Acasă Explorează Ajutor
Înregistrare Autentificare
github
/
spring-security
oglindă de https://github.com/spring-projects/spring-security
2
0
Bifurcare 0
Fisiere Probleme 0 Wiki
Răsfoiți Sursa

SEC-1998: Async tests with SecurityContextHolderAwareReqeustFilter

Rob Winch 12 ani în urmă
părinte
c8d45397fe
comite
9c4563285e
2 a modificat fișierele cu 71 adăugiri și 0 ștergeri
Vizualizare divizată Arată Statisticile Diff
  1. 5 0
      web/src/main/java/org/springframework/security/web/servletapi/HttpServlet3RequestFactory.java
  2. 66 0
      web/src/test/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestFilterTests.java

+ 5 - 0
web/src/main/java/org/springframework/security/web/servletapi/HttpServlet3RequestFactory.java
Vizualizați fișierul 

@@ -140,6 +140,11 @@ final class HttpServlet3RequestFactory implements HttpServletRequestFactory {
 
             this.response = response;
 
         }
 
 
+        public AsyncContext getAsyncContext() {
 
+            AsyncContext asyncContext = super.getAsyncContext();
 
+            return new SecurityContextAsyncContext(asyncContext);
 
+        }
 
+
 
         public AsyncContext startAsync() {
 
             AsyncContext startAsync = super.startAsync();
 
             return new SecurityContextAsyncContext(startAsync);

+ 66 - 0
web/src/test/java/org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestFilterTests.java
Vizualizați fișierul 

@@ -248,6 +248,72 @@ public class SecurityContextHolderAwareRequestFilterTests {
 
         verifyZeroInteractions(authenticationEntryPoint, authenticationManager, logoutHandler);
 
     }
 
 
+    @Test
 
+    public void getAsyncContextStart() throws Exception {
 
+        ArgumentCaptor<Runnable> runnableCaptor = ArgumentCaptor.forClass(Runnable.class);
 
+        SecurityContext context = SecurityContextHolder.createEmptyContext();
 
+        TestingAuthenticationToken expectedAuth = new TestingAuthenticationToken("user", "password","ROLE_USER");
 
+        context.setAuthentication(expectedAuth);
 
+        SecurityContextHolder.setContext(context);
 
+        AsyncContext asyncContext = mock(AsyncContext.class);
 
+        when(request.getAsyncContext()).thenReturn(asyncContext);
 
+        Runnable runnable = new Runnable() {
 
+            public void run() {}
 
+        };
 
+
 
+        wrappedRequest().getAsyncContext().start(runnable);
 
+
 
+        verifyZeroInteractions(authenticationManager, logoutHandler);
 
+        verify(asyncContext).start(runnableCaptor.capture());
 
+        DelegatingSecurityContextRunnable wrappedRunnable = (DelegatingSecurityContextRunnable) runnableCaptor.getValue();
 
+        assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, SecurityContext.class)).isEqualTo(context);
 
+        assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, Runnable.class)).isEqualTo(runnable);
 
+    }
 
+
 
+    @Test
 
+    public void startAsyncStart() throws Exception {
 
+        ArgumentCaptor<Runnable> runnableCaptor = ArgumentCaptor.forClass(Runnable.class);
 
+        SecurityContext context = SecurityContextHolder.createEmptyContext();
 
+        TestingAuthenticationToken expectedAuth = new TestingAuthenticationToken("user", "password","ROLE_USER");
 
+        context.setAuthentication(expectedAuth);
 
+        SecurityContextHolder.setContext(context);
 
+        AsyncContext asyncContext = mock(AsyncContext.class);
 
+        when(request.startAsync()).thenReturn(asyncContext);
 
+        Runnable runnable = new Runnable() {
 
+            public void run() {}
 
+        };
 
+
 
+        wrappedRequest().startAsync().start(runnable);
 
+
 
+        verifyZeroInteractions(authenticationManager, logoutHandler);
 
+        verify(asyncContext).start(runnableCaptor.capture());
 
+        DelegatingSecurityContextRunnable wrappedRunnable = (DelegatingSecurityContextRunnable) runnableCaptor.getValue();
 
+        assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, SecurityContext.class)).isEqualTo(context);
 
+        assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, Runnable.class)).isEqualTo(runnable);
 
+    }
 
+
 
+    @Test
 
+    public void startAsyncWithRequestResponseStart() throws Exception {
 
+        ArgumentCaptor<Runnable> runnableCaptor = ArgumentCaptor.forClass(Runnable.class);
 
+        SecurityContext context = SecurityContextHolder.createEmptyContext();
 
+        TestingAuthenticationToken expectedAuth = new TestingAuthenticationToken("user", "password","ROLE_USER");
 
+        context.setAuthentication(expectedAuth);
 
+        SecurityContextHolder.setContext(context);
 
+        AsyncContext asyncContext = mock(AsyncContext.class);
 
+        when(request.startAsync(request,response)).thenReturn(asyncContext);
 
+        Runnable runnable = new Runnable() {
 
+            public void run() {}
 
+        };
 
+
 
+        wrappedRequest().startAsync(request, response).start(runnable);
 
+
 
+        verifyZeroInteractions(authenticationManager, logoutHandler);
 
+        verify(asyncContext).start(runnableCaptor.capture());
 
+        DelegatingSecurityContextRunnable wrappedRunnable = (DelegatingSecurityContextRunnable) runnableCaptor.getValue();
 
+        assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, SecurityContext.class)).isEqualTo(context);
 
+        assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, Runnable.class)).isEqualTo(runnable);
 
+    }
 
+
 
     private HttpServletRequest wrappedRequest() throws Exception {
 
         filter.doFilter(request, response, filterChain);
 
         verify(filterChain).doFilter(requestCaptor.capture(), any(HttpServletResponse.class));