From b5edb58050189e2de78e0eeb019e0e6d269f2cfc Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Tue, 12 Sep 2017 21:56:09 -0500 Subject: [PATCH] Polish reactive config Code Checkstyle fixes --- .../reactive/EnableWebFluxSecurityTests.java | 12 ++-- .../server/AuthorizeExchangeBuilderTests.java | 23 +++---- .../config/web/server/HeaderBuilderTests.java | 62 ++++++++++--------- .../config/web/server/HttpSecurityTests.java | 19 +++--- 4 files changed, 61 insertions(+), 55 deletions(-) diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurityTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurityTests.java index 02632236c1..596071bb23 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurityTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurityTests.java @@ -66,7 +66,7 @@ public class EnableWebFluxSecurityTests { @Test public void defaultRequiresAuthentication() { - WebTestClient client = WebTestClientBuilder.bindToWebFilters(springSecurityFilterChain).build(); + WebTestClient client = WebTestClientBuilder.bindToWebFilters(this.springSecurityFilterChain).build(); client.get() .uri("/") @@ -81,7 +81,7 @@ public class EnableWebFluxSecurityTests { WebTestClient client = WebTestClientBuilder.bindToWebFilters( (exchange, chain) -> chain.filter(exchange.mutate().principal(Mono.just(currentPrincipal)).build()), - springSecurityFilterChain, + this.springSecurityFilterChain, (exchange,chain) -> Mono.subscriberContext() .flatMap( c -> c.>get(Authentication.class)) @@ -100,7 +100,7 @@ public class EnableWebFluxSecurityTests { @Test public void defaultPopulatesReactorContextWhenAuthenticating() { WebTestClient client = WebTestClientBuilder.bindToWebFilters( - springSecurityFilterChain, + this.springSecurityFilterChain, (exchange,chain) -> Mono.subscriberContext() .flatMap( c -> c.>get(Authentication.class)) @@ -140,7 +140,7 @@ public class EnableWebFluxSecurityTests { @Test public void passwordEncoderBeanIsUsed() { WebTestClient client = WebTestClientBuilder.bindToWebFilters( - springSecurityFilterChain, + this.springSecurityFilterChain, (exchange,chain) -> Mono.subscriberContext() .flatMap( c -> c.>get(Authentication.class)) @@ -185,7 +185,7 @@ public class EnableWebFluxSecurityTests { @Test public void formLoginWorks() { WebTestClient client = WebTestClientBuilder.bindToWebFilters( - springSecurityFilterChain, + this.springSecurityFilterChain, (exchange,chain) -> Mono.subscriberContext() .flatMap( c -> c.>get(Authentication.class)) @@ -227,7 +227,7 @@ public class EnableWebFluxSecurityTests { @Test public void multiWorks() { - WebTestClient client = WebTestClientBuilder.bindToWebFilters(springSecurityFilterChain).build(); + WebTestClient client = WebTestClientBuilder.bindToWebFilters(this.springSecurityFilterChain).build(); client.get() .uri("/api/test") diff --git a/config/src/test/java/org/springframework/security/config/web/server/AuthorizeExchangeBuilderTests.java b/config/src/test/java/org/springframework/security/config/web/server/AuthorizeExchangeBuilderTests.java index f3924b6fff..7a6721cc2b 100644 --- a/config/src/test/java/org/springframework/security/config/web/server/AuthorizeExchangeBuilderTests.java +++ b/config/src/test/java/org/springframework/security/config/web/server/AuthorizeExchangeBuilderTests.java @@ -33,8 +33,8 @@ public class AuthorizeExchangeBuilderTests { @Test public void antMatchersWhenMethodAndPatternsThenDiscriminatesByMethod() { - authorization.pathMatchers(HttpMethod.POST, "/a", "/b").denyAll(); - authorization.anyExchange().permitAll(); + this.authorization.pathMatchers(HttpMethod.POST, "/a", "/b").denyAll(); + this.authorization.anyExchange().permitAll(); WebTestClient client = buildClient(); @@ -62,8 +62,8 @@ public class AuthorizeExchangeBuilderTests { @Test public void antMatchersWhenPatternsThenAnyMethod() { - authorization.pathMatchers("/a", "/b").denyAll(); - authorization.anyExchange().permitAll(); + this.authorization.pathMatchers("/a", "/b").denyAll(); + this.authorization.anyExchange().permitAll(); WebTestClient client = buildClient(); @@ -90,23 +90,24 @@ public class AuthorizeExchangeBuilderTests { @Test(expected = IllegalStateException.class) public void antMatchersWhenNoAccessAndAnotherMatcherThenThrowsException() { - authorization.pathMatchers("/incomplete"); - authorization.pathMatchers("/throws-exception"); + this.authorization.pathMatchers("/incomplete"); + this.authorization.pathMatchers("/throws-exception"); } @Test(expected = IllegalStateException.class) public void anyExchangeWhenFollowedByMatcherThenThrowsException() { - authorization.anyExchange().denyAll(); - authorization.pathMatchers("/never-reached"); + this.authorization.anyExchange().denyAll(); + this.authorization.pathMatchers("/never-reached"); } @Test(expected = IllegalStateException.class) public void buildWhenMatcherDefinedWithNoAccessThenThrowsException() { - authorization.pathMatchers("/incomplete"); - authorization.build(); + this.authorization.pathMatchers("/incomplete"); + this.authorization.build(); } private WebTestClient buildClient() { - return WebTestClientBuilder.bindToWebFilters(new ExceptionTranslationWebFilter(), authorization.build()).build(); + return WebTestClientBuilder.bindToWebFilters(new ExceptionTranslationWebFilter(), + this.authorization.build()).build(); } } diff --git a/config/src/test/java/org/springframework/security/config/web/server/HeaderBuilderTests.java b/config/src/test/java/org/springframework/security/config/web/server/HeaderBuilderTests.java index 606b96ff71..0315bc6406 100644 --- a/config/src/test/java/org/springframework/security/config/web/server/HeaderBuilderTests.java +++ b/config/src/test/java/org/springframework/security/config/web/server/HeaderBuilderTests.java @@ -51,13 +51,15 @@ public class HeaderBuilderTests { @Before public void setup() { - expectedHeaders.add(StrictTransportSecurityHttpHeadersWriter.STRICT_TRANSPORT_SECURITY, "max-age=31536000 ; includeSubDomains"); - expectedHeaders.add(HttpHeaders.CACHE_CONTROL, "no-cache, no-store, max-age=0, must-revalidate"); - expectedHeaders.add(HttpHeaders.PRAGMA, "no-cache"); - expectedHeaders.add(HttpHeaders.EXPIRES, "0"); - expectedHeaders.add(ContentTypeOptionsHttpHeadersWriter.X_CONTENT_OPTIONS, "nosniff"); - expectedHeaders.add(XFrameOptionsHttpHeadersWriter.X_FRAME_OPTIONS, "DENY"); - expectedHeaders.add(XXssProtectionHttpHeadersWriter.X_XSS_PROTECTION, "1 ; mode=block"); + this.expectedHeaders.add(StrictTransportSecurityHttpHeadersWriter.STRICT_TRANSPORT_SECURITY, "max-age=31536000 ; includeSubDomains"); + this.expectedHeaders.add(HttpHeaders.CACHE_CONTROL, "no-cache, no-store, max-age=0, must-revalidate"); + this.expectedHeaders.add(HttpHeaders.PRAGMA, "no-cache"); + this.expectedHeaders.add(HttpHeaders.EXPIRES, "0"); + this.expectedHeaders + .add(ContentTypeOptionsHttpHeadersWriter.X_CONTENT_OPTIONS, "nosniff"); + this.expectedHeaders.add(XFrameOptionsHttpHeadersWriter.X_FRAME_OPTIONS, "DENY"); + this.expectedHeaders + .add(XXssProtectionHttpHeadersWriter.X_XSS_PROTECTION, "1 ; mode=block"); } @Test @@ -67,61 +69,62 @@ public class HeaderBuilderTests { @Test public void headersWhenCacheDisableThenCacheNotWritten() { - expectedHeaders.remove(HttpHeaders.CACHE_CONTROL); - expectedHeaders.remove(HttpHeaders.PRAGMA); - expectedHeaders.remove(HttpHeaders.EXPIRES); - headers.cache().disable(); + this.expectedHeaders.remove(HttpHeaders.CACHE_CONTROL); + this.expectedHeaders.remove(HttpHeaders.PRAGMA); + this.expectedHeaders.remove(HttpHeaders.EXPIRES); + this.headers.cache().disable(); assertHeaders(); } @Test public void headersWhenContentOptionsDisableThenContentTypeOptionsNotWritten() { - expectedHeaders.remove(ContentTypeOptionsHttpHeadersWriter.X_CONTENT_OPTIONS); - headers.contentTypeOptions().disable(); + this.expectedHeaders.remove(ContentTypeOptionsHttpHeadersWriter.X_CONTENT_OPTIONS); + this.headers.contentTypeOptions().disable(); assertHeaders(); } @Test public void headersWhenHstsDisableThenHstsNotWritten() { - expectedHeaders.remove(StrictTransportSecurityHttpHeadersWriter.STRICT_TRANSPORT_SECURITY); - headers.hsts().disable(); + this.expectedHeaders.remove(StrictTransportSecurityHttpHeadersWriter.STRICT_TRANSPORT_SECURITY); + this.headers.hsts().disable(); assertHeaders(); } @Test public void headersWhenHstsCustomThenCustomHstsWritten() { - expectedHeaders.remove(StrictTransportSecurityHttpHeadersWriter.STRICT_TRANSPORT_SECURITY); - expectedHeaders.add(StrictTransportSecurityHttpHeadersWriter.STRICT_TRANSPORT_SECURITY, "max-age=60"); - headers.hsts().maxAge(Duration.ofSeconds(60)); - headers.hsts().includeSubdomains(false); + this.expectedHeaders.remove(StrictTransportSecurityHttpHeadersWriter.STRICT_TRANSPORT_SECURITY); + this.expectedHeaders.add(StrictTransportSecurityHttpHeadersWriter.STRICT_TRANSPORT_SECURITY, "max-age=60"); + this.headers.hsts().maxAge(Duration.ofSeconds(60)); + this.headers.hsts().includeSubdomains(false); assertHeaders(); } @Test public void headersWhenFrameOptionsDisableThenFrameOptionsNotWritten() { - expectedHeaders.remove(XFrameOptionsHttpHeadersWriter.X_FRAME_OPTIONS); - headers.frameOptions().disable(); + this.expectedHeaders.remove(XFrameOptionsHttpHeadersWriter.X_FRAME_OPTIONS); + this.headers.frameOptions().disable(); assertHeaders(); } @Test public void headersWhenFrameOptionsModeThenFrameOptionsCustomMode() { - expectedHeaders.remove(XFrameOptionsHttpHeadersWriter.X_FRAME_OPTIONS); - expectedHeaders.add(XFrameOptionsHttpHeadersWriter.X_FRAME_OPTIONS, "SAMEORIGIN"); - headers.frameOptions().mode(XFrameOptionsHttpHeadersWriter.Mode.SAMEORIGIN); + this.expectedHeaders.remove(XFrameOptionsHttpHeadersWriter.X_FRAME_OPTIONS); + this.expectedHeaders + .add(XFrameOptionsHttpHeadersWriter.X_FRAME_OPTIONS, "SAMEORIGIN"); + this.headers.frameOptions().mode(XFrameOptionsHttpHeadersWriter.Mode.SAMEORIGIN); assertHeaders(); } @Test public void headersWhenXssProtectionDisableThenXssProtectionNotWritten() { - expectedHeaders.remove("X-Xss-Protection"); - headers.xssProtection().disable(); + this.expectedHeaders.remove("X-Xss-Protection"); + this.headers.xssProtection().disable(); assertHeaders(); } @@ -134,12 +137,13 @@ public class HeaderBuilderTests { .returnResult(String.class); Map> responseHeaders = response.getResponseHeaders(); - ignoredHeaderNames.stream().forEach(responseHeaders::remove); + this.ignoredHeaderNames.stream().forEach(responseHeaders::remove); - assertThat(responseHeaders).describedAs(response.toString()).isEqualTo(expectedHeaders); + assertThat(responseHeaders).describedAs(response.toString()).isEqualTo( + this.expectedHeaders); } private WebTestClient buildClient() { - return WebTestClientBuilder.bindToWebFilters(headers.build()).build(); + return WebTestClientBuilder.bindToWebFilters(this.headers.build()).build(); } } diff --git a/config/src/test/java/org/springframework/security/config/web/server/HttpSecurityTests.java b/config/src/test/java/org/springframework/security/config/web/server/HttpSecurityTests.java index 98acc1b904..f0cbab8c86 100644 --- a/config/src/test/java/org/springframework/security/config/web/server/HttpSecurityTests.java +++ b/config/src/test/java/org/springframework/security/config/web/server/HttpSecurityTests.java @@ -56,12 +56,12 @@ public class HttpSecurityTests { @Before public void setup() { - http = HttpSecurity.http(); + this.http = HttpSecurity.http(); } @Test public void defaults() { - http.securityContextRepository(this.contextRepository); + this.http.securityContextRepository(this.contextRepository); WebTestClient client = buildClient(); @@ -73,17 +73,17 @@ public class HttpSecurityTests { assertThat(result.getResponseCookies()).isEmpty(); // there is no need to try and load the SecurityContext by default - verifyZeroInteractions(contextRepository); + verifyZeroInteractions(this.contextRepository); } @Test public void basic() { given(this.authenticationManager.authenticate(any())).willReturn(Mono.just(new TestingAuthenticationToken("rob", "rob", "ROLE_USER", "ROLE_ADMIN"))); - http.securityContextRepository(new WebSessionSecurityContextRepository()); - http.httpBasic(); - http.authenticationManager(authenticationManager); - HttpSecurity.AuthorizeExchangeBuilder authorize = http.authorizeExchange(); + this.http.securityContextRepository(new WebSessionSecurityContextRepository()); + this.http.httpBasic(); + this.http.authenticationManager(this.authenticationManager); + HttpSecurity.AuthorizeExchangeBuilder authorize = this.http.authorizeExchange(); authorize.anyExchange().authenticated(); WebTestClient client = buildClient(); @@ -105,7 +105,7 @@ public class HttpSecurityTests { @Test public void basicWhenNoCredentialsThenUnauthorized() { - http.authorizeExchange().anyExchange().authenticated(); + this.http.authorizeExchange().anyExchange().authenticated(); WebTestClient client = buildClient(); client @@ -118,7 +118,8 @@ public class HttpSecurityTests { } private WebTestClient buildClient() { - WebFilterChainFilter springSecurityFilterChain = WebFilterChainFilter.fromSecurityWebFilterChains(http.build()); + WebFilterChainFilter springSecurityFilterChain = WebFilterChainFilter.fromSecurityWebFilterChains( + this.http.build()); return WebTestClientBuilder.bindToWebFilters(springSecurityFilterChain).build(); } }