Add Default Test to HttpBasicConfigurerTests

Issue gh-10973
4 years ago · be434e1540
1 changed files with 57 additions and 0 deletions
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurerTests.java
@ -24,6 +24,7 @@ import org.junit.jupiter.api.extension.ExtendWith;
				@@ -24,6 +24,7 @@ import org.junit.jupiter.api.extension.ExtendWith;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.ObjectPostProcessor;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@ -32,13 +33,19 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
				@@ -32,13 +33,19 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 import org.springframework.security.config.test.SpringTestContext;
 import org.springframework.security.config.test.SpringTestContextExtension;
 import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;

 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.mock;
@ -47,6 +54,7 @@ import static org.mockito.Mockito.verify;
				@@ -47,6 +54,7 @@ import static org.mockito.Mockito.verify;
 import static org.springframework.security.config.Customizer.withDefaults;
 import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.cookie;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
@ -117,6 +125,13 @@ public class HttpBasicConfigurerTests {
				@@ -117,6 +125,13 @@ public class HttpBasicConfigurerTests {
 		this.mvc.perform(rememberMeRequest).andExpect(cookie().exists("remember-me"));
 	}

+	@Test
+	public void httpBasicWhenDefaultsThenAcceptsBasicCredentials() throws Exception {
+		this.spring.register(HttpBasic.class, Users.class, Home.class).autowire();
+		this.mvc.perform(get("/").with(httpBasic("user", "password"))).andExpect(status().isOk())
+				.andExpect(content().string("user"));
+	}
+
 	@EnableWebSecurity
 	static class ObjectPostProcessorConfig extends WebSecurityConfigurerAdapter {

@ -268,6 +283,37 @@ public class HttpBasicConfigurerTests {
				@@ -268,6 +283,37 @@ public class HttpBasicConfigurerTests {
 		@Override
 		@Bean
 		public UserDetailsService userDetailsService() {
+			return new InMemoryUserDetailsManager(
+			// @formatter:off
+					org.springframework.security.core.userdetails.User.withDefaultPasswordEncoder()
+							.username("user")
+							.password("password")
+							.roles("USER")
+							.build()
+					// @formatter:on
+			);
+		}
+
+	}
+
+	@EnableWebSecurity
+	static class HttpBasic {
+
+		@Bean
+		SecurityFilterChain web(HttpSecurity http) throws Exception {
+			http.authorizeHttpRequests((authorize) -> authorize.anyRequest().authenticated())
+					.httpBasic(Customizer.withDefaults());
+
+			return http.build();
+		}
+
+	}
+
+	@Configuration
+	static class Users {
+
+		@Bean
+		UserDetailsService userDetailsService() {
 			return new InMemoryUserDetailsManager(
 			// @formatter:off
 					User.withDefaultPasswordEncoder()
@ -281,4 +327,15 @@ public class HttpBasicConfigurerTests {
				@@ -281,4 +327,15 @@ public class HttpBasicConfigurerTests {

 	}

+	@EnableWebMvc
+	@RestController
+	static class Home {
+
+		@GetMapping("/")
+		String home(@AuthenticationPrincipal UserDetails user) {
+			return user.getUsername();
+		}
+
+	}
+
 }