Начало Каталог Помощ
Регистрация Вход
github
/
spring-security
огледало от https://github.com/spring-projects/spring-security
2
0
Разклонения 0
Файлове Задачи 0 Уики
Преглед на файлове

Polish tests and javadoc

When using AssertJ, it's easy to commit the following error

assertThat(some boolean condition)

The above actually does nothing. It at least needs to be

assertThat(some boolean condition).isTrue()

This commit refines some assertions that were missing a verify
condition.

Also, one Javadoc was just a little bit confusing, so this
clarifies it.

Issue: gh-6259
Josh Cummings преди 6 години
родител
086b105273
ревизия
7a55af246e
променени са 4 файла, в които са добавени 12 реда и са изтрити 12 реда
Разделен изглед Покажи статистика за разликите
  1. 2 2
      config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerServlet31Tests.java
  2. 3 3
      config/src/test/java/org/springframework/security/config/http/SessionManagementConfigServlet31Tests.java
  3. 2 2
      web/src/main/java/org/springframework/security/web/authentication/session/SessionFixationProtectionStrategy.java
  4. 5 5
      web/src/test/java/org/springframework/security/web/authentication/session/ChangeSessionIdAuthenticationStrategyTests.java

+ 2 - 2
config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerServlet31Tests.java
Целия файл 

@@ -96,8 +96,8 @@ public class SessionManagementConfigurerServlet31Tests {
 
 
 		springSecurityFilterChain.doFilter(request, response, chain);
 
 
-		assertThat(!request.getSession().getId().equals(id));
 
-		assertThat(request.getSession().getAttribute("attribute1").equals("value1"));
 
+		assertThat(request.getSession().getId()).isNotEqualTo(id);
 
+		assertThat(request.getSession().getAttribute("attribute1")).isEqualTo("value1");
 
 	}
 
 
 	@EnableWebSecurity

+ 3 - 3
config/src/test/java/org/springframework/security/config/http/SessionManagementConfigServlet31Tests.java
Целия файл 

@@ -99,8 +99,8 @@ public class SessionManagementConfigServlet31Tests {
 
 		springSecurityFilterChain.doFilter(request, response, chain);
 
 
 
-		assertThat(!request.getSession().getId().equals(id));
 
-		assertThat(request.getSession().getAttribute("attribute1").equals("value1"));
 
+		assertThat(request.getSession().getId()).isNotEqualTo(id);
 
+		assertThat(request.getSession().getAttribute("attribute1")).isEqualTo("value1");
 
 	}
 
 
 	@Test
 
@@ -123,7 +123,7 @@ public class SessionManagementConfigServlet31Tests {
 
 
 		springSecurityFilterChain.doFilter(request, response, chain);
 
 
-		assertThat(!request.getSession().getId().equals(id));
 
+		assertThat(request.getSession().getId()).isNotEqualTo(id);
 
 
 	}

+ 2 - 2
web/src/main/java/org/springframework/security/web/authentication/session/SessionFixationProtectionStrategy.java
Целия файл 

@@ -24,8 +24,8 @@ import javax.servlet.http.HttpServletRequest;
 
 import javax.servlet.http.HttpSession;
 
 
 /**
 
- * The implementation of {@link SessionAuthenticationStrategy} when using <
 
- * Servlet 3.1.
 
+ * Uses {@code HttpServletRequest.invalidate()} to protect against session fixation
 
+ * attacks.
 
  * <p>
 
  * Creates a new session for the newly authenticated user if they already have a session
 
  * (as a defence against session-fixation protection attacks), and copies their session

+ 5 - 5
web/src/test/java/org/springframework/security/web/authentication/session/ChangeSessionIdAuthenticationStrategyTests.java
Целия файл 

@@ -15,12 +15,14 @@
 
  */
 
 package org.springframework.security.web.authentication.session;
 
 
-import org.junit.Assert;
 
 import org.junit.Test;
 
 import org.junit.runner.RunWith;
 
 import org.powermock.modules.junit4.PowerMockRunner;
 
+
 
 import org.springframework.mock.web.MockHttpServletRequest;
 
 
+import static org.assertj.core.api.Assertions.assertThat;
 
+
 
 /**
 
  * @author Rob Winch
 
  *
 
@@ -32,9 +34,7 @@ public class ChangeSessionIdAuthenticationStrategyTests {
 
 	public void applySessionFixation() {
 
 		MockHttpServletRequest request = new MockHttpServletRequest();
 
 		String id = request.getSession().getId();
 
-
 
-			new ChangeSessionIdAuthenticationStrategy().applySessionFixation(request);
 
-
 
-		Assert.assertNotEquals(id, request.getSession().getId());
 
+		new ChangeSessionIdAuthenticationStrategy().applySessionFixation(request);
 
+		assertThat(request.getSession().getId()).isNotEqualTo(id);
 
 	}
 
 }