sid*_*ate 5 java spring spring-security spring-boot spring-security-oauth2
我有 spring-security-oauth2 应用程序,它是一个资源服务器。我们有一个自定义PrincipalExtractor类来构建自定义主体对象。此自定义主体对象不会扩展Principal或UserDetails
class CustomUser{
//some custom fields
}
class CustomPrincipalExtractor implements PrincipalExtractor{
@Override
public CustomUser extractPrincipal(Map<String, Object> map){
return new CustomUser(map);
}
}
class SomeController{
@GetMapping
public ResponseEntity(@AuthenticationPrincipal CustomUser user){
//able to get user object
}
}
上面的代码工作正常。现在我想测试控制器,但无法传递 CustomUser 实例。
@SpringBootTest
@AutoConfigureMockMvc
public class SomeControllerTest{
@Autowired
private MockMvc mockMvc;
@Test
public void test(){
mockMvc.perform(get(...).principal(CANNOT pass CustomUser as it does not implement Principal))
}
}
我查看了一些其他要求自定义HandlerMethodArgumentResolver但不确定如何配置自动配置的 MockMvc 的解决方案
我必须实施一些解决方法才能完成这项工作。
创建了一个模拟过滤器,用于在 SecurityContext 中设置 Authentication 对象。以下是代码
public class MockSpringSecurityFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) {}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
SecurityContextHolder.getContext()
.setAuthentication((Authentication) ((HttpServletRequest) req).getUserPrincipal());
chain.doFilter(req, res);
}
@Override
public void destroy() {
SecurityContextHolder.clearContext();
}
}
测试内
@Before
public void setup() {
mockMvc = MockMvcBuilders.webAppContextSetup(context)
.apply(springSecurity(new MockSpringSecurityFilter()))
.build();
}
@Test
public void test(){
mockMvc.perform(get(...)
.principal(new UsernamePasswordAuthenticationToken(new CustomUser(), null))...
}
| 归档时间: |
|
| 查看次数: |
5537 次 |
| 最近记录: |