[JT-81] test: AuthenticationFilter 통합 테스트 작성

- SecurityConfig exceptionHandling 추가
prgrms-be-devcourse · Sep 22, 2023 · ed60730 · ed60730
1 parent b1c9037
commit ed60730
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 0 deletions.
diff --git a/...app-api/src/test/java/shop/jtoon/security/filter/AuthenticationFilterIntegrationTest.java b/...app-api/src/test/java/shop/jtoon/security/filter/AuthenticationFilterIntegrationTest.java
@@ -0,0 +1,28 @@
+package shop.jtoon.security.filter;
+
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
+
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.web.servlet.MockMvc;
+
+@SpringBootTest
+@AutoConfigureMockMvc
+@ActiveProfiles("prod")
+class AuthenticationFilterIntegrationTest {
+
+ @Autowired
+ MockMvc mockMvc;
+
+ @Test
+ @DisplayName("미인증 사용자 접근 실패")
+ void unauthenticated_user_fail() throws Exception {
+ mockMvc.perform(post("/members/test"))
+ .andExpect(status().isUnauthorized());
+ }
+}
diff --git a/module-internal/core-web/src/main/java/shop/jtoon/config/SecurityConfig.java b/module-internal/core-web/src/main/java/shop/jtoon/config/SecurityConfig.java
@@ -2,12 +2,14 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpStatus;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.HttpStatusEntryPoint;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.web.servlet.HandlerExceptionResolver;
 
@@ -59,6 +61,8 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
  authenticationService,
  jwtService),
  UsernamePasswordAuthenticationFilter.class)
+ .exceptionHandling(exceptionHandling -> exceptionHandling
+ .authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)))
  .oauth2Login(login -> login
  .userInfoEndpoint(endpoint -> endpoint.userService(customOAuth2UserService))
  .successHandler(oAuth2SuccessHandler)