Skip to content
Snippets Groups Projects
Commit 3025b05b authored by Jan Zickermann's avatar Jan Zickermann
Browse files

Merge branch 'OZG-4939-SpringSecurity' of...

Merge branch 'OZG-4939-SpringSecurity' of git.ozg-sh.de:ozgcloud-app/administration into OZG-4939-SpringSecurity
parents 79992129 98abe347
No related branches found
No related tags found
No related merge requests found
...@@ -25,6 +25,9 @@ import static org.junit.jupiter.api.Assertions.*; ...@@ -25,6 +25,9 @@ import static org.junit.jupiter.api.Assertions.*;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
import java.net.URI;
import org.apache.http.HttpHeaders;
import org.junit.jupiter.api.DisplayName; import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Nested; import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
...@@ -34,9 +37,15 @@ import org.springframework.beans.factory.annotation.Autowired; ...@@ -34,9 +37,15 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.ResultActions; import org.springframework.test.web.servlet.ResultActions;
import org.springframework.web.ErrorResponse;
import com.fasterxml.jackson.annotation.JsonInclude.Include;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import de.ozgcloud.common.test.DataITCase; import de.ozgcloud.common.test.DataITCase;
import lombok.SneakyThrows; import lombok.SneakyThrows;
...@@ -109,6 +118,37 @@ public class SecurityConfigurationLocalITCase { ...@@ -109,6 +118,37 @@ public class SecurityConfigurationLocalITCase {
result.andExpect(jsonPath("$.instance").value("/api")); result.andExpect(jsonPath("$.instance").value("/api"));
} }
@Test
@SneakyThrows
void shouldHaveErrorInfoInBody() {
var expected = getExpectedProblemDetailsAsString("/api");
var result = doPerform("/api");
result.andExpect(content().string(expected));
}
private String getExpectedProblemDetailsAsString(String requestUri) throws JsonProcessingException {
var ex = new AuthenticationException("Full authentication is required to access this resource") {
};
var problemDetail = ErrorResponse
.builder(ex, HttpStatus.UNAUTHORIZED, ex.getLocalizedMessage())
.instance(URI.create(requestUri))
.build()
.getBody();
var objectMapper = new ObjectMapper().setSerializationInclusion(Include.NON_NULL);
return objectMapper.writeValueAsString(problemDetail);
}
@Test
@SneakyThrows
void shouldHaveWWW_AUTHENTICATEHeader2() {
var result = doPerform("/api");
result.andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, "Bearer realm=\"Restricted Content\""));
}
} }
@SneakyThrows @SneakyThrows
......
...@@ -88,7 +88,6 @@ class SecurityConfigurationWithKeycloakITCase { ...@@ -88,7 +88,6 @@ class SecurityConfigurationWithKeycloakITCase {
var result = mockMvc.perform(get(RootController.PATH).header("Authorization", token)); var result = mockMvc.perform(get(RootController.PATH).header("Authorization", token));
result.andExpect(status().isOk()); result.andExpect(status().isOk());
} }
@SneakyThrows @SneakyThrows
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment