Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix registration of SecurityExceptionHandling controller advice #802

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Fix registration of SecurityExceptionHandling controller advice #802

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b6fda5e
Move all test classes to a sibling package
xak2000 Aug 10, 2022
3794c35
Fix registration of SecurityExceptionHandling controller advice
xak2000 Aug 10, 2022
2e2364d
Improve testing of configuration of exception handling
xak2000 Aug 10, 2022
239871c
Add test for @ResponseStatus and Content-Type handling
xak2000 Aug 10, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion ...nfigure/src/main/java/org/zalando/problem/spring/web/autoconfigure/ExceptionHandling.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,6 @@

@API(status = INTERNAL)
@ControllerAdvice
final class ExceptionHandling implements ProblemHandling {
public final class ExceptionHandling implements ProblemHandling {

}
2 changes: 1 addition & 1 deletion .../src/main/java/org/zalando/problem/spring/web/autoconfigure/ProblemAutoConfiguration.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ public class ProblemAutoConfiguration {

@Bean
@ConditionalOnMissingBean(AdviceTrait.class)
public AdviceTrait exceptionHandling() {
public ExceptionHandling exceptionHandling() {
return new ExceptionHandling();
}

Expand Down
2 changes: 1 addition & 1 deletion ...g/zalando/problem/spring/web/autoconfigure/security/ProblemSecurityAutoConfiguration.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ public class ProblemSecurityAutoConfiguration {

@Bean
@ConditionalOnMissingBean(AdviceTrait.class)
public AdviceTrait securityExceptionHandling() {
public SecurityExceptionHandling securityExceptionHandling() {
return new SecurityExceptionHandling();
}

Expand Down
2 changes: 1 addition & 1 deletion ...java/org/zalando/problem/spring/web/autoconfigure/security/SecurityExceptionHandling.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@

@API(status = INTERNAL)
@ControllerAdvice
final class SecurityExceptionHandling
public final class SecurityExceptionHandling
implements ProblemHandling, SecurityAdviceTrait {

}
42 changes: 0 additions & 42 deletions ...figure/src/test/java/org/zalando/problem/spring/web/autoconfigure/WebApplicationTest.java
View file
Open in desktop

This file was deleted.

45 changes: 0 additions & 45 deletions ...ure/src/test/java/org/zalando/problem/spring/web/autoconfigure/security/SecurityTest.java
View file
Open in desktop

This file was deleted.

2 changes: 1 addition & 1 deletion .../autoconfigure/CustomAdviceTraitTest.java → ...configuretests/CustomAdviceTraitTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package org.zalando.problem.spring.web.autoconfigure;
package org.zalando.problem.spring.web.autoconfiguretests;

import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
Expand Down
2 changes: 1 addition & 1 deletion ...onfigure/CustomWebMvcApplicationTest.java → ...uretests/CustomWebMvcApplicationTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package org.zalando.problem.spring.web.autoconfigure;
package org.zalando.problem.spring.web.autoconfiguretests;

import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
Expand Down
2 changes: 1 addition & 1 deletion .../autoconfigure/NonWebApplicationTest.java → ...configuretests/NonWebApplicationTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package org.zalando.problem.spring.web.autoconfigure;
package org.zalando.problem.spring.web.autoconfiguretests;

import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
Expand Down
66 changes: 66 additions & 0 deletions ...e/src/test/java/org/zalando/problem/spring/web/autoconfiguretests/WebApplicationTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
package org.zalando.problem.spring.web.autoconfiguretests;

import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.context.annotation.Configuration;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import org.zalando.problem.jackson.ProblemModule;
import org.zalando.problem.spring.web.advice.AdviceTrait;
import org.zalando.problem.spring.web.autoconfigure.ExceptionHandling;
import org.zalando.problem.violations.ConstraintViolationProblemModule;

import static org.assertj.core.api.Assertions.assertThat;
import static org.hamcrest.Matchers.is;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;

@SpringBootTest
@AutoConfigureMockMvc
@EnableAutoConfiguration(exclude = SecurityAutoConfiguration.class)
final class WebApplicationTest {

@Autowired
private MockMvc mockMvc;

@Configuration
static class TestApplication {
@RestController
static class Controller {
@GetMapping("/exception")
void getException() {
throw new RuntimeException("An exception from GET");
}
}
}

@Test
void shouldConfigureExceptionHandling(
@Autowired final AdviceTrait trait) throws Exception {
assertThat(trait).isExactlyInstanceOf(ExceptionHandling.class);
mockMvc.perform(get("/exception"))
.andExpect(status().isInternalServerError())
.andExpect(jsonPath("$.status", is(500)))
.andExpect(jsonPath("$.title", is("Internal Server Error")))
.andExpect(jsonPath("$.detail", is("An exception from GET")));
}

@Test
void shouldConfigureProblemModule(
@Autowired final ProblemModule module) {
assertThat(module).isNotNull();
}

@Test
void shouldConfigureConstraintViolationProblemModule(
@Autowired final ConstraintViolationProblemModule module) {
assertThat(module).isNotNull();
}

}
2 changes: 1 addition & 1 deletion ...re/security/NoConfigurerSecurityTest.java → ...ts/security/NoConfigurerSecurityTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package org.zalando.problem.spring.web.autoconfigure.security;
package org.zalando.problem.spring.web.autoconfiguretests.security;

import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
Expand Down
3 changes: 2 additions & 1 deletion ...e/security/ProblemHttpConfigurerTest.java → ...s/security/ProblemHttpConfigurerTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package org.zalando.problem.spring.web.autoconfigure.security;
package org.zalando.problem.spring.web.autoconfiguretests.security;

import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
Expand All @@ -14,6 +14,7 @@
import org.springframework.test.util.ReflectionTestUtils;
import org.springframework.util.ClassUtils;
import org.zalando.problem.spring.web.advice.security.SecurityProblemSupport;
import org.zalando.problem.spring.web.autoconfigure.security.ProblemHttpConfigurer;

import java.util.HashMap;
import java.util.Map;
Expand Down
5 changes: 4 additions & 1 deletion ...ProblemSecurityAutoConfigurationTest.java → ...ProblemSecurityAutoConfigurationTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package org.zalando.problem.spring.web.autoconfigure.security;
package org.zalando.problem.spring.web.autoconfiguretests.security;

import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
Expand All @@ -13,6 +13,9 @@
import org.zalando.problem.spring.web.advice.AdviceTrait;
import org.zalando.problem.spring.web.advice.security.SecurityProblemSupport;
import org.zalando.problem.spring.web.autoconfigure.ProblemAutoConfiguration;
import org.zalando.problem.spring.web.autoconfigure.security.ProblemSecurityAutoConfiguration;
import org.zalando.problem.spring.web.autoconfigure.security.ProblemSecurityBeanPostProcessor;
import org.zalando.problem.spring.web.autoconfigure.security.SecurityExceptionHandling;

import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
Expand Down
3 changes: 2 additions & 1 deletion ...ProblemSecurityBeanPostProcessorTest.java → ...ProblemSecurityBeanPostProcessorTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package org.zalando.problem.spring.web.autoconfigure.security;
package org.zalando.problem.spring.web.autoconfiguretests.security;

import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
Expand All @@ -10,6 +10,7 @@
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.test.util.ReflectionTestUtils;
import org.zalando.problem.spring.web.advice.security.SecurityProblemSupport;
import org.zalando.problem.spring.web.autoconfigure.security.ProblemSecurityBeanPostProcessor;

import java.util.HashMap;
import java.util.function.Consumer;
Expand Down
89 changes: 89 additions & 0 deletions ...rc/test/java/org/zalando/problem/spring/web/autoconfiguretests/security/SecurityTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
package org.zalando.problem.spring.web.autoconfiguretests.security;

import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import org.zalando.problem.spring.common.MediaTypes;

import static org.hamcrest.Matchers.is;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;

@SpringBootTest
@AutoConfigureMockMvc
@DirtiesContext
final class SecurityTest {
@Autowired
private MockMvc mockMvc;

@Test
void shouldConfigureExceptionHandling() throws Exception {
mockMvc.perform(get("/not-exists-url"))
.andExpect(status().isUnauthorized())
.andExpect(jsonPath("$.status", is(401)))
.andExpect(jsonPath("$.title", is("Unauthorized")))
.andExpect(jsonPath("$.detail", is("Full authentication is required to access this resource")));
}

@Test
void shouldRespectResponseStatus() throws Exception {
mockMvc.perform(get("/custom-not-found"))
.andExpect(status().isNotFound())
.andExpect(jsonPath("$.status", is(404)))
.andExpect(jsonPath("$.title", is("Not Found")))
.andExpect(jsonPath("$.detail", is("Custom NotFoundException")));
}

@Test
void shouldReturnCorrectContentType() throws Exception {
mockMvc.perform(get("/custom-not-found").accept(MediaType.APPLICATION_JSON))
.andExpect(status().isNotFound())
.andExpect(header().string(HttpHeaders.CONTENT_TYPE, MediaTypes.PROBLEM_VALUE))
.andExpect(jsonPath("$.status", is(404)))
.andExpect(jsonPath("$.title", is("Not Found")))
.andExpect(jsonPath("$.detail", is("Custom NotFoundException")));
}

@SpringBootApplication
static class TestApp {
@RestController
static class Controller {
@GetMapping("/custom-not-found")
void getException() {
throw new NotFoundException();
}
}

@ResponseStatus(HttpStatus.NOT_FOUND)
static class NotFoundException extends RuntimeException {
public NotFoundException() {
super("Custom NotFoundException");
}
}

@Configuration(proxyBeanMethods = false)
static class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.mvcMatchers("/custom-not-found").permitAll()
.anyRequest().authenticated();
}
}
}
}