mockito 如何模拟Sping Boot Session和SecurityContext用于测试目的

cl25kdpy  于 9个月前  发布在  其他
关注(0)|答案(2)|浏览(110)

Sping Boot 项目它使用SecurityContext。
它的大多数Rest控制器和服务都依赖于其登录用户的角色,用于验证目的。所以在测试过程中,我需要一个用户登录。
请告诉我单元测试代码的例子,为Spring Boot ,涉及登录用户的过程。

@RunWith(PowerMockRunner.class)
@PrepareForTest({SecurityContextHolder.class,AuthenticationManager.class,UserRepository.class,UserCreationRequestRepository.class,        PasswordEncoder.class,AuthorityRepository.class,CacheManager.class,POMasterCompanyRepository.class,BranchRepository.class})
public class BOAuthControllerTest {

@Autowired
private WebApplicationContext context;

@Mock
private AuthenticationManager authenticationManager;

@Mock
private UserRepository userRepository;
@Mock
private UserCreationRequestRepository userCreationRequestRepository;
@Mock
private PasswordEncoder passwordEncoder;
@Mock
private AuthorityRepository authorityRepository;
@Mock
private CacheManager cacheManager;
@Mock
private POMasterCompanyRepository poMasterCompanyRepository;
@Mock
private BranchRepository branchRepository;
private UserService userService;

private MockMvc mockMvc;

@Before
public void setup() {

    userService = new UserService(userRepository, passwordEncoder, authorityRepository, cacheManager, userCreationRequestRepository,
            poMasterCompanyRepository,branchRepository);

    UsernamePasswordAuthenticationToken authenticationToken =
            new UsernamePasswordAuthenticationToken("admin","admin");
    Authentication authentication = this.authenticationManager.authenticate(authenticationToken);
    SecurityContextHolder.getContext().setAuthentication(authentication);
    SecurityContext securityContext = new SecurityContextImpl();
    securityContext.setAuthentication(authentication);

            System.out.println(authenticationToken==null?"null":"not null");
    System.out.println(authenticationManager==null?"null":"not null");
    System.out.println(authentication==null?"null":"not null");
    System.out.println(SecurityContextHolder.getContext()==null?"null":"not null");
    System.out.println(SecurityContextHolder.getContext().getAuthentication()==null?"null":"not null");
    System.out.println(SecurityContextHolder.getContext().getAuthentication().getName());
    System.out.println(securityContext.getAuthentication().getName());

    PowerMockito.mockStatic(SecurityContextHolder.class);
    when(SecurityContextHolder.getContext()).thenReturn(securityContext);

    System.out.println(userService.getUserWithAuthorities().isPresent());
}

@Test
public void loginAvailableForAll() throws Exception {

    System.out.println(userService.getUserWithAuthorities().isPresent());

}

}

Mockito

2条答案

按热度按时间
yrdbyhpb

yrdbyhpb1#

而不是去PowerMock设置上下文由您自己。
因为它是静态方法,所以可以在@Before方法中调用SecurityContextHolder.setContext(securityContext)

示例:

@Before
 void initContext(){
        SecurityContext securityContext = new SecurityContextImpl();
        securityContext.setAuthentication(new TestingAuthenticationToken(null,null,authorities));
        SecurityContextHolder.setContext(securityContext);
 }
赞(0)分享  回复(0)举报  9个月前
2ledvvac

2ledvvac2#

您可以使用PowerMock来模拟SecurityContextHolder。mocking SecurityContex t返回所需角色列表的示例

import org.junit.Test
    import org.junit.runner.RunWith
    import org.powermock.api.mockito.PowerMockito
    import org.powermock.core.classloader.annotations.PrepareForTest
    import org.powermock.modules.junit4.PowerMockRunner
    import org.springframework.security.authentication.TestingAuthenticationToken
    import org.springframework.security.core.authority.SimpleGrantedAuthority
    import org.springframework.security.core.context.SecurityContext
    import org.springframework.security.core.context.SecurityContextHolder
    import org.springframework.security.core.context.SecurityContextImpl

    import static org.mockito.Mockito.when

    @RunWith(PowerMockRunner.class)
    @PrepareForTest([SecurityContextHolder.class])
    class Dummy {

    @Test
    void isAdminUser(){
        String roleList = 'ROLE_ADMIN'
        PowerMockito.mockStatic(SecurityContextHolder)
        when(SecurityContextHolder.getContext()).thenReturn(getDesiredSecurityContext(roleList))
        //assertTrue()
    }

    // This will create a security context with the list of roles required
    private SecurityContext getDesiredSecurityContext(String roles){
        List<String> roleList = roles.split(',')
        List<SimpleGrantedAuthority> authorities = roleList.collect { new SimpleGrantedAuthority(it)}
        SecurityContext securityContext = new SecurityContextImpl()
        securityContext.setAuthentication(new TestingAuthenticationToken(null,null,authorities))
        return securityContext
    }

  }
赞(0)分享  回复(0)举报  9个月前
我来回答

相关问题

    查看更多
    微信公众号

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com