如何禁用 Okta 自动配置进行测试?
How do you disable Okta auto configuration for testing?
我正在使用 this Okta Spring Boot starter,但我无法禁用集成测试的自动配置。通常,您会这样做:
@SpringBootTest
@EnableAutoConfiguration(exclude = { SecurityAutoConfiguration.class, OktaOAuth2AutoConfig.class })
class ApplicationTests {
@Test
void contextLoads() {
}
}
但是,OktaOAuth2AutoConfig class 受包保护,您无法禁用它。我尝试了组件扫描过滤器和许多其他技术,但问题是它仍在加载并需要 okta.oauth2.issuer(以及客户端 ID 和密码)并调用它以确保它是有效的 OAuth2 提供程序.我不想要这个功能,以防测试必须 运行 在自动配置无法调用发行者的地方。有什么想法吗?
您应该能够模拟事物,以便 OIDC 发现能够发生。我在 this blog post 中展示了如何为 JHipster 应用程序执行此操作。由于您使用的是 Okta Spring 启动器,我猜您可以这样做。
- 创建
TestSecurityConfiguration.java class.
@TestConfiguration
public class TestSecurityConfiguration {
private final ClientRegistration clientRegistration;
public TestSecurityConfiguration() {
this.clientRegistration = clientRegistration().build();
}
@Bean
ClientRegistrationRepository clientRegistrationRepository() {
return new InMemoryClientRegistrationRepository(clientRegistration);
}
private ClientRegistration.Builder clientRegistration() {
Map<String, Object> metadata = new HashMap<>();
metadata.put("end_session_endpoint", "https://example.org/logout");
return ClientRegistration.withRegistrationId("okta")
.redirectUriTemplate("{baseUrl}/{action}/oauth2/code/{registrationId}")
.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.scope("read:user")
.authorizationUri("https://example.org/login/oauth/authorize")
.tokenUri("https://example.org/login/oauth/access_token")
.jwkSetUri("https://example.org/oauth/jwk")
.userInfoUri("https://api.example.org/user")
.providerConfigurationMetadata(metadata)
.userNameAttributeName("id")
.clientName("Client Name")
.clientId("client-id")
.clientSecret("client-secret");
}
@Bean
JwtDecoder jwtDecoder() {
return mock(JwtDecoder.class);
}
@Bean
public OAuth2AuthorizedClientService authorizedClientService(ClientRegistrationRepository clientRegistrationRepository) {
return new InMemoryOAuth2AuthorizedClientService(clientRegistrationRepository);
}
@Bean
public OAuth2AuthorizedClientRepository authorizedClientRepository(OAuth2AuthorizedClientService authorizedClientService) {
return new AuthenticatedPrincipalOAuth2AuthorizedClientRepository(authorizedClientService);
}
}
然后在使用@SpringBootTest的classes中,配置这个class作为配置源。
@SpringBootTest(classes = {YourMainApp.class, TestSecurityConfiguration.class})
另一个博客post,The Hitchhiker's Guide to Testing Spring Boot APIs and Angular Components with WireMock, Jest, Protractor, and Travis CI, has some additional information on mocking APIs for testing. Specifically, see Mock Okta’s API with WireMock。
我正在使用 this Okta Spring Boot starter,但我无法禁用集成测试的自动配置。通常,您会这样做:
@SpringBootTest
@EnableAutoConfiguration(exclude = { SecurityAutoConfiguration.class, OktaOAuth2AutoConfig.class })
class ApplicationTests {
@Test
void contextLoads() {
}
}
但是,OktaOAuth2AutoConfig class 受包保护,您无法禁用它。我尝试了组件扫描过滤器和许多其他技术,但问题是它仍在加载并需要 okta.oauth2.issuer(以及客户端 ID 和密码)并调用它以确保它是有效的 OAuth2 提供程序.我不想要这个功能,以防测试必须 运行 在自动配置无法调用发行者的地方。有什么想法吗?
您应该能够模拟事物,以便 OIDC 发现能够发生。我在 this blog post 中展示了如何为 JHipster 应用程序执行此操作。由于您使用的是 Okta Spring 启动器,我猜您可以这样做。
- 创建
TestSecurityConfiguration.javaclass.
@TestConfiguration
public class TestSecurityConfiguration {
private final ClientRegistration clientRegistration;
public TestSecurityConfiguration() {
this.clientRegistration = clientRegistration().build();
}
@Bean
ClientRegistrationRepository clientRegistrationRepository() {
return new InMemoryClientRegistrationRepository(clientRegistration);
}
private ClientRegistration.Builder clientRegistration() {
Map<String, Object> metadata = new HashMap<>();
metadata.put("end_session_endpoint", "https://example.org/logout");
return ClientRegistration.withRegistrationId("okta")
.redirectUriTemplate("{baseUrl}/{action}/oauth2/code/{registrationId}")
.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.scope("read:user")
.authorizationUri("https://example.org/login/oauth/authorize")
.tokenUri("https://example.org/login/oauth/access_token")
.jwkSetUri("https://example.org/oauth/jwk")
.userInfoUri("https://api.example.org/user")
.providerConfigurationMetadata(metadata)
.userNameAttributeName("id")
.clientName("Client Name")
.clientId("client-id")
.clientSecret("client-secret");
}
@Bean
JwtDecoder jwtDecoder() {
return mock(JwtDecoder.class);
}
@Bean
public OAuth2AuthorizedClientService authorizedClientService(ClientRegistrationRepository clientRegistrationRepository) {
return new InMemoryOAuth2AuthorizedClientService(clientRegistrationRepository);
}
@Bean
public OAuth2AuthorizedClientRepository authorizedClientRepository(OAuth2AuthorizedClientService authorizedClientService) {
return new AuthenticatedPrincipalOAuth2AuthorizedClientRepository(authorizedClientService);
}
}
然后在使用@SpringBootTest的classes中,配置这个class作为配置源。
@SpringBootTest(classes = {YourMainApp.class, TestSecurityConfiguration.class})
另一个博客post,The Hitchhiker's Guide to Testing Spring Boot APIs and Angular Components with WireMock, Jest, Protractor, and Travis CI, has some additional information on mocking APIs for testing. Specifically, see Mock Okta’s API with WireMock。