Add authenticated().withAuthentication(Consumer<Authentication>)

This allows arbitrary assertions of the authenticated user Fixes: gh-4996
8 years ago · e1a8d250de
3 changed files with 42 additions and 0 deletions
--- a/docs/manual/src/docs/asciidoc/_includes/test.adoc
+++ b/docs/manual/src/docs/asciidoc/_includes/test.adoc
@ -694,6 +694,16 @@ mvc
				@@ -694,6 +694,16 @@ mvc
 	.andExpect(authenticated().withUsername("admin"));
 ----

+We can also make arbitrary assertions on the authentication
+
+[source,java]
+----
+mvc
+	.perform(formLogin())
+	.andExpect(authenticated().withAuthentication(auth ->
+		assertThat(auth).isInstanceOf(UsernamePasswordAuthenticationToken.class)));
+----
+
 [[test-webflux]]
 == WebFlux Support

--- a/test/src/main/java/org/springframework/security/test/web/servlet/response/SecurityMockMvcResultMatchers.java
+++ b/test/src/main/java/org/springframework/security/test/web/servlet/response/SecurityMockMvcResultMatchers.java
@ -17,6 +17,7 @@ package org.springframework.security.test.web.servlet.response;
				@@ -17,6 +17,7 @@ package org.springframework.security.test.web.servlet.response;

 import java.util.ArrayList;
 import java.util.Collection;
+import java.util.function.Consumer;

 import org.springframework.security.authentication.AuthenticationTrustResolver;
 import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
@ -88,6 +89,7 @@ public final class SecurityMockMvcResultMatchers {
				@@ -88,6 +89,7 @@ public final class SecurityMockMvcResultMatchers {
 		private Object expectedAuthenticationPrincipal;
 		private String expectedAuthenticationName;
 		private Collection<? extends GrantedAuthority> expectedGrantedAuthorities;
+		private Consumer<Authentication> assertAuthentication;

 		@Override
 		public void match(MvcResult result) throws Exception {
@ -97,6 +99,10 @@ public final class SecurityMockMvcResultMatchers {
				@@ -97,6 +99,10 @@ public final class SecurityMockMvcResultMatchers {

 			assertTrue("Authentication should not be null", auth != null);

+			if (this.assertAuthentication != null) {
+				this.assertAuthentication.accept(auth);
+			}
+
 			if (this.expectedContext != null) {
 				assertEquals(this.expectedContext + " does not equal " + context,
 						this.expectedContext, context);
@ -140,6 +146,16 @@ public final class SecurityMockMvcResultMatchers {
				@@ -140,6 +146,16 @@ public final class SecurityMockMvcResultMatchers {
 			}
 		}

+		/**
+		 * Allows for any validating the authentication with arbitrary assertions
+		 * @param assesrtAuthentication the Consumer which validates the authentication
+		 * @return the AuthenticatedMatcher to perform additional assertions
+		 */
+		public AuthenticatedMatcher withAuthentication(Consumer<Authentication> assesrtAuthentication) {
+			this.assertAuthentication = assesrtAuthentication;
+			return this;
+		}
+
 		/**
 		 * Specifies the expected username
 		 *
--- a/test/src/test/java/org/springframework/security/test/web/servlet/response/SecurityMockMvcResultMatchersTests.java
+++ b/test/src/test/java/org/springframework/security/test/web/servlet/response/SecurityMockMvcResultMatchersTests.java
@ -21,6 +21,7 @@ import org.junit.runner.RunWith;
				@@ -21,6 +21,7 @@ import org.junit.runner.RunWith;

 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.User;
@ -37,6 +38,7 @@ import org.springframework.web.bind.annotation.RestController;
				@@ -37,6 +38,7 @@ import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.context.WebApplicationContext;
 import org.springframework.web.servlet.config.annotation.EnableWebMvc;

+import static org.assertj.core.api.Assertions.assertThat;
 import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin;
 import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated;
 import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
@ -60,6 +62,20 @@ public class SecurityMockMvcResultMatchersTests {
				@@ -60,6 +62,20 @@ public class SecurityMockMvcResultMatchersTests {
 		// @formatter:on
 	}

+	@Test
+	public void withAuthenticationWhenMatchesThenSuccess() throws Exception {
+		this.mockMvc.perform(formLogin())
+			.andExpect(authenticated().withAuthentication(auth ->
+				assertThat(auth).isInstanceOf(UsernamePasswordAuthenticationToken.class)));
+	}
+
+	@Test(expected = AssertionError.class)
+	public void withAuthenticationWhenNotMatchesThenFails() throws Exception {
+		this.mockMvc
+			.perform(formLogin())
+			.andExpect(authenticated().withAuthentication(auth -> assertThat(auth.getName()).isEqualTo("notmatch")));
+	}
+
 	// SEC-2719
 	@Test
 	public void withRolesNotOrderSensitive() throws Exception {