Spring安全测试:如何模拟/刺探像JWK这样的安全密钥类
我想对令牌服务进行单元测试,但不知道如何进行 这是要测试的服务方法:(JWT令牌服务) 我所拥有的是悲伤的道路部分:Spring安全测试:如何模拟/刺探像JWK这样的安全密钥类,spring,unit-testing,spring-security,jwt,Spring,Unit Testing,Spring Security,Jwt,我想对令牌服务进行单元测试,但不知道如何进行 这是要测试的服务方法:(JWT令牌服务) 我所拥有的是悲伤的道路部分: @RunWith(MockitoJUnitRunner.class) public class TokenServiceTest { @Mock private JWTSigningService jwtSigningService; @Mock private OpenidConfigProperties openidConfigPropert
@RunWith(MockitoJUnitRunner.class)
public class TokenServiceTest {
@Mock
private JWTSigningService jwtSigningService;
@Mock
private OpenidConfigProperties openidConfigProperties;
@Mock
private StaffService staffService;
private TokenService tokenService;
@Before
public void setup() {
MockitoAnnotations.initMocks(this);
tokenService = new TokenService(jwtSigningService, openidConfigProperties, staffService);
}
@Test
public void testBuildIdTokenSadPath() {
// given
when(jwtSigningService.getDefaultKey()).thenReturn(Optional.empty());
Client client = new Client();
AuthorizeRequest authorizeRequest = new AuthorizeRequest();
MyCompanyUser myCompanyUser = new MyCompanyUser("username", "password", "password_legacy",
true, new ArrayList<GrantedAuthority>());
// when
// then
Assertions.assertThatThrownBy(() -> tokenService.buildIdToken(client, authorizeRequest, myCompanyUser))
.isInstanceOf(IllegalArgumentException.class).hasMessage("Default key is missing.");
}
}
@RunWith(MockitoJUnitRunner.class)
公共类令牌服务测试{
@嘲弄
私人JWTSigningService JWTSigningService;
@嘲弄
私有OpenidConfigProperties OpenidConfigProperties;
@嘲弄
私人员工服务;
专用令牌服务令牌服务;
@以前
公共作废设置(){
initMocks(this);
tokenService=新的tokenService(jwtSigningService、openidConfigProperties、staffService);
}
@试验
public void testBuildIdTokenSadPath(){
//给定
when(jwtSigningService.getDefaultKey()).thenReturn(可选的.empty());
客户端=新客户端();
AuthorizeRequest AuthorizeRequest=新的AuthorizeRequest();
MyCompanyUser MyCompanyUser=新的MyCompanyUser(“用户名”、“密码”、“密码”\u旧版”,
true,新的ArrayList());
//什么时候
//然后
Assertions.assertThatThrownBy(()->tokenService.buildIdToken(客户端、授权请求、myCompanyUser))
.isInstanceOf(IllegalArgumentException.class).hasMessage(“缺少默认键”);
}
}
但是我如何才能模拟快乐路径测试的所有必要部分呢?jwtSigningService.getDefaultKey()
部分很难模拟:它应该返回一个Optional
对象,而JWK
是一个抽象类,其实现也很难构造。(com.nimbusds.jose.jwk.RSAKey
,例如)
在这种情况下,是否可以进行单元测试
@RunWith(MockitoJUnitRunner.class)
public class TokenServiceTest {
@Mock
private JWTSigningService jwtSigningService;
@Mock
private OpenidConfigProperties openidConfigProperties;
@Mock
private StaffService staffService;
private TokenService tokenService;
@Before
public void setup() {
MockitoAnnotations.initMocks(this);
tokenService = new TokenService(jwtSigningService, openidConfigProperties, staffService);
}
@Test
public void testBuildIdTokenSadPath() {
// given
when(jwtSigningService.getDefaultKey()).thenReturn(Optional.empty());
Client client = new Client();
AuthorizeRequest authorizeRequest = new AuthorizeRequest();
MyCompanyUser myCompanyUser = new MyCompanyUser("username", "password", "password_legacy",
true, new ArrayList<GrantedAuthority>());
// when
// then
Assertions.assertThatThrownBy(() -> tokenService.buildIdToken(client, authorizeRequest, myCompanyUser))
.isInstanceOf(IllegalArgumentException.class).hasMessage("Default key is missing.");
}
}