private void tryLoginWithWrongSecretInBody(String clientId) throws Exception { mockMvc.perform(post("/oauth/token") .accept(MediaType.APPLICATION_JSON_VALUE) .contentType(MediaType.APPLICATION_FORM_URLENCODED_VALUE) .param("grant_type", "client_credentials") .param("client_id", clientId) .param("client_secret", BADSECRET) ) .andExpect(status().isUnauthorized()) .andReturn().getResponse().getContentAsString(); }
@Test public void requestTokenWhenUsingPasswordGrantTypeThenOk() throws Exception { this.mvc.perform(post("/oauth/token") .param("grant_type", "password") .param("username", "subject") .param("password", "password") .header("Authorization", "Basic cmVhZGVyOnNlY3JldA==")) .andExpect(status().isOk()); }
private ClientHttpResponse getClientHttpResponse( HttpMethod httpMethod, URI uri, HttpHeaders requestHeaders, byte[] requestBody) { try { MockHttpServletResponse servletResponse = this.mockMvc .perform(request(httpMethod, uri).content(requestBody).headers(requestHeaders)) .andReturn() .getResponse(); HttpStatus status = HttpStatus.valueOf(servletResponse.getStatus()); byte[] body = servletResponse.getContentAsByteArray(); MockClientHttpResponse clientResponse = new MockClientHttpResponse(body, status); clientResponse.getHeaders().putAll(getResponseHeaders(servletResponse)); return clientResponse; } catch (Exception ex) { byte[] body = ex.toString().getBytes(StandardCharsets.UTF_8); return new MockClientHttpResponse(body, HttpStatus.INTERNAL_SERVER_ERROR); } }
@Test // SPR-13079 public void deferredResultWithDelayedError() throws Exception { MvcResult mvcResult = this.mockMvc.perform(get("/1").param("deferredResultWithDelayedError", "true")) .andExpect(request().asyncStarted()) .andReturn(); this.mockMvc.perform(asyncDispatch(mvcResult)) .andExpect(status().is5xxServerError()) .andExpect(content().string("Delayed Error")); }
private String requestExpiringCode(String email, String token) throws Exception { MockHttpServletRequestBuilder resetPasswordPost = post("/password_resets") .accept(APPLICATION_JSON_VALUE) .contentType(MediaType.APPLICATION_JSON) .header("Authorization", "Bearer " + token) .content(email); MvcResult mvcResult = mockMvc.perform(resetPasswordPost) .andExpect(status().isCreated()).andReturn(); return JsonUtils.readValue(mvcResult.getResponse().getContentAsString(), new TypeReference<Map<String, String>>() { }).get("code"); }
@Test public void requestWhenJwtAuthenticationConverterCustomizedAuthoritiesThenThoseAuthoritiesArePropagated() throws Exception { this.spring.register(JwtDecoderConfig.class, CustomAuthorityMappingConfig.class, BasicController.class) .autowire(); JwtDecoder decoder = this.spring.getContext().getBean(JwtDecoder.class); when(decoder.decode(JWT_TOKEN)).thenReturn(JWT); this.mvc.perform(get("/requires-read-scope") .with(bearerToken(JWT_TOKEN))) .andExpect(status().isOk()); }
@Test public void saveSpecial() throws Exception { this.mockMvc.perform(post("/people").param("name", "Andy")) .andExpect(status().isFound()) .andExpect(redirectedUrl("/persons/Joe")) .andExpect(model().size(1)) .andExpect(model().attributeExists("name")) .andExpect(flash().attributeCount(1)) .andExpect(flash().attribute("message", "success!")); }
/** * http@realm equivalent */ @Test public void basicAuthenticationWhenUsingCustomRealmThenMatchesNamespace() throws Exception { this.spring.register(CustomHttpBasicConfig.class, UserConfig.class).autowire(); this.mvc.perform(get("/") .with(httpBasic("user", "invalid"))) .andExpect(status().isUnauthorized()) .andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, "Basic realm=\"Custom Realm\"")); }
@Test public void requestWhenRealmNameConfiguredThenUsesOnAccessDenied() throws Exception { this.spring.register(RealmNameConfiguredOnAccessDeniedHandler.class, JwtDecoderConfig.class).autowire(); JwtDecoder decoder = this.spring.getContext().getBean(JwtDecoder.class); when(decoder.decode(anyString())).thenReturn(JWT); this.mvc.perform(get("/authenticated") .with(bearerToken("insufficiently_scoped"))) .andExpect(status().isForbidden()) .andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, startsWith("Bearer realm=\"myRealm\""))); }
private void resetPassword(String defaultPassword) throws Exception { String code = getExpiringCode(null, null); MockHttpServletRequestBuilder post = post("/password_change") .header("Authorization", "Bearer " + loginToken) .contentType(APPLICATION_JSON) .content("{\"code\":\"" + code + "\",\"new_password\":\"" + defaultPassword + "\"}") .accept(APPLICATION_JSON); getMockMvc().perform(post) .andExpect(status().isOk()) .andExpect(jsonPath("$.user_id").exists()) .andExpect(jsonPath("$.username").value(user.getUserName())); }
@Test public void testFeedWithLinefeedChars() throws Exception { // Map<String, String> namespace = Collections.singletonMap("ns", ""); standaloneSetup(new BlogFeedController()).build() .perform(get("/blog.atom").accept(MediaType.APPLICATION_ATOM_XML)) .andExpect(status().isOk()) .andExpect(content().contentTypeCompatibleWith(MediaType.APPLICATION_ATOM_XML)) .andExpect(xpath("//feed/title").string("Test Feed")) .andExpect(xpath("//feed/icon").string("http://www.example.com/favicon.ico")); }
@Test public void changeEmail_withIncorrectCode() throws Exception { when(expiringCodeStore.retrieveCode("the_secret_code", IdentityZoneHolder.get().getId())) .thenReturn(new ExpiringCode("the_secret_code", new Timestamp(System.currentTimeMillis()), "{\"userId\":\"user-id-001\",\"email\":\"new@example.com\",\"client_id\":null}", "incorrect-code")); mockMvc.perform(post("/email_changes") .contentType(APPLICATION_JSON) .content("the_secret_code") .accept(APPLICATION_JSON)) .andExpect(MockMvcResultMatchers.status().isUnprocessableEntity()); } }