@Test public void stringWithMatcherAndIncorrectResponseHeaderValue() throws Exception { long secondLater = this.currentTime + 1000; String expected = this.dateFormat.format(new Date(secondLater)); assertIncorrectResponseHeader(header().string(LAST_MODIFIED, expected), expected); assertIncorrectResponseHeader(header().string(LAST_MODIFIED, equalTo(expected)), expected); // Comparison by date uses HttpHeaders to format the date in the error message. HttpHeaders headers = new HttpHeaders(); headers.setDate("expected", secondLater); assertIncorrectResponseHeader(header().dateValue(LAST_MODIFIED, secondLater), headers.getFirst("expected")); }
@Test public void stringWithMatcherAndCorrectResponseHeaderValue() throws Exception { this.mockMvc.perform(get("/persons/1").header(IF_MODIFIED_SINCE, minuteAgo)) .andExpect(header().string(LAST_MODIFIED, equalTo(now))); }
@Test public void loadConfigWhenRequestSecureThenDefaultSecurityHeadersReturned() throws Exception { this.spring.register(HeadersArePopulatedByDefaultConfig.class).autowire(); this.mockMvc.perform(get("/").secure(true)) .andExpect(header().string("X-Content-Type-Options", "nosniff")) .andExpect(header().string("X-Frame-Options", "DENY")) .andExpect(header().string("Strict-Transport-Security", "max-age=31536000 ; includeSubDomains")) .andExpect(header().string("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate")) .andExpect(header().string("Pragma", "no-cache")) .andExpect(header().string("Expires", "0")) .andExpect(header().string("X-XSS-Protection", "1; mode=block")); }
@SuppressWarnings("unchecked") @Test public void multiStringHeaderValueWithMatchers() throws Exception { this.mockMvc.perform(get("/persons/1")) .andExpect(header().stringValues(VARY, hasItems(containsString("foo"), startsWith("bar")))); }
@Test public void longValueWithCorrectResponseHeaderValue() throws Exception { this.mockMvc.perform(get("/persons/1")) .andExpect(header().longValue("X-Rate-Limiting", 42)); }
@Test public void exists() throws Exception { this.mockMvc.perform(get("/persons/1")).andExpect(header().exists(LAST_MODIFIED)); }
@Test(expected = AssertionError.class) // SPR-10771 public void doesNotExistFail() throws Exception { this.mockMvc.perform(get("/persons/1")).andExpect(header().doesNotExist(LAST_MODIFIED)); }
@Test public void multiStringHeaderValue() throws Exception { this.mockMvc.perform(get("/persons/1")).andExpect(header().stringValues(VARY, "foo", "bar")); }
@Test(expected = AssertionError.class) public void existsFail() throws Exception { this.mockMvc.perform(get("/persons/1")).andExpect(header().exists("X-Custom-Header")); }
@Test // SPR-10771 public void doesNotExist() throws Exception { this.mockMvc.perform(get("/persons/1")).andExpect(header().doesNotExist("X-Custom-Header")); }
@Test(expected = AssertionError.class) public void longValueWithIncorrectResponseHeaderValue() throws Exception { this.mockMvc.perform(get("/persons/1")).andExpect(header().longValue("X-Rate-Limiting", 1)); }
@Test public void longValueWithMissingResponseHeader() throws Exception { try { this.mockMvc.perform(get("/persons/1").header(IF_MODIFIED_SINCE, now)) .andExpect(status().isNotModified()) .andExpect(header().longValue("X-Custom-Header", 99L)); fail(ERROR_MESSAGE); } catch (AssertionError err) { if (ERROR_MESSAGE.equals(err.getMessage())) { throw err; } assertEquals("Response does not contain header 'X-Custom-Header'", err.getMessage()); } }
@Test public void stringWithCorrectResponseHeaderValue() throws Exception { this.mockMvc.perform(get("/persons/1").header(IF_MODIFIED_SINCE, minuteAgo)) .andExpect(header().string(LAST_MODIFIED, now)); }
@Test public void dateValueWithCorrectResponseHeaderValue() throws Exception { this.mockMvc.perform(get("/persons/1").header(IF_MODIFIED_SINCE, minuteAgo)) .andExpect(header().dateValue(LAST_MODIFIED, this.currentTime)); }
@Test public void stringWithMatcherAndMissingResponseHeader() throws Exception { this.mockMvc.perform(get("/persons/1").header(IF_MODIFIED_SINCE, now)) .andExpect(status().isNotModified()) .andExpect(header().string("X-Custom-Header", nullValue())); }
private static ResultMatcher invalidTokenHeader(String message) { return header().string(HttpHeaders.WWW_AUTHENTICATE, AllOf.allOf( new StringStartsWith("Bearer " + "error=\"invalid_token\", " + "error_description=\""), new StringContains(message), new StringEndsWith(", " + "error_uri=\"https://tools.ietf.org/html/rfc6750#section-3.1\"") ) ); }
@Test public void stringWithMissingResponseHeader() throws Exception { this.mockMvc.perform(get("/persons/1").header(IF_MODIFIED_SINCE, now)) .andExpect(status().isNotModified()) .andExpect(header().stringValues("X-Custom-Header")); }
@Test public void requestWhenRealmNameConfiguredThenUsesOnAccessDenied() throws Exception { this.spring.register(RealmNameConfiguredOnAccessDeniedHandler.class, JwtDecoderConfig.class).autowire(); JwtDecoder decoder = this.spring.getContext().getBean(JwtDecoder.class); when(decoder.decode(anyString())).thenReturn(JWT); this.mvc.perform(get("/authenticated") .with(bearerToken("insufficiently_scoped"))) .andExpect(status().isForbidden()) .andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, startsWith("Bearer realm=\"myRealm\""))); }
@Test // http@realm public void configureWhenHttpBasicAndRequestUnauthorizedThenReturnWWWAuthenticateWithRealm() throws Exception { this.spring.register(RealmConfig.class).autowire(); this.mockMvc.perform(get("/")) .andExpect(status().isUnauthorized()) .andExpect(header().string("WWW-Authenticate", "Basic realm=\"RealmConfig\"")); }
@Test // SPR-16067, SPR-16695 public void filterWrapsRequestResponseAndPerformsAsyncDispatch() throws Exception { MockMvc mockMvc = standaloneSetup(new PersonController()) .addFilters(new WrappingRequestResponseFilter(), new ShallowEtagHeaderFilter()) .build(); MvcResult mvcResult = mockMvc.perform(get("/persons/1").accept(MediaType.APPLICATION_JSON)) .andExpect(request().asyncStarted()) .andExpect(request().asyncResult(new Person("Lukas"))) .andReturn(); mockMvc.perform(asyncDispatch(mvcResult)) .andExpect(status().isOk()) .andExpect(header().longValue("Content-Length", 53)) .andExpect(header().string("ETag", "\"0e37becb4f0c90709cb2e1efcc61eaa00\"")) .andExpect(content().string("{\"name\":\"Lukas\",\"someDouble\":0.0,\"someBoolean\":false}")); }