithMockUser(username = "aUser", roles = { "ADMIN" })
public void testUpdateWithoutNameAndEmail() {
   ...
like image 971
gstackoverflow Avatar asked Sep 11 '17 11:09

gstackoverflow

1 Answers

You can mock Spring's Authentication:

Authentication authentication = Mockito.mock(Authentication.class);

And tell Spring's SecurityContextHolder to store this Authentication instance:

SecurityContext securityContext = Mockito.mock(SecurityContext.class);
Mockito.when(securityContext.getAuthentication()).thenReturn(auth);
SecurityContextHolder.setContext(securityContext);

Now, if your code needs Authentication to return something (the user name perhaps) you just set some expectations on the mocked Authentication instance in the usual way e.g.

Mockito.when(authentication.getName()).thenReturn("aName");

There's also a Spring test annotation (org.springframework.security.test.context.support.WithMockUser) which does this for you...

@Test
@WithMockUser(username = "aUser", roles = { "anAuthority" })
public void aTest(){
    // any usage of `Authentication` in this test will get an instance withe the user name "aUser" and a granted authority "anAuthority"
    // ...
}
like image 126
glytching Avatar answered Sep 28 '22 04:09

glytching
Sign in to Comment

Related questions

BeanCurrentlyInCreationException for actionPerformed(AWT)
Implement only one method from interface in anonymous class [duplicate]
How can I fix encoding issues with MySql's JSON and Java?
Java: Generating a random double within a range (inclusive of the min and max to the range)
how to rotate pages but not the text in iText?
Is it possible to use gensim word2vec model in deeplearning4j.word2vec?
merge two dataset which are having different column names in Apache spark
Make the Jackson fail on duplicate property in a JSON
Android class with context in object field in Kotlin
EntityManagerFactory Bean in Spring-boot test
openjdk platform binary use so much memory when build android app
The Tomcat connector configured to listen on port 80 failed to start
How to collect warnings/notices while JDBC statement is being executed?
How to scroll down with sikuli
Why HashMap uses TreeNode for not Comparable keys?
Calling Enum.values() on a generic type
Better way to only use callsuper in @EqualsAndHashCode and @ToString?
What is the difference between a primitive class and primitive data type?
How to catch non-MVC and non-REST exceptions in Spring Boot
How to force maven to execute next goals after tests failures

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!