@Test public void shouldNotEncryptText() { assertThatCode(() -> desEncrypter.encrypt(null)) .isInstanceOf(UnsupportedOperationException.class) .hasMessage("Encrypting using DES is no longer supported!"); }
@Test public void decodeWhenUnsignedTokenThenMessageDoesNotMentionClass() { assertThatCode(() -> this.decoder.decode(this.unsignedToken).block()) .isInstanceOf(JwtException.class) .hasMessage("Unsupported algorithm of none"); }
@Test public void decodeWhenExpiredThenFail() { assertThatCode(() -> this.decoder.decode(this.expired).block()) .isInstanceOf(JwtValidationException.class); }
@Test public void loadUserWhenOAuth2UserSubjectNotEqualThenOAuth2AuthenticationException() { Map<String, Object> attributes = new HashMap<>(); attributes.put(StandardClaimNames.SUB, "not-equal"); attributes.put("user", "rob"); OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), attributes, "user"); when(this.oauth2UserService.loadUser(any())).thenReturn(Mono.just(oauth2User)); assertThatCode(() -> this.userService.loadUser(userRequest()).block()) .isInstanceOf(OAuth2AuthenticationException.class); }
@Test public void authenticationEntryPointWhenGivenNullThenThrowsException() { ApplicationContext context = mock(ApplicationContext.class); OAuth2ResourceServerConfigurer configurer = new OAuth2ResourceServerConfigurer(context); assertThatCode(() -> configurer.authenticationEntryPoint(null)) .isInstanceOf(IllegalArgumentException.class); }
@Test public void loadUserWhenOAuth2UserSubjectNullThenOAuth2AuthenticationException() { OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), Collections.singletonMap("user", "rob"), "user"); when(this.oauth2UserService.loadUser(any())).thenReturn(Mono.just(oauth2User)); assertThatCode(() -> this.userService.loadUser(userRequest()).block()) .isInstanceOf(OAuth2AuthenticationException.class); }
@Test public void authenticateWhenRedirectUriNotEqualThenOAuth2AuthorizationException() { this.authorizationRequest.redirectUri("https://example.org/notequal"); assertThatCode(() -> authenticate()) .isInstanceOf(OAuth2AuthorizationException.class); }
@Test public void setBearerTokenResolverWhenNullThenThrowsException() { assertThatCode(() -> this.filter.setBearerTokenResolver(null)) .isInstanceOf(IllegalArgumentException.class) .hasMessageContaining("bearerTokenResolver cannot be null"); }
@Test public void shouldErrorOutWhenCipherTextIsTamperedWith() { assertThatCode(() -> desEncrypter.decrypt("some bad junk")) .hasMessageContaining("Illegal base64 character 20") .hasCauseInstanceOf(IllegalArgumentException.class) .isInstanceOf(CryptoException.class); }
@Test public void configureWhenOpenIDAndFormLoginBothConfigureLoginPagesThenWiringException() throws Exception { assertThatCode(() -> this.spring.configLocations(this.xml("WithFormLoginAndOpenIDLoginPages")).autowire()) .isInstanceOf(BeanDefinitionParsingException.class); }
@Test public void configureWhenUsingCiRegexMatcherAndServletPathThenThrowsException() { assertThatCode(() -> this.spring.configLocations(this.xml("CiRegexMatcherServletPath")).autowire()) .isInstanceOf(BeanDefinitionParsingException.class); }
@Test public void configureWhenUsingDefaultMatcherAndServletPathThenThrowsException() { assertThatCode(() -> this.spring.configLocations(this.xml("DefaultMatcherServletPath")).autowire()) .isInstanceOf(BeanDefinitionParsingException.class); }
@Test public void configureWhenUsingDataSourceAndANegativeTokenValidityThenThrowsWiringException() { assertThatCode(() -> this.spring.configLocations(this.xml("NegativeTokenValidityWithDataSource")).autowire()) .isInstanceOf(FatalBeanException.class); }
@Test public void setRealmNameWhenNullRealmNameThenNoExceptionThrown() { assertThatCode(() -> this.accessDeniedHandler.setRealmName(null)) .doesNotThrowAnyException(); }
@Test public void configureWhenTwoFiltersWithSameOrderThenException() { assertThatCode(() -> this.spring.configLocations(xml("CollidingFilters")).autowire()) .isInstanceOf(BeanDefinitionParsingException.class); }
@Test public void setRealmNameWhenNullRealmNameThenNoExceptionThrown() { assertThatCode(() -> this.authenticationEntryPoint.setRealmName(null)) .doesNotThrowAnyException(); }
@Test @WithMockUser public void methodSecurityWhenUsingCustomPermissionEvaluatorThenPostAuthorizesAccordingly() { this.spring.register(CustomAccessDecisionManagerConfig.class, MethodSecurityServiceConfig.class).autowire(); assertThatCode(() -> this.service.postHasPermission("granted")) .doesNotThrowAnyException(); assertThatThrownBy(() -> this.service.postHasPermission("denied")) .isInstanceOf(AccessDeniedException.class); }
@Test public void authenticateWhenJwtDecodeFailsThenRespondsWithInvalidToken() { BearerTokenAuthenticationToken token = this.authentication(); when(this.jwtDecoder.decode("token")).thenThrow(JwtException.class); assertThatCode(() -> this.provider.authenticate(token)) .matches(failed -> failed instanceof OAuth2AuthenticationException) .matches(errorCode(BearerTokenErrorCodes.INVALID_TOKEN)); }
@Test public void resolveWhenValidHeaderIsPresentTogetherWithQueryParameterThenAuthenticationExceptionIsThrown() { MockServerHttpRequest.BaseBuilder<?> request = MockServerHttpRequest .get("/") .queryParam("access_token", TEST_TOKEN) .header(HttpHeaders.AUTHORIZATION, "Bearer " + TEST_TOKEN); assertThatCode(() -> convertToToken(request)) .isInstanceOf(OAuth2AuthenticationException.class) .hasMessageContaining("Found multiple bearer tokens in the request"); }
@Test public void buildErrorResponseWhenStateIsNullThenDoesNotThrowAnyException() { assertThatCode(() -> OAuth2AuthorizationResponse.error(ERROR_CODE) .redirectUri(REDIRECT_URI) .state(null) .build()).doesNotThrowAnyException(); }