use of org.springframework.mock.web.server.MockServerWebExchange in project spring-security by spring-projects.
the class SwitchUserWebFilterTests method switchUserWhenUsernameIsMissingThenThrowException.
@Test
public void switchUserWhenUsernameIsMissingThenThrowException() {
final MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.post("/login/impersonate"));
final WebFilterChain chain = mock(WebFilterChain.class);
final SecurityContextImpl securityContext = new SecurityContextImpl(mock(Authentication.class));
assertThatIllegalArgumentException().isThrownBy(() -> {
Context securityContextHolder = ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext));
this.switchUserWebFilter.filter(exchange, chain).subscriberContext(securityContextHolder).block();
}).withMessage("The userName can not be null.");
verifyNoInteractions(chain);
}
use of org.springframework.mock.web.server.MockServerWebExchange in project spring-security by spring-projects.
the class SwitchUserWebFilterTests method setExitUserMatcherWhenDefinedThenChangeDefaultValue.
@Test
public void setExitUserMatcherWhenDefinedThenChangeDefaultValue() {
final MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.post("/logout/impersonate"));
final ServerWebExchangeMatcher oldExitUserMatcher = (ServerWebExchangeMatcher) ReflectionTestUtils.getField(this.switchUserWebFilter, "exitUserMatcher");
assertThat(oldExitUserMatcher.matches(exchange).block().isMatch()).isTrue();
final ServerWebExchangeMatcher newExitUserMatcher = ServerWebExchangeMatchers.pathMatchers(HttpMethod.POST, "/exit-url");
this.switchUserWebFilter.setExitUserMatcher(newExitUserMatcher);
final ServerWebExchangeMatcher currentExitUserMatcher = (ServerWebExchangeMatcher) ReflectionTestUtils.getField(this.switchUserWebFilter, "exitUserMatcher");
assertThat(currentExitUserMatcher).isSameAs(newExitUserMatcher);
}
use of org.springframework.mock.web.server.MockServerWebExchange in project spring-security by spring-projects.
the class SwitchUserWebFilterTests method switchUserWhenUserAlreadySwitchedThenExitSwitchAndSwitchAgain.
@Test
public void switchUserWhenUserAlreadySwitchedThenExitSwitchAndSwitchAgain() {
final Authentication originalAuthentication = new UsernamePasswordAuthenticationToken("origPrincipal", "origCredentials");
final GrantedAuthority switchAuthority = new SwitchUserGrantedAuthority(SwitchUserWebFilter.ROLE_PREVIOUS_ADMINISTRATOR, originalAuthentication);
final Authentication switchUserAuthentication = new UsernamePasswordAuthenticationToken("switchPrincipal", "switchCredentials", Collections.singleton(switchAuthority));
final SecurityContextImpl securityContext = new SecurityContextImpl(switchUserAuthentication);
final String targetUsername = "newSwitchPrincipal";
final MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.post("/login/impersonate?username={targetUser}", targetUsername));
final WebFilterChain chain = mock(WebFilterChain.class);
given(this.serverSecurityContextRepository.save(eq(exchange), any(SecurityContext.class))).willReturn(Mono.empty());
given(this.successHandler.onAuthenticationSuccess(any(WebFilterExchange.class), any(Authentication.class))).willReturn(Mono.empty());
given(this.userDetailsService.findByUsername(targetUsername)).willReturn(Mono.just(switchUserDetails(targetUsername, true)));
this.switchUserWebFilter.filter(exchange, chain).subscriberContext(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext))).block();
final ArgumentCaptor<Authentication> authenticationCaptor = ArgumentCaptor.forClass(Authentication.class);
verify(this.successHandler).onAuthenticationSuccess(any(WebFilterExchange.class), authenticationCaptor.capture());
final Authentication secondSwitchUserAuthentication = authenticationCaptor.getValue();
assertThat(secondSwitchUserAuthentication.getName()).isEqualTo(targetUsername);
assertThat(secondSwitchUserAuthentication.getAuthorities().stream().filter((a) -> a instanceof SwitchUserGrantedAuthority).map((a) -> ((SwitchUserGrantedAuthority) a).getSource()).map(Principal::getName).findFirst().orElse(null)).isEqualTo(originalAuthentication.getName());
}
use of org.springframework.mock.web.server.MockServerWebExchange in project spring-security by spring-projects.
the class SwitchUserWebFilterTests method switchUserWhenFailureHandlerNotDefinedThenReturnError.
@Test
public void switchUserWhenFailureHandlerNotDefinedThenReturnError() {
this.switchUserWebFilter = new SwitchUserWebFilter(this.userDetailsService, this.successHandler, null);
final String targetUsername = "TEST_USERNAME";
final MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.post("/login/impersonate?username={targetUser}", targetUsername));
final WebFilterChain chain = mock(WebFilterChain.class);
final SecurityContextImpl securityContext = new SecurityContextImpl(mock(Authentication.class));
final UserDetails switchUserDetails = switchUserDetails(targetUsername, false);
given(this.userDetailsService.findByUsername(any(String.class))).willReturn(Mono.just(switchUserDetails));
assertThatExceptionOfType(DisabledException.class).isThrownBy(() -> {
Context securityContextHolder = ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext));
this.switchUserWebFilter.filter(exchange, chain).subscriberContext(securityContextHolder).block();
});
verifyNoInteractions(chain);
}
use of org.springframework.mock.web.server.MockServerWebExchange in project spring-security by spring-projects.
the class SwitchUserWebFilterTests method exitSwitchWhenUserNotSwitchedThenThrowError.
@Test
public void exitSwitchWhenUserNotSwitchedThenThrowError() {
final MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.post("/logout/impersonate"));
final Authentication originalAuthentication = new UsernamePasswordAuthenticationToken("origPrincipal", "origCredentials");
final WebFilterChain chain = mock(WebFilterChain.class);
final SecurityContextImpl securityContext = new SecurityContextImpl(originalAuthentication);
assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class).isThrownBy(() -> {
Context securityContextHolder = ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext));
this.switchUserWebFilter.filter(exchange, chain).subscriberContext(securityContextHolder).block();
}).withMessage("Could not find original Authentication object");
verifyNoInteractions(chain);
}
Aggregations