0

I have followed the accepted workaround on Spring Boot Authentication for Integration Tests and apply the following approach to authenticate requests for Integration Tests:

@SpringBootTest
@AutoConfigureMockMvc
@Transactional
@ActiveProfiles("test")
@EnableAutoConfiguration(
        exclude = {
        SecurityAutoConfiguration.class,
          SecurityFilterAutoConfiguration.class,
        // FallbackWebSecurityAutoConfiguration.class, // cannot find this ref
        OAuth2ClientAutoConfiguration.class
})
abstract public class IntegrationTest {

    @Autowired
    protected MockMvc mvc;

    @MockBean
    protected AuthService authService;

    @MockBean
    protected JwtUtils jwtUtils;

And test class:

class ProductControllerTest extends IntegrationTest {

    @Test
    void findById() throws Exception {
        mvc.perform((get("/api/v1/products/{id}", 1)))
                .andExpect(status().isOk())
                .andExpect(jsonPath("$.data.name", equalTo("Laptop")));
    }

However, it does not make any sense and still gives "AuthEntryPointJwt : Unauthorized error: Full authentication is required to access this resource" error.

I also tried to use second option via application-test.yml:

spring:  
  autoconfigure:
    exclude:
      - org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration
      - org.springframework.boot.autoconfigure.security.SecurityFilterAutoConfiguration
      - org.springframework.boot.autoconfigure.security.FallbackWebSecurityAutoConfiguration
      - org.springframework.boot.autoconfigure.security.oauth2.OAuth2AutoConfiguration
  • The workaround you mention is from 2017. Maybe things have changed in the meantime. Which boot version are you using? Have you inspected your condition evaluation report for your integration test startup via `debug: true` in your `application-test.yml`? – SpaceTrucker Mar 20 '23 at 14:32
  • I am using Spring Boot 3+. Probably changed and that's what I am asking. Sorry, but I could not understand "Have you inspected your condition evaluation report for your integration test startup via debug: true in your application-test.yml". Could you explain a little bit more? Thanks. –  Mar 20 '23 at 14:37
  • see https://www.baeldung.com/spring-boot-auto-configuration-report for example regarding the condition evaluation report – SpaceTrucker Mar 20 '23 at 14:47
  • Thanks a lot, I solved the problem by following https://www.baeldung.com/spring-security-integration-tests. –  Mar 20 '23 at 14:49

1 Answers1

0

It might be SecurityAutoConfiguration and SecurityFilterAutoConfiguration beans might be getting automatically enabled by some other configuration in your project, such as a custom WebSecurityConfigurerAdapter or SecurityConfigurerAdapter implementation.

You can do check the logs during startup to see which auto-configuration classes are actually being applied.

muhammed ozbilici
  • 667
  • 6
  • 17
  • No, before applying this config I was getting error. So, just need to know how to secure request for Integration tests. –  Mar 20 '23 at 14:40
  • I solved the problem via https://www.baeldung.com/spring-security-integration-tests. Sorry, I cannot vote up as I have not enough repo. –  Mar 20 '23 at 14:49