Skip to content

Commit

Permalink
Add test support for SecurityContextHolderFilter
Browse files Browse the repository at this point in the history
Issue gh-9635
  • Loading branch information
rwinch committed Apr 13, 2022
1 parent 86c3ce7 commit 6e6d472
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,10 @@ public static void setSecurityContextRepository(HttpServletRequest request,
if (filter != null) {
ReflectionTestUtils.setField(filter, "repo", securityContextRepository);
}
SecurityContextHolderFilter holderFilter = findFilter(request, SecurityContextHolderFilter.class);
if (holderFilter != null) {
ReflectionTestUtils.setField(holderFilter, "securityContextRepository", securityContextRepository);
}
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
import org.mockito.junit.jupiter.MockitoExtension;

import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.security.config.BeanIds;
Expand All @@ -33,6 +34,7 @@
import org.springframework.security.web.DefaultSecurityFilterChain;
import org.springframework.security.web.FilterChainProxy;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.security.web.context.SecurityContextHolderFilter;
import org.springframework.security.web.context.SecurityContextPersistenceFilter;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.security.web.csrf.CsrfFilter;
Expand All @@ -43,6 +45,7 @@
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;

import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;

@ExtendWith(MockitoExtension.class)
public class WebTestUtilsTests {
Expand Down Expand Up @@ -126,6 +129,19 @@ public void getSecurityContextRepositorySecurityCustomRepo() {
assertThat(WebTestUtils.getSecurityContextRepository(this.request)).isSameAs(this.contextRepo);
}

@Test
public void setSecurityContextRepositoryWhenSecurityContextHolderFilter() {
SecurityContextRepository expectedRepository = mock(SecurityContextRepository.class);
loadConfig(SecurityContextHolderFilterConfig.class);
// verify our configuration sets up to have SecurityContextHolderFilter and not
// SecurityContextPersistenceFilter
assertThat(WebTestUtils.findFilter(this.request, SecurityContextPersistenceFilter.class)).isNull();
assertThat(WebTestUtils.findFilter(this.request, SecurityContextHolderFilter.class)).isNotNull();

WebTestUtils.setSecurityContextRepository(this.request, expectedRepository);
assertThat(WebTestUtils.getSecurityContextRepository(this.request)).isSameAs(expectedRepository);
}

// gh-3343
@Test
public void findFilterNoMatchingFilters() {
Expand Down Expand Up @@ -220,4 +236,18 @@ static class SecurityConfigWithDefaults extends WebSecurityConfigurerAdapter {

}

@EnableWebSecurity
static class SecurityContextHolderFilterConfig {

@Bean
DefaultSecurityFilterChain springSecurityFilter(HttpSecurity http) throws Exception {
// @formatter:off
http
.securityContext((securityContext) -> securityContext.requireExplicitSave(true));
// @formatter:on
return http.build();
}

}

}

0 comments on commit 6e6d472

Please sign in to comment.