<dependency>
<groupId>com.sap.cloud.security.xsuaa</groupId>
<artifactId>spring-xsuaa-test</artifactId>
<version>1.5.0</version>
<scope>test</scope>
</dependency>
public class TestingEnvironmentPostProcessor implements EnvironmentPostProcessor, DisposableBean {
public final static String UNIT_TEST_PROFILE = "unit_testing";
private final XsuaaMockWebServer mockAuthorizationServer = new XsuaaMockWebServer();
@Override
public void postProcessEnvironment(ConfigurableEnvironment environment, SpringApplication application) {
if (environment.acceptsProfiles(Profiles.of(UNIT_TEST_PROFILE))) {
// sets a mock-server for xsuaa
environment.getPropertySources().addFirst(this.mockAuthorizationServer);
}
}
@Override
public void destroy() throws Exception {
this.mockAuthorizationServer.destroy();
}
}
src/test/resources/META-INF/spring.factories
#org.springframework.boot.env.EnvironmentPostProcessor=<yourPackage>.<yourEnvironmentPostProcessor>
org.springframework.boot.env.EnvironmentPostProcessor=com.sap.testapp.security.TestingEnvironmentPostProcessor
@ActiveProfiles(profiles = TestingEnvironmentPostProcessor.UNIT_TEST_PROFILE)
xsuaa:
xsappname: testapp-srv
@RunWith(SpringRunner.class)
@SpringBootTest
@ActiveProfiles(profiles = TestingEnvironmentPostProcessor.UNIT_TEST_PROFILE)
public class SomeTestClassIT
private static final String MY_CLIENT_ID = "sb-clientId!20";
private static final String MY_SUBDOMAIN = "my-subaccount-subdomain";
private static final String MY_TENANT= "my tenant";
private JwtGenerator jwtGenerator;
@Autowired
private XsuaaServiceConfiguration xsuaaServiceConfiguration;
@Before
public void beforeEachTest() {
jwtGenerator = new JwtGenerator(MY_CLIENT_ID, MY_SUBDOMAIN, MY_TENANT);
jwtGenerator.addScopes(getGlobalScope("Test"));
}
private String getGlobalScope(String localScope) {
String appId = xsuaaServiceConfiguration.getAppId();
return appId + "." + localScope;
}
private MockMvc mvc;
@Before
public void beforeEachTest() {
mvc = MockMvcBuilders
.webAppContextSetup(context)
.apply(SecurityMockMvcConfigurers.springSecurity())
.build();
}
.apply(SecurityMockMvcConfigurers.springSecurity())
String jwt = jwtGenerator.getTokenForAuthorizationHeader();
MvcResult result = mvc.perform(post("testEndpoint")
.header(HttpHeaders.AUTHORIZATION, jwt)
.contentType(MediaType.APPLICATION_JSON)
.content("some content"))
.andReturn();
@Before
public void setup(){
jwtGenerator = new JwtGenerator(MY_CLIENT_ID, MY_SUBDOMAIN);
jwtGenerator.addScopes(getGlobalScope("Test"));
SpringSecurityContext.init(jwtGenerator.getToken().getTokenValue(), jwtDecoder,
new LocalAuthoritiesExtractor(xsuaaServiceConfiguration.getAppId()));
}
package com.sap.testapp.integrationtests.webcall;
import com.sap.cloud.security.xsuaa.XsuaaServiceConfiguration;
import com.sap.cloud.security.xsuaa.test.JwtGenerator;
import com.sap.testapp.testapplication.configuration.TestingEnvironmentPostProcessor;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.MvcResult;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext;
import static org.assertj.core.api.Assertions.assertThat;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
@RunWith(SpringRunner.class)
@SpringBootTest
@ActiveProfiles(profiles = TestingEnvironmentPostProcessor.UNIT_TEST_PROFILE)
public class SpringIntegrationTestIT {
private static final String MY_CLIENT_ID = "sb-clientId!20";
private static final String MY_SUBDOMAIN = "my-subaccount-subdomain";
private static final String MY_TENANT = "my tenant";
@Autowired
protected WebApplicationContext context;
@Autowired
private XsuaaServiceConfiguration xsuaaServiceConfiguration;
private JwtGenerator jwtGenerator;
private MockMvc mvc;
@Before
public void beforeEachTest() {
jwtGenerator = new JwtGenerator(MY_CLIENT_ID, MY_SUBDOMAIN, MY_TENANT);
jwtGenerator.addScopes(getGlobalScope("Test"));
mvc = MockMvcBuilders
.webAppContextSetup(context)
.apply(SecurityMockMvcConfigurers.springSecurity())
.build();
}
@Test
public void endpointCalled() throws Exception {
String jwt = jwtGenerator.getTokenForAuthorizationHeader();
MvcResult result = executeGetRequest(jwt);
assertThat(result.getResponse().getStatus()).isEqualTo(HttpStatus.OK.value());
}
@Test
public void endpointCalledNotAuthorized() throws Exception {
String jwt = "some failing jwt";
MvcResult result = executeGetRequest(jwt);
assertThat(result.getResponse().getStatus()).isEqualTo(HttpStatus.UNAUTHORIZED.value());
}
private String getGlobalScope(String localScope) {
String appId = xsuaaServiceConfiguration.getAppId();
return appId + "." + localScope;
}
private MvcResult executeGetRequest(String jwt) throws Exception {
return mvc.perform(get("/odata/test")
.header(HttpHeaders.AUTHORIZATION, jwt))
.andReturn();
}
}
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
34 | |
17 | |
16 | |
15 | |
11 | |
9 | |
8 | |
8 | |
8 | |
7 |