Skip to content

Commit bd92531

Browse files
author
Rob Winch
committed
Improve Readablility of JSON test strings
This improves the readability of the JSON strings used for testing JSON serialize / deserialize of Spring Security Issue gh-3736
1 parent d4c48dd commit bd92531

13 files changed

+369
-213
lines changed

cas/src/test/java/org/springframework/security/cas/jackson2/CasAuthenticationTokenMixinTests.java

Lines changed: 72 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -45,73 +45,108 @@
4545
*/
4646
public class CasAuthenticationTokenMixinTests {
4747

48-
private final String KEY = "casKey";
49-
private final String PASSWORD = "pass";
50-
Date startDate = new Date();
51-
Date endDate = new Date();
52-
String expectedJson = "{\"@class\": \"org.springframework.security.cas.authentication.CasAuthenticationToken\", \"keyHash\": " + KEY.hashCode() + "," +
53-
"\"principal\": {\"@class\": \"org.springframework.security.core.userdetails.User\", \"username\": \"username\", \"password\": %s, \"accountNonExpired\": true, \"enabled\": true," +
54-
"\"accountNonLocked\": true, \"credentialsNonExpired\": true, \"authorities\": [\"java.util.Collections$UnmodifiableSet\"," +
55-
"[{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"USER\"}]]}, \"credentials\": \"" + PASSWORD + "\", \"authorities\": [\"java.util.ArrayList\", [{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]," +
56-
"\"userDetails\": {\"@class\": \"org.springframework.security.core.userdetails.User\",\"username\": \"user\", \"password\": \"" + PASSWORD + "\", \"enabled\": true, \"accountNonExpired\": true, \"accountNonLocked\": true, \"credentialsNonExpired\": true, \"authorities\": [\"java.util.Collections$UnmodifiableSet\", [{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]}," +
57-
"\"authenticated\": true, \"details\": null," +
58-
"\"assertion\": {" +
59-
"\"@class\": \"org.jasig.cas.client.validation.AssertionImpl\", \"principal\": {\"@class\": \"org.jasig.cas.client.authentication.AttributePrincipalImpl\", \"name\": \"assertName\", \"attributes\": {\"@class\": \"java.util.Collections$EmptyMap\"}, \"proxyGrantingTicket\": null, \"proxyRetriever\": null}, " +
60-
"\"validFromDate\": [\"java.util.Date\", " + startDate.getTime() + "], \"validUntilDate\": [\"java.util.Date\", " + endDate.getTime() + "]," +
61-
"\"authenticationDate\": [\"java.util.Date\", " + startDate.getTime() + "], \"attributes\": {\"@class\": \"java.util.Collections$EmptyMap\"}" +
62-
"}}";
48+
private static final String KEY = "casKey";
49+
private static final String PASSWORD = "\"1234\"";
50+
private static final Date START_DATE = new Date();
51+
private static final Date END_DATE = new Date();
6352

64-
private CasAuthenticationToken createCasAuthenticationToken() {
65-
User principal = new User("username", PASSWORD, Collections.singletonList(new SimpleGrantedAuthority("USER")));
66-
Collection<? extends GrantedAuthority> authorities = Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"));
67-
Assertion assertion = new AssertionImpl(new AttributePrincipalImpl("assertName"), startDate, endDate, startDate, Collections.<String, Object>emptyMap());
68-
return new CasAuthenticationToken(KEY, principal, principal.getPassword(), authorities,
69-
new User("user", PASSWORD, authorities), assertion);
70-
}
53+
public static final String AUTHORITY_JSON = "{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}";
7154

72-
ObjectMapper buildObjectMapper() {
73-
ClassLoader loader = getClass().getClassLoader();
74-
ObjectMapper mapper = new ObjectMapper();
75-
mapper.registerModules(SecurityJacksonModules.getModules(loader));
76-
return mapper;
77-
}
55+
public static final String AUTHORITIES_SET_JSON = "[\"java.util.Collections$UnmodifiableSet\", [" + AUTHORITY_JSON + "]]";
56+
57+
public static final String AUTHORITIES_ARRAYLIST_JSON = "[\"java.util.ArrayList\", [" + AUTHORITY_JSON + "]]";
58+
59+
// @formatter:off
60+
public static final String USER_JSON = "{"
61+
+ "\"@class\": \"org.springframework.security.core.userdetails.User\", "
62+
+ "\"username\": \"admin\","
63+
+ " \"password\": " + PASSWORD + ", "
64+
+ "\"accountNonExpired\": true, "
65+
+ "\"accountNonLocked\": true, "
66+
+ "\"credentialsNonExpired\": true, "
67+
+ "\"enabled\": true, "
68+
+ "\"authorities\": " + AUTHORITIES_SET_JSON
69+
+ "}";
70+
// @formatter:on
71+
72+
private static final String CAS_TOKEN_JSON = "{"
73+
+ "\"@class\": \"org.springframework.security.cas.authentication.CasAuthenticationToken\", "
74+
+ "\"keyHash\": " + KEY.hashCode() + ","
75+
+ "\"principal\": " + USER_JSON + ", "
76+
+ "\"credentials\": " + PASSWORD + ", "
77+
+ "\"authorities\": " + AUTHORITIES_ARRAYLIST_JSON + ","
78+
+ "\"userDetails\": " + USER_JSON +","
79+
+ "\"authenticated\": true, "
80+
+ "\"details\": null,"
81+
+ "\"assertion\": {"
82+
+ "\"@class\": \"org.jasig.cas.client.validation.AssertionImpl\", "
83+
+ "\"principal\": {"
84+
+ "\"@class\": \"org.jasig.cas.client.authentication.AttributePrincipalImpl\", "
85+
+ "\"name\": \"assertName\", "
86+
+ "\"attributes\": {\"@class\": \"java.util.Collections$EmptyMap\"}, "
87+
+ "\"proxyGrantingTicket\": null, "
88+
+ "\"proxyRetriever\": null"
89+
+ "}, "
90+
+ "\"validFromDate\": [\"java.util.Date\", " + START_DATE.getTime() + "], "
91+
+ "\"validUntilDate\": [\"java.util.Date\", " + END_DATE.getTime() + "],"
92+
+ "\"authenticationDate\": [\"java.util.Date\", " + START_DATE.getTime() + "], "
93+
+ "\"attributes\": {\"@class\": \"java.util.Collections$EmptyMap\"}" +
94+
"}"
95+
+ "}";
96+
97+
private static final String CAS_TOKEN_CLEARED_JSON = CAS_TOKEN_JSON.replaceFirst(PASSWORD, "null");
7898

7999
@Test
80100
public void serializeCasAuthenticationTest() throws JsonProcessingException, JSONException {
81101
CasAuthenticationToken token = createCasAuthenticationToken();
82102
String actualJson = buildObjectMapper().writeValueAsString(token);
83-
JSONAssert.assertEquals(String.format(expectedJson, "\"" + PASSWORD + "\""), actualJson, true);
103+
JSONAssert.assertEquals(CAS_TOKEN_JSON, actualJson, true);
84104
}
85105

86106
@Test
87107
public void serializeCasAuthenticationTestAfterEraseCredentialInvoked() throws JsonProcessingException, JSONException {
88108
CasAuthenticationToken token = createCasAuthenticationToken();
89109
token.eraseCredentials();
90110
String actualJson = buildObjectMapper().writeValueAsString(token);
91-
JSONAssert.assertEquals(String.format(expectedJson, "null"), actualJson, true);
111+
JSONAssert.assertEquals(CAS_TOKEN_CLEARED_JSON, actualJson, true);
92112
}
93113

94114
@Test
95115
public void deserializeCasAuthenticationTestAfterEraseCredentialInvoked() throws Exception {
96-
CasAuthenticationToken token = buildObjectMapper().readValue(String.format(expectedJson, "null"), CasAuthenticationToken.class);
116+
CasAuthenticationToken token = buildObjectMapper().readValue(CAS_TOKEN_CLEARED_JSON, CasAuthenticationToken.class);
97117
assertThat(((UserDetails)token.getPrincipal()).getPassword()).isNull();
98118
}
99119

100120
@Test
101121
public void deserializeCasAuthenticationTest() throws IOException, JSONException {
102-
CasAuthenticationToken token = buildObjectMapper().readValue(String.format(expectedJson, "\"" + PASSWORD + "\""), CasAuthenticationToken.class);
122+
CasAuthenticationToken token = buildObjectMapper().readValue(CAS_TOKEN_JSON, CasAuthenticationToken.class);
103123
assertThat(token).isNotNull();
104124
assertThat(token.getPrincipal()).isNotNull().isInstanceOf(User.class);
105-
assertThat(((User) token.getPrincipal()).getUsername()).isEqualTo("username");
106-
assertThat(((User) token.getPrincipal()).getPassword()).isEqualTo(PASSWORD);
125+
assertThat(((User) token.getPrincipal()).getUsername()).isEqualTo("admin");
126+
assertThat(((User) token.getPrincipal()).getPassword()).isEqualTo("1234");
107127
assertThat(token.getUserDetails()).isNotNull().isInstanceOf(User.class);
108128
assertThat(token.getAssertion()).isNotNull().isInstanceOf(AssertionImpl.class);
109129
assertThat(token.getKeyHash()).isEqualTo(KEY.hashCode());
110130
assertThat(token.getUserDetails().getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER"));
111-
assertThat(token.getAssertion().getAuthenticationDate()).isEqualTo(startDate);
112-
assertThat(token.getAssertion().getValidFromDate()).isEqualTo(startDate);
113-
assertThat(token.getAssertion().getValidUntilDate()).isEqualTo(endDate);
131+
assertThat(token.getAssertion().getAuthenticationDate()).isEqualTo(START_DATE);
132+
assertThat(token.getAssertion().getValidFromDate()).isEqualTo(START_DATE);
133+
assertThat(token.getAssertion().getValidUntilDate()).isEqualTo(END_DATE);
114134
assertThat(token.getAssertion().getPrincipal().getName()).isEqualTo("assertName");
115135
assertThat(token.getAssertion().getAttributes()).hasSize(0);
116136
}
137+
138+
private CasAuthenticationToken createCasAuthenticationToken() {
139+
User principal = new User("admin", "1234", Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER")));
140+
Collection<? extends GrantedAuthority> authorities = Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"));
141+
Assertion assertion = new AssertionImpl(new AttributePrincipalImpl("assertName"), START_DATE, END_DATE, START_DATE, Collections.<String, Object>emptyMap());
142+
return new CasAuthenticationToken(KEY, principal, principal.getPassword(), authorities,
143+
new User("admin", "1234", authorities), assertion);
144+
}
145+
146+
ObjectMapper buildObjectMapper() {
147+
ClassLoader loader = getClass().getClassLoader();
148+
ObjectMapper mapper = new ObjectMapper();
149+
mapper.registerModules(SecurityJacksonModules.getModules(loader));
150+
return mapper;
151+
}
117152
}

core/src/test/java/org/springframework/security/jackson2/AbstractMixinTests.java

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -17,12 +17,11 @@
1717
package org.springframework.security.jackson2;
1818

1919
import com.fasterxml.jackson.databind.ObjectMapper;
20-
import org.springframework.security.core.authority.SimpleGrantedAuthority;
20+
21+
import org.springframework.security.core.authority.AuthorityUtils;
2122
import org.springframework.security.core.userdetails.User;
2223
import org.springframework.util.ObjectUtils;
2324

24-
import java.util.Collections;
25-
2625
/**
2726
* @author Jitenra Singh
2827
* @since 4.2
@@ -41,10 +40,10 @@ protected ObjectMapper buildObjectMapper() {
4140
}
4241

4342
User createDefaultUser() {
44-
return createUser("dummy", "password", "ROLE_USER");
43+
return createUser("admin", "1234", "ROLE_USER");
4544
}
4645

4746
User createUser(String username, String password, String authority) {
48-
return new User(username, password, Collections.singletonList(new SimpleGrantedAuthority(authority)));
47+
return new User(username, password, AuthorityUtils.createAuthorityList(authority));
4948
}
5049
}

core/src/test/java/org/springframework/security/jackson2/AnonymousAuthenticationTokenMixinTests.java

Lines changed: 19 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -36,38 +36,43 @@
3636
*/
3737
public class AnonymousAuthenticationTokenMixinTests extends AbstractMixinTests {
3838

39-
String hashKey = "key";
40-
String anonymousAuthTokenJson = "{\"@class\": \"org.springframework.security.authentication.AnonymousAuthenticationToken\", \"details\": null," +
41-
"\"principal\": {\"@class\": \"org.springframework.security.core.userdetails.User\", \"username\": \"dummy\", \"password\": %s," +
42-
" \"accountNonExpired\": true, \"enabled\": true, " +
43-
"\"accountNonLocked\": true, \"credentialsNonExpired\": true, \"authorities\": [\"java.util.Collections$UnmodifiableSet\"," +
44-
"[{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]}, \"authenticated\": true, \"keyHash\": " + hashKey.hashCode() + "," +
45-
"\"authorities\": [\"java.util.ArrayList\", [{\"@class\": \"org.springframework.security.core.authority.SimpleGrantedAuthority\", \"authority\": \"ROLE_USER\"}]]}";
39+
private static final String HASH_KEY = "key";
40+
41+
// @formatter:off
42+
private static final String ANONYMOUS_JSON = "{"
43+
+ "\"@class\": \"org.springframework.security.authentication.AnonymousAuthenticationToken\", "
44+
+ "\"details\": null,"
45+
+ "\"principal\": " + UserDeserializerTests.USER_JSON + ","
46+
+ "\"authenticated\": true, "
47+
+ "\"keyHash\": " + HASH_KEY.hashCode() + ","
48+
+ "\"authorities\": " + SimpleGrantedAuthorityMixinTests.AUTHORITIES_ARRAYLIST_JSON
49+
+ "}";
50+
// @formatter:on
4651

4752

4853
@Test
4954
public void serializeAnonymousAuthenticationTokenTest() throws JsonProcessingException, JSONException {
5055
User user = createDefaultUser();
5156
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken(
52-
hashKey, user, user.getAuthorities()
57+
HASH_KEY, user, user.getAuthorities()
5358
);
5459
String actualJson = buildObjectMapper().writeValueAsString(token);
55-
JSONAssert.assertEquals(String.format(anonymousAuthTokenJson, "\"password\""), actualJson, true);
60+
JSONAssert.assertEquals(ANONYMOUS_JSON, actualJson, true);
5661
}
5762

5863
@Test
5964
public void deserializeAnonymousAuthenticationTokenTest() throws IOException {
6065
AnonymousAuthenticationToken token = buildObjectMapper()
61-
.readValue(String.format(anonymousAuthTokenJson,"\"password\""), AnonymousAuthenticationToken.class);
66+
.readValue(ANONYMOUS_JSON, AnonymousAuthenticationToken.class);
6267
assertThat(token).isNotNull();
63-
assertThat(token.getKeyHash()).isEqualTo(hashKey.hashCode());
68+
assertThat(token.getKeyHash()).isEqualTo(HASH_KEY.hashCode());
6469
assertThat(token.getAuthorities()).isNotNull().hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER"));
6570
}
6671

6772
@Test(expected = JsonMappingException.class)
6873
public void deserializeAnonymousAuthenticationTokenWithoutAuthoritiesTest() throws IOException {
6974
String jsonString = "{\"@class\": \"org.springframework.security.authentication.AnonymousAuthenticationToken\", \"details\": null," +
70-
"\"principal\": \"user\", \"authenticated\": true, \"keyHash\": " + hashKey.hashCode() + "," +
75+
"\"principal\": \"user\", \"authenticated\": true, \"keyHash\": " + HASH_KEY.hashCode() + "," +
7176
"\"authorities\": [\"java.util.ArrayList\", []]}";
7277
buildObjectMapper().readValue(jsonString, AnonymousAuthenticationToken.class);
7378
}
@@ -76,10 +81,10 @@ public void deserializeAnonymousAuthenticationTokenWithoutAuthoritiesTest() thro
7681
public void serializeAnonymousAuthenticationTokenMixinAfterEraseCredentialTest() throws JsonProcessingException, JSONException {
7782
User user = createDefaultUser();
7883
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken(
79-
hashKey, user, user.getAuthorities()
84+
HASH_KEY, user, user.getAuthorities()
8085
);
8186
token.eraseCredentials();
8287
String actualJson = buildObjectMapper().writeValueAsString(token);
83-
JSONAssert.assertEquals(String.format(anonymousAuthTokenJson, "null"), actualJson, true);
88+
JSONAssert.assertEquals(ANONYMOUS_JSON.replace(UserDeserializerTests.USER_PASSWORD, "null"), actualJson, true);
8489
}
8590
}

0 commit comments

Comments
 (0)