You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
119 lines
2.7 KiB
119 lines
2.7 KiB
= Testing Authentication |
|
|
|
After xref:reactive/test/web/setup.adoc[applying the Spring Security support to `WebTestClient`], we can use either annotations or `mutateWith` support -- for example: |
|
|
|
[tabs] |
|
====== |
|
Java:: |
|
+ |
|
[source,java,role="primary"] |
|
---- |
|
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockUser; |
|
|
|
@Test |
|
public void messageWhenNotAuthenticated() throws Exception { |
|
this.rest |
|
.get() |
|
.uri("/message") |
|
.exchange() |
|
.expectStatus().isUnauthorized(); |
|
} |
|
|
|
// --- WithMockUser --- |
|
|
|
@Test |
|
@WithMockUser |
|
public void messageWhenWithMockUserThenForbidden() throws Exception { |
|
this.rest |
|
.get() |
|
.uri("/message") |
|
.exchange() |
|
.expectStatus().isEqualTo(HttpStatus.FORBIDDEN); |
|
} |
|
|
|
@Test |
|
@WithMockUser(roles = "ADMIN") |
|
public void messageWhenWithMockAdminThenOk() throws Exception { |
|
this.rest |
|
.get() |
|
.uri("/message") |
|
.exchange() |
|
.expectStatus().isOk() |
|
.expectBody(String.class).isEqualTo("Hello World!"); |
|
} |
|
|
|
// --- mutateWith mockUser --- |
|
|
|
@Test |
|
public void messageWhenMutateWithMockUserThenForbidden() throws Exception { |
|
this.rest |
|
.mutateWith(mockUser()) |
|
.get() |
|
.uri("/message") |
|
.exchange() |
|
.expectStatus().isEqualTo(HttpStatus.FORBIDDEN); |
|
} |
|
|
|
@Test |
|
public void messageWhenMutateWithMockAdminThenOk() throws Exception { |
|
this.rest |
|
.mutateWith(mockUser().roles("ADMIN")) |
|
.get() |
|
.uri("/message") |
|
.exchange() |
|
.expectStatus().isOk() |
|
.expectBody(String.class).isEqualTo("Hello World!"); |
|
} |
|
---- |
|
|
|
Kotlin:: |
|
+ |
|
[source,kotlin,role="secondary"] |
|
---- |
|
import org.springframework.test.web.reactive.server.expectBody |
|
import org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockUser |
|
|
|
//... |
|
|
|
@Test |
|
@WithMockUser |
|
fun messageWhenWithMockUserThenForbidden() { |
|
this.rest.get().uri("/message") |
|
.exchange() |
|
.expectStatus().isEqualTo(HttpStatus.FORBIDDEN) |
|
} |
|
|
|
@Test |
|
@WithMockUser(roles = ["ADMIN"]) |
|
fun messageWhenWithMockAdminThenOk() { |
|
this.rest.get().uri("/message") |
|
.exchange() |
|
.expectStatus().isOk |
|
.expectBody<String>().isEqualTo("Hello World!") |
|
|
|
} |
|
|
|
// --- mutateWith mockUser --- |
|
|
|
@Test |
|
fun messageWhenMutateWithMockUserThenForbidden() { |
|
this.rest |
|
.mutateWith(mockUser()) |
|
.get().uri("/message") |
|
.exchange() |
|
.expectStatus().isEqualTo(HttpStatus.FORBIDDEN) |
|
} |
|
|
|
@Test |
|
fun messageWhenMutateWithMockAdminThenOk() { |
|
this.rest |
|
.mutateWith(mockUser().roles("ADMIN")) |
|
.get().uri("/message") |
|
.exchange() |
|
.expectStatus().isOk |
|
.expectBody<String>().isEqualTo("Hello World!") |
|
} |
|
---- |
|
====== |
|
|
|
In addition to `mockUser()`, Spring Security ships with several other convenience mutators for things like xref:reactive/test/web/csrf.adoc[CSRF] and xref:reactive/test/web/oauth2.adoc[OAuth 2.0].
|
|
|