- Spring core: 5.0.1
- Spring test: 5.0.1
- Spring security: 5.0.0
I'm testing my rest-api using MockMvc. Everything was working fine with spring 4 and security 3, but since I updated along with the spring oauth2 as well it stopped working. My setup is really close to the ones we can find everywhere when it comes to mocking security, so I get the FilterChainProxy and I create the mockmvc with the filter chain
this.mockMvc = MockMvcBuilders.webAppContextSetup(wac)
.addFilters(this.springSecurityFilterChain)
.build();
Then I create the sessions like
public static MockHttpSession createSession(User user) {
final OAuth2UserDetails oAuth2UserDetails = OAuth2UserDetails.builder()
.withId(user.getId())
.withUsername(user.getUsername())
.withPassword(user.getPassword())
.withClient(TEST_CLIENT.toString())
.build();
final UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
oAuth2UserDetails, oAuth2UserDetails.getPassword(), oAuth2UserDetails.getAuthorities());
MockHttpSession session = new MockHttpSession();
session.setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, new SecurityContextMock(token));
return session;
}
And pass this session to mockmvc request like
final MockHttpServletResponse result = mockMvc.perform(get(UrlStructure.SECURED_SUBSCRIPTIONS_V1)
.contentType(MediaType.APPLICATION_JSON)
.session(SecurityContextMock.createSession(validUser)))
.andReturn()
.getResponse();
But this not taken into consideration by the chain. I did some debugging and the context holder doesn't hold any context at all. I already tried setting it manually as well and it just doesn't work.
Again this setup was working before with the previous versions, what changed exactly?
Aucun commentaire:
Enregistrer un commentaire