From f15cb7a720f7e6cc3f3827802c0ed26afc810d35 Mon Sep 17 00:00:00 2001
From: Dave Syer <dsyer@pivotal.io>
Date: Sat, 1 Nov 2014 08:58:46 +0000
Subject: [PATCH] Add tests for AuthenticationManager injected into security
 configurer

See gh-1801
---
 .../SecurityAutoConfigurationTests.java       | 107 +++++++++++++++++-
 1 file changed, 102 insertions(+), 5 deletions(-)

diff --git a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfigurationTests.java b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfigurationTests.java
index 76b8c467f6..d8a610651a 100644
--- a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfigurationTests.java
+++ b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfigurationTests.java
@@ -16,11 +16,18 @@
 
 package org.springframework.boot.autoconfigure.security;
 
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
 import java.util.List;
 import java.util.concurrent.atomic.AtomicReference;
 
 import org.junit.After;
+import org.junit.Ignore;
 import org.junit.Test;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.PropertyPlaceholderAutoConfiguration;
 import org.springframework.boot.autoconfigure.TestAutoConfigurationPackage;
 import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
@@ -41,17 +48,16 @@ import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.web.FilterChainProxy;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
 /**
  * Tests for {@link SecurityAutoConfiguration}.
  *
@@ -184,6 +190,56 @@ public class SecurityAutoConfigurationTests {
 				this.context.getBean(AuthenticationManager.class));
 	}
 
+	@Test
+	public void testOverrideAuthenticationManagerAndInjectIntoSecurityFilter()
+			throws Exception {
+		this.context = new AnnotationConfigWebApplicationContext();
+		this.context.setServletContext(new MockServletContext());
+		this.context.register(TestAuthenticationConfiguration.class,
+				SecurityCustomizer.class, SecurityAutoConfiguration.class,
+				ServerPropertiesAutoConfiguration.class,
+				PropertyPlaceholderAutoConfiguration.class);
+		this.context.refresh();
+		assertEquals(
+				this.context.getBean(TestAuthenticationConfiguration.class).authenticationManager,
+				this.context.getBean(AuthenticationManager.class));
+	}
+
+	@Test
+	@Ignore("gh-1801")
+	public void testOverrideAuthenticationManagerWithBuilderAndInjectIntoSecurityFilter()
+			throws Exception {
+		this.context = new AnnotationConfigWebApplicationContext();
+		this.context.setServletContext(new MockServletContext());
+		this.context.register(AuthenticationManagerCustomizer.class,
+				SecurityCustomizer.class, SecurityAutoConfiguration.class,
+				ServerPropertiesAutoConfiguration.class,
+				PropertyPlaceholderAutoConfiguration.class);
+		this.context.refresh();
+		UsernamePasswordAuthenticationToken user = new UsernamePasswordAuthenticationToken(
+				"foo", "bar",
+				AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER"));
+		assertNotNull(this.context.getBean(AuthenticationManager.class)
+				.authenticate(user));
+	}
+
+	@Test
+	public void testOverrideAuthenticationManagerWithBuilderAndInjectBuilderIntoSecurityFilter()
+			throws Exception {
+		this.context = new AnnotationConfigWebApplicationContext();
+		this.context.setServletContext(new MockServletContext());
+		this.context.register(AuthenticationManagerCustomizer.class,
+				WorkaroundSecurityCustomizer.class, SecurityAutoConfiguration.class,
+				ServerPropertiesAutoConfiguration.class,
+				PropertyPlaceholderAutoConfiguration.class);
+		this.context.refresh();
+		UsernamePasswordAuthenticationToken user = new UsernamePasswordAuthenticationToken(
+				"foo", "bar",
+				AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER"));
+		assertNotNull(this.context.getBean(AuthenticationManager.class)
+				.authenticate(user));
+	}
+
 	@Test
 	public void testJpaCoexistsHappily() throws Exception {
 		this.context = new AnnotationConfigWebApplicationContext();
@@ -226,4 +282,45 @@ public class SecurityAutoConfigurationTests {
 
 	}
 
+	@Configuration
+	protected static class SecurityCustomizer extends WebSecurityConfigurerAdapter {
+
+		@Autowired
+		private AuthenticationManager authenticationManager;
+
+	}
+
+	@Configuration
+	protected static class WorkaroundSecurityCustomizer extends WebSecurityConfigurerAdapter {
+
+		@Autowired
+		private AuthenticationManagerBuilder builder;
+		
+		@SuppressWarnings("unused")
+		private AuthenticationManager authenticationManager;
+		
+		@Override
+		protected void configure(HttpSecurity http) throws Exception {
+			authenticationManager = new AuthenticationManager() {			
+				@Override
+				public Authentication authenticate(Authentication authentication)
+						throws AuthenticationException {
+					return builder.getOrBuild().authenticate(authentication);
+				}
+			};
+		}
+
+	}
+
+	@Configuration
+	protected static class AuthenticationManagerCustomizer extends
+			GlobalAuthenticationConfigurerAdapter {
+
+		@Override
+		public void init(AuthenticationManagerBuilder auth) throws Exception {
+			auth.inMemoryAuthentication().withUser("foo").password("bar").roles("USER");
+		}
+
+	}
+
 }