问题
My OAuth integration test before Spring Boot 1.4 looked as follows(updates just to not use deprecated features):
@RunWith(SpringRunner.class)
@SpringBootTest(classes = { ApplicationConfiguration.class }, webEnvironment = WebEnvironment.RANDOM_PORT)
public class OAuth2IntegrationTest {
@Value("${local.server.port}")
private int port;
private static final String CLIENT_NAME = "client";
private static final String CLIENT_PASSWORD = "123456";
@Test
public void testOAuthAccessTokenIsReturned() {
MultiValueMap<String, String> request = new LinkedMultiValueMap<String, String>();
request.set("username", "user");
request.set("password", password);
request.set("grant_type", "password");
@SuppressWarnings("unchecked")
Map<String, Object> token = new TestRestTemplate(CLIENT_NAME, CLIENT_PASSWORD)
.postForObject("http://localhost:" + port + "/oauth/token", request, Map.class);
assertNotNull("Wrong response: " + token, token.get("access_token"));
}
}
I now want to use Autowired TestRestTemplate as stated here http://docs.spring.io/spring-boot/docs/current/reference/html/boot-features-testing.html#boot-features-testing-spring-boot-applications-working-with-random-ports
@RunWith(SpringRunner.class)
@SpringBootTest(classes = {
ApplicationConfiguration.class }, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
public class OAuth2IntegrationTest {
private static final String CLIENT_NAME = "client";
private static final String CLIENT_PASSWORD = "123456";
@Autowired
private TestRestTemplate testRestTemplate;
@Test
public void testOAuthAccessTokenIsReturned() {
MultiValueMap<String, String> request = new LinkedMultiValueMap<String, String>();
request.set("username", "user");
request.set("password", password);
request.set("grant_type", "password");
@SuppressWarnings("unchecked")
Map<String, Object> token1 = this.testRestTemplate. //how to add basic auth here
assertNotNull("Wrong response: " + token, token.get("access_token"));
}
}
I saw this as the closest way to add auth:
Spring 4.0.0 basic authentication with RestTemplate
I want to use the Autowired testRestTemplate to avoid resolving host and ports in my test. Is there a way to do this?
回答1:
This got fixed in Spring Boot 1.4.1 which has an additional method
testRestTemplate.withBasicAuth(USERNAME,PASSWORD)
@Autowired
private TestRestTemplate testRestTemplate;
@Test
public void testOAuthAccessTokenIsReturned() {
MultiValueMap<String, String> request = new LinkedMultiValueMap<String, String>();
request.set("username", USERNAME);
request.set("password", password);
request.set("grant_type", "password");
@SuppressWarnings("unchecked")
Map<String, Object> token = this.testRestTemplate.withBasicAuth(CLIENT_NAME, CLIENT_PASSWORD)
.postForObject(SyntheticsConstants.OAUTH_ENDPOINT, request, Map.class);
assertNotNull("Wrong response: " + token, token.get("access_token"));
}
回答2:
There is a better solution so you don't need to retype withBasicAuth part each time
@Autowired
private TestRestTemplate testRestTemplate;
@BeforeClass
public void setup() {
BasicAuthorizationInterceptor bai = new BasicAuthorizationInterceptor(CLIENT_NAME, CLIENT_PASSWORD);
testRestTemplate.getRestTemplate().getInterceptors().add(bai);
}
@Test
public void testOAuthAccessTokenIsReturned() {
MultiValueMap<String, String> request = new LinkedMultiValueMap<String, String>();
request.set("username", USERNAME);
request.set("password", password);
request.set("grant_type", "password");
@SuppressWarnings("unchecked")
Map<String, Object> token = this.testRestTemplate.postForObject(SyntheticsConstants.OAUTH_ENDPOINT, request, Map.class);
assertNotNull("Wrong response: " + token, token.get("access_token"));
}
回答3:
Although the accepted answer is correct, in my case I had to replicate the testRestTemplate.withBasicAuth(...)
in each test method and class.
So, I tried to define in src/test/java/my.microservice.package
a configuration like this:
@Configuration
@Profile("test")
public class MyMicroserviceConfigurationForTest {
@Bean
public TestRestTemplate testRestTemplate(TestRestTemplate testRestTemplate, SecurityProperties securityProperties) {
return testRestTemplate.withBasicAuth(securityProperties.getUser().getName(), securityProperties.getUser().getPassword());
}
}
That seems to have the effect of overriding the default TestRestTemplate
definition, allowing the injection of a credentials-aware TestRestTemplate
anywhere in my test classes.
I'm not entirely sure whether this is really a valid solution but you can give it a try...
回答4:
I think there is a better solution if you are still using Basic Authentication in your application, with the "user.name" and "user.password" properties set on your application.properties file:
public class YourEndpointClassTest {
private static final Logger logger = LoggerFactory.getLogger(YourEndpointClassTest.class);
private static final String BASE_URL = "/your/base/url";
@TestConfiguration
static class TestRestTemplateAuthenticationConfiguration {
@Value("${spring.security.user.name}")
private String userName;
@Value("${spring.security.user.password}")
private String password;
@Bean
public RestTemplateBuilder restTemplateBuilder() {
return new RestTemplateBuilder().basicAuthentication(userName, password);
}
}
@Autowired
private TestRestTemplate restTemplate;
//here add your tests...
回答5:
In single testcase, you can do like this:
@Test
public void test() {
ResponseEntity<String> entity = testRestTemplate
.withBasicAuth("username", "password")
.postForEntity(xxxx,String.class);
Assert.assertNotNull(entity.getBody());
}
and for every testcase add this method in your test class:
@Before
public void before() {
// because .withBasicAuth() creates a new TestRestTemplate with the same
// configuration as the autowired one.
testRestTemplate = testRestTemplate.withBasicAuth("username", "password");
}
来源:https://stackoverflow.com/questions/39651097/how-to-add-basic-auth-to-autowired-testresttemplate-in-springboottest-spring-bo