我遵循了Spring Boot Authentication for Integration Tests上公认的解决方法,并应用以下方法对集成测试的请求进行身份验证:
@SpringBootTest
@AutoConfigureMockMvc
@Transactional
@ActiveProfiles("test")
@EnableAutoConfiguration(
exclude = {
SecurityAutoConfiguration.class,
SecurityFilterAutoConfiguration.class,
// FallbackWebSecurityAutoConfiguration.class, // cannot find this ref
OAuth2ClientAutoConfiguration.class
})
abstract public class IntegrationTest {
@Autowired
protected MockMvc mvc;
@MockBean
protected AuthService authService;
@MockBean
protected JwtUtils jwtUtils;和测试类:
class ProductControllerTest extends IntegrationTest {
@Test
void findById() throws Exception {
mvc.perform((get("/api/v1/products/{id}", 1)))
.andExpect(status().isOk())
.andExpect(jsonPath("$.data.name", equalTo("Laptop")));
}然而,它没有任何意义,仍然给出“AuthEntryPointJwt:未经授权的错误:访问此资源需要完全身份验证”错误。
我还尝试通过application-test.yml使用第二个选项:
spring:
autoconfigure:
exclude:
- org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration
- org.springframework.boot.autoconfigure.security.SecurityFilterAutoConfiguration
- org.springframework.boot.autoconfigure.security.FallbackWebSecurityAutoConfiguration
- org.springframework.boot.autoconfigure.security.oauth2.OAuth2AutoConfiguration
1条答案
按热度按时间tf7tbtn21#
它可能是
SecurityAutoConfiguration,而SecurityFilterAutoConfigurationbean可能会被项目中的其他配置自动启用,例如自定义的WebSecurityConfigurerAdapter或SecurityConfigurerAdapter实现。您可以在启动期间检查日志,以查看实际应用了哪些自动配置类。