Merge branch 'OZG-4939-SpringSecurity' of...

Merge branch 'OZG-4939-SpringSecurity' of git.ozg-sh.de:ozgcloud-app/administration into OZG-4939-SpringSecurity

src/test/java/de/ozgcloud/admin/security/SecurityConfigurationLocalITCase.java

@@ -25,6 +25,9 @@ import static org.junit.jupiter.api.Assertions.*;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
 
+import java.net.URI;
+
+import org.apache.http.HttpHeaders;
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
@@ -34,9 +37,15 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.ResultActions;
+import org.springframework.web.ErrorResponse;
+
+import com.fasterxml.jackson.annotation.JsonInclude.Include;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
 
 import de.ozgcloud.common.test.DataITCase;
 import lombok.SneakyThrows;
@@ -109,6 +118,37 @@ public class SecurityConfigurationLocalITCase {
 
 				result.andExpect(jsonPath("$.instance").value("/api"));
 			}
+
+			@Test
+			@SneakyThrows
+			void shouldHaveErrorInfoInBody() {
+				var expected = getExpectedProblemDetailsAsString("/api");
+
+				var result = doPerform("/api");
+
+				result.andExpect(content().string(expected));
+			}
+
+			private String getExpectedProblemDetailsAsString(String requestUri) throws JsonProcessingException {
+				var ex = new AuthenticationException("Full authentication is required to access this resource") {
+				};
+				var problemDetail = ErrorResponse
+						.builder(ex, HttpStatus.UNAUTHORIZED, ex.getLocalizedMessage())
+						.instance(URI.create(requestUri))
+						.build()
+						.getBody();
+
+				var objectMapper = new ObjectMapper().setSerializationInclusion(Include.NON_NULL);
+				return objectMapper.writeValueAsString(problemDetail);
+			}
+
+			@Test
+			@SneakyThrows
+			void shouldHaveWWW_AUTHENTICATEHeader2() {
+				var result = doPerform("/api");
+
+				result.andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, "Bearer realm=\"Restricted Content\""));
+			}
 		}
 
 		@SneakyThrows

src/test/java/de/ozgcloud/admin/security/SecurityConfigurationWithKeycloakITCase.java

@@ -88,7 +88,6 @@ class SecurityConfigurationWithKeycloakITCase {
 			var result = mockMvc.perform(get(RootController.PATH).header("Authorization", token));
 
 			result.andExpect(status().isOk());
-
 		}
 
 		@SneakyThrows