6

我有这样的测试:

@RunWith(SpringRunner.class)
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
@ActiveProfiles("test")
public class MyTests {

    @Autowired
    private TestRestTemplate restTemplate;
    ....

在测试中,我禁用了身份验证/授权

但在代码中我使用以下内容:

Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

但这就是测试失败的原因。

我如何模拟我的测试?

附言

这个不行:

@Test
public void testUpdateWithoutNameAndEmail() {
    Authentication authentication = Mockito.mock(Authentication.class);
    SecurityContext securityContext = Mockito.mock(SecurityContext.class);
    Mockito.when(securityContext.getAuthentication()).thenReturn(authentication);
    SecurityContextHolder.setContext(securityContext);
    Mockito.when(authentication.getName()).thenReturn("aName");

    restTemplate.exchange(..

SecurityContextHolder.getContext().getAuthentication()在代码中返回 null

还有这个:

@Autowired
private TestRestTemplate restTemplate;
@Test
@WithMockUser(username = "aUser", roles = { "ADMIN" })
public void testUpdateWithoutNameAndEmail() {
   ...
4

1 回答 1

9

您可以模拟 Spring 的Authentication

Authentication authentication = Mockito.mock(Authentication.class);

并告诉 SpringSecurityContextHolder存储此Authentication实例:

SecurityContext securityContext = Mockito.mock(SecurityContext.class);
Mockito.when(securityContext.getAuthentication()).thenReturn(auth);
SecurityContextHolder.setContext(securityContext);

现在,如果您的代码需要Authentication返回某些内容(可能是用户名),您只需Authentication以通常的方式对模拟实例设置一些期望,例如

Mockito.when(authentication.getName()).thenReturn("aName");

还有一个 Spring 测试注释 ( org.springframework.security.test.context.support.WithMockUser) 可以为您执行此操作...

@Test
@WithMockUser(username = "aUser", roles = { "anAuthority" })
public void aTest(){
    // any usage of `Authentication` in this test will get an instance withe the user name "aUser" and a granted authority "anAuthority"
    // ...
}
于 2017-09-11T11:19:31.253 回答