Merge pull request #1018 from bosch-io/fix_migration_to_new_spring_boot_version
Update Spring Boot to 2.3.7.RELEASE
This commit is contained in:
@@ -12,6 +12,11 @@ spring.security.user.name=admin
|
||||
spring.security.user.password={noop}admin
|
||||
spring.main.allow-bean-definition-overriding=true
|
||||
|
||||
# Http Encoding
|
||||
server.servlet.encoding.charset=UTF-8
|
||||
server.servlet.encoding.enabled=true
|
||||
server.servlet.encoding.force=true
|
||||
|
||||
# DDI authentication configuration
|
||||
hawkbit.server.ddi.security.authentication.anonymous.enabled=false
|
||||
hawkbit.server.ddi.security.authentication.targettoken.enabled=false
|
||||
|
||||
@@ -0,0 +1,46 @@
|
||||
/**
|
||||
* Copyright (c) 2020 Bosch.IO GmbH and others.
|
||||
*
|
||||
* All rights reserved. This program and the accompanying materials
|
||||
* are made available under the terms of the Eclipse Public License v1.0
|
||||
* which accompanies this distribution, and is available at
|
||||
* http://www.eclipse.org/legal/epl-v10.html
|
||||
*/
|
||||
package org.eclipse.hawkbit.app;
|
||||
|
||||
import org.eclipse.hawkbit.repository.test.util.MsSqlTestDatabase;
|
||||
import org.eclipse.hawkbit.repository.test.util.MySqlTestDatabase;
|
||||
import org.junit.Before;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers;
|
||||
import org.springframework.test.annotation.DirtiesContext;
|
||||
import org.springframework.test.context.TestExecutionListeners;
|
||||
import org.springframework.test.context.TestExecutionListeners.MergeMode;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.setup.DefaultMockMvcBuilder;
|
||||
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
|
||||
import org.springframework.web.context.WebApplicationContext;
|
||||
|
||||
@RunWith(SpringRunner.class)
|
||||
@SpringBootTest(properties = { "hawkbit.dmf.rabbitmq.enabled=false" })
|
||||
@TestExecutionListeners(listeners = { MySqlTestDatabase.class,
|
||||
MsSqlTestDatabase.class }, mergeMode = MergeMode.MERGE_WITH_DEFAULTS)
|
||||
@DirtiesContext
|
||||
public abstract class AbstractSecurityTest {
|
||||
|
||||
@Autowired
|
||||
private WebApplicationContext context;
|
||||
|
||||
protected MockMvc mvc;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
final DefaultMockMvcBuilder builder = MockMvcBuilders.webAppContextSetup(context)
|
||||
.apply(SecurityMockMvcConfigurers.springSecurity()).dispatchOptions(true);
|
||||
mvc = builder.build();
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,49 @@
|
||||
/**
|
||||
* Copyright (c) 2019 Bosch Software Innovations GmbH and others.
|
||||
*
|
||||
* All rights reserved. This program and the accompanying materials
|
||||
* are made available under the terms of the Eclipse Public License v1.0
|
||||
* which accompanies this distribution, and is available at
|
||||
* http://www.eclipse.org/legal/epl-v10.html
|
||||
*/
|
||||
package org.eclipse.hawkbit.app;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
import io.qameta.allure.Description;
|
||||
import org.junit.Test;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.security.web.firewall.RequestRejectedException;
|
||||
|
||||
import io.qameta.allure.Feature;
|
||||
import io.qameta.allure.Story;
|
||||
import org.springframework.test.context.TestPropertySource;
|
||||
|
||||
@TestPropertySource(properties = { "hawkbit.server.security.allowedHostNames=localhost",
|
||||
"hawkbit.server.security.httpFirewallIgnoredPaths=/index.html" })
|
||||
@Feature("Integration Test - Security")
|
||||
@Story("Allowed Host Names")
|
||||
public class AllowedHostNamesTest extends AbstractSecurityTest {
|
||||
|
||||
@Test
|
||||
@Description("Tests whether a RequestRejectedException is thrown when not allowed host is used")
|
||||
public void allowedHostNameWithNotAllowedHost() {
|
||||
assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(
|
||||
() -> mvc.perform(get("/").header(HttpHeaders.HOST, "www.google.com")));
|
||||
}
|
||||
|
||||
@Test
|
||||
@Description("Tests whether request is redirected when allowed host is used")
|
||||
public void allowedHostNameWithAllowedHost() throws Exception {
|
||||
mvc.perform(get("/").header(HttpHeaders.HOST, "localhost")).andExpect(status().is3xxRedirection());
|
||||
}
|
||||
|
||||
@Test
|
||||
@Description("Tests whether request without allowed host name and with ignored path end up with a client error")
|
||||
public void notAllowedHostnameWithIgnoredPath() throws Exception {
|
||||
mvc.perform(get("/index.html").header(HttpHeaders.HOST, "www.google.com"))
|
||||
.andExpect(status().is4xxClientError());
|
||||
}
|
||||
}
|
||||
@@ -23,8 +23,10 @@ import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.security.test.context.support.WithUserDetails;
|
||||
import org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers;
|
||||
import org.springframework.test.annotation.DirtiesContext;
|
||||
import org.springframework.test.context.TestExecutionListeners;
|
||||
import org.springframework.test.context.TestExecutionListeners.MergeMode;
|
||||
import org.springframework.test.context.TestPropertySource;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.ResultActions;
|
||||
@@ -36,15 +38,13 @@ import io.qameta.allure.Description;
|
||||
import io.qameta.allure.Feature;
|
||||
import io.qameta.allure.Story;
|
||||
|
||||
@RunWith(SpringRunner.class)
|
||||
@SpringBootTest(properties = { "hawkbit.dmf.rabbitmq.enabled=false", "hawkbit.server.security.cors.enabled=true",
|
||||
"hawkbit.server.security.cors.allowedOrigins=" + CorsTest.ALLOWED_ORIGIN_FIRST + ","
|
||||
+ CorsTest.ALLOWED_ORIGIN_SECOND })
|
||||
@TestExecutionListeners(listeners = { MySqlTestDatabase.class, MsSqlTestDatabase.class,
|
||||
PostgreSqlTestDatabase.class }, mergeMode = MergeMode.MERGE_WITH_DEFAULTS)
|
||||
@SpringBootTest(properties = {"hawkbit.dmf.rabbitmq.enabled=false", "hawkbit.server.security.cors.enabled=true",
|
||||
"hawkbit.server.security.cors.allowedOrigins=" + CorsTest.ALLOWED_ORIGIN_FIRST + "," + CorsTest.ALLOWED_ORIGIN_SECOND})
|
||||
@TestExecutionListeners(listeners = { MySqlTestDatabase.class, MsSqlTestDatabase.class },
|
||||
mergeMode = MergeMode.MERGE_WITH_DEFAULTS)
|
||||
@Feature("Integration Test - Security")
|
||||
@Story("CORS")
|
||||
public class CorsTest {
|
||||
public class CorsTest extends AbstractSecurityTest {
|
||||
|
||||
final static String ALLOWED_ORIGIN_FIRST = "http://test.first.origin";
|
||||
final static String ALLOWED_ORIGIN_SECOND = "http://test.second.origin";
|
||||
@@ -52,18 +52,6 @@ public class CorsTest {
|
||||
private final static String INVALID_ORIGIN = "http://test.invalid.origin";
|
||||
private final static String INVALID_CORS_REQUEST = "Invalid CORS request";
|
||||
|
||||
@Autowired
|
||||
private WebApplicationContext context;
|
||||
|
||||
private MockMvc mvc;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
final DefaultMockMvcBuilder builder = MockMvcBuilders.webAppContextSetup(context)
|
||||
.apply(SecurityMockMvcConfigurers.springSecurity()).dispatchOptions(true);
|
||||
mvc = builder.build();
|
||||
}
|
||||
|
||||
@WithUserDetails("admin")
|
||||
@Test
|
||||
@Description("Ensures that Cors is working.")
|
||||
|
||||
Reference in New Issue
Block a user