Example 46 with WebSession
use of org.springframework.web.server.WebSession in project spring-framework by spring-projects.
the class SessionAttributesHandlerTests method cleanupAttributes.
@Test
public void cleanupAttributes() {
WebSession session = new MockWebSession();
session.getAttributes().put("attr1", "value1");
session.getAttributes().put("attr2", "value2");
session.getAttributes().put("attr3", new TestBean());
this.sessionAttributesHandler.cleanupAttributes(session);
assertThat(session.getAttributes().get("attr1")).isNull();
assertThat(session.getAttributes().get("attr2")).isNull();
assertThat(session.getAttributes().get("attr3")).isNotNull();
// Resolve 'attr3' by type
this.sessionAttributesHandler.isHandlerSessionAttribute("attr3", TestBean.class);
this.sessionAttributesHandler.cleanupAttributes(session);
assertThat(session.getAttributes().get("attr3")).isNull();
}
Also used :
MockWebSession(org.springframework.web.testfixture.server.MockWebSession)
WebSession(org.springframework.web.server.WebSession)
TestBean(org.springframework.beans.testfixture.beans.TestBean)
MockWebSession(org.springframework.web.testfixture.server.MockWebSession)
Test(org.junit.jupiter.api.Test)
Example 47 with WebSession
use of org.springframework.web.server.WebSession in project spring-framework by spring-projects.
the class ModelInitializerTests method saveModelAttributeToSession.
@Test
public void saveModelAttributeToSession() {
TestController controller = new TestController();
InitBinderBindingContext context = getBindingContext(controller);
Method method = ResolvableMethod.on(TestController.class).annotPresent(GetMapping.class).resolveMethod();
HandlerMethod handlerMethod = new HandlerMethod(controller, method);
this.modelInitializer.initModel(handlerMethod, context, this.exchange).block(TIMEOUT);
WebSession session = this.exchange.getSession().block(Duration.ZERO);
assertThat(session).isNotNull();
assertThat(session.getAttributes().size()).isEqualTo(0);
context.saveModel();
assertThat(session.getAttributes().size()).isEqualTo(1);
assertThat(((TestBean) session.getRequiredAttribute("bean")).getName()).isEqualTo("Bean");
}
Also used :
GetMapping(org.springframework.web.bind.annotation.GetMapping)
WebSession(org.springframework.web.server.WebSession)
HandlerMethod(org.springframework.web.method.HandlerMethod)
Method(java.lang.reflect.Method)
ResolvableMethod(org.springframework.web.testfixture.method.ResolvableMethod)
SyncInvocableHandlerMethod(org.springframework.web.reactive.result.method.SyncInvocableHandlerMethod)
HandlerMethod(org.springframework.web.method.HandlerMethod)
SyncInvocableHandlerMethod(org.springframework.web.reactive.result.method.SyncInvocableHandlerMethod)
Test(org.junit.jupiter.api.Test)
Example 48 with WebSession
use of org.springframework.web.server.WebSession in project spring-security by spring-projects.
the class WebSessionOAuth2ServerAuthorizationRequestRepositoryDoNotAllowMultipleAuthorizationRequestsTests method removeAuthorizationRequestWhenMultipleThenSessionAttributeRemoved.
// gh-5145
@Test
public void removeAuthorizationRequestWhenMultipleThenSessionAttributeRemoved() {
String oldState = "state0";
// @formatter:off
MockServerHttpRequest oldRequest = MockServerHttpRequest.get("/").queryParam(OAuth2ParameterNames.STATE, oldState).build();
OAuth2AuthorizationRequest oldAuthorizationRequest = OAuth2AuthorizationRequest.authorizationCode().authorizationUri("https://example.com/oauth2/authorize").clientId("client-id").redirectUri("http://localhost/client-1").state(oldState).build();
// @formatter:on
Map<String, Object> sessionAttrs = spy(new HashMap<>());
WebSession session = mock(WebSession.class);
given(session.getAttributes()).willReturn(sessionAttrs);
WebSessionManager sessionManager = (e) -> Mono.just(session);
this.exchange = new DefaultServerWebExchange(this.exchange.getRequest(), new MockServerHttpResponse(), sessionManager, ServerCodecConfigurer.create(), new AcceptHeaderLocaleContextResolver());
ServerWebExchange oldExchange = new DefaultServerWebExchange(oldRequest, new MockServerHttpResponse(), sessionManager, ServerCodecConfigurer.create(), new AcceptHeaderLocaleContextResolver());
// @formatter:off
Mono<OAuth2AuthorizationRequest> saveAndSaveAndRemove = this.repository.saveAuthorizationRequest(oldAuthorizationRequest, oldExchange).then(this.repository.saveAuthorizationRequest(this.authorizationRequest, this.exchange)).then(this.repository.removeAuthorizationRequest(this.exchange));
StepVerifier.create(saveAndSaveAndRemove).expectNext(this.authorizationRequest).verifyComplete();
StepVerifier.create(this.repository.loadAuthorizationRequest(this.exchange)).verifyComplete();
// @formatter:on
verify(sessionAttrs, times(2)).put(anyString(), any());
verify(sessionAttrs).remove(anyString());
}
Also used :
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
BeforeEach(org.junit.jupiter.api.BeforeEach)
OAuth2ParameterNames(org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames)
StepVerifier(reactor.test.StepVerifier)
MockServerHttpRequest(org.springframework.mock.http.server.reactive.MockServerHttpRequest)
OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)
HashMap(java.util.HashMap)
Mono(reactor.core.publisher.Mono)
Mockito.times(org.mockito.Mockito.times)
Mockito.spy(org.mockito.Mockito.spy)
ServerCodecConfigurer(org.springframework.http.codec.ServerCodecConfigurer)
DefaultServerWebExchange(org.springframework.web.server.adapter.DefaultServerWebExchange)
ServerWebExchange(org.springframework.web.server.ServerWebExchange)
Mockito.verify(org.mockito.Mockito.verify)
Test(org.junit.jupiter.api.Test)
BDDMockito.given(org.mockito.BDDMockito.given)
Map(java.util.Map)
WebSessionManager(org.springframework.web.server.session.WebSessionManager)
MockServerHttpResponse(org.springframework.mock.http.server.reactive.MockServerHttpResponse)
WebSession(org.springframework.web.server.WebSession)
AcceptHeaderLocaleContextResolver(org.springframework.web.server.i18n.AcceptHeaderLocaleContextResolver)
ServerHttpRequest(org.springframework.http.server.reactive.ServerHttpRequest)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
Mockito.mock(org.mockito.Mockito.mock)
DefaultServerWebExchange(org.springframework.web.server.adapter.DefaultServerWebExchange)
ServerWebExchange(org.springframework.web.server.ServerWebExchange)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
MockServerHttpResponse(org.springframework.mock.http.server.reactive.MockServerHttpResponse)
AcceptHeaderLocaleContextResolver(org.springframework.web.server.i18n.AcceptHeaderLocaleContextResolver)
DefaultServerWebExchange(org.springframework.web.server.adapter.DefaultServerWebExchange)
WebSession(org.springframework.web.server.WebSession)
MockServerHttpRequest(org.springframework.mock.http.server.reactive.MockServerHttpRequest)
WebSessionManager(org.springframework.web.server.session.WebSessionManager)
OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)
Test(org.junit.jupiter.api.Test)
Example 49 with WebSession
use of org.springframework.web.server.WebSession in project spring-security by spring-projects.
the class WebSessionOAuth2ServerAuthorizationRequestRepositoryAllowMultipleAuthorizationRequestsTests method removeAuthorizationRequestWhenMultipleThenRemovedAndSessionAttributeUpdated.
// gh-7327
@Test
public void removeAuthorizationRequestWhenMultipleThenRemovedAndSessionAttributeUpdated() {
String oldState = "state0";
// @formatter:off
MockServerHttpRequest oldRequest = MockServerHttpRequest.get("/").queryParam(OAuth2ParameterNames.STATE, oldState).build();
OAuth2AuthorizationRequest oldAuthorizationRequest = OAuth2AuthorizationRequest.authorizationCode().authorizationUri("https://example.com/oauth2/authorize").clientId("client-id").redirectUri("http://localhost/client-1").state(oldState).build();
// @formatter:on
Map<String, Object> sessionAttrs = spy(new HashMap<>());
WebSession session = mock(WebSession.class);
given(session.getAttributes()).willReturn(sessionAttrs);
WebSessionManager sessionManager = (e) -> Mono.just(session);
this.exchange = new DefaultServerWebExchange(this.exchange.getRequest(), new MockServerHttpResponse(), sessionManager, ServerCodecConfigurer.create(), new AcceptHeaderLocaleContextResolver());
ServerWebExchange oldExchange = new DefaultServerWebExchange(oldRequest, new MockServerHttpResponse(), sessionManager, ServerCodecConfigurer.create(), new AcceptHeaderLocaleContextResolver());
// @formatter:off
Mono<OAuth2AuthorizationRequest> saveAndSaveAndRemove = this.repository.saveAuthorizationRequest(oldAuthorizationRequest, oldExchange).then(this.repository.saveAuthorizationRequest(this.authorizationRequest, this.exchange)).then(this.repository.removeAuthorizationRequest(this.exchange));
StepVerifier.create(saveAndSaveAndRemove).expectNext(this.authorizationRequest).verifyComplete();
StepVerifier.create(this.repository.loadAuthorizationRequest(this.exchange)).verifyComplete();
// @formatter:on
verify(sessionAttrs, times(3)).put(any(), any());
}
Also used :
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
BeforeEach(org.junit.jupiter.api.BeforeEach)
OAuth2ParameterNames(org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames)
StepVerifier(reactor.test.StepVerifier)
MockServerHttpRequest(org.springframework.mock.http.server.reactive.MockServerHttpRequest)
OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)
HashMap(java.util.HashMap)
Mono(reactor.core.publisher.Mono)
Mockito.times(org.mockito.Mockito.times)
Mockito.spy(org.mockito.Mockito.spy)
ServerCodecConfigurer(org.springframework.http.codec.ServerCodecConfigurer)
DefaultServerWebExchange(org.springframework.web.server.adapter.DefaultServerWebExchange)
ServerWebExchange(org.springframework.web.server.ServerWebExchange)
Mockito.verify(org.mockito.Mockito.verify)
Test(org.junit.jupiter.api.Test)
BDDMockito.given(org.mockito.BDDMockito.given)
Map(java.util.Map)
WebSessionManager(org.springframework.web.server.session.WebSessionManager)
MockServerHttpResponse(org.springframework.mock.http.server.reactive.MockServerHttpResponse)
WebSession(org.springframework.web.server.WebSession)
AcceptHeaderLocaleContextResolver(org.springframework.web.server.i18n.AcceptHeaderLocaleContextResolver)
ServerHttpRequest(org.springframework.http.server.reactive.ServerHttpRequest)
Mockito.mock(org.mockito.Mockito.mock)
DefaultServerWebExchange(org.springframework.web.server.adapter.DefaultServerWebExchange)
ServerWebExchange(org.springframework.web.server.ServerWebExchange)
MockServerHttpResponse(org.springframework.mock.http.server.reactive.MockServerHttpResponse)
AcceptHeaderLocaleContextResolver(org.springframework.web.server.i18n.AcceptHeaderLocaleContextResolver)
DefaultServerWebExchange(org.springframework.web.server.adapter.DefaultServerWebExchange)
WebSession(org.springframework.web.server.WebSession)
MockServerHttpRequest(org.springframework.mock.http.server.reactive.MockServerHttpRequest)
WebSessionManager(org.springframework.web.server.session.WebSessionManager)
OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)
Test(org.junit.jupiter.api.Test)
Example 50 with WebSession
use of org.springframework.web.server.WebSession in project spring-security by spring-projects.
the class WebSessionServerOAuth2AuthorizedClientRepositoryTests method removeAuthorizedClientWhenSavedThenRemovedFromSession.
@Test
public void removeAuthorizedClientWhenSavedThenRemovedFromSession() {
OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration1, this.principalName1, mock(OAuth2AccessToken.class));
this.authorizedClientRepository.saveAuthorizedClient(authorizedClient, null, this.exchange).block();
OAuth2AuthorizedClient loadedAuthorizedClient = this.authorizedClientRepository.loadAuthorizedClient(this.registrationId1, null, this.exchange).block();
assertThat(loadedAuthorizedClient).isSameAs(authorizedClient);
this.authorizedClientRepository.removeAuthorizedClient(this.registrationId1, null, this.exchange).block();
WebSession session = this.exchange.getSession().block();
assertThat(session).isNotNull();
assertThat(session.getAttributes()).isEmpty();
}
Also used :
WebSession(org.springframework.web.server.WebSession)
OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken)
OAuth2AuthorizedClient(org.springframework.security.oauth2.client.OAuth2AuthorizedClient)
Test(org.junit.jupiter.api.Test)
Aggregations
WebSession (org.springframework.web.server.WebSession)53
Test (org.junit.Test)24
Test (org.junit.jupiter.api.Test)24
Method (java.lang.reflect.Method)3
TestBean (org.springframework.beans.testfixture.beans.TestBean)3
GetMapping (org.springframework.web.bind.annotation.GetMapping)3
HandlerMethod (org.springframework.web.method.HandlerMethod)3
SyncInvocableHandlerMethod (org.springframework.web.reactive.result.method.SyncInvocableHandlerMethod)3
ServerWebExchange (org.springframework.web.server.ServerWebExchange)3
Mono (reactor.core.publisher.Mono)3
Instant (java.time.Instant)2
HashMap (java.util.HashMap)2
Map (java.util.Map)2
BeforeEach (org.junit.jupiter.api.BeforeEach)2
ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)2
BDDMockito.given (org.mockito.BDDMockito.given)2
Mockito.mock (org.mockito.Mockito.mock)2
Mockito.spy (org.mockito.Mockito.spy)2
Mockito.times (org.mockito.Mockito.times)2
Mockito.verify (org.mockito.Mockito.verify)2
