写在前面

Spring Security 是一个权限控制框架,所有的接口都是基于当前用户角色,身份等,授权访问,在开发时,要先登陆,才能测试需要授权的接口, 但是如何写单元测试,测试授权的接口呢 ?

需要测试依赖,引包,

     <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-test</artifactId>
            <scope>test</scope>
        </dependency>

具体使用,包括以下几种测试方式

一、@WithMockUser,基于注解使用

1.1、代码示例

import lombok.SneakyThrows;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.http.MediaType;
import org.springframework.mock.web.MockMultipartFile;
import org.springframework.security.test.context.support.WithMockUser;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
import org.springframework.test.web.servlet.result.MockMvcResultMatchers;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.context.WebApplicationContext;

import java.io.File;
import java.io.FileInputStream;

import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;

/** * 单元测试-角色模块接口 * 数据回滚 @Transactional */
//@RunWith(SpringJUnit4ClassRunner.class)
//@ContextConfiguration(classes = Application.class)
//@SpringBootTest
//@FixMethodOrder(MethodSorters.NAME_ASCENDING)
//@Transactional
//@WithMockUser(username = "zx", password = "11111111")

@SpringBootTest
@RunWith(SpringRunner.class)
@Transactional
@AutoConfigureMockMvc
@WithMockUser(username = "as", password = "as")
public class UserControllerTest {
   

    private MockMvc mockMvc;

    @Autowired
    private WebApplicationContext wac;

    @Before
    public void setup() {
   
        this.mockMvc = MockMvcBuilders
                .webAppContextSetup(wac)
                .build();
    }

    @Test
    public void add() throws Exception {
   
        mockMvc.perform(MockMvcRequestBuilders.post("/test/user/add")
                .contentType(MediaType.APPLICATION_JSON)
                .content("{\n" +
                        " \"userCode\": \"lss002\",\n" +
                        " \"userName\": \"ls022\",\n" +
                        " \"departmentId\": 10,\n" +
                        " \"email\": \"154@dse.com\",\n" +
                        " \"station\": \"dep\",\n" +
                        " \"company\": \"com1\",\n" +
                        " \"entryTime\": \"2001-12-12\",\n" +
                        " \"leaveTime\": \"\",\n" +
                        " \"entranceStatus\": 1\n" +
                        "}")
                .accept(MediaType.APPLICATION_JSON))
                .andDo(print());
    }
}

二、配置自定义Token

2.1、代码示例

import lombok.SneakyThrows;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.http.MediaType;
import org.springframework.mock.web.MockMultipartFile;
import org.springframework.security.test.context.support.WithMockUser;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
import org.springframework.test.web.servlet.result.MockMvcResultMatchers;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.context.WebApplicationContext;

import java.io.File;
import java.io.FileInputStream;

import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;

/** * 单元测试-角色模块接口 * 数据回滚 @Transactional */
//@RunWith(SpringJUnit4ClassRunner.class)
//@ContextConfiguration(classes = Application.class)
//@SpringBootTest
//@FixMethodOrder(MethodSorters.NAME_ASCENDING)
//@Transactional
//@WithMockUser(username = "zx", password = "11111111")

@SpringBootTest
@RunWith(SpringRunner.class)
@Transactional
@AutoConfigureMockMvc
public class UserControllerTest {
   
    private MockMvc mockMvc;
    @Autowired
    private WebApplicationContext wac;

    @Before
    public void setup() {
   
        this.mockMvc = MockMvcBuilders
                .webAppContextSetup(wac)
                .apply(springSecurity())  // 这里配置Security认证
                .build();
    }

    @Test
    public void add() throws Exception {
   
        mockMvc.perform(MockMvcRequestBuilders.post("/test/user/add")
                .cookie(new Cookie(LoginController.HEADER, "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ6eCIsImV4cCI6MTU4MzQwMzA0NX0.itXLLL8hcjyE-Q13CXl387Xk9-M9PkrmYeayGu-zSa2mZvYUlJx8zNPn81l2Tn9f9Iz1RsyLnf08mH85xD6mkA"))
                .contentType(MediaType.APPLICATION_JSON)
                .content("{\n" +
                        " \"userCode\": \"lss002\",\n" +
                        " \"userName\": \"ls022\",\n" +
                        " \"departmentId\": 10,\n" +
                        " \"email\": \"154@dse.com\",\n" +
                        " \"station\": \"dep\",\n" +
                        " \"company\": \"com1\",\n" +
                        " \"entryTime\": \"2001-12-12\",\n" +
                        " \"leaveTime\": \"\",\n" +
                        " \"entranceStatus\": 1\n" +
                        "}")
                .accept(MediaType.APPLICATION_JSON))
                .andDo(print());
    }
}

这里的测试接口方式,就如同页面测试了(从Token中获取用户信息),这里的cookie,如下

关于MockMvc更详细的使用介绍

参考这里,链接