Change Kotlin tests that are using mockkObject with a lambda interface implementation

Closes gh-10702

config/src/test/kotlin/org/springframework/security/config/annotation/web/CsrfDslTests.kt

@@ -33,6 +33,7 @@ import org.springframework.security.core.userdetails.UserDetailsService
 import org.springframework.security.provisioning.InMemoryUserDetailsManager
 import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin
 import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf
+import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy
 import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
 import org.springframework.security.web.csrf.CsrfTokenRepository
 import org.springframework.security.web.csrf.DefaultCsrfToken
@@ -180,7 +181,7 @@ class CsrfDslTests {
     open class CustomStrategyConfig : WebSecurityConfigurerAdapter() {
 
         companion object {
-            val STRATEGY: SessionAuthenticationStrategy = SessionAuthenticationStrategy { _, _, _ -> }
+            var STRATEGY: SessionAuthenticationStrategy = NullAuthenticatedSessionStrategy()
         }
 
         override fun configure(http: HttpSecurity) {

config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt

@@ -17,6 +17,7 @@
 package org.springframework.security.config.annotation.web
 
 import io.mockk.every
+import io.mockk.mockk
 import io.mockk.mockkObject
 import io.mockk.verify
 import org.junit.jupiter.api.Test
@@ -41,6 +42,8 @@ import org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirec
 import org.springframework.test.web.servlet.result.MockMvcResultMatchers.status
 import org.springframework.web.bind.annotation.GetMapping
 import jakarta.servlet.http.HttpServletRequest
+import org.springframework.security.web.authentication.WebAuthenticationDetails
+import org.springframework.security.web.authentication.WebAuthenticationDetailsSource
 
 /**
  * Tests for [FormLoginDsl]
@@ -293,7 +296,7 @@ class FormLoginDslTests {
         mockkObject(CustomAuthenticationDetailsSourceConfig.AUTHENTICATION_DETAILS_SOURCE)
         every {
             CustomAuthenticationDetailsSourceConfig.AUTHENTICATION_DETAILS_SOURCE.buildDetails(any())
-        } returns Any()
+        } returns mockk()
 
         this.mockMvc.perform(formLogin())
             .andExpect {
@@ -308,8 +311,7 @@ class FormLoginDslTests {
     open class CustomAuthenticationDetailsSourceConfig : WebSecurityConfigurerAdapter() {
 
         companion object {
-            val AUTHENTICATION_DETAILS_SOURCE: AuthenticationDetailsSource<HttpServletRequest, *> =
-                AuthenticationDetailsSource<HttpServletRequest, Any> { Any() }
+            val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource()
         }
 
         override fun configure(http: HttpSecurity) {

config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpBasicDslTests.kt

@@ -17,6 +17,7 @@
 package org.springframework.security.config.annotation.web
 
 import io.mockk.every
+import io.mockk.mockk
 import io.mockk.mockkObject
 import io.mockk.verify
 import jakarta.servlet.http.HttpServletRequest
@@ -25,6 +26,7 @@ import org.junit.jupiter.api.extension.ExtendWith
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
+import org.springframework.http.HttpStatus
 import org.springframework.security.authentication.AuthenticationDetailsSource
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
@@ -36,6 +38,8 @@ import org.springframework.security.core.userdetails.UserDetailsService
 import org.springframework.security.provisioning.InMemoryUserDetailsManager
 import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic
 import org.springframework.security.web.AuthenticationEntryPoint
+import org.springframework.security.web.authentication.HttpStatusEntryPoint
+import org.springframework.security.web.authentication.WebAuthenticationDetailsSource
 import org.springframework.test.web.servlet.MockMvc
 import org.springframework.test.web.servlet.get
 import org.springframework.web.bind.annotation.GetMapping
@@ -136,7 +140,7 @@ class HttpBasicDslTests {
     open class CustomAuthenticationEntryPointConfig : WebSecurityConfigurerAdapter() {
 
         companion object {
-            val ENTRY_POINT: AuthenticationEntryPoint = AuthenticationEntryPoint { _, _, _ ->  }
+            val ENTRY_POINT: AuthenticationEntryPoint = HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)
         }
 
         override fun configure(http: HttpSecurity) {
@@ -159,7 +163,7 @@ class HttpBasicDslTests {
         mockkObject(CustomAuthenticationDetailsSourceConfig.AUTHENTICATION_DETAILS_SOURCE)
         every {
             CustomAuthenticationDetailsSourceConfig.AUTHENTICATION_DETAILS_SOURCE.buildDetails(any())
-        } returns Any()
+        } returns mockk()
 
         this.mockMvc.get("/") {
             with(httpBasic("username", "password"))
@@ -172,8 +176,7 @@ class HttpBasicDslTests {
     open class CustomAuthenticationDetailsSourceConfig : WebSecurityConfigurerAdapter() {
 
         companion object {
-            val AUTHENTICATION_DETAILS_SOURCE: AuthenticationDetailsSource<HttpServletRequest, *> =
-                AuthenticationDetailsSource<HttpServletRequest, Any> { Any() }
+            val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource()
         }
 
         override fun configure(http: HttpSecurity) {

config/src/test/kotlin/org/springframework/security/config/annotation/web/LogoutDslTests.kt

@@ -19,6 +19,8 @@ package org.springframework.security.config.annotation.web
 import io.mockk.every
 import io.mockk.mockkObject
 import io.mockk.verify
+import jakarta.servlet.http.HttpServletRequest
+import jakarta.servlet.http.HttpServletResponse
 import org.assertj.core.api.Assertions.assertThat
 import org.junit.jupiter.api.Test
 import org.junit.jupiter.api.extension.ExtendWith
@@ -30,6 +32,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
 import org.springframework.security.config.test.SpringTestContext
 import org.springframework.security.config.test.SpringTestContextExtension
+import org.springframework.security.core.Authentication
 import org.springframework.security.core.context.SecurityContextHolder
 import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf
 import org.springframework.security.web.authentication.logout.LogoutHandler
@@ -300,7 +303,7 @@ class LogoutDslTests {
     open class CustomLogoutHandlerConfig : WebSecurityConfigurerAdapter() {
 
         companion object {
-            val HANDLER: LogoutHandler = LogoutHandler { _, _, _ -> }
+            val HANDLER: LogoutHandler = NoopLogoutHandler()
         }
 
         override fun configure(http: HttpSecurity) {
@@ -311,4 +314,13 @@ class LogoutDslTests {
             }
         }
     }
+
+    class NoopLogoutHandler: LogoutHandler {
+        override fun logout(
+            request: HttpServletRequest?,
+            response: HttpServletResponse?,
+            authentication: Authentication?
+        ) { }
+
+    }
 }

config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDslTests.kt

@@ -30,6 +30,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 import org.springframework.security.config.oauth2.client.CommonOAuth2Provider
 import org.springframework.security.config.test.SpringTestContext
 import org.springframework.security.config.test.SpringTestContextExtension
+import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient
 import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient
 import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
@@ -123,9 +124,7 @@ class OAuth2ClientDslTests {
             val REQUEST_REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> =
                 HttpSessionOAuth2AuthorizationRequestRepository()
             val CLIENT: OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> =
-                OAuth2AccessTokenResponseClient {
-                    OAuth2AccessTokenResponse.withToken("some tokenValue").build()
-                }
+                DefaultAuthorizationCodeTokenResponseClient()
             val CLIENT_REPOSITORY: OAuth2AuthorizedClientRepository = HttpSessionOAuth2AuthorizedClientRepository()
         }
 

config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDslTests.kt

@@ -17,6 +17,7 @@
 package org.springframework.security.config.annotation.web
 
 import io.mockk.every
+import io.mockk.mockk
 import io.mockk.mockkObject
 import io.mockk.verify
 import org.junit.jupiter.api.Test
@@ -43,6 +44,7 @@ import org.springframework.test.web.servlet.post
 import org.springframework.web.bind.annotation.GetMapping
 import org.springframework.web.bind.annotation.RestController
 import jakarta.servlet.http.HttpServletRequest
+import org.springframework.security.web.authentication.WebAuthenticationDetailsSource
 
 /**
  * Tests for [OAuth2LoginDsl]
@@ -131,7 +133,7 @@ class OAuth2LoginDslTests {
         mockkObject(CustomAuthenticationDetailsSourceConfig.AUTHENTICATION_DETAILS_SOURCE)
         every {
             CustomAuthenticationDetailsSourceConfig.AUTHENTICATION_DETAILS_SOURCE.buildDetails(any())
-        } returns Any()
+        } returns mockk()
         mockkObject(CustomAuthenticationDetailsSourceConfig.AUTHORIZATION_REQUEST_REPOSITORY)
         every {
             CustomAuthenticationDetailsSourceConfig.AUTHORIZATION_REQUEST_REPOSITORY.removeAuthorizationRequest(any(), any())
@@ -158,8 +160,7 @@ class OAuth2LoginDslTests {
     open class CustomAuthenticationDetailsSourceConfig : WebSecurityConfigurerAdapter() {
 
         companion object {
-            val AUTHENTICATION_DETAILS_SOURCE: AuthenticationDetailsSource<HttpServletRequest, *> =
-                AuthenticationDetailsSource<HttpServletRequest, Any> { Any() }
+            val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource()
             val AUTHORIZATION_REQUEST_REPOSITORY = HttpSessionOAuth2AuthorizationRequestRepository()
         }
 

config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDslTests.kt

@@ -27,9 +27,9 @@ import org.junit.jupiter.api.extension.ExtendWith
 import org.springframework.beans.factory.BeanCreationException
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.context.annotation.Bean
+import org.springframework.http.HttpStatus
 import org.springframework.security.authentication.AuthenticationManager
 import org.springframework.security.authentication.AuthenticationManagerResolver
-import org.springframework.security.authentication.TestingAuthenticationToken
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
@@ -39,10 +39,13 @@ import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames.SUB
 import org.springframework.security.oauth2.jwt.Jwt
 import org.springframework.security.oauth2.jwt.JwtDecoder
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken
+import org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolver
 import org.springframework.security.oauth2.server.resource.web.BearerTokenResolver
 import org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver
 import org.springframework.security.web.AuthenticationEntryPoint
 import org.springframework.security.web.access.AccessDeniedHandler
+import org.springframework.security.web.access.AccessDeniedHandlerImpl
+import org.springframework.security.web.authentication.HttpStatusEntryPoint
 import org.springframework.test.web.servlet.MockMvc
 import org.springframework.test.web.servlet.get
 
@@ -79,7 +82,7 @@ class OAuth2ResourceServerDslTests {
     open class EntryPointConfig : WebSecurityConfigurerAdapter() {
 
         companion object {
-            val ENTRY_POINT: AuthenticationEntryPoint = AuthenticationEntryPoint { _, _, _ ->  }
+            val ENTRY_POINT: AuthenticationEntryPoint = HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)
         }
 
         override fun configure(http: HttpSecurity) {
@@ -116,12 +119,7 @@ class OAuth2ResourceServerDslTests {
 
         companion object {
             val RESOLVER: BearerTokenResolver = DefaultBearerTokenResolver()
-            val DECODER: JwtDecoder =  JwtDecoder {
-                Jwt.withTokenValue("token")
-                    .header("alg", "none")
-                    .claim(SUB, "user")
-                    .build()
-            }
+            val DECODER: JwtDecoder = MockJwtDecoder()
         }
 
         override fun configure(http: HttpSecurity) {
@@ -140,6 +138,16 @@ class OAuth2ResourceServerDslTests {
         open fun jwtDecoder(): JwtDecoder = DECODER
     }
 
+    class MockJwtDecoder: JwtDecoder {
+        override fun decode(token: String?): Jwt {
+            return Jwt.withTokenValue("token")
+                .header("alg", "none")
+                .claim(SUB, "user")
+                .build()
+        }
+
+    }
+
     @Test
     fun `oauth2Resource server when custom access denied handler then handler used`() {
         this.spring.register(AccessDeniedHandlerConfig::class.java).autowire()
@@ -163,13 +171,8 @@ class OAuth2ResourceServerDslTests {
     open class AccessDeniedHandlerConfig : WebSecurityConfigurerAdapter() {
 
         companion object {
-            val DECODER: JwtDecoder = JwtDecoder { _ ->
-                Jwt.withTokenValue("token")
-                    .header("alg", "none")
-                    .claim(SUB, "user")
-                    .build()
-            }
-            val DENIED_HANDLER: AccessDeniedHandler = AccessDeniedHandler { _, _, _ ->  }
+            val DECODER: JwtDecoder = MockJwtDecoder()
+            val DENIED_HANDLER: AccessDeniedHandler = AccessDeniedHandlerImpl()
         }
 
         override fun configure(http: HttpSecurity) {
@@ -210,11 +213,7 @@ class OAuth2ResourceServerDslTests {
 
         companion object {
             val RESOLVER: AuthenticationManagerResolver<HttpServletRequest> =
-                AuthenticationManagerResolver {
-                    AuthenticationManager {
-                        TestingAuthenticationToken("a,", "b", "c")
-                    }
-                }
+                JwtIssuerAuthenticationManagerResolver("issuer")
         }
 
         override fun configure(http: HttpSecurity) {

config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt

@@ -41,12 +41,14 @@ import org.springframework.security.core.userdetails.User
 import org.springframework.security.core.userdetails.UserDetailsService
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
 import org.springframework.security.crypto.password.PasswordEncoder
+import org.springframework.security.provisioning.InMemoryUserDetailsManager
 import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin
 import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf
 import org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler
 import org.springframework.security.web.authentication.NullRememberMeServices
 import org.springframework.security.web.authentication.RememberMeServices
+import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
 import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
 import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher
@@ -438,7 +440,7 @@ internal class RememberMeDslTests {
     open class RememberMeSuccessHandlerConfig : DefaultUserConfig() {
 
         companion object {
-            val SUCCESS_HANDLER: AuthenticationSuccessHandler = AuthenticationSuccessHandler { _ , _, _ -> }
+            val SUCCESS_HANDLER: AuthenticationSuccessHandler = SimpleUrlAuthenticationSuccessHandler()
         }
 
         override fun configure(http: HttpSecurity) {
@@ -549,9 +551,9 @@ internal class RememberMeDslTests {
     open class RememberMeDefaultUserDetailsServiceConfig : DefaultUserConfig() {
 
         companion object {
-            val USER_DETAIL_SERVICE: UserDetailsService = UserDetailsService { _ ->
+            val USER_DETAIL_SERVICE: UserDetailsService = InMemoryUserDetailsManager(
                 User("username", "password", emptyList())
-            }
+            )
             val PASSWORD_ENCODER: PasswordEncoder = BCryptPasswordEncoder()
         }
 
@@ -575,9 +577,9 @@ internal class RememberMeDslTests {
     open class RememberMeUserDetailsServiceConfig : DefaultUserConfig() {
 
         companion object {
-            val USER_DETAIL_SERVICE: UserDetailsService = UserDetailsService { _ ->
+            val USER_DETAIL_SERVICE: UserDetailsService = InMemoryUserDetailsManager(
                 User("username", "password", emptyList())
-            }
+            )
         }
 
         override fun configure(http: HttpSecurity) {

config/src/test/kotlin/org/springframework/security/config/annotation/web/SessionManagementDslTests.kt

@@ -36,6 +36,7 @@ import org.springframework.security.config.test.SpringTestContextExtension
 import org.springframework.security.core.Authentication
 import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
+import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy
 import org.springframework.security.web.authentication.session.SessionAuthenticationException
 import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
 import org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy
@@ -210,7 +211,7 @@ class SessionManagementDslTests {
     open class SessionAuthenticationStrategyConfig : WebSecurityConfigurerAdapter() {
 
         companion object {
-            val STRATEGY: SessionAuthenticationStrategy = SessionAuthenticationStrategy { _, _, _ ->  }
+            val STRATEGY: SessionAuthenticationStrategy = NullAuthenticatedSessionStrategy()
         }
 
         override fun configure(http: HttpSecurity) {

config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/client/AuthorizationCodeGrantDslTests.kt

@@ -32,6 +32,7 @@ import org.springframework.security.config.oauth2.client.CommonOAuth2Provider
 import org.springframework.security.config.test.SpringTestContext
 import org.springframework.security.config.test.SpringTestContextExtension
 import org.springframework.security.config.annotation.web.invoke
+import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient
 import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient
 import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
@@ -134,9 +135,7 @@ class AuthorizationCodeGrantDslTests {
             val REQUEST_REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> =
                 HttpSessionOAuth2AuthorizationRequestRepository()
             val CLIENT: OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> =
-                OAuth2AccessTokenResponseClient {
-                    OAuth2AccessTokenResponse.withToken("some tokenValue").build()
-                }
+                DefaultAuthorizationCodeTokenResponseClient()
         }
 
         override fun configure(http: HttpSecurity) {

config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/RedirectionEndpointDslTests.kt

@@ -31,6 +31,7 @@ import org.springframework.security.config.test.SpringTestContext
 import org.springframework.security.config.test.SpringTestContextExtension
 import org.springframework.security.config.annotation.web.invoke
 import org.springframework.security.core.authority.SimpleGrantedAuthority
+import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient
 import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient
 import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
@@ -108,9 +109,7 @@ class RedirectionEndpointDslTests {
             val REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> =
                 HttpSessionOAuth2AuthorizationRequestRepository()
             val CLIENT: OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> =
-                OAuth2AccessTokenResponseClient {
-                    OAuth2AccessTokenResponse.withToken("some tokenValue").build()
-                }
+                DefaultAuthorizationCodeTokenResponseClient()
             val USER_SERVICE: OAuth2UserService<OAuth2UserRequest, OAuth2User> = DefaultOAuth2UserService()
         }
 

config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/TokenEndpointDslTests.kt

@@ -31,6 +31,7 @@ import org.springframework.security.config.oauth2.client.CommonOAuth2Provider
 import org.springframework.security.config.test.SpringTestContext
 import org.springframework.security.config.test.SpringTestContextExtension
 import org.springframework.security.config.annotation.web.invoke
+import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient
 import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient
 import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
@@ -99,9 +100,7 @@ class TokenEndpointDslTests {
             val REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> =
                 HttpSessionOAuth2AuthorizationRequestRepository()
             val CLIENT: OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> =
-                OAuth2AccessTokenResponseClient {
-                    OAuth2AccessTokenResponse.withToken("some tokenValue").build()
-                }
+                DefaultAuthorizationCodeTokenResponseClient()
         }
 
         override fun configure(http: HttpSecurity) {

config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/JwtDslTests.kt

@@ -130,10 +130,8 @@ class JwtDslTests {
     open class CustomJwtAuthenticationConverterConfig : WebSecurityConfigurerAdapter() {
 
         companion object {
-            val CONVERTER: Converter<Jwt, out AbstractAuthenticationToken> = Converter { _ ->
-                TestingAuthenticationToken("a", "b",  "c")
-            }
-            val DECODER: JwtDecoder = JwtDecoder { Jwt.withTokenValue("some tokenValue").build() }
+            val CONVERTER: Converter<Jwt, out AbstractAuthenticationToken> = MockConverter()
+            val DECODER: JwtDecoder = MockJwtDecoder()
         }
 
         override fun configure(http: HttpSecurity) {
@@ -153,6 +151,12 @@ class JwtDslTests {
         open fun jwtDecoder(): JwtDecoder = DECODER
     }
 
+    class MockConverter: Converter<Jwt, AbstractAuthenticationToken> {
+        override fun convert(source: Jwt): AbstractAuthenticationToken {
+            return TestingAuthenticationToken("a", "b",  "c")
+        }
+    }
+
     @Test
     fun `JWT when custom JWT decoder set after jwkSetUri then decoder used`() {
         this.spring.register(JwtDecoderAfterJwkSetUriConfig::class.java).autowire()
@@ -175,7 +179,7 @@ class JwtDslTests {
     open class JwtDecoderAfterJwkSetUriConfig : WebSecurityConfigurerAdapter() {
 
         companion object {
-            val DECODER: JwtDecoder = JwtDecoder { Jwt.withTokenValue("some tokenValue").build() }
+            val DECODER: JwtDecoder = MockJwtDecoder()
         }
 
         override fun configure(http: HttpSecurity) {
@@ -193,6 +197,12 @@ class JwtDslTests {
         }
     }
 
+    class MockJwtDecoder: JwtDecoder {
+        override fun decode(token: String?): Jwt {
+            return Jwt.withTokenValue("some tokenValue").build()
+        }
+    }
+
     @Test
     fun `JWT when custom authentication manager configured then used`() {
         this.spring.register(AuthenticationManagerConfig::class.java, AuthenticationController::class.java).autowire()

config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/OpaqueTokenDslTests.kt

@@ -43,6 +43,7 @@ import org.springframework.security.oauth2.jwt.JwtClaimNames
 import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication
 import org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector
 import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector
+import org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector
 import org.springframework.test.web.servlet.MockMvc
 import org.springframework.test.web.servlet.get
 import org.springframework.web.bind.annotation.GetMapping
@@ -147,9 +148,7 @@ class OpaqueTokenDslTests {
     open class CustomIntrospectorConfig : WebSecurityConfigurerAdapter() {
 
         companion object {
-            val INTROSPECTOR: OpaqueTokenIntrospector = OpaqueTokenIntrospector {
-                DefaultOAuth2AuthenticatedPrincipal(emptyMap(), emptyList())
-            }
+            val INTROSPECTOR: OpaqueTokenIntrospector = SpringOpaqueTokenIntrospector("uri", "clientId", "clientSecret")
         }
 
         override fun configure(http: HttpSecurity) {
@@ -185,9 +184,7 @@ class OpaqueTokenDslTests {
     open class IntrospectorAfterClientCredentialsConfig : WebSecurityConfigurerAdapter() {
 
         companion object {
-            val INTROSPECTOR: OpaqueTokenIntrospector = OpaqueTokenIntrospector {
-                DefaultOAuth2AuthenticatedPrincipal(emptyMap(), emptyList())
-            }
+            val INTROSPECTOR: OpaqueTokenIntrospector = SpringOpaqueTokenIntrospector("uri", "clientId", "clientSecret")
         }
 
         override fun configure(http: HttpSecurity) {

config/src/test/kotlin/org/springframework/security/config/web/server/ServerCsrfDslTests.kt

@@ -24,11 +24,13 @@ import org.junit.jupiter.api.extension.ExtendWith
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.context.ApplicationContext
 import org.springframework.context.annotation.Bean
+import org.springframework.http.HttpStatus
 import org.springframework.http.MediaType
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity
 import org.springframework.security.config.test.SpringTestContext
 import org.springframework.security.config.test.SpringTestContextExtension
 import org.springframework.security.web.server.SecurityWebFilterChain
+import org.springframework.security.web.server.authorization.HttpStatusServerAccessDeniedHandler
 import org.springframework.security.web.server.authorization.ServerAccessDeniedHandler
 import org.springframework.security.web.server.csrf.CsrfToken
 import org.springframework.security.web.server.csrf.DefaultCsrfToken
@@ -175,7 +177,7 @@ class ServerCsrfDslTests {
     @EnableWebFlux
     open class CustomAccessDeniedHandlerConfig {
         companion object {
-            val ACCESS_DENIED_HANDLER: ServerAccessDeniedHandler = ServerAccessDeniedHandler { _, _ -> Mono.empty() }
+            val ACCESS_DENIED_HANDLER: ServerAccessDeniedHandler = HttpStatusServerAccessDeniedHandler(HttpStatus.FORBIDDEN)
         }
 
         @Bean

config/src/test/kotlin/org/springframework/security/config/web/server/ServerFormLoginDslTests.kt

@@ -30,6 +30,7 @@ import org.springframework.security.authentication.ReactiveAuthenticationManager
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity
 import org.springframework.security.config.test.SpringTestContext
 import org.springframework.security.config.test.SpringTestContextExtension
+import org.springframework.security.core.Authentication
 import org.springframework.security.core.userdetails.MapReactiveUserDetailsService
 import org.springframework.security.core.userdetails.User
 import org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.csrf
@@ -151,7 +152,7 @@ class ServerFormLoginDslTests {
     open class CustomAuthenticationManagerConfig {
 
         companion object {
-            val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = ReactiveAuthenticationManager { Mono.empty() }
+            val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = NoopReactiveAuthenticationManager()
         }
 
         @Bean
@@ -167,6 +168,12 @@ class ServerFormLoginDslTests {
         }
     }
 
+    class NoopReactiveAuthenticationManager: ReactiveAuthenticationManager {
+        override fun authenticate(authentication: Authentication?): Mono<Authentication> {
+            return Mono.empty()
+        }
+    }
+
     @Test
     fun `form login when custom authentication entry point then entry point used`() {
         this.spring.register(CustomConfig::class.java, UserDetailsConfig::class.java).autowire()

config/src/test/kotlin/org/springframework/security/config/web/server/ServerHttpBasicDslTests.kt

@@ -26,6 +26,7 @@ import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.context.ApplicationContext
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
+import org.springframework.http.HttpStatus
 import org.springframework.security.authentication.ReactiveAuthenticationManager
 import org.springframework.security.authentication.TestingAuthenticationToken
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity
@@ -36,6 +37,7 @@ import org.springframework.security.core.userdetails.MapReactiveUserDetailsServi
 import org.springframework.security.core.userdetails.User
 import org.springframework.security.web.server.SecurityWebFilterChain
 import org.springframework.security.web.server.ServerAuthenticationEntryPoint
+import org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint
 import org.springframework.security.web.server.context.ServerSecurityContextRepository
 import org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository
 import org.springframework.test.web.reactive.server.WebTestClient
@@ -127,7 +129,7 @@ class ServerHttpBasicDslTests {
     open class CustomAuthenticationManagerConfig {
 
         companion object {
-            val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = ReactiveAuthenticationManager { Mono.empty() }
+            val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = NoopReactiveAuthenticationManager()
         }
 
         @Bean
@@ -143,6 +145,12 @@ class ServerHttpBasicDslTests {
         }
     }
 
+    class NoopReactiveAuthenticationManager: ReactiveAuthenticationManager {
+        override fun authenticate(authentication: Authentication?): Mono<Authentication> {
+            return Mono.empty()
+        }
+    }
+
     @Test
     fun `http basic when custom security context repository then repository used`() {
         this.spring.register(CustomSecurityContextRepositoryConfig::class.java, UserDetailsConfig::class.java).autowire()
@@ -200,7 +208,7 @@ class ServerHttpBasicDslTests {
     open class CustomAuthenticationEntryPointConfig {
 
         companion object {
-            val ENTRY_POINT: ServerAuthenticationEntryPoint = ServerAuthenticationEntryPoint { _, _ -> Mono.empty() }
+            val ENTRY_POINT: ServerAuthenticationEntryPoint = HttpStatusServerEntryPoint(HttpStatus.UNAUTHORIZED)
         }
 
         @Bean

config/src/test/kotlin/org/springframework/security/config/web/server/ServerHttpSecurityDslTests.kt

@@ -31,6 +31,7 @@ import org.springframework.security.authentication.TestingAuthenticationToken
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity
 import org.springframework.security.config.test.SpringTestContext
 import org.springframework.security.config.test.SpringTestContextExtension
+import org.springframework.security.core.Authentication
 import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter
 import org.springframework.security.web.server.SecurityWebFilterChain
 import org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter
@@ -223,7 +224,7 @@ class ServerHttpSecurityDslTests {
     @EnableWebFluxSecurity
     open class AuthenticationManagerConfig {
         companion object {
-            val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = ReactiveAuthenticationManager { Mono.empty() }
+            val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = NoopReactiveAuthenticationManager()
         }
 
         @Bean
@@ -237,4 +238,10 @@ class ServerHttpSecurityDslTests {
             }
         }
     }
+
+    class NoopReactiveAuthenticationManager: ReactiveAuthenticationManager {
+        override fun authenticate(authentication: Authentication?): Mono<Authentication> {
+            return Mono.empty()
+        }
+    }
 }

config/src/test/kotlin/org/springframework/security/config/web/server/ServerJwtDslTests.kt

@@ -146,7 +146,7 @@ class ServerJwtDslTests {
     open class CustomDecoderConfig {
 
         companion object {
-            val JWT_DECODER: ReactiveJwtDecoder = ReactiveJwtDecoder { Mono.empty() }
+            val JWT_DECODER: ReactiveJwtDecoder = NullReactiveJwtDecoder()
         }
 
         @Bean
@@ -164,6 +164,12 @@ class ServerJwtDslTests {
         }
     }
 
+    class NullReactiveJwtDecoder: ReactiveJwtDecoder {
+        override fun decode(token: String?): Mono<Jwt> {
+            return Mono.empty()
+        }
+    }
+
     @Test
     fun `jwt when using custom JWK Set URI then custom URI used`() {
         this.spring.register(CustomJwkSetUriConfig::class.java).autowire()
@@ -242,7 +248,7 @@ class ServerJwtDslTests {
 
         companion object {
             val CONVERTER: Converter<Jwt, out Mono<AbstractAuthenticationToken>> = Converter { Mono.empty() }
-            val DECODER: ReactiveJwtDecoder = ReactiveJwtDecoder { Mono.empty() }
+            val DECODER: ReactiveJwtDecoder = NullReactiveJwtDecoder()
         }
 
         @Bean

config/src/test/kotlin/org/springframework/security/config/web/server/ServerLogoutDslTests.kt

@@ -25,11 +25,14 @@ import org.junit.jupiter.api.extension.ExtendWith
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.context.ApplicationContext
 import org.springframework.context.annotation.Bean
+import org.springframework.http.HttpStatus
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity
 import org.springframework.security.config.test.SpringTestContext
 import org.springframework.security.config.test.SpringTestContextExtension
 import org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.csrf
 import org.springframework.security.web.server.SecurityWebFilterChain
+import org.springframework.security.web.server.authentication.logout.HttpStatusReturningServerLogoutSuccessHandler
+import org.springframework.security.web.server.authentication.logout.SecurityContextServerLogoutHandler
 import org.springframework.security.web.server.authentication.logout.ServerLogoutHandler
 import org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler
 import org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher
@@ -171,7 +174,7 @@ class ServerLogoutDslTests {
     open class CustomLogoutHandlerConfig {
 
         companion object {
-            val LOGOUT_HANDLER: ServerLogoutHandler = ServerLogoutHandler { _, _ -> Mono.empty() }
+            val LOGOUT_HANDLER: ServerLogoutHandler = SecurityContextServerLogoutHandler()
         }
 
         @Bean
@@ -206,7 +209,7 @@ class ServerLogoutDslTests {
     open class CustomLogoutSuccessHandlerConfig {
 
         companion object {
-            val LOGOUT_HANDLER: ServerLogoutSuccessHandler = ServerLogoutSuccessHandler { _, _ -> Mono.empty() }
+            val LOGOUT_HANDLER: ServerLogoutSuccessHandler = HttpStatusReturningServerLogoutSuccessHandler(HttpStatus.OK)
         }
 
         @Bean

config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2ClientDslTests.kt

@@ -31,12 +31,14 @@ import org.springframework.security.config.annotation.web.reactive.EnableWebFlux
 import org.springframework.security.config.oauth2.client.CommonOAuth2Provider
 import org.springframework.security.config.test.SpringTestContext
 import org.springframework.security.config.test.SpringTestContextExtension
+import org.springframework.security.core.Authentication
 import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository
 import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository
 import org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository
 import org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
 import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
+import org.springframework.security.oauth2.server.resource.web.server.ServerBearerTokenAuthenticationConverter
 import org.springframework.security.web.server.SecurityWebFilterChain
 import org.springframework.security.web.server.authentication.ServerAuthenticationConverter
 import org.springframework.test.web.reactive.server.WebTestClient
@@ -162,7 +164,7 @@ class ServerOAuth2ClientDslTests {
 
         companion object {
             val AUTHORIZATION_REQUEST_REPOSITORY: ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> = WebSessionOAuth2ServerAuthorizationRequestRepository()
-            val AUTHENTICATION_CONVERTER: ServerAuthenticationConverter = ServerAuthenticationConverter { Mono.empty() }
+            val AUTHENTICATION_CONVERTER: ServerAuthenticationConverter = ServerBearerTokenAuthenticationConverter()
         }
 
         @Bean
@@ -214,8 +216,8 @@ class ServerOAuth2ClientDslTests {
 
         companion object {
             val AUTHORIZATION_REQUEST_REPOSITORY: ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> = WebSessionOAuth2ServerAuthorizationRequestRepository()
-            val AUTHENTICATION_CONVERTER: ServerAuthenticationConverter = ServerAuthenticationConverter { Mono.empty() }
-            val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = ReactiveAuthenticationManager { Mono.empty() }
+            val AUTHENTICATION_CONVERTER: ServerAuthenticationConverter = ServerBearerTokenAuthenticationConverter()
+            val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = NoopReactiveAuthenticationManager()
         }
 
         @Bean
@@ -230,6 +232,12 @@ class ServerOAuth2ClientDslTests {
         }
     }
 
+    class NoopReactiveAuthenticationManager: ReactiveAuthenticationManager {
+        override fun authenticate(authentication: Authentication?): Mono<Authentication> {
+            return Mono.empty()
+        }
+    }
+
     @Configuration
     open class ClientConfig {
         @Bean

config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2LoginDslTests.kt

@@ -34,8 +34,10 @@ import org.springframework.security.oauth2.client.registration.ReactiveClientReg
 import org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository
 import org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
+import org.springframework.security.oauth2.server.resource.web.server.ServerBearerTokenAuthenticationConverter
 import org.springframework.security.web.server.SecurityWebFilterChain
 import org.springframework.security.web.server.authentication.ServerAuthenticationConverter
+import org.springframework.security.web.server.util.matcher.IpAddressServerWebExchangeMatcher
 import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher
 import org.springframework.test.web.reactive.server.WebTestClient
 import org.springframework.web.reactive.config.EnableWebFlux
@@ -159,7 +161,7 @@ class ServerOAuth2LoginDslTests {
     open class AuthenticationMatcherConfig {
 
         companion object {
-            val AUTHENTICATION_MATCHER: ServerWebExchangeMatcher = ServerWebExchangeMatcher { Mono.empty() }
+            val AUTHENTICATION_MATCHER: ServerWebExchangeMatcher = IpAddressServerWebExchangeMatcher("127.0.0.1")
         }
 
         @Bean
@@ -192,7 +194,7 @@ class ServerOAuth2LoginDslTests {
     open class AuthenticationConverterConfig {
 
         companion object {
-            val AUTHENTICATION_CONVERTER: ServerAuthenticationConverter = ServerAuthenticationConverter { Mono.empty() }
+            val AUTHENTICATION_CONVERTER: ServerAuthenticationConverter = ServerBearerTokenAuthenticationConverter()
         }
 
         @Bean

config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2ResourceServerDslTests.kt

@@ -33,6 +33,7 @@ import org.springframework.security.authentication.ReactiveAuthenticationManager
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity
 import org.springframework.security.config.test.SpringTestContext
 import org.springframework.security.config.test.SpringTestContextExtension
+import org.springframework.security.oauth2.server.resource.authentication.JwtIssuerReactiveAuthenticationManagerResolver
 import org.springframework.security.oauth2.server.resource.web.server.ServerBearerTokenAuthenticationConverter
 import org.springframework.security.web.server.SecurityWebFilterChain
 import org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint
@@ -186,7 +187,7 @@ class ServerOAuth2ResourceServerDslTests {
     open class AuthenticationManagerResolverConfig {
 
         companion object {
-            val RESOLVER: ReactiveAuthenticationManagerResolver<ServerWebExchange> = ReactiveAuthenticationManagerResolver { Mono.empty() }
+            val RESOLVER: ReactiveAuthenticationManagerResolver<ServerWebExchange> = JwtIssuerReactiveAuthenticationManagerResolver("issuer")
         }
 
         @Bean