jeudi 30 août 2018

Spring Boot @WebMvcTest returns 404 if success login

I'm learning how to Test my SpringBoot Apps.

Right now I'm trying to learn by creating test for an existing working project.

I started with my AdminHomeController that manages the Home when admins login:

@Controller
@RequestMapping("/admin/home")
public class AdminHomeController {

private UsuarioService usuarioService;

@Autowired
public AdminHomeController(UsuarioService usuarioService) {
    this.usuarioService = usuarioService;
}

@RequestMapping(value={"", "/"}, method = RequestMethod.GET)
public ModelAndView admin_home(){
    ModelAndView modelAndView = new ModelAndView();

    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    Usuario loggedUser = usuarioService.findUsuarioByUsername(auth.getName());
    modelAndView.addObject("userFullName", loggedUser.getNombre() + " " + loggedUser.getApellido());
    modelAndView.addObject("userGravatar", Utils.getGravatarImageLink(loggedUser.getEmail()));

    modelAndView.addObject("totalUsuarios", usuarioService.getUsuariosCount());


    modelAndView.setViewName("admin/home");
    return modelAndView;
}
}

And this is my test:

@RunWith(SpringRunner.class)
@ContextConfiguration(classes = MyOwnProperties.class)
@WebMvcTest(AdminHomeController.class)
@Import(SecurityConfigurationGlobal.class)
public class AdminHomeControllerUnitTest {

@Autowired
private MockMvc mockMvc;

@MockBean
UsuarioService usuarioService;

@Autowired
MyOwnProperties myOwnProperties;

@MockBean
FacebookProfileService facebookProfileService;

@MockBean
MobileDeviceService mobileDeviceService;

@MockBean
PasswordEncoder passwordEncoder;

@MockBean
CustomAuthenticationProvider customAuthenticationProvider;


@Test
@WithMockUser(username = "user1", password = "pwd", authorities = "ADMIN")
public void shouldAllowAdminAccess() throws Exception{
    when(usuarioService.findUsuarioByUsername("user1")).thenReturn(new Usuario());


    mockMvc.perform(get("/admin/home"))
            .andDo(print())
            .andExpect(status().isOk())
            .andExpect(view().name("admin/home"));
}

}

And I think that the relevan part of my SecurityConfig would be:

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.
            authorizeRequests()
            .antMatchers("/", "/login", "/error/**", "/home").permitAll()
            .antMatchers(
                    myOwnProperties.getSecurity().getJwtLoginURL(),
                    myOwnProperties.getSecurity().getFacebookLoginURL()).permitAll()
            .antMatchers("/registration", "/registrationConfirm/**").permitAll()
            .antMatchers("/resetPass", "/resetPassConfirm/**", "/updatePass").permitAll()
            .antMatchers("/admin/**").hasAuthority(AUTHORITY_ADMIN)
            .antMatchers("/user/**").hasAuthority(AUTHORITY_USER)
            .anyRequest().authenticated()
            .and()
            .csrf().disable()
            .formLogin()
            .loginPage("/login")
            .failureUrl("/login?error=true")
            .successHandler(new CustomUrlAuthenticationSuccessHandler())
            .usernameParameter("username")
            .passwordParameter("password")
            .and()
            .logout()
            .logoutUrl("/logout")
            .logoutSuccessUrl("/")
            .and()
            .exceptionHandling().accessDeniedPage("/403");
}

And AUTHORITY_ADMIN is a static final definition of "ADMIN".

What I can not understand due to my lack of experience are my test results.

  • If I remove the @WithMockUser I get a 401 as expected
  • If I use the @WithMockUser with ANY other authority than "ADMIN" I get a 403 that would also be the expected response
  • And finally if I use the @WithMockUser with "ADMIN" authority then I get a 404

As said, my app is working and I can only access /admin/home if logged in as ADMIN.

UPDATE

Running this other similiar test works fine, but this one requieres the FULL SpringBoot app to load. I think it would be an integration test and I only want to test the controller "alone". Only a slice using @WebMvcTest

@SpringBootTest
@AutoConfigureMockMvc
public class AdminHomeControllerTest {

@Autowired
private MockMvc mockMvc;


@MockBean
private UsuarioService usuarioService;

@Test
@WithMockUser(username = "user1", password = "pwd", authorities = "ADMIN")
public void shouldAllowAdminAccess() throws Exception{
    when(usuarioService.findUsuarioByUsername(anyString())).thenReturn(new Usuario());


    mockMvc.perform(get("/admin/home"))
            .andDo(print())
            .andExpect(status().isOk())
            .andExpect(view().name("admin/home"));
}

}

Aucun commentaire:

Enregistrer un commentaire