Polish "Default password shouldn't be generated for resource server"

See gh-17646
5 years ago · e184298c50
parent 1b0cf7bd22
commit e184298c50
2 changed files with 54 additions and 35 deletions
--- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveUserDetailsServiceAutoConfigurationTests.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveUserDetailsServiceAutoConfigurationTests.java
@ -22,7 +22,6 @@ import org.junit.jupiter.api.Test;

 import org.springframework.boot.autoconfigure.AutoConfigurations;
 import org.springframework.boot.autoconfigure.security.SecurityProperties;
-import org.springframework.boot.autoconfigure.security.oauth2.resource.reactive.ReactiveOAuth2ResourceServerAutoConfiguration;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.boot.test.context.runner.ReactiveWebApplicationContextRunner;
 import org.springframework.context.annotation.Bean;
@ -45,6 +44,7 @@ import static org.mockito.Mockito.mock;
 * Tests for {@link ReactiveUserDetailsServiceAutoConfiguration}.
 *
 * @author Madhura Bhave
+ * @author HaiTao Zhang
 */
 class ReactiveUserDetailsServiceAutoConfigurationTests {

@ -78,10 +78,7 @@ class ReactiveUserDetailsServiceAutoConfigurationTests {

 	@Test
 	void doesNotConfigureDefaultUserIfResourceServerWithJWTIsUsed() {
-		this.contextRunner.withUserConfiguration(TestSecurityConfiguration.class)
-				.withConfiguration(AutoConfigurations.of(ReactiveOAuth2ResourceServerAutoConfiguration.class))
-				.withPropertyValues(
-						"spring.security.oauth2.resourceserver.jwt.jwk-set-uri=https://example.com/oauth2/default/v1/keys")
+		this.contextRunner.withUserConfiguration(TestSecurityConfiguration.class, JwtDecoderConfiguration.class)
 				.run((context) -> {
 					assertThat(context).hasSingleBean(ReactiveJwtDecoder.class);
 					assertThat(context).doesNotHaveBean(ReactiveUserDetailsService.class);
@ -90,12 +87,7 @@ class ReactiveUserDetailsServiceAutoConfigurationTests {

 	@Test
 	void doesNotConfigureDefaultUserIfResourceServerWithOpaqueIsUsed() {
-		this.contextRunner.withConfiguration(AutoConfigurations.of(ReactiveOAuth2ResourceServerAutoConfiguration.class))
-				.withUserConfiguration(TestSecurityConfiguration.class)
-				.withPropertyValues(
-						"spring.security.oauth2.resourceserver.opaquetoken.introspection-uri=https://check-token.com",
-						"spring.security.oauth2.resourceserver.opaquetoken.client-id=my-client-id",
-						"spring.security.oauth2.resourceserver.opaquetoken.client-secret=my-client-secret")
+		this.contextRunner.withUserConfiguration(ReactiveOAuth2TokenIntrospectionClientConfiguration.class)
 				.run((context) -> {
 					assertThat(context).hasSingleBean(ReactiveOAuth2TokenIntrospectionClient.class);
 					assertThat(context).doesNotHaveBean(ReactiveUserDetailsService.class);
@ -178,4 +170,24 @@ class ReactiveUserDetailsServiceAutoConfigurationTests {

 	}

+	@Configuration(proxyBeanMethods = false)
+	static class JwtDecoderConfiguration {
+
+		@Bean
+		ReactiveJwtDecoder jwtDecoder() {
+			return mock(ReactiveJwtDecoder.class);
+		}
+
+	}
+
+	@Configuration(proxyBeanMethods = false)
+	static class ReactiveOAuth2TokenIntrospectionClientConfiguration {
+
+		@Bean
+		ReactiveOAuth2TokenIntrospectionClient introspectionClient() {
+			return mock(ReactiveOAuth2TokenIntrospectionClient.class);
+		}
+
+	}
+
 }
--- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/servlet/UserDetailsServiceAutoConfigurationTests.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/servlet/UserDetailsServiceAutoConfigurationTests.java
@ -23,10 +23,8 @@ import org.junit.jupiter.api.extension.ExtendWith;

 import org.springframework.boot.autoconfigure.AutoConfigurations;
 import org.springframework.boot.autoconfigure.security.SecurityProperties;
-import org.springframework.boot.autoconfigure.security.oauth2.resource.servlet.OAuth2ResourceServerAutoConfiguration;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.boot.test.context.runner.ApplicationContextRunner;
-import org.springframework.boot.test.context.runner.WebApplicationContextRunner;
 import org.springframework.boot.test.system.CapturedOutput;
 import org.springframework.boot.test.system.OutputCaptureExtension;
 import org.springframework.context.annotation.Bean;
@ -55,6 +53,7 @@ import static org.mockito.Mockito.mock;
 * Tests for {@link UserDetailsServiceAutoConfiguration}.
 *
 * @author Madhura Bhave
+ * @author HaiTao Zhang
 */
@ExtendWith(OutputCaptureExtension.class)
 class UserDetailsServiceAutoConfigurationTests {
@ -105,32 +104,18 @@ class UserDetailsServiceAutoConfigurationTests {

 	@Test
 	void defaultUserNotCreatedIfResourceServerWithOpaqueIsUsed() {
-		WebApplicationContextRunner webApplicationContextRunner = new WebApplicationContextRunner();
-		webApplicationContextRunner
-				.withConfiguration(AutoConfigurations.of(OAuth2ResourceServerAutoConfiguration.class))
-				.withUserConfiguration(TestSecurityConfiguration.class)
-				.withPropertyValues(
-						"spring.security.oauth2.resourceserver.opaquetoken.introspection-uri=https://check-token.com",
-						"spring.security.oauth2.resourceserver.opaquetoken.client-id=my-client-id",
-						"spring.security.oauth2.resourceserver.opaquetoken.client-secret=my-client-secret")
-				.run((context) -> {
-					assertThat(context).hasSingleBean(OAuth2TokenIntrospectionClient.class);
-					assertThat(context).doesNotHaveBean(UserDetailsService.class);
-				});
+		this.contextRunner.withUserConfiguration(TestConfigWithIntrospectionClient.class).run((context) -> {
+			assertThat(context).hasSingleBean(OAuth2TokenIntrospectionClient.class);
+			assertThat(context).doesNotHaveBean(UserDetailsService.class);
+		});
 	}

 	@Test
 	void defaultUserNotCreatedIfResourceServerWithJWTIsUsed() {
-		WebApplicationContextRunner webApplicationContextRunner = new WebApplicationContextRunner();
-		webApplicationContextRunner
-				.withConfiguration(AutoConfigurations.of(OAuth2ResourceServerAutoConfiguration.class))
-				.withUserConfiguration(TestSecurityConfiguration.class)
-				.withPropertyValues(
-						"spring.security.oauth2.resourceserver.jwt.jwk-set-uri=https://example.com/oauth2/default/v1/keys")
-				.run((context) -> {
-					assertThat(context).hasSingleBean(JwtDecoder.class);
-					assertThat(context).doesNotHaveBean(UserDetailsService.class);
-				});
+		this.contextRunner.withUserConfiguration(TestConfigWithJwtDecoder.class).run((context) -> {
+			assertThat(context).hasSingleBean(JwtDecoder.class);
+			assertThat(context).doesNotHaveBean(UserDetailsService.class);
+		});
 	}

 	@Test
@ -242,6 +227,28 @@ class UserDetailsServiceAutoConfigurationTests {

 	}

+	@Configuration(proxyBeanMethods = false)
+	@Import(TestSecurityConfiguration.class)
+	static class TestConfigWithJwtDecoder {
+
+		@Bean
+		JwtDecoder jwtDecoder() {
+			return mock(JwtDecoder.class);
+		}
+
+	}
+
+	@Configuration(proxyBeanMethods = false)
+	@Import(TestSecurityConfiguration.class)
+	static class TestConfigWithIntrospectionClient {
+
+		@Bean
+		OAuth2TokenIntrospectionClient introspectionClient() {
+			return mock(OAuth2TokenIntrospectionClient.class);
+		}
+
+	}
+
 	@Configuration(proxyBeanMethods = false)
 	@Import(TestSecurityConfiguration.class)
 	static class TestConfigWithAuthenticationManagerBuilder {