GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Improve Readablility of JSON test strings 

This improves the readability of the JSON strings used for
testing JSON serialize / deserialize of Spring Security

Issue gh-3736
pull/4057/head
Rob Winch 9 years ago
parent
d4c48dd3e1
commit
bd925313af
13 changed files with 369 additions and 213 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 109
      cas/src/test/java/org/springframework/security/cas/jackson2/CasAuthenticationTokenMixinTests.java
  2. 9
      core/src/test/java/org/springframework/security/jackson2/AbstractMixinTests.java
  3. 33
      core/src/test/java/org/springframework/security/jackson2/AnonymousAuthenticationTokenMixinTests.java
  4. 53
      core/src/test/java/org/springframework/security/jackson2/RememberMeAuthenticationTokenMixinTests.java
  5. 24
      core/src/test/java/org/springframework/security/jackson2/SecurityContextMixinTests.java
  6. 16
      core/src/test/java/org/springframework/security/jackson2/SimpleGrantedAuthorityMixinTests.java
  7. 83
      core/src/test/java/org/springframework/security/jackson2/UserDeserializerTests.java
  8. 78
      core/src/test/java/org/springframework/security/jackson2/UsernamePasswordAuthenticationTokenMixinTests.java
  9. 20
      web/src/test/java/org/springframework/security/web/jackson2/CookieMixinTests.java
  10. 17
      web/src/test/java/org/springframework/security/web/jackson2/DefaultCsrfTokenMixinTests.java
  11. 57
      web/src/test/java/org/springframework/security/web/jackson2/DefaultSavedRequestMixinTests.java
  12. 66
      web/src/test/java/org/springframework/security/web/jackson2/SavedCookieMixinTests.java
  13. 17
      web/src/test/java/org/springframework/security/web/jackson2/WebAuthenticationDetailsMixinTests.java

109
cas/src/test/java/org/springframework/security/cas/jackson2/CasAuthenticationTokenMixinTests.java
Unescape View File

@ -45,42 +45,62 @@ import static org.assertj.core.api.Assertions.assertThat;
*/ */
public class CasAuthenticationTokenMixinTests { public class CasAuthenticationTokenMixinTests {
private final String KEY = "casKey"; private static final String KEY = "casKey";
private final String PASSWORD = "pass"; private static final String PASSWORD = "\"1234\"";
Date startDate = new Date(); private static final Date START_DATE = new Date();
Date endDate = new Date(); private static final Date END_DATE = new Date();
String expectedJson = "{\"@class\": \"org.springframework.security.cas.authentication.CasAuthenticationToken\", \"keyHash\": " + KEY.hashCode() + "," +
"\"principal\": {\"@class\": \"org.springframework.security.core.userdetails.User\", \"username\": \"username\", \"password\": %s, \"accountNonExpired\": true, \"enabled\": true," +
"\"accountNonLocked\": true, \"credentialsNonExpired\": true, \"authorities\": [\"java.util.Collections$UnmodifiableSet\"," +
"[{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"USER\"}]]}, \"credentials\": \"" + PASSWORD + "\", \"authorities\": [\"java.util.ArrayList\", [{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]," +
"\"userDetails\": {\"@class\": \"org.springframework.security.core.userdetails.User\",\"username\": \"user\", \"password\": \"" + PASSWORD + "\", \"enabled\": true, \"accountNonExpired\": true, \"accountNonLocked\": true, \"credentialsNonExpired\": true, \"authorities\": [\"java.util.Collections$UnmodifiableSet\", [{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]}," +
"\"authenticated\": true, \"details\": null," +
"\"assertion\": {" +
"\"@class\": \"org.jasig.cas.client.validation.AssertionImpl\", \"principal\": {\"@class\": \"org.jasig.cas.client.authentication.AttributePrincipalImpl\", \"name\": \"assertName\", \"attributes\": {\"@class\": \"java.util.Collections$EmptyMap\"}, \"proxyGrantingTicket\": null, \"proxyRetriever\": null}, " +
"\"validFromDate\": [\"java.util.Date\", " + startDate.getTime() + "], \"validUntilDate\": [\"java.util.Date\", " + endDate.getTime() + "]," +
"\"authenticationDate\": [\"java.util.Date\", " + startDate.getTime() + "], \"attributes\": {\"@class\": \"java.util.Collections$EmptyMap\"}" +
"}}";
private CasAuthenticationToken createCasAuthenticationToken() { public static final String AUTHORITY_JSON = "{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}";
User principal = new User("username", PASSWORD, Collections.singletonList(new SimpleGrantedAuthority("USER")));
Collection<? extends GrantedAuthority> authorities = Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"));
Assertion assertion = new AssertionImpl(new AttributePrincipalImpl("assertName"), startDate, endDate, startDate, Collections.<String, Object>emptyMap());
return new CasAuthenticationToken(KEY, principal, principal.getPassword(), authorities,
new User("user", PASSWORD, authorities), assertion);
}
ObjectMapper buildObjectMapper() { public static final String AUTHORITIES_SET_JSON = "[\"java.util.Collections$UnmodifiableSet\", [" + AUTHORITY_JSON + "]]";
ClassLoader loader = getClass().getClassLoader();
ObjectMapper mapper = new ObjectMapper(); public static final String AUTHORITIES_ARRAYLIST_JSON = "[\"java.util.ArrayList\", [" + AUTHORITY_JSON + "]]";
mapper.registerModules(SecurityJacksonModules.getModules(loader));
return mapper; // @formatter:off
} public static final String USER_JSON = "{"
+ "\"@class\": \"org.springframework.security.core.userdetails.User\", "
+ "\"username\": \"admin\","
+ " \"password\": " + PASSWORD + ", "
+ "\"accountNonExpired\": true, "
+ "\"accountNonLocked\": true, "
+ "\"credentialsNonExpired\": true, "
+ "\"enabled\": true, "
+ "\"authorities\": " + AUTHORITIES_SET_JSON
+ "}";
// @formatter:on
private static final String CAS_TOKEN_JSON = "{"
+ "\"@class\": \"org.springframework.security.cas.authentication.CasAuthenticationToken\", "
+ "\"keyHash\": " + KEY.hashCode() + ","
+ "\"principal\": " + USER_JSON + ", "
+ "\"credentials\": " + PASSWORD + ", "
+ "\"authorities\": " + AUTHORITIES_ARRAYLIST_JSON + ","
+ "\"userDetails\": " + USER_JSON +","
+ "\"authenticated\": true, "
+ "\"details\": null,"
+ "\"assertion\": {"
+ "\"@class\": \"org.jasig.cas.client.validation.AssertionImpl\", "
+ "\"principal\": {"
+ "\"@class\": \"org.jasig.cas.client.authentication.AttributePrincipalImpl\", "
+ "\"name\": \"assertName\", "
+ "\"attributes\": {\"@class\": \"java.util.Collections$EmptyMap\"}, "
+ "\"proxyGrantingTicket\": null, "
+ "\"proxyRetriever\": null"
+ "}, "
+ "\"validFromDate\": [\"java.util.Date\", " + START_DATE.getTime() + "], "
+ "\"validUntilDate\": [\"java.util.Date\", " + END_DATE.getTime() + "],"
+ "\"authenticationDate\": [\"java.util.Date\", " + START_DATE.getTime() + "], "
+ "\"attributes\": {\"@class\": \"java.util.Collections$EmptyMap\"}" +
"}"
+ "}";
private static final String CAS_TOKEN_CLEARED_JSON = CAS_TOKEN_JSON.replaceFirst(PASSWORD, "null");
@Test @Test
public void serializeCasAuthenticationTest() throws JsonProcessingException, JSONException { public void serializeCasAuthenticationTest() throws JsonProcessingException, JSONException {
CasAuthenticationToken token = createCasAuthenticationToken(); CasAuthenticationToken token = createCasAuthenticationToken();
String actualJson = buildObjectMapper().writeValueAsString(token); String actualJson = buildObjectMapper().writeValueAsString(token);
JSONAssert.assertEquals(String.format(expectedJson, "\"" + PASSWORD + "\""), actualJson, true); JSONAssert.assertEquals(CAS_TOKEN_JSON, actualJson, true);
} }
@Test @Test
@ -88,30 +108,45 @@ public class CasAuthenticationTokenMixinTests {
CasAuthenticationToken token = createCasAuthenticationToken(); CasAuthenticationToken token = createCasAuthenticationToken();
token.eraseCredentials(); token.eraseCredentials();
String actualJson = buildObjectMapper().writeValueAsString(token); String actualJson = buildObjectMapper().writeValueAsString(token);
JSONAssert.assertEquals(String.format(expectedJson, "null"), actualJson, true); JSONAssert.assertEquals(CAS_TOKEN_CLEARED_JSON, actualJson, true);
} }
@Test @Test
public void deserializeCasAuthenticationTestAfterEraseCredentialInvoked() throws Exception { public void deserializeCasAuthenticationTestAfterEraseCredentialInvoked() throws Exception {
CasAuthenticationToken token = buildObjectMapper().readValue(String.format(expectedJson, "null"), CasAuthenticationToken.class); CasAuthenticationToken token = buildObjectMapper().readValue(CAS_TOKEN_CLEARED_JSON, CasAuthenticationToken.class);
assertThat(((UserDetails)token.getPrincipal()).getPassword()).isNull(); assertThat(((UserDetails)token.getPrincipal()).getPassword()).isNull();
} }
@Test @Test
public void deserializeCasAuthenticationTest() throws IOException, JSONException { public void deserializeCasAuthenticationTest() throws IOException, JSONException {
CasAuthenticationToken token = buildObjectMapper().readValue(String.format(expectedJson, "\"" + PASSWORD + "\""), CasAuthenticationToken.class); CasAuthenticationToken token = buildObjectMapper().readValue(CAS_TOKEN_JSON, CasAuthenticationToken.class);
assertThat(token).isNotNull(); assertThat(token).isNotNull();
assertThat(token.getPrincipal()).isNotNull().isInstanceOf(User.class); assertThat(token.getPrincipal()).isNotNull().isInstanceOf(User.class);
assertThat(((User) token.getPrincipal()).getUsername()).isEqualTo("username"); assertThat(((User) token.getPrincipal()).getUsername()).isEqualTo("admin");
assertThat(((User) token.getPrincipal()).getPassword()).isEqualTo(PASSWORD); assertThat(((User) token.getPrincipal()).getPassword()).isEqualTo("1234");
assertThat(token.getUserDetails()).isNotNull().isInstanceOf(User.class); assertThat(token.getUserDetails()).isNotNull().isInstanceOf(User.class);
assertThat(token.getAssertion()).isNotNull().isInstanceOf(AssertionImpl.class); assertThat(token.getAssertion()).isNotNull().isInstanceOf(AssertionImpl.class);
assertThat(token.getKeyHash()).isEqualTo(KEY.hashCode()); assertThat(token.getKeyHash()).isEqualTo(KEY.hashCode());
assertThat(token.getUserDetails().getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); assertThat(token.getUserDetails().getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER"));
assertThat(token.getAssertion().getAuthenticationDate()).isEqualTo(startDate); assertThat(token.getAssertion().getAuthenticationDate()).isEqualTo(START_DATE);
assertThat(token.getAssertion().getValidFromDate()).isEqualTo(startDate); assertThat(token.getAssertion().getValidFromDate()).isEqualTo(START_DATE);
assertThat(token.getAssertion().getValidUntilDate()).isEqualTo(endDate); assertThat(token.getAssertion().getValidUntilDate()).isEqualTo(END_DATE);
assertThat(token.getAssertion().getPrincipal().getName()).isEqualTo("assertName"); assertThat(token.getAssertion().getPrincipal().getName()).isEqualTo("assertName");
assertThat(token.getAssertion().getAttributes()).hasSize(0); assertThat(token.getAssertion().getAttributes()).hasSize(0);
} }
private CasAuthenticationToken createCasAuthenticationToken() {
User principal = new User("admin", "1234", Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER")));
Collection<? extends GrantedAuthority> authorities = Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"));
Assertion assertion = new AssertionImpl(new AttributePrincipalImpl("assertName"), START_DATE, END_DATE, START_DATE, Collections.<String, Object>emptyMap());
return new CasAuthenticationToken(KEY, principal, principal.getPassword(), authorities,
new User("admin", "1234", authorities), assertion);
}
ObjectMapper buildObjectMapper() {
ClassLoader loader = getClass().getClassLoader();
ObjectMapper mapper = new ObjectMapper();
mapper.registerModules(SecurityJacksonModules.getModules(loader));
return mapper;
}
} }

9
core/src/test/java/org/springframework/security/jackson2/AbstractMixinTests.java
Unescape View File

@ -17,12 +17,11 @@
package org.springframework.security.jackson2; package org.springframework.security.jackson2;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.User;
import org.springframework.util.ObjectUtils; import org.springframework.util.ObjectUtils;
import java.util.Collections;
/** /**
* @author Jitenra Singh * @author Jitenra Singh
* @since 4.2 * @since 4.2
@ -41,10 +40,10 @@ public abstract class AbstractMixinTests {
} }
User createDefaultUser() { User createDefaultUser() {
return createUser("dummy", "password", "ROLE_USER"); return createUser("admin", "1234", "ROLE_USER");
} }
User createUser(String username, String password, String authority) { User createUser(String username, String password, String authority) {
return new User(username, password, Collections.singletonList(new SimpleGrantedAuthority(authority))); return new User(username, password, AuthorityUtils.createAuthorityList(authority));
} }
} }

33
core/src/test/java/org/springframework/security/jackson2/AnonymousAuthenticationTokenMixinTests.java
Unescape View File

@ -36,38 +36,43 @@ import static org.assertj.core.api.Assertions.assertThat;
*/ */
public class AnonymousAuthenticationTokenMixinTests extends AbstractMixinTests { public class AnonymousAuthenticationTokenMixinTests extends AbstractMixinTests {
String hashKey = "key"; private static final String HASH_KEY = "key";
String anonymousAuthTokenJson = "{\"@class\": \"org.springframework.security.authentication.AnonymousAuthenticationToken\", \"details\": null," +
"\"principal\": {\"@class\": \"org.springframework.security.core.userdetails.User\", \"username\": \"dummy\", \"password\": %s," + // @formatter:off
" \"accountNonExpired\": true, \"enabled\": true, " + private static final String ANONYMOUS_JSON = "{"
"\"accountNonLocked\": true, \"credentialsNonExpired\": true, \"authorities\": [\"java.util.Collections$UnmodifiableSet\"," + + "\"@class\": \"org.springframework.security.authentication.AnonymousAuthenticationToken\", "
"[{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]}, \"authenticated\": true, \"keyHash\": " + hashKey.hashCode() + "," + + "\"details\": null,"
"\"authorities\": [\"java.util.ArrayList\", [{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]}"; + "\"principal\": " + UserDeserializerTests.USER_JSON + ","
+ "\"authenticated\": true, "
+ "\"keyHash\": " + HASH_KEY.hashCode() + ","
+ "\"authorities\": " + SimpleGrantedAuthorityMixinTests.AUTHORITIES_ARRAYLIST_JSON
+ "}";
// @formatter:on
@Test @Test
public void serializeAnonymousAuthenticationTokenTest() throws JsonProcessingException, JSONException { public void serializeAnonymousAuthenticationTokenTest() throws JsonProcessingException, JSONException {
User user = createDefaultUser(); User user = createDefaultUser();
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken( AnonymousAuthenticationToken token = new AnonymousAuthenticationToken(
hashKey, user, user.getAuthorities() HASH_KEY, user, user.getAuthorities()
); );
String actualJson = buildObjectMapper().writeValueAsString(token); String actualJson = buildObjectMapper().writeValueAsString(token);
JSONAssert.assertEquals(String.format(anonymousAuthTokenJson, "\"password\""), actualJson, true); JSONAssert.assertEquals(ANONYMOUS_JSON, actualJson, true);
} }
@Test @Test
public void deserializeAnonymousAuthenticationTokenTest() throws IOException { public void deserializeAnonymousAuthenticationTokenTest() throws IOException {
AnonymousAuthenticationToken token = buildObjectMapper() AnonymousAuthenticationToken token = buildObjectMapper()
.readValue(String.format(anonymousAuthTokenJson,"\"password\""), AnonymousAuthenticationToken.class); .readValue(ANONYMOUS_JSON, AnonymousAuthenticationToken.class);
assertThat(token).isNotNull(); assertThat(token).isNotNull();
assertThat(token.getKeyHash()).isEqualTo(hashKey.hashCode()); assertThat(token.getKeyHash()).isEqualTo(HASH_KEY.hashCode());
assertThat(token.getAuthorities()).isNotNull().hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); assertThat(token.getAuthorities()).isNotNull().hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER"));
} }
@Test(expected = JsonMappingException.class) @Test(expected = JsonMappingException.class)
public void deserializeAnonymousAuthenticationTokenWithoutAuthoritiesTest() throws IOException { public void deserializeAnonymousAuthenticationTokenWithoutAuthoritiesTest() throws IOException {
String jsonString = "{\"@class\": \"org.springframework.security.authentication.AnonymousAuthenticationToken\", \"details\": null," + String jsonString = "{\"@class\": \"org.springframework.security.authentication.AnonymousAuthenticationToken\", \"details\": null," +
"\"principal\": \"user\", \"authenticated\": true, \"keyHash\": " + hashKey.hashCode() + "," + "\"principal\": \"user\", \"authenticated\": true, \"keyHash\": " + HASH_KEY.hashCode() + "," +
"\"authorities\": [\"java.util.ArrayList\", []]}"; "\"authorities\": [\"java.util.ArrayList\", []]}";
buildObjectMapper().readValue(jsonString, AnonymousAuthenticationToken.class); buildObjectMapper().readValue(jsonString, AnonymousAuthenticationToken.class);
} }
@ -76,10 +81,10 @@ public class AnonymousAuthenticationTokenMixinTests extends AbstractMixinTests {
public void serializeAnonymousAuthenticationTokenMixinAfterEraseCredentialTest() throws JsonProcessingException, JSONException { public void serializeAnonymousAuthenticationTokenMixinAfterEraseCredentialTest() throws JsonProcessingException, JSONException {
User user = createDefaultUser(); User user = createDefaultUser();
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken( AnonymousAuthenticationToken token = new AnonymousAuthenticationToken(
hashKey, user, user.getAuthorities() HASH_KEY, user, user.getAuthorities()
); );
token.eraseCredentials(); token.eraseCredentials();
String actualJson = buildObjectMapper().writeValueAsString(token); String actualJson = buildObjectMapper().writeValueAsString(token);
JSONAssert.assertEquals(String.format(anonymousAuthTokenJson, "null"), actualJson, true); JSONAssert.assertEquals(ANONYMOUS_JSON.replace(UserDeserializerTests.USER_PASSWORD, "null"), actualJson, true);
} }
} }

53
core/src/test/java/org/springframework/security/jackson2/RememberMeAuthenticationTokenMixinTests.java
Unescape View File

@ -36,17 +36,28 @@ import static org.assertj.core.api.Assertions.assertThat;
*/ */
public class RememberMeAuthenticationTokenMixinTests extends AbstractMixinTests { public class RememberMeAuthenticationTokenMixinTests extends AbstractMixinTests {
String rememberMeKey = "rememberMe"; private static final String REMEMBERME_KEY = "rememberMe";
String rememberMeAuthTokenJson = "{\"@class\": \"org.springframework.security.authentication.RememberMeAuthenticationToken\"," +
"\"keyHash\": " + rememberMeKey.hashCode() + ", \"authenticated\": true, \"details\": null," +
"\"principal\": {\"@class\": \"org.springframework.security.core.userdetails.User\", \"username\": \"dummy\", \"password\": %s," +
" \"enabled\": true, \"accountNonExpired\": true, \"accountNonLocked\": true, \"credentialsNonExpired\": true, " +
"\"authorities\": [\"java.util.Collections$UnmodifiableSet\", [{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]}," +
"\"authorities\": [\"java.util.ArrayList\", [{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]}";
String rememberMeAuthTokenWithoutUserJson = "{\"@class\": \"org.springframework.security.authentication.RememberMeAuthenticationToken\"," + // @formatter:off
"\"keyHash\": " + rememberMeKey.hashCode() + ", \"authenticated\": true, \"details\": null," + private static final String REMEMBERME_AUTH_JSON = "{"
"\"principal\": \"dummy\", \"authorities\": [\"java.util.ArrayList\", [{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]}"; + "\"@class\": \"org.springframework.security.authentication.RememberMeAuthenticationToken\", "
+ "\"keyHash\": " + REMEMBERME_KEY.hashCode() + ", "
+ "\"authenticated\": true, \"details\": null" + ", "
+ "\"principal\": " + UserDeserializerTests.USER_JSON + ", "
+ "\"authorities\": " + SimpleGrantedAuthorityMixinTests.AUTHORITIES_ARRAYLIST_JSON
+ "}";
// @formatter:on
// @formatter:off
private static final String REMEMBERME_AUTH_STRINGPRINCIPAL_JSON = "{"
+ "\"@class\": \"org.springframework.security.authentication.RememberMeAuthenticationToken\","
+ "\"keyHash\": " + REMEMBERME_KEY.hashCode() + ", "
+ "\"authenticated\": true, "
+ "\"details\": null,"
+ "\"principal\": \"admin\", "
+ "\"authorities\": " + SimpleGrantedAuthorityMixinTests.AUTHORITIES_ARRAYLIST_JSON
+ "}";
// @formatter:on
@Test(expected = IllegalArgumentException.class) @Test(expected = IllegalArgumentException.class)
public void testWithNullPrincipal() throws JsonProcessingException, JSONException { public void testWithNullPrincipal() throws JsonProcessingException, JSONException {
@ -60,44 +71,44 @@ public class RememberMeAuthenticationTokenMixinTests extends AbstractMixinTests
@Test @Test
public void serializeRememberMeAuthenticationToken() throws JsonProcessingException, JSONException { public void serializeRememberMeAuthenticationToken() throws JsonProcessingException, JSONException {
RememberMeAuthenticationToken token = new RememberMeAuthenticationToken(rememberMeKey, "dummy", Collections.singleton(new SimpleGrantedAuthority("ROLE_USER"))); RememberMeAuthenticationToken token = new RememberMeAuthenticationToken(REMEMBERME_KEY, "admin", Collections.singleton(new SimpleGrantedAuthority("ROLE_USER")));
String actualJson = buildObjectMapper().writeValueAsString(token); String actualJson = buildObjectMapper().writeValueAsString(token);
JSONAssert.assertEquals(rememberMeAuthTokenWithoutUserJson, actualJson, true); JSONAssert.assertEquals(REMEMBERME_AUTH_STRINGPRINCIPAL_JSON, actualJson, true);
} }
@Test @Test
public void serializeRememberMeAuthenticationWithUserToken() throws JsonProcessingException, JSONException { public void serializeRememberMeAuthenticationWithUserToken() throws JsonProcessingException, JSONException {
User user = createDefaultUser(); User user = createDefaultUser();
RememberMeAuthenticationToken token = new RememberMeAuthenticationToken(rememberMeKey, user, user.getAuthorities()); RememberMeAuthenticationToken token = new RememberMeAuthenticationToken(REMEMBERME_KEY, user, user.getAuthorities());
String actualJson = buildObjectMapper().writeValueAsString(token); String actualJson = buildObjectMapper().writeValueAsString(token);
JSONAssert.assertEquals(String.format(rememberMeAuthTokenJson, "\"password\""), actualJson, true); JSONAssert.assertEquals(String.format(REMEMBERME_AUTH_JSON, "\"password\""), actualJson, true);
} }
@Test @Test
public void serializeRememberMeAuthenticationWithUserTokenAfterEraseCredential() throws JsonProcessingException, JSONException { public void serializeRememberMeAuthenticationWithUserTokenAfterEraseCredential() throws JsonProcessingException, JSONException {
User user = createDefaultUser(); User user = createDefaultUser();
RememberMeAuthenticationToken token = new RememberMeAuthenticationToken(rememberMeKey, user, user.getAuthorities()); RememberMeAuthenticationToken token = new RememberMeAuthenticationToken(REMEMBERME_KEY, user, user.getAuthorities());
token.eraseCredentials(); token.eraseCredentials();
String actualJson = buildObjectMapper().writeValueAsString(token); String actualJson = buildObjectMapper().writeValueAsString(token);
JSONAssert.assertEquals(String.format(rememberMeAuthTokenJson, "null"), actualJson, true); JSONAssert.assertEquals(REMEMBERME_AUTH_JSON.replace(UserDeserializerTests.USER_PASSWORD, "null"), actualJson, true);
} }
@Test @Test
public void deserializeRememberMeAuthenticationToken() throws IOException { public void deserializeRememberMeAuthenticationToken() throws IOException {
RememberMeAuthenticationToken token = buildObjectMapper().readValue(rememberMeAuthTokenWithoutUserJson, RememberMeAuthenticationToken.class); RememberMeAuthenticationToken token = buildObjectMapper().readValue(REMEMBERME_AUTH_STRINGPRINCIPAL_JSON, RememberMeAuthenticationToken.class);
assertThat(token).isNotNull(); assertThat(token).isNotNull();
assertThat(token.getPrincipal()).isNotNull().isEqualTo("dummy").isEqualTo(token.getName()); assertThat(token.getPrincipal()).isNotNull().isEqualTo("admin").isEqualTo(token.getName());
assertThat(token.getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); assertThat(token.getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER"));
} }
@Test @Test
public void deserializeRememberMeAuthenticationTokenWithUserTest() throws IOException { public void deserializeRememberMeAuthenticationTokenWithUserTest() throws IOException {
RememberMeAuthenticationToken token = buildObjectMapper() RememberMeAuthenticationToken token = buildObjectMapper()
.readValue(String.format(rememberMeAuthTokenJson, "\"password\""), RememberMeAuthenticationToken.class); .readValue(String.format(REMEMBERME_AUTH_JSON, "\"password\""), RememberMeAuthenticationToken.class);
assertThat(token).isNotNull(); assertThat(token).isNotNull();
assertThat(token.getPrincipal()).isNotNull().isInstanceOf(User.class); assertThat(token.getPrincipal()).isNotNull().isInstanceOf(User.class);
assertThat(((User)token.getPrincipal()).getUsername()).isEqualTo("dummy"); assertThat(((User)token.getPrincipal()).getUsername()).isEqualTo("admin");
assertThat(((User)token.getPrincipal()).getPassword()).isEqualTo("password"); assertThat(((User)token.getPrincipal()).getPassword()).isEqualTo("1234");
assertThat(((User) token.getPrincipal()).getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); assertThat(((User) token.getPrincipal()).getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER"));
assertThat(token.getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); assertThat(token.getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER"));
assertThat(((User) token.getPrincipal()).isEnabled()).isEqualTo(true); assertThat(((User) token.getPrincipal()).isEnabled()).isEqualTo(true);

24
core/src/test/java/org/springframework/security/jackson2/SecurityContextMixinTests.java
Unescape View File

@ -36,29 +36,29 @@ import static org.assertj.core.api.Assertions.assertThat;
*/ */
public class SecurityContextMixinTests extends AbstractMixinTests { public class SecurityContextMixinTests extends AbstractMixinTests {
String securityContextJson = "{\"@class\": \"org.springframework.security.core.context.SecurityContextImpl\", \"authentication\": " + // @formatter:off
"{\"@class\": \"org.springframework.security.authentication.UsernamePasswordAuthenticationToken\"," + public static final String SECURITY_CONTEXT_JSON = "{"
"\"principal\": \"dummy\", \"credentials\": \"password\", \"authenticated\": true, \"details\": null," + + "\"@class\": \"org.springframework.security.core.context.SecurityContextImpl\", "
"\"authorities\": [\"java.util.ArrayList\", [{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]" + + "\"authentication\": " + UsernamePasswordAuthenticationTokenMixinTests.AUTHENTICATED_STRINGPRINCIPAL_JSON
"}" + + "}";
"}"; // @formatter:on
@Test @Test
public void securityContextSerializeTest() throws JsonProcessingException, JSONException { public void securityContextSerializeTest() throws JsonProcessingException, JSONException {
SecurityContext context = new SecurityContextImpl(); SecurityContext context = new SecurityContextImpl();
context.setAuthentication(new UsernamePasswordAuthenticationToken("dummy", "password", Collections.singleton(new SimpleGrantedAuthority("ROLE_USER")))); context.setAuthentication(new UsernamePasswordAuthenticationToken("admin", "1234", Collections.singleton(new SimpleGrantedAuthority("ROLE_USER"))));
String actualJson = buildObjectMapper().writeValueAsString(context); String actualJson = buildObjectMapper().writeValueAsString(context);
JSONAssert.assertEquals(securityContextJson, actualJson, true); JSONAssert.assertEquals(SECURITY_CONTEXT_JSON, actualJson, true);
} }
@Test @Test
public void securityContextDeserializeTest() throws IOException { public void securityContextDeserializeTest() throws IOException {
SecurityContext context = buildObjectMapper().readValue(securityContextJson, SecurityContextImpl.class); SecurityContext context = buildObjectMapper().readValue(SECURITY_CONTEXT_JSON, SecurityContextImpl.class);
assertThat(context).isNotNull(); assertThat(context).isNotNull();
assertThat(context.getAuthentication()).isNotNull().isInstanceOf(UsernamePasswordAuthenticationToken.class); assertThat(context.getAuthentication()).isNotNull().isInstanceOf(UsernamePasswordAuthenticationToken.class);
assertThat(context.getAuthentication().getPrincipal()).isEqualTo("dummy"); assertThat(context.getAuthentication().getPrincipal()).isEqualTo("admin");
assertThat(context.getAuthentication().getCredentials()).isEqualTo("password"); assertThat(context.getAuthentication().getCredentials()).isEqualTo("1234");
assertThat(context.getAuthentication().isAuthenticated()).isEqualTo(true); assertThat(context.getAuthentication().isAuthenticated()).isTrue();
assertThat(context.getAuthentication().getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); assertThat(context.getAuthentication().getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER"));
} }
} }

16
core/src/test/java/org/springframework/security/jackson2/SimpleGrantedAuthorityMixinTests.java
Unescape View File

@ -33,18 +33,28 @@ import static org.assertj.core.api.Assertions.*;
*/ */
public class SimpleGrantedAuthorityMixinTests extends AbstractMixinTests { public class SimpleGrantedAuthorityMixinTests extends AbstractMixinTests {
String simpleGrantedAuthorityJson = "{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}"; // @formatter:off
public static final String AUTHORITY_JSON = "{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}";
public static final String AUTHORITIES_ARRAYLIST_JSON = "[\"java.util.ArrayList\", [" + AUTHORITY_JSON + "]]";
public static final String AUTHORITIES_SET_JSON = "[\"java.util.Collections$UnmodifiableSet\", [" + AUTHORITY_JSON + "]]";
public static final String NO_AUTHORITIES_ARRAYLIST_JSON = "[\"java.util.ArrayList\", []]";
public static final String NO_AUTHORITIES_SET_JSON = "[\"java.util.Collections$UnmodifiableSet\", []]";
// @formatter:on
@Test @Test
public void serializeSimpleGrantedAuthorityTest() throws JsonProcessingException, JSONException { public void serializeSimpleGrantedAuthorityTest() throws JsonProcessingException, JSONException {
SimpleGrantedAuthority authority = new SimpleGrantedAuthority("ROLE_USER"); SimpleGrantedAuthority authority = new SimpleGrantedAuthority("ROLE_USER");
String serializeJson = buildObjectMapper().writeValueAsString(authority); String serializeJson = buildObjectMapper().writeValueAsString(authority);
JSONAssert.assertEquals(simpleGrantedAuthorityJson, serializeJson, true); JSONAssert.assertEquals(AUTHORITY_JSON, serializeJson, true);
} }
@Test @Test
public void deserializeGrantedAuthorityTest() throws IOException { public void deserializeGrantedAuthorityTest() throws IOException {
SimpleGrantedAuthority authority = buildObjectMapper().readValue(simpleGrantedAuthorityJson, SimpleGrantedAuthority.class); SimpleGrantedAuthority authority = buildObjectMapper().readValue(AUTHORITY_JSON, SimpleGrantedAuthority.class);
assertThat(authority).isNotNull(); assertThat(authority).isNotNull();
assertThat(authority.getAuthority()).isNotNull().isEqualTo("ROLE_USER"); assertThat(authority.getAuthority()).isNotNull().isEqualTo("ROLE_USER");
} }

83
core/src/test/java/org/springframework/security/jackson2/UserDeserializerTests.java
Unescape View File

@ -16,18 +16,21 @@
package org.springframework.security.jackson2; package org.springframework.security.jackson2;
import java.io.IOException;
import java.util.Collections;
import java.util.regex.Pattern;
import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import org.json.JSONException; import org.json.JSONException;
import org.junit.Test; import org.junit.Test;
import org.skyscreamer.jsonassert.JSONAssert; import org.skyscreamer.jsonassert.JSONAssert;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.User;
import java.io.IOException;
import java.util.Collections;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
/** /**
@ -35,21 +38,27 @@ import static org.assertj.core.api.Assertions.assertThat;
* @since 4.2 * @since 4.2
*/ */
public class UserDeserializerTests extends AbstractMixinTests { public class UserDeserializerTests extends AbstractMixinTests {
public static final String USER_PASSWORD = "\"1234\"";
String userWithAuthoritiesJson = "{\"@class\": \"org.springframework.security.core.userdetails.User\", \"username\": \"admin\"," + // @formatter:off
" \"password\": %s, \"accountNonExpired\": true, \"accountNonLocked\": true, \"credentialsNonExpired\": true, " + public static final String USER_JSON = "{"
"\"enabled\": true, \"authorities\": [\"java.util.Collections$UnmodifiableSet\", [{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]}"; + "\"@class\": \"org.springframework.security.core.userdetails.User\", "
+ "\"username\": \"admin\","
String userWithoutAuthoritiesJson = "{\"@class\": \"org.springframework.security.core.userdetails.User\", \"username\": \"admin\"," + + " \"password\": "+ USER_PASSWORD +", "
" \"password\": \"1234\", \"accountNonExpired\": true, \"accountNonLocked\": true, \"credentialsNonExpired\": true," + + "\"accountNonExpired\": true, "
" \"enabled\": true, \"authorities\": [\"java.util.Collections$UnmodifiableSet\", []]}"; + "\"accountNonLocked\": true, "
+ "\"credentialsNonExpired\": true, "
+ "\"enabled\": true, "
+ "\"authorities\": " + SimpleGrantedAuthorityMixinTests.AUTHORITIES_SET_JSON
+ "}";
// @formatter:on
@Test @Test
public void serializeUserTest() throws JsonProcessingException, JSONException { public void serializeUserTest() throws JsonProcessingException, JSONException {
ObjectMapper mapper = buildObjectMapper(); ObjectMapper mapper = buildObjectMapper();
User user = new User("admin", "1234", Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))); User user = createDefaultUser();
String userJson = mapper.writeValueAsString(user); String userJson = mapper.writeValueAsString(user);
JSONAssert.assertEquals(String.format(userWithAuthoritiesJson, "\"1234\""), userJson, true); JSONAssert.assertEquals(userWithPasswordJson(user.getPassword()), userJson, true);
} }
@Test @Test
@ -57,26 +66,23 @@ public class UserDeserializerTests extends AbstractMixinTests {
ObjectMapper mapper = buildObjectMapper(); ObjectMapper mapper = buildObjectMapper();
User user = new User("admin", "1234", Collections.<GrantedAuthority>emptyList()); User user = new User("admin", "1234", Collections.<GrantedAuthority>emptyList());
String userJson = mapper.writeValueAsString(user); String userJson = mapper.writeValueAsString(user);
JSONAssert.assertEquals(userWithoutAuthoritiesJson, userJson, true); JSONAssert.assertEquals(userWithNoAuthoritiesJson(), userJson, true);
} }
@Test(expected = IllegalArgumentException.class) @Test(expected = IllegalArgumentException.class)
public void deserializeUserWithNullPasswordEmptyAuthorityTest() throws IOException { public void deserializeUserWithNullPasswordEmptyAuthorityTest() throws IOException {
String userJsonWithoutPasswordString = "{\"@class\": \"org.springframework.security.core.userdetails.User\", " + String userJsonWithoutPasswordString = USER_JSON.replace(SimpleGrantedAuthorityMixinTests.AUTHORITIES_SET_JSON, "[]");
"\"username\": \"user\", \"accountNonExpired\": true, " +
"\"accountNonLocked\": true, \"credentialsNonExpired\": true, \"enabled\": true, " +
"\"authorities\": []}";
ObjectMapper mapper = buildObjectMapper(); ObjectMapper mapper = buildObjectMapper();
mapper.readValue(userJsonWithoutPasswordString, User.class); mapper.readValue(userJsonWithoutPasswordString, User.class);
} }
@Test @Test
public void deserializeUserWithNullPasswordNoAuthorityTest() throws IOException { public void deserializeUserWithNullPasswordNoAuthorityTest() throws Exception {
String userJsonWithoutPasswordString = "{\"@class\": \"org.springframework.security.core.userdetails.User\", " +
"\"username\": \"admin\", \"accountNonExpired\": true, " +
"\"accountNonLocked\": true, \"credentialsNonExpired\": true, \"enabled\": true, " +
"\"authorities\": [\"java.util.HashSet\", []]}";
ObjectMapper mapper = buildObjectMapper(); ObjectMapper mapper = buildObjectMapper();
String userJsonWithoutPasswordString = removeNode(userWithNoAuthoritiesJson(), mapper, "password");
User user = mapper.readValue(userJsonWithoutPasswordString, User.class); User user = mapper.readValue(userJsonWithoutPasswordString, User.class);
assertThat(user).isNotNull(); assertThat(user).isNotNull();
assertThat(user.getUsername()).isEqualTo("admin"); assertThat(user.getUsername()).isEqualTo("admin");
@ -86,20 +92,39 @@ public class UserDeserializerTests extends AbstractMixinTests {
} }
@Test(expected = IllegalArgumentException.class) @Test(expected = IllegalArgumentException.class)
public void deserializeUserWithNoClassIdInAuthoritiesTest() throws IOException { public void deserializeUserWithNoClassIdInAuthoritiesTest() throws Exception {
String userJson = "{\"@class\": \"org.springframework.security.core.userdetails.User\", " + ObjectMapper mapper = buildObjectMapper();
"\"username\": \"user\", \"password\": \"pass\", \"accountNonExpired\": false, " + String userJson = USER_JSON.replace(SimpleGrantedAuthorityMixinTests.AUTHORITIES_SET_JSON, "[{\"authority\": \"ROLE_USER\"}]");
"\"accountNonLocked\": false, \"credentialsNonExpired\": false, \"enabled\": false, " + mapper.readValue(userJson, User.class);
"\"authorities\": [{\"authority\": \"ROLE_USER\"}]}";
buildObjectMapper().readValue(userJson, User.class);
} }
@Test @Test
public void deserializeUserWithClassIdInAuthoritiesTest() throws IOException { public void deserializeUserWithClassIdInAuthoritiesTest() throws IOException {
User user = buildObjectMapper().readValue(String.format(userWithAuthoritiesJson, "\"1234\""), User.class); User user = buildObjectMapper().readValue(userJson(), User.class);
assertThat(user).isNotNull(); assertThat(user).isNotNull();
assertThat(user.getUsername()).isEqualTo("admin"); assertThat(user.getUsername()).isEqualTo("admin");
assertThat(user.getPassword()).isEqualTo("1234"); assertThat(user.getPassword()).isEqualTo("1234");
assertThat(user.getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); assertThat(user.getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER"));
} }
private String removeNode(String json, ObjectMapper mapper, String toRemove) throws Exception {
ObjectNode node = mapper.getFactory().createParser(json).readValueAsTree();
node.remove(toRemove);
String result = mapper.writeValueAsString(node);
JSONAssert.assertNotEquals(json, result, false);
return result;
}
public static String userJson() {
return USER_JSON;
}
public static String userWithPasswordJson(String password) {
return userJson().replaceAll(Pattern.quote(USER_PASSWORD), "\""+ password +"\"");
}
public static String userWithNoAuthoritiesJson() {
return userJson().replace(SimpleGrantedAuthorityMixinTests.AUTHORITIES_SET_JSON, SimpleGrantedAuthorityMixinTests.NO_AUTHORITIES_SET_JSON);
}
} }

78
core/src/test/java/org/springframework/security/jackson2/UsernamePasswordAuthenticationTokenMixinTests.java
Unescape View File

@ -16,19 +16,18 @@
package org.springframework.security.jackson2; package org.springframework.security.jackson2;
import java.io.IOException;
import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import org.json.JSONException; import org.json.JSONException;
import org.junit.Test; import org.junit.Test;
import org.skyscreamer.jsonassert.JSONAssert; import org.skyscreamer.jsonassert.JSONAssert;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.User;
import java.io.IOException;
import java.util.Collections;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
/** /**
@ -36,40 +35,46 @@ import static org.assertj.core.api.Assertions.assertThat;
* @since 4.2 * @since 4.2
*/ */
public class UsernamePasswordAuthenticationTokenMixinTests extends AbstractMixinTests { public class UsernamePasswordAuthenticationTokenMixinTests extends AbstractMixinTests {
// @formatter:off
private static final String AUTHENTICATED_JSON = "{"
+ "\"@class\": \"org.springframework.security.authentication.UsernamePasswordAuthenticationToken\","
+ "\"principal\": "+ UserDeserializerTests.USER_JSON + ", "
+ "\"credentials\": \"1234\", "
+ "\"authenticated\": true, "
+ "\"details\": null, "
+ "\"authorities\": "+ SimpleGrantedAuthorityMixinTests.AUTHORITIES_ARRAYLIST_JSON
+ "}";
// @formatter:on
String unauthenticatedTokenWithoutUserPrincipal = "{\"@class\": \"org.springframework.security.authentication.UsernamePasswordAuthenticationToken\"," + // @formatter:off
" \"principal\": \"user1\", \"credentials\": \"password\", \"authenticated\": false, \"details\": null, " + public static final String AUTHENTICATED_STRINGPRINCIPAL_JSON = AUTHENTICATED_JSON.replace( UserDeserializerTests.USER_JSON, "\"admin\"");
"\"authorities\": [\"java.util.ArrayList\", []]}"; // @formatter:on
String authenticatedTokenWithoutUserPrincipal = "{\"@class\": \"org.springframework.security.authentication.UsernamePasswordAuthenticationToken\"," + // @formatter:off
" \"principal\": \"user1\", \"credentials\": \"password\", \"authenticated\": true, \"details\": null, " + private static final String UNAUTHENTICATED_STRINGPRINCIPAL_JSON = AUTHENTICATED_STRINGPRINCIPAL_JSON
"\"authorities\": [\"java.util.ArrayList\", [{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]}"; .replace("\"authenticated\": true, ", "\"authenticated\": false, ")
.replace(SimpleGrantedAuthorityMixinTests.AUTHORITIES_ARRAYLIST_JSON, SimpleGrantedAuthorityMixinTests.NO_AUTHORITIES_ARRAYLIST_JSON);
String authenticatedTokenWithUserPrincipal = "{\"@class\": \"org.springframework.security.authentication.UsernamePasswordAuthenticationToken\"," + // @formatter:on
"\"principal\": {\"@class\": \"org.springframework.security.core.userdetails.User\", \"username\": \"user\", \"password\": %s, \"accountNonExpired\": true, \"enabled\": true, " +
"\"accountNonLocked\": true, \"credentialsNonExpired\": true, \"authorities\": [\"java.util.Collections$UnmodifiableSet\"," +
"[{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]}, \"credentials\": %s," +
"\"details\": null, \"authenticated\": true," +
"\"authorities\": [\"java.util.ArrayList\", [{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]}";
@Test @Test
public void serializeUnauthenticatedUsernamePasswordAuthenticationTokenMixinTest() throws JsonProcessingException, JSONException { public void serializeUnauthenticatedUsernamePasswordAuthenticationTokenMixinTest() throws JsonProcessingException, JSONException {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("user1", "password"); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("admin", "1234");
String serializedJson = buildObjectMapper().writeValueAsString(token); String serializedJson = buildObjectMapper().writeValueAsString(token);
JSONAssert.assertEquals(unauthenticatedTokenWithoutUserPrincipal, serializedJson, true); JSONAssert.assertEquals(UNAUTHENTICATED_STRINGPRINCIPAL_JSON, serializedJson, true);
} }
@Test @Test
public void serializeAuthenticatedUsernamePasswordAuthenticationTokenMixinTest() throws JsonProcessingException, JSONException { public void serializeAuthenticatedUsernamePasswordAuthenticationTokenMixinTest() throws JsonProcessingException, JSONException {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("user1", "password", Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))); User user = createDefaultUser();
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user.getUsername(), user.getPassword(), user.getAuthorities());
String serializedJson = buildObjectMapper().writeValueAsString(token); String serializedJson = buildObjectMapper().writeValueAsString(token);
JSONAssert.assertEquals(authenticatedTokenWithoutUserPrincipal, serializedJson, true); JSONAssert.assertEquals(AUTHENTICATED_STRINGPRINCIPAL_JSON, serializedJson, true);
} }
@Test @Test
public void deserializeUnauthenticatedUsernamePasswordAuthenticationTokenMixinTest() throws IOException, JSONException { public void deserializeUnauthenticatedUsernamePasswordAuthenticationTokenMixinTest() throws IOException, JSONException {
UsernamePasswordAuthenticationToken token = buildObjectMapper() UsernamePasswordAuthenticationToken token = buildObjectMapper()
.readValue(unauthenticatedTokenWithoutUserPrincipal, UsernamePasswordAuthenticationToken.class); .readValue(UNAUTHENTICATED_STRINGPRINCIPAL_JSON, UsernamePasswordAuthenticationToken.class);
assertThat(token).isNotNull(); assertThat(token).isNotNull();
assertThat(token.isAuthenticated()).isEqualTo(false); assertThat(token.isAuthenticated()).isEqualTo(false);
assertThat(token.getAuthorities()).isNotNull().hasSize(0); assertThat(token.getAuthorities()).isNotNull().hasSize(0);
@ -77,27 +82,26 @@ public class UsernamePasswordAuthenticationTokenMixinTests extends AbstractMixin
@Test @Test
public void deserializeAuthenticatedUsernamePasswordAuthenticationTokenMixinTest() throws IOException { public void deserializeAuthenticatedUsernamePasswordAuthenticationTokenMixinTest() throws IOException {
UsernamePasswordAuthenticationToken expectedToken = createToken();
UsernamePasswordAuthenticationToken token = buildObjectMapper() UsernamePasswordAuthenticationToken token = buildObjectMapper()
.readValue(authenticatedTokenWithoutUserPrincipal, UsernamePasswordAuthenticationToken.class); .readValue(AUTHENTICATED_STRINGPRINCIPAL_JSON, UsernamePasswordAuthenticationToken.class);
assertThat(token).isNotNull(); assertThat(token).isNotNull();
assertThat(token.isAuthenticated()).isEqualTo(true); assertThat(token.isAuthenticated()).isTrue();
assertThat(token.getAuthorities()).isNotNull().hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); assertThat(token.getAuthorities()).isEqualTo(expectedToken.getAuthorities());
} }
@Test @Test
public void serializeAuthenticatedUsernamePasswordAuthenticationTokenMixinWithUserTest() throws JsonProcessingException, JSONException { public void serializeAuthenticatedUsernamePasswordAuthenticationTokenMixinWithUserTest() throws JsonProcessingException, JSONException {
GrantedAuthority authority = new SimpleGrantedAuthority("ROLE_USER"); UsernamePasswordAuthenticationToken token = createToken();
User user = new User("user", "password", Collections.singleton(authority));
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user, "password", Collections.singleton(authority));
String actualJson = buildObjectMapper().writeValueAsString(token); String actualJson = buildObjectMapper().writeValueAsString(token);
JSONAssert.assertEquals(String.format(authenticatedTokenWithUserPrincipal, "password", "password"), actualJson, true); JSONAssert.assertEquals(AUTHENTICATED_JSON, actualJson, true);
} }
@Test @Test
public void deserializeAuthenticatedUsernamePasswordAuthenticationTokenWithUserTest() throws IOException { public void deserializeAuthenticatedUsernamePasswordAuthenticationTokenWithUserTest() throws IOException {
ObjectMapper mapper = buildObjectMapper(); ObjectMapper mapper = buildObjectMapper();
UsernamePasswordAuthenticationToken token = mapper UsernamePasswordAuthenticationToken token = mapper
.readValue(String.format(authenticatedTokenWithUserPrincipal, "\"password\"", "\"password\""), UsernamePasswordAuthenticationToken.class); .readValue(AUTHENTICATED_JSON, UsernamePasswordAuthenticationToken.class);
assertThat(token).isNotNull(); assertThat(token).isNotNull();
assertThat(token.getPrincipal()).isNotNull().isInstanceOf(User.class); assertThat(token.getPrincipal()).isNotNull().isInstanceOf(User.class);
assertThat(((User)token.getPrincipal()).getAuthorities()).isNotNull().hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); assertThat(((User)token.getPrincipal()).getAuthorities()).isNotNull().hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER"));
@ -107,11 +111,15 @@ public class UsernamePasswordAuthenticationTokenMixinTests extends AbstractMixin
@Test @Test
public void serializeAuthenticatedUsernamePasswordAuthenticationTokenMixinAfterEraseCredentialInvoked() throws JsonProcessingException, JSONException { public void serializeAuthenticatedUsernamePasswordAuthenticationTokenMixinAfterEraseCredentialInvoked() throws JsonProcessingException, JSONException {
GrantedAuthority authority = new SimpleGrantedAuthority("ROLE_USER"); UsernamePasswordAuthenticationToken token = createToken();
User user = new User("user", "password", Collections.singleton(authority));
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user, "password", Collections.singleton(authority));
token.eraseCredentials(); token.eraseCredentials();
String actualJson = buildObjectMapper().writeValueAsString(token); String actualJson = buildObjectMapper().writeValueAsString(token);
JSONAssert.assertEquals(String.format(authenticatedTokenWithUserPrincipal, "null", "null"), actualJson, true); JSONAssert.assertEquals(AUTHENTICATED_JSON.replaceAll(UserDeserializerTests.USER_PASSWORD, "null"), actualJson, true);
}
private UsernamePasswordAuthenticationToken createToken() {
User user = createDefaultUser();
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user, user.getPassword(), user.getAuthorities());
return token;
} }
} }

20
web/src/test/java/org/springframework/security/web/jackson2/CookieMixinTests.java
Unescape View File

@ -34,8 +34,20 @@ import static org.assertj.core.api.Assertions.assertThat;
*/ */
public class CookieMixinTests { public class CookieMixinTests {
String cookieJson = "{\"@class\": \"javax.servlet.http.Cookie\", \"name\": \"demo\", \"value\": \"cookie1\"," + // @formatter:off
"\"comment\": null, \"maxAge\": -1, \"path\": null, \"secure\": false, \"version\": 0, \"isHttpOnly\": false, \"domain\": null}"; private static final String COOKIE_JSON = "{"
+ "\"@class\": \"javax.servlet.http.Cookie\", "
+ "\"name\": \"demo\", "
+ "\"value\": \"cookie1\","
+ "\"comment\": null, "
+ "\"maxAge\": -1, "
+ "\"path\": null, "
+ "\"secure\": false, "
+ "\"version\": 0, "
+ "\"isHttpOnly\": false, "
+ "\"domain\": null"
+ "}";
// @formatter:on
ObjectMapper buildObjectMapper() { ObjectMapper buildObjectMapper() {
ObjectMapper mapper = new ObjectMapper(); ObjectMapper mapper = new ObjectMapper();
@ -48,12 +60,12 @@ public class CookieMixinTests {
public void serializeCookie() throws JsonProcessingException, JSONException { public void serializeCookie() throws JsonProcessingException, JSONException {
Cookie cookie = new Cookie("demo", "cookie1"); Cookie cookie = new Cookie("demo", "cookie1");
String actualString = buildObjectMapper().writeValueAsString(cookie); String actualString = buildObjectMapper().writeValueAsString(cookie);
JSONAssert.assertEquals(cookieJson, actualString, true); JSONAssert.assertEquals(COOKIE_JSON, actualString, true);
} }
@Test @Test
public void deserializeCookie() throws IOException { public void deserializeCookie() throws IOException {
Cookie cookie = buildObjectMapper().readValue(cookieJson, Cookie.class); Cookie cookie = buildObjectMapper().readValue(COOKIE_JSON, Cookie.class);
assertThat(cookie).isNotNull(); assertThat(cookie).isNotNull();
assertThat(cookie.getName()).isEqualTo("demo"); assertThat(cookie.getName()).isEqualTo("demo");
assertThat(cookie.getDomain()).isEqualTo(""); assertThat(cookie.getDomain()).isEqualTo("");

17
web/src/test/java/org/springframework/security/web/jackson2/DefaultCsrfTokenMixinTests.java
Unescape View File

@ -38,27 +38,34 @@ import static org.assertj.core.api.Assertions.assertThat;
public class DefaultCsrfTokenMixinTests { public class DefaultCsrfTokenMixinTests {
ObjectMapper objectMapper; ObjectMapper objectMapper;
String defaultCsrfTokenJson;
// @formatter:off
public static final String CSRF_JSON = "{"
+ "\"@class\": \"org.springframework.security.web.csrf.DefaultCsrfToken\", "
+ "\"headerName\": \"csrf-header\", "
+ "\"parameterName\": \"_csrf\", "
+ "\"token\": \"1\""
+ "}";
// @formatter:on
@Before @Before
public void setup() { public void setup() {
objectMapper = new ObjectMapper(); objectMapper = new ObjectMapper();
ClassLoader loader = getClass().getClassLoader(); ClassLoader loader = getClass().getClassLoader();
objectMapper.registerModules(SecurityJacksonModules.getModules(loader)); objectMapper.registerModules(SecurityJacksonModules.getModules(loader));
defaultCsrfTokenJson = "{\"@class\": \"org.springframework.security.web.csrf.DefaultCsrfToken\", " +
"\"headerName\": \"csrf-header\", \"parameterName\": \"_csrf\", \"token\": \"1\"}";
} }
@Test @Test
public void defaultCsrfTokenSerializedTest() throws JsonProcessingException, JSONException { public void defaultCsrfTokenSerializedTest() throws JsonProcessingException, JSONException {
DefaultCsrfToken token = new DefaultCsrfToken("csrf-header", "_csrf", "1"); DefaultCsrfToken token = new DefaultCsrfToken("csrf-header", "_csrf", "1");
String serializedJson = objectMapper.writeValueAsString(token); String serializedJson = objectMapper.writeValueAsString(token);
JSONAssert.assertEquals(defaultCsrfTokenJson, serializedJson, true); JSONAssert.assertEquals(CSRF_JSON, serializedJson, true);
} }
@Test @Test
public void defaultCsrfTokenDeserializeTest() throws IOException { public void defaultCsrfTokenDeserializeTest() throws IOException {
DefaultCsrfToken token = objectMapper.readValue(defaultCsrfTokenJson, DefaultCsrfToken.class); DefaultCsrfToken token = objectMapper.readValue(CSRF_JSON, DefaultCsrfToken.class);
assertThat(token).isNotNull(); assertThat(token).isNotNull();
assertThat(token.getHeaderName()).isEqualTo("csrf-header"); assertThat(token.getHeaderName()).isEqualTo("csrf-header");
assertThat(token.getParameterName()).isEqualTo("_csrf"); assertThat(token.getParameterName()).isEqualTo("_csrf");

57
web/src/test/java/org/springframework/security/web/jackson2/DefaultSavedRequestMixinTests.java
Unescape View File

@ -16,6 +16,12 @@
package org.springframework.security.web.jackson2; package org.springframework.security.web.jackson2;
import java.io.IOException;
import java.util.Collections;
import java.util.Locale;
import javax.servlet.http.Cookie;
import org.json.JSONException; import org.json.JSONException;
import org.junit.Test; import org.junit.Test;
import org.skyscreamer.jsonassert.JSONAssert; import org.skyscreamer.jsonassert.JSONAssert;
@ -25,11 +31,6 @@ import org.springframework.security.web.PortResolverImpl;
import org.springframework.security.web.savedrequest.DefaultSavedRequest; import org.springframework.security.web.savedrequest.DefaultSavedRequest;
import org.springframework.security.web.savedrequest.SavedCookie; import org.springframework.security.web.savedrequest.SavedCookie;
import javax.servlet.http.Cookie;
import java.io.IOException;
import java.util.Collections;
import java.util.Locale;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
/** /**
@ -38,12 +39,40 @@ import static org.assertj.core.api.Assertions.assertThat;
*/ */
public class DefaultSavedRequestMixinTests extends AbstractMixinTests { public class DefaultSavedRequestMixinTests extends AbstractMixinTests {
String defaultSavedRequestJson = "{" +
"\"@class\": \"org.springframework.security.web.savedrequest.DefaultSavedRequest\", \"cookies\": [\"java.util.ArrayList\", [{\"@class\": \"org.springframework.security.web.savedrequest.SavedCookie\", \"name\": \"SESSION\", \"value\": \"123456789\", \"comment\": null, \"maxAge\": -1, \"path\": null, \"secure\":false, \"version\": 0, \"domain\": null}]]," + // @formatter:off
"\"locales\": [\"java.util.ArrayList\", [\"en\"]], \"headers\": {\"@class\": \"java.util.TreeMap\", \"x-auth-token\": [\"java.util.ArrayList\", [\"12\"]]}, \"parameters\": {\"@class\": \"java.util.TreeMap\"}," + private static final String COOKIES_JSON = "[\"java.util.ArrayList\", [{"
"\"contextPath\": \"\", \"method\": \"\", \"pathInfo\": null, \"queryString\": null, \"requestURI\": \"\", \"requestURL\": \"http://localhost\", \"scheme\": \"http\", " + + "\"@class\": \"org.springframework.security.web.savedrequest.SavedCookie\", "
"\"serverName\": \"localhost\", \"servletPath\": \"\", \"serverPort\": 80"+ + "\"name\": \"SESSION\", "
"}"; + "\"value\": \"123456789\", "
+ "\"comment\": null, "
+ "\"maxAge\": -1, "
+ "\"path\": null, "
+ "\"secure\":false, "
+ "\"version\": 0, "
+ "\"domain\": null"
+ "}]]";
// @formatter:on
// @formatter:off
private static final String REQUEST_JSON = "{" +
"\"@class\": \"org.springframework.security.web.savedrequest.DefaultSavedRequest\", "
+ "\"cookies\": "+ COOKIES_JSON +","
+ "\"locales\": [\"java.util.ArrayList\", [\"en\"]], "
+ "\"headers\": {\"@class\": \"java.util.TreeMap\", \"x-auth-token\": [\"java.util.ArrayList\", [\"12\"]]}, "
+ "\"parameters\": {\"@class\": \"java.util.TreeMap\"},"
+ "\"contextPath\": \"\", "
+ "\"method\": \"\", "
+ "\"pathInfo\": null, "
+ "\"queryString\": null, "
+ "\"requestURI\": \"\", "
+ "\"requestURL\": \"http://localhost\", "
+ "\"scheme\": \"http\", "
+ "\"serverName\": \"localhost\", "
+ "\"servletPath\": \"\", "
+ "\"serverPort\": 80"
+ "}";
// @formatter:on
@Test @Test
public void matchRequestBuildWithConstructorAndBuilder() { public void matchRequestBuildWithConstructorAndBuilder() {
@ -66,7 +95,7 @@ public class DefaultSavedRequestMixinTests extends AbstractMixinTests {
request.setCookies(new Cookie("SESSION", "123456789")); request.setCookies(new Cookie("SESSION", "123456789"));
request.addHeader("x-auth-token", "12"); request.addHeader("x-auth-token", "12");
String actualString = buildObjectMapper().writerWithDefaultPrettyPrinter().writeValueAsString(new DefaultSavedRequest(request, new PortResolverImpl())); String actualString = buildObjectMapper().writerWithDefaultPrettyPrinter().writeValueAsString(new DefaultSavedRequest(request, new PortResolverImpl()));
JSONAssert.assertEquals(defaultSavedRequestJson, actualString, true); JSONAssert.assertEquals(REQUEST_JSON, actualString, true);
} }
@Test @Test
@ -78,12 +107,12 @@ public class DefaultSavedRequestMixinTests extends AbstractMixinTests {
.setLocales(Collections.singletonList(new Locale("en"))).setContextPath("").setMethod("") .setLocales(Collections.singletonList(new Locale("en"))).setContextPath("").setMethod("")
.setServletPath("").build(); .setServletPath("").build();
String actualString = buildObjectMapper().writerWithDefaultPrettyPrinter().writeValueAsString(request); String actualString = buildObjectMapper().writerWithDefaultPrettyPrinter().writeValueAsString(request);
JSONAssert.assertEquals(defaultSavedRequestJson, actualString, true); JSONAssert.assertEquals(REQUEST_JSON, actualString, true);
} }
@Test @Test
public void deserializeDefaultSavedRequest() throws IOException { public void deserializeDefaultSavedRequest() throws IOException {
DefaultSavedRequest request = (DefaultSavedRequest) buildObjectMapper().readValue(defaultSavedRequestJson, Object.class); DefaultSavedRequest request = (DefaultSavedRequest) buildObjectMapper().readValue(REQUEST_JSON, Object.class);
assertThat(request).isNotNull(); assertThat(request).isNotNull();
assertThat(request.getCookies()).hasSize(1); assertThat(request.getCookies()).hasSize(1);
assertThat(request.getLocales()).hasSize(1).contains(new Locale("en")); assertThat(request.getLocales()).hasSize(1).contains(new Locale("en"));

66
web/src/test/java/org/springframework/security/web/jackson2/SavedCookieMixinTests.java
Unescape View File

@ -16,20 +16,21 @@
package org.springframework.security.web.jackson2; package org.springframework.security.web.jackson2;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.http.Cookie;
import com.fasterxml.jackson.annotation.JsonAutoDetect; import com.fasterxml.jackson.annotation.JsonAutoDetect;
import com.fasterxml.jackson.annotation.PropertyAccessor; import com.fasterxml.jackson.annotation.PropertyAccessor;
import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import org.json.JSONException; import org.json.JSONException;
import org.junit.Before;
import org.junit.Test; import org.junit.Test;
import org.skyscreamer.jsonassert.JSONAssert; import org.skyscreamer.jsonassert.JSONAssert;
import org.springframework.security.web.savedrequest.SavedCookie;
import javax.servlet.http.Cookie; import org.springframework.security.web.savedrequest.SavedCookie;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
@ -37,59 +38,66 @@ import static org.assertj.core.api.Assertions.assertThat;
* @author Jitendra Singh. * @author Jitendra Singh.
*/ */
public class SavedCookieMixinTests extends AbstractMixinTests { public class SavedCookieMixinTests extends AbstractMixinTests {
// @formatter:off
private static final String COOKIE_JSON = "{"
+ "\"@class\": \"org.springframework.security.web.savedrequest.SavedCookie\", "
+ "\"name\": \"SESSION\", "
+ "\"value\": \"123456789\", "
+ "\"comment\": null, "
+ "\"maxAge\": -1, "
+ "\"path\": null, "
+ "\"secure\":false, "
+ "\"version\": 0, "
+ "\"domain\": null"
+ "}";
// @formatter:on
private String expectedSavedCookieJson; // @formatter:off
private static final String COOKIES_JSON = "[\"java.util.ArrayList\", ["
@Before + COOKIE_JSON
public void setup() { + "]]";
expectedSavedCookieJson = "{\"@class\": \"org.springframework.security.web.savedrequest.SavedCookie\", " + // @formatter:on
"\"name\": \"session\", \"value\": \"123456\", \"comment\": null, \"domain\": null, \"maxAge\": -1, " +
"\"path\": null, \"secure\": false, \"version\": 0}";
}
@Test @Test
public void serializeWithDefaultConfigurationTest() throws JsonProcessingException, JSONException { public void serializeWithDefaultConfigurationTest() throws JsonProcessingException, JSONException {
SavedCookie savedCookie = new SavedCookie(new Cookie("session", "123456")); SavedCookie savedCookie = new SavedCookie(new Cookie("SESSION", "123456789"));
String actualJson = buildObjectMapper().writeValueAsString(savedCookie); String actualJson = buildObjectMapper().writeValueAsString(savedCookie);
JSONAssert.assertEquals(expectedSavedCookieJson, actualJson, true); JSONAssert.assertEquals(COOKIE_JSON, actualJson, true);
} }
@Test @Test
public void serializeWithOverrideConfigurationTest() throws JsonProcessingException, JSONException { public void serializeWithOverrideConfigurationTest() throws JsonProcessingException, JSONException {
SavedCookie savedCookie = new SavedCookie(new Cookie("session", "123456")); SavedCookie savedCookie = new SavedCookie(new Cookie("SESSION", "123456789"));
ObjectMapper mapper = buildObjectMapper(); ObjectMapper mapper = buildObjectMapper();
mapper.setVisibility(PropertyAccessor.FIELD, JsonAutoDetect.Visibility.PUBLIC_ONLY) mapper.setVisibility(PropertyAccessor.FIELD, JsonAutoDetect.Visibility.PUBLIC_ONLY)
.setVisibility(PropertyAccessor.GETTER, JsonAutoDetect.Visibility.ANY); .setVisibility(PropertyAccessor.GETTER, JsonAutoDetect.Visibility.ANY);
String actualJson = mapper.writeValueAsString(savedCookie); String actualJson = mapper.writeValueAsString(savedCookie);
JSONAssert.assertEquals(expectedSavedCookieJson, actualJson, true); JSONAssert.assertEquals(COOKIE_JSON, actualJson, true);
} }
@Test @Test
public void serializeSavedCookieWithList() throws JsonProcessingException, JSONException { public void serializeSavedCookieWithList() throws JsonProcessingException, JSONException {
List<SavedCookie> savedCookies = new ArrayList<SavedCookie>(); List<SavedCookie> savedCookies = new ArrayList<SavedCookie>();
savedCookies.add(new SavedCookie(new Cookie("session", "123456"))); savedCookies.add(new SavedCookie(new Cookie("SESSION", "123456789")));
String expectedJson = String.format("[\"java.util.ArrayList\", [%s]]", expectedSavedCookieJson);
String actualJson = buildObjectMapper().writeValueAsString(savedCookies); String actualJson = buildObjectMapper().writeValueAsString(savedCookies);
JSONAssert.assertEquals(expectedJson, actualJson, true); JSONAssert.assertEquals(COOKIES_JSON, actualJson, true);
} }
@Test @Test
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
public void deserializeSavedCookieWithList() throws IOException, JSONException { public void deserializeSavedCookieWithList() throws IOException, JSONException {
String expectedJson = String.format("[\"java.util.ArrayList\", [%s]]", expectedSavedCookieJson); List<SavedCookie> savedCookies = (List<SavedCookie>)buildObjectMapper().readValue(COOKIES_JSON, Object.class);
List<SavedCookie> savedCookies = (List<SavedCookie>)buildObjectMapper().readValue(expectedJson, Object.class);
assertThat(savedCookies).isNotNull().hasSize(1); assertThat(savedCookies).isNotNull().hasSize(1);
assertThat(savedCookies.get(0).getName()).isEqualTo("session"); assertThat(savedCookies.get(0).getName()).isEqualTo("SESSION");
assertThat(savedCookies.get(0).getValue()).isEqualTo("123456"); assertThat(savedCookies.get(0).getValue()).isEqualTo("123456789");
} }
@Test @Test
public void deserializeSavedCookieJsonTest() throws IOException { public void deserializeSavedCookieJsonTest() throws IOException {
SavedCookie savedCookie = (SavedCookie) buildObjectMapper().readValue(expectedSavedCookieJson, Object.class); SavedCookie savedCookie = (SavedCookie) buildObjectMapper().readValue(COOKIE_JSON, Object.class);
assertThat(savedCookie).isNotNull(); assertThat(savedCookie).isNotNull();
assertThat(savedCookie.getName()).isEqualTo("session"); assertThat(savedCookie.getName()).isEqualTo("SESSION");
assertThat(savedCookie.getValue()).isEqualTo("123456"); assertThat(savedCookie.getValue()).isEqualTo("123456789");
assertThat(savedCookie.isSecure()).isEqualTo(false); assertThat(savedCookie.isSecure()).isEqualTo(false);
assertThat(savedCookie.getVersion()).isEqualTo(0); assertThat(savedCookie.getVersion()).isEqualTo(0);
assertThat(savedCookie.getComment()).isNull(); assertThat(savedCookie.getComment()).isNull();

17
web/src/test/java/org/springframework/security/web/jackson2/WebAuthenticationDetailsMixinTests.java
Unescape View File

@ -39,8 +39,15 @@ import static org.assertj.core.api.Assertions.assertThat;
public class WebAuthenticationDetailsMixinTests { public class WebAuthenticationDetailsMixinTests {
ObjectMapper mapper; ObjectMapper mapper;
String webAuthenticationDetailsJson = "{\"@class\": \"org.springframework.security.web.authentication.WebAuthenticationDetails\","
+ "\"sessionId\": \"1\", \"remoteAddress\": \"/localhost\"}"; // @formatter:off
private static final String AUTHENTICATION_DETAILS_JSON = "{"
+ "\"@class\": \"org.springframework.security.web.authentication.WebAuthenticationDetails\","
+ "\"sessionId\": \"1\", "
+ "\"remoteAddress\": "
+ "\"/localhost\""
+ "}";
// @formatter:on
@Before @Before
public void setup() { public void setup() {
@ -58,7 +65,7 @@ public class WebAuthenticationDetailsMixinTests {
WebAuthenticationDetails details = new WebAuthenticationDetails(request); WebAuthenticationDetails details = new WebAuthenticationDetails(request);
WebAuthenticationDetails authenticationDetails = this.mapper.readValue(webAuthenticationDetailsJson, WebAuthenticationDetails authenticationDetails = this.mapper.readValue(AUTHENTICATION_DETAILS_JSON,
WebAuthenticationDetails.class); WebAuthenticationDetails.class);
assertThat(details.equals(authenticationDetails)); assertThat(details.equals(authenticationDetails));
} }
@ -71,13 +78,13 @@ public class WebAuthenticationDetailsMixinTests {
request.setSession(new MockHttpSession(null, "1")); request.setSession(new MockHttpSession(null, "1"));
WebAuthenticationDetails details = new WebAuthenticationDetails(request); WebAuthenticationDetails details = new WebAuthenticationDetails(request);
String actualJson = this.mapper.writeValueAsString(details); String actualJson = this.mapper.writeValueAsString(details);
JSONAssert.assertEquals(webAuthenticationDetailsJson, actualJson, true); JSONAssert.assertEquals(AUTHENTICATION_DETAILS_JSON, actualJson, true);
} }
@Test @Test
public void webAuthenticationDetailsDeserializeTest() public void webAuthenticationDetailsDeserializeTest()
throws IOException, JSONException { throws IOException, JSONException {
WebAuthenticationDetails details = this.mapper.readValue(webAuthenticationDetailsJson, WebAuthenticationDetails details = this.mapper.readValue(AUTHENTICATION_DETAILS_JSON,
WebAuthenticationDetails.class); WebAuthenticationDetails.class);
assertThat(details).isNotNull(); assertThat(details).isNotNull();
assertThat(details.getRemoteAddress()).isEqualTo("/localhost"); assertThat(details.getRemoteAddress()).isEqualTo("/localhost");

Write Preview
Loading…
Cancel
Save