root
/
spring-boot
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Avoid illegal reflective access in RabbitAutoConfigurationTests

Browse Source 
See gh-26954
pull/27157/head
dreis2211 3 years ago committed by Stephane Nicoll
parent 168478f68c
commit 03cd6bec6e
1 changed files with 10 additions and 22 deletions
Show Stats Download Patch File Download Diff File

32
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/amqp/RabbitAutoConfigurationTests.java
Unescape Escape View File

@ -20,20 +20,17 @@ import java.security.NoSuchAlgorithmException;
import java.util.List; import java.util.List;
import java.util.concurrent.atomic.AtomicInteger; import java.util.concurrent.atomic.AtomicInteger;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import com.rabbitmq.client.Address; import com.rabbitmq.client.Address;
import com.rabbitmq.client.Connection; import com.rabbitmq.client.Connection;
import com.rabbitmq.client.JDKSaslConfig; import com.rabbitmq.client.JDKSaslConfig;
import com.rabbitmq.client.SslContextFactory;
import com.rabbitmq.client.TrustEverythingTrustManager;
import com.rabbitmq.client.impl.CredentialsProvider; import com.rabbitmq.client.impl.CredentialsProvider;
import com.rabbitmq.client.impl.CredentialsRefreshService; import com.rabbitmq.client.impl.CredentialsRefreshService;
import com.rabbitmq.client.impl.DefaultCredentialsProvider; import com.rabbitmq.client.impl.DefaultCredentialsProvider;
import org.aopalliance.aop.Advice; import org.aopalliance.aop.Advice;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.InOrder; import org.mockito.InOrder;
import org.springframework.amqp.core.AcknowledgeMode; import org.springframework.amqp.core.AcknowledgeMode;
@ -59,6 +56,8 @@ import org.springframework.beans.factory.NoSuchBeanDefinitionException;
import org.springframework.boot.autoconfigure.AutoConfigurations; import org.springframework.boot.autoconfigure.AutoConfigurations;
import org.springframework.boot.test.context.assertj.AssertableApplicationContext; import org.springframework.boot.test.context.assertj.AssertableApplicationContext;
import org.springframework.boot.test.context.runner.ApplicationContextRunner; import org.springframework.boot.test.context.runner.ApplicationContextRunner;
import org.springframework.boot.test.system.CapturedOutput;
import org.springframework.boot.test.system.OutputCaptureExtension;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary; import org.springframework.context.annotation.Primary;
@ -92,6 +91,7 @@ import static org.mockito.Mockito.verify;
* @author HaiTao Zhang * @author HaiTao Zhang
* @author Franjo Zilic * @author Franjo Zilic
*/ */
@ExtendWith(OutputCaptureExtension.class)
class RabbitAutoConfigurationTests { class RabbitAutoConfigurationTests {
private final ApplicationContextRunner contextRunner = new ApplicationContextRunner() private final ApplicationContextRunner contextRunner = new ApplicationContextRunner()
@ -722,24 +722,24 @@ class RabbitAutoConfigurationTests {
} }
@Test @Test
void enableSslWithValidateServerCertificateFalse() { void enableSslWithValidateServerCertificateFalse(CapturedOutput output) {
this.contextRunner.withUserConfiguration(TestConfiguration.class) this.contextRunner.withUserConfiguration(TestConfiguration.class)
.withPropertyValues("spring.rabbitmq.ssl.enabled:true", .withPropertyValues("spring.rabbitmq.ssl.enabled:true",
"spring.rabbitmq.ssl.validateServerCertificate=false") "spring.rabbitmq.ssl.validateServerCertificate=false")
.run((context) -> { .run((context) -> {
com.rabbitmq.client.ConnectionFactory rabbitConnectionFactory = getTargetConnectionFactory(context); com.rabbitmq.client.ConnectionFactory rabbitConnectionFactory = getTargetConnectionFactory(context);
TrustManager trustManager = getTrustManager(rabbitConnectionFactory); assertThat(rabbitConnectionFactory.isSSL()).isTrue();
assertThat(trustManager).isInstanceOf(TrustEverythingTrustManager.class); assertThat(output).contains("TrustEverythingTrustManager", "SECURITY ALERT");
}); });
} }
@Test @Test
void enableSslWithValidateServerCertificateDefault() { void enableSslWithValidateServerCertificateDefault(CapturedOutput output) {
this.contextRunner.withUserConfiguration(TestConfiguration.class) this.contextRunner.withUserConfiguration(TestConfiguration.class)
.withPropertyValues("spring.rabbitmq.ssl.enabled:true").run((context) -> { .withPropertyValues("spring.rabbitmq.ssl.enabled:true").run((context) -> {
com.rabbitmq.client.ConnectionFactory rabbitConnectionFactory = getTargetConnectionFactory(context); com.rabbitmq.client.ConnectionFactory rabbitConnectionFactory = getTargetConnectionFactory(context);
TrustManager trustManager = getTrustManager(rabbitConnectionFactory); assertThat(rabbitConnectionFactory.isSSL()).isTrue();
assertThat(trustManager).isNotInstanceOf(TrustEverythingTrustManager.class); assertThat(output).doesNotContain("TrustEverythingTrustManager", "SECURITY ALERT");
}); });
} }
@ -849,18 +849,6 @@ class RabbitAutoConfigurationTests {
}); });
} }
private TrustManager getTrustManager(com.rabbitmq.client.ConnectionFactory rabbitConnectionFactory) {
SslContextFactory sslContextFactory = (SslContextFactory) ReflectionTestUtils.getField(rabbitConnectionFactory,
"sslContextFactory");
SSLContext sslContext = sslContextFactory.create("connection");
Object spi = ReflectionTestUtils.getField(sslContext, "contextSpi");
Object trustManager = ReflectionTestUtils.getField(spi, "trustManager");
while (trustManager.getClass().getName().endsWith("Wrapper")) {
trustManager = ReflectionTestUtils.getField(trustManager, "tm");
}
return (TrustManager) trustManager;
}
private com.rabbitmq.client.ConnectionFactory getTargetConnectionFactory(AssertableApplicationContext context) { private com.rabbitmq.client.ConnectionFactory getTargetConnectionFactory(AssertableApplicationContext context) {
CachingConnectionFactory connectionFactory = context.getBean(CachingConnectionFactory.class); CachingConnectionFactory connectionFactory = context.getBean(CachingConnectionFactory.class);
return connectionFactory.getRabbitConnectionFactory(); return connectionFactory.getRabbitConnectionFactory();

Write Preview
Loading…
Cancel
Save