Testing Spring Boot Eureka Server 404

Question

I'm trying to test authentication in my Spring Boot Eureka Server. To do so, I perform a GET on /eureka/apps. I get a 404 instead of 200.

@RunWith(SpringRunner.class)
@WebAppConfiguration
@SpringBootTest(classes = Application.class)
public class GlobalSecurityTest {

    @Autowired
    private WebApplicationContext wac;

    @Autowired
    private FilterChainProxy springSecurityFilterChain;

    private MockMvc mockMvc;

    @Before
    public void setup() {
        this.mockMvc = MockMvcBuilders.webAppContextSetup(this.wac)
            .addFilter(springSecurityFilterChain).build();
    }

    @Test
    public void givenRoleDiscoveryClient_whenGetEureka_then200() throws Exception {
        mockMvc.perform(get("/eureka/apps").header(HttpHeaders.AUTHORIZATION, TOKEN_DISCOVERY_CLIENT)
            .andExpect(status().isOk());
    }
}

Eureka starts correctly as the logs prove:

2018-04-12 23:07:39.308  INFO 80833 --- [      Thread-12] e.s.EurekaServerInitializerConfiguration : Started Eureka Server
2018-04-12 23:07:39.315  INFO 80833 --- [           main] GlobalSecurityTest                       : Started GlobalSecurityTest in 7.255 seconds (JVM running for 8.007)
...

2018-04-12 23:07:39.822 DEBUG 80833 --- [           main] o.s.security.web.FilterChainProxy        : /eureka/apps/REGISTRY reached end of additional filter chain; proceeding with original chain
2018-04-12 23:07:39.831 DEBUG 80833 --- [           main] w.c.HttpSessionSecurityContextRepository : SecurityContext 'org.springframework.security.core.context.SecurityContextImpl@0: Authentication: StateTokenAuthentication{principalTokenState=be.charliebravo.ibpt.qos3.commons.security.models.ClientState@50b624da, tokenStates={}}' stored to HttpSession: 'org.springframework.mock.web.MockHttpSession@50b4e7b2
2018-04-12 23:07:39.833 DEBUG 80833 --- [           main] o.s.s.w.a.ExceptionTranslationFilter     : Chain processed normally
2018-04-12 23:07:39.833 DEBUG 80833 --- [           main] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed

java.lang.AssertionError: Status 
Expected :200
Actual   :404

My security config:

@Configuration
public class WebSecurityConfig {

    @Configuration
    @Order(3)
    public static class DiscoveryClientSecurityConfig extends WebSecurityConfigurerAdapter {

        @Autowired
        private StateTokenHttpSecurityConfigurer stateTokenHttpSecurityConfigurer;

        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http.antMatcher("/eureka/**").authorizeRequests()
                .anyRequest().hasRole(Role.DISCOVERY_CLIENT.toString())
                .and().exceptionHandling().authenticationEntryPoint(new Http401UnauthorizedEntryPoint());
            stateTokenHttpSecurityConfigurer.configure(http);
        }
    }
}

The Eureka server works fine when I run the application instead of the test.

Answer 1

Don't use MockMvc, because it is limited to testing the web layer, but Eureka mappings aren't registered there. Instead, use TestRestTemplate.

1. Remove @WebAppConfiguration and add weEnvironment setting in @SpringBootTest

   @SpringBootTest(classes = Application.class, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
   

2. Autowire TestRestTemplate and local server port

   @Autowired
   private TestRestTemplate restTemplate;
   
   @LocalServerPort
   private int localServerPort;
   

3. Perform the request

   @Test
   public void givenRoleDiscoveryClient_whenGetEurekaPage_then200() throws Exception {
       HttpHeaders headers = new HttpHeaders();
       headers.set(HttpHeaders.AUTHORIZATION, TOKEN_DISCOVERY_CLIENT);
       HttpEntity entity = new HttpEntity<>(null, headers);
   
       String endpoint = "https://localhost:" + localServerPort + "/eureka/apps";
       ResponseEntity responseEntity = restTemplate.exchange(endpoint, HttpMethod.GET, entity, String.class);
   
       assertThat(responseEntity.getStatusCode()).isEqualTo(HttpStatus.OK);
   }
   

And off you go.