From 702e37016403db6c613a0f79a3a034163d5873cb Mon Sep 17 00:00:00 2001 From: twosom Date: Wed, 8 Mar 2023 23:09:17 +0900 Subject: [PATCH] Add test to SimpleUrlAuthenticationSuccessHandlerTests --- ...eUrlAuthenticationSuccessHandlerTests.java | 23 ++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/web/src/test/java/org/springframework/security/web/authentication/SimpleUrlAuthenticationSuccessHandlerTests.java b/web/src/test/java/org/springframework/security/web/authentication/SimpleUrlAuthenticationSuccessHandlerTests.java index 904b54eb348..29633dd4946 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/SimpleUrlAuthenticationSuccessHandlerTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/SimpleUrlAuthenticationSuccessHandlerTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2016 the original author or authors. + * Copyright 2002-2023 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,11 +16,16 @@ package org.springframework.security.web.authentication; +import javax.servlet.http.HttpSession; + import org.junit.jupiter.api.Test; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.WebAttributes; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; @@ -108,4 +113,20 @@ public void setTargetUrlParameterEmptyTargetUrlParameter() { assertThatIllegalArgumentException().isThrownBy(() -> ash.setTargetUrlParameter(" ")); } + @Test + public void shouldRemoveAuthenticationAttributeWhenOnAuthenticationSuccess() throws Exception { + SimpleUrlAuthenticationSuccessHandler ash = new SimpleUrlAuthenticationSuccessHandler(); + MockHttpServletRequest request = new MockHttpServletRequest(); + MockHttpServletResponse response = new MockHttpServletResponse(); + HttpSession session = request.getSession(); + assertThat(session).isNotNull(); + session.setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, + new BadCredentialsException("Invalid credentials")); + assertThat(session.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION)).isNotNull(); + assertThat(session.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION)) + .isInstanceOf(AuthenticationException.class); + ash.onAuthenticationSuccess(request, response, mock(Authentication.class)); + assertThat(session.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION)).isNull(); + } + }