Polish "Default password shouldn't be generated for resource server"

See gh-17646
pull/17701/head
Madhura Bhave 5 years ago
parent 1b0cf7bd22
commit e184298c50

@ -22,7 +22,6 @@ import org.junit.jupiter.api.Test;
import org.springframework.boot.autoconfigure.AutoConfigurations;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.boot.autoconfigure.security.oauth2.resource.reactive.ReactiveOAuth2ResourceServerAutoConfiguration;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.test.context.runner.ReactiveWebApplicationContextRunner;
import org.springframework.context.annotation.Bean;
@ -45,6 +44,7 @@ import static org.mockito.Mockito.mock;
* Tests for {@link ReactiveUserDetailsServiceAutoConfiguration}.
*
* @author Madhura Bhave
* @author HaiTao Zhang
*/
class ReactiveUserDetailsServiceAutoConfigurationTests {
@ -78,10 +78,7 @@ class ReactiveUserDetailsServiceAutoConfigurationTests {
@Test
void doesNotConfigureDefaultUserIfResourceServerWithJWTIsUsed() {
this.contextRunner.withUserConfiguration(TestSecurityConfiguration.class)
.withConfiguration(AutoConfigurations.of(ReactiveOAuth2ResourceServerAutoConfiguration.class))
.withPropertyValues(
"spring.security.oauth2.resourceserver.jwt.jwk-set-uri=https://example.com/oauth2/default/v1/keys")
this.contextRunner.withUserConfiguration(TestSecurityConfiguration.class, JwtDecoderConfiguration.class)
.run((context) -> {
assertThat(context).hasSingleBean(ReactiveJwtDecoder.class);
assertThat(context).doesNotHaveBean(ReactiveUserDetailsService.class);
@ -90,12 +87,7 @@ class ReactiveUserDetailsServiceAutoConfigurationTests {
@Test
void doesNotConfigureDefaultUserIfResourceServerWithOpaqueIsUsed() {
this.contextRunner.withConfiguration(AutoConfigurations.of(ReactiveOAuth2ResourceServerAutoConfiguration.class))
.withUserConfiguration(TestSecurityConfiguration.class)
.withPropertyValues(
"spring.security.oauth2.resourceserver.opaquetoken.introspection-uri=https://check-token.com",
"spring.security.oauth2.resourceserver.opaquetoken.client-id=my-client-id",
"spring.security.oauth2.resourceserver.opaquetoken.client-secret=my-client-secret")
this.contextRunner.withUserConfiguration(ReactiveOAuth2TokenIntrospectionClientConfiguration.class)
.run((context) -> {
assertThat(context).hasSingleBean(ReactiveOAuth2TokenIntrospectionClient.class);
assertThat(context).doesNotHaveBean(ReactiveUserDetailsService.class);
@ -178,4 +170,24 @@ class ReactiveUserDetailsServiceAutoConfigurationTests {
}
@Configuration(proxyBeanMethods = false)
static class JwtDecoderConfiguration {
@Bean
ReactiveJwtDecoder jwtDecoder() {
return mock(ReactiveJwtDecoder.class);
}
}
@Configuration(proxyBeanMethods = false)
static class ReactiveOAuth2TokenIntrospectionClientConfiguration {
@Bean
ReactiveOAuth2TokenIntrospectionClient introspectionClient() {
return mock(ReactiveOAuth2TokenIntrospectionClient.class);
}
}
}

@ -23,10 +23,8 @@ import org.junit.jupiter.api.extension.ExtendWith;
import org.springframework.boot.autoconfigure.AutoConfigurations;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.boot.autoconfigure.security.oauth2.resource.servlet.OAuth2ResourceServerAutoConfiguration;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.test.context.runner.ApplicationContextRunner;
import org.springframework.boot.test.context.runner.WebApplicationContextRunner;
import org.springframework.boot.test.system.CapturedOutput;
import org.springframework.boot.test.system.OutputCaptureExtension;
import org.springframework.context.annotation.Bean;
@ -55,6 +53,7 @@ import static org.mockito.Mockito.mock;
* Tests for {@link UserDetailsServiceAutoConfiguration}.
*
* @author Madhura Bhave
* @author HaiTao Zhang
*/
@ExtendWith(OutputCaptureExtension.class)
class UserDetailsServiceAutoConfigurationTests {
@ -105,15 +104,7 @@ class UserDetailsServiceAutoConfigurationTests {
@Test
void defaultUserNotCreatedIfResourceServerWithOpaqueIsUsed() {
WebApplicationContextRunner webApplicationContextRunner = new WebApplicationContextRunner();
webApplicationContextRunner
.withConfiguration(AutoConfigurations.of(OAuth2ResourceServerAutoConfiguration.class))
.withUserConfiguration(TestSecurityConfiguration.class)
.withPropertyValues(
"spring.security.oauth2.resourceserver.opaquetoken.introspection-uri=https://check-token.com",
"spring.security.oauth2.resourceserver.opaquetoken.client-id=my-client-id",
"spring.security.oauth2.resourceserver.opaquetoken.client-secret=my-client-secret")
.run((context) -> {
this.contextRunner.withUserConfiguration(TestConfigWithIntrospectionClient.class).run((context) -> {
assertThat(context).hasSingleBean(OAuth2TokenIntrospectionClient.class);
assertThat(context).doesNotHaveBean(UserDetailsService.class);
});
@ -121,13 +112,7 @@ class UserDetailsServiceAutoConfigurationTests {
@Test
void defaultUserNotCreatedIfResourceServerWithJWTIsUsed() {
WebApplicationContextRunner webApplicationContextRunner = new WebApplicationContextRunner();
webApplicationContextRunner
.withConfiguration(AutoConfigurations.of(OAuth2ResourceServerAutoConfiguration.class))
.withUserConfiguration(TestSecurityConfiguration.class)
.withPropertyValues(
"spring.security.oauth2.resourceserver.jwt.jwk-set-uri=https://example.com/oauth2/default/v1/keys")
.run((context) -> {
this.contextRunner.withUserConfiguration(TestConfigWithJwtDecoder.class).run((context) -> {
assertThat(context).hasSingleBean(JwtDecoder.class);
assertThat(context).doesNotHaveBean(UserDetailsService.class);
});
@ -242,6 +227,28 @@ class UserDetailsServiceAutoConfigurationTests {
}
@Configuration(proxyBeanMethods = false)
@Import(TestSecurityConfiguration.class)
static class TestConfigWithJwtDecoder {
@Bean
JwtDecoder jwtDecoder() {
return mock(JwtDecoder.class);
}
}
@Configuration(proxyBeanMethods = false)
@Import(TestSecurityConfiguration.class)
static class TestConfigWithIntrospectionClient {
@Bean
OAuth2TokenIntrospectionClient introspectionClient() {
return mock(OAuth2TokenIntrospectionClient.class);
}
}
@Configuration(proxyBeanMethods = false)
@Import(TestSecurityConfiguration.class)
static class TestConfigWithAuthenticationManagerBuilder {

Loading…
Cancel
Save