|
|
@ -16,25 +16,24 @@
|
|
|
|
|
|
|
|
|
|
|
|
package org.springframework.boot.actuate.security;
|
|
|
|
package org.springframework.boot.actuate.security;
|
|
|
|
|
|
|
|
|
|
|
|
import java.util.Arrays;
|
|
|
|
import java.util.Collections;
|
|
|
|
|
|
|
|
|
|
|
|
import org.junit.Before;
|
|
|
|
import org.junit.Before;
|
|
|
|
import org.junit.Test;
|
|
|
|
import org.junit.Test;
|
|
|
|
import org.mockito.ArgumentCaptor;
|
|
|
|
import org.mockito.ArgumentCaptor;
|
|
|
|
|
|
|
|
|
|
|
|
import org.springframework.boot.actuate.audit.listener.AuditApplicationEvent;
|
|
|
|
import org.springframework.boot.actuate.audit.listener.AuditApplicationEvent;
|
|
|
|
import org.springframework.context.ApplicationEvent;
|
|
|
|
|
|
|
|
import org.springframework.context.ApplicationEventPublisher;
|
|
|
|
import org.springframework.context.ApplicationEventPublisher;
|
|
|
|
import org.springframework.security.access.AccessDeniedException;
|
|
|
|
import org.springframework.security.access.AccessDeniedException;
|
|
|
|
import org.springframework.security.access.ConfigAttribute;
|
|
|
|
import org.springframework.security.access.ConfigAttribute;
|
|
|
|
import org.springframework.security.access.SecurityConfig;
|
|
|
|
import org.springframework.security.access.SecurityConfig;
|
|
|
|
|
|
|
|
import org.springframework.security.access.event.AbstractAuthorizationEvent;
|
|
|
|
import org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent;
|
|
|
|
import org.springframework.security.access.event.AuthenticationCredentialsNotFoundEvent;
|
|
|
|
import org.springframework.security.access.event.AuthorizationFailureEvent;
|
|
|
|
import org.springframework.security.access.event.AuthorizationFailureEvent;
|
|
|
|
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
|
|
|
|
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
|
|
|
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
|
|
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
|
|
|
|
|
|
|
|
|
|
|
import static org.assertj.core.api.Assertions.assertThat;
|
|
|
|
import static org.assertj.core.api.Assertions.assertThat;
|
|
|
|
import static org.mockito.Matchers.anyObject;
|
|
|
|
|
|
|
|
import static org.mockito.Mockito.mock;
|
|
|
|
import static org.mockito.Mockito.mock;
|
|
|
|
import static org.mockito.Mockito.verify;
|
|
|
|
import static org.mockito.Mockito.verify;
|
|
|
|
|
|
|
|
|
|
|
@ -55,19 +54,23 @@ public class AuthorizationAuditListenerTests {
|
|
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
@Test
|
|
|
|
public void testAuthenticationCredentialsNotFound() {
|
|
|
|
public void testAuthenticationCredentialsNotFound() {
|
|
|
|
this.listener.onApplicationEvent(new AuthenticationCredentialsNotFoundEvent(this,
|
|
|
|
AuditApplicationEvent event = handleAuthorizationEvent(
|
|
|
|
Arrays.<ConfigAttribute>asList(new SecurityConfig("USER")),
|
|
|
|
new AuthenticationCredentialsNotFoundEvent(this,
|
|
|
|
|
|
|
|
Collections.<ConfigAttribute>singletonList(new SecurityConfig("USER")),
|
|
|
|
new AuthenticationCredentialsNotFoundException("Bad user")));
|
|
|
|
new AuthenticationCredentialsNotFoundException("Bad user")));
|
|
|
|
verify(this.publisher).publishEvent((ApplicationEvent) anyObject());
|
|
|
|
assertThat(event.getAuditEvent().getType())
|
|
|
|
|
|
|
|
.isEqualTo(AuthenticationAuditListener.AUTHENTICATION_FAILURE);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
@Test
|
|
|
|
public void testAuthorizationFailure() {
|
|
|
|
public void testAuthorizationFailure() {
|
|
|
|
this.listener.onApplicationEvent(new AuthorizationFailureEvent(this,
|
|
|
|
AuditApplicationEvent event = handleAuthorizationEvent(
|
|
|
|
Arrays.<ConfigAttribute>asList(new SecurityConfig("USER")),
|
|
|
|
new AuthorizationFailureEvent(this,
|
|
|
|
|
|
|
|
Collections.<ConfigAttribute>singletonList(new SecurityConfig("USER")),
|
|
|
|
new UsernamePasswordAuthenticationToken("user", "password"),
|
|
|
|
new UsernamePasswordAuthenticationToken("user", "password"),
|
|
|
|
new AccessDeniedException("Bad user")));
|
|
|
|
new AccessDeniedException("Bad user")));
|
|
|
|
verify(this.publisher).publishEvent((ApplicationEvent) anyObject());
|
|
|
|
assertThat(event.getAuditEvent().getType())
|
|
|
|
|
|
|
|
.isEqualTo(AuthorizationAuditListener.AUTHORIZATION_FAILURE);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@Test
|
|
|
|
@Test
|
|
|
@ -76,14 +79,22 @@ public class AuthorizationAuditListenerTests {
|
|
|
|
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
|
|
|
|
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
|
|
|
|
"user", "password");
|
|
|
|
"user", "password");
|
|
|
|
authentication.setDetails(details);
|
|
|
|
authentication.setDetails(details);
|
|
|
|
this.listener.onApplicationEvent(new AuthorizationFailureEvent(this,
|
|
|
|
AuditApplicationEvent event = handleAuthorizationEvent(
|
|
|
|
Arrays.<ConfigAttribute>asList(new SecurityConfig("USER")),
|
|
|
|
new AuthorizationFailureEvent(this,
|
|
|
|
|
|
|
|
Collections.<ConfigAttribute>singletonList(new SecurityConfig("USER")),
|
|
|
|
authentication, new AccessDeniedException("Bad user")));
|
|
|
|
authentication, new AccessDeniedException("Bad user")));
|
|
|
|
ArgumentCaptor<AuditApplicationEvent> auditApplicationEvent = ArgumentCaptor
|
|
|
|
assertThat(event.getAuditEvent().getType())
|
|
|
|
|
|
|
|
.isEqualTo(AuthorizationAuditListener.AUTHORIZATION_FAILURE);
|
|
|
|
|
|
|
|
assertThat(event.getAuditEvent().getData()).containsEntry("details", details);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private AuditApplicationEvent handleAuthorizationEvent(
|
|
|
|
|
|
|
|
AbstractAuthorizationEvent event) {
|
|
|
|
|
|
|
|
ArgumentCaptor<AuditApplicationEvent> eventCaptor = ArgumentCaptor
|
|
|
|
.forClass(AuditApplicationEvent.class);
|
|
|
|
.forClass(AuditApplicationEvent.class);
|
|
|
|
verify(this.publisher).publishEvent(auditApplicationEvent.capture());
|
|
|
|
this.listener.onApplicationEvent(event);
|
|
|
|
assertThat(auditApplicationEvent.getValue().getAuditEvent().getData())
|
|
|
|
verify(this.publisher).publishEvent(eventCaptor.capture());
|
|
|
|
.containsEntry("details", details);
|
|
|
|
return eventCaptor.getValue();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|