refactor: update all annotations with @AttachClaims inside

Author: nigel.zheng

README.md

@@ -11,17 +11,18 @@ Attach Map-based claims to mocked user as authentication details, the claims can
 _Note: Most code came from the open network. I refactor and enhanced the code, then we have this java-library._
 
 ## Features
-- @WithMockOAuth2Client
-- @WithMockOAuth2User
+- `@WithMockOAuth2Client`
+- `@WithMockOAuth2User`
     - mock an oauth2 user, attach claims to OAuth2Authentication details
-- @AttachClaims
-    - attach Map-based claims to current authentication, should work with @WithMockUser
-- @WithMockUserAndClaims
-    - enhanced @WithMockUser, attach Map-based claims as authentication details
-    - equal to @WithMockUser + @AttachClaims
-- @WithToken
+- `@AttachClaims`
+    - attach Map-based claims to current authentication, should work with `@WithMockUser`
+- `@WithMockUserAndClaims`
+    - enhanced `@WithMockUser`, attach Map-based claims as authentication details
+    - equal to `@WithMockUser` + `@AttachClaims`
+- `@WithToken`
     - add `bearer` token to request header to extract a `PreAuthenticatedAuthenticationToken`,
     load existing OAuth2Authentication from SecurityContext
+    - require `@MockTokenServices` on test class
 
 ## How to use
 
@@ -37,38 +38,51 @@ allprojects {
 ## Step 2. Add the dependency
 ```groovy
 dependencies {
-    implementation 'com.github.ahunigel:spring-security-oauth2-test:master-SNAPSHOT'
+    implementation 'com.github.ahunigel:spring-security-oauth2-test:{version}'
 }
 ```
-## Step 3. Write test
+_Refer to https://jitpack.io/#ahunigel/spring-security-oauth2-test for details._
+
+## Step 3. Write tests
 ```java
 @WithMockOAuth2User(
-      client = @WithMockOAuth2Client(
-          clientId = "custom-client",
-          scope = {"custom-scope", "other-scope"},
-          authorities = {"custom-authority", "ROLE_CUSTOM_CLIENT"}),
-      user = @WithMockUser(
-          username = "custom-username",
-          authorities = {"custom-user-authority"}),
-      claims = {
-          @Claim(name = "user_id", value = "6", type = Long.class),
-          @Claim(name = "role_id", value = "1"),
-          @Claim(name = "is_social_user", value = "false")
-      })
+    client = @WithMockOAuth2Client(
+      clientId = "custom-client",
+      scope = {"custom-scope", "other-scope"},
+      authorities = {"custom-authority", "ROLE_CUSTOM_CLIENT"}),
+    user = @WithMockUser(
+      username = "custom-username",
+      authorities = {"custom-user-authority"}),
+    claims = @AttachClaims({
+      @Claim(name = "user_id", value = "6", type = Long.class),
+      @Claim(name = "role_id", value = "1"),
+      @Claim(name = "is_social_user", value = "false")
+    })
+}
 ```
 or
 ```java
 @AttachClaims(value = {
-  @Claim(name = "user_id", value = "6", type = Long.class),
-  @Claim(name = "role_id", value = "1"),
-  @Claim(name = "is_social_user", value = "false")
-}, claims = {ROLE_NAME, "ADMIN"})
+    @Claim(name = "user_id", value = "6", type = Long.class),
+    @Claim(name = "role_id", value = "1"),
+    @Claim(name = "is_social_user", value = "false")
+}, claims = {"role_name:ADMIN", "user_name=ahunigel"})
+@WithMockUser()
+```
+or
+```java
+@WithMockUserAndClaims(
+    @AttachClaims(value = {
+        @Claim(name = "user_id", value = "6", type = Long.class),
+        @Claim(name = "role_id", value = "1"),
+        @Claim(name = "is_social_user", value = "false")},
+        claims = {"role_name:ADMIN", "user_name=ahunigel"})
+)
 ```
-Refer to https://jitpack.io/#ahunigel/spring-security-oauth2-test for details.
 
 ## TODOs
 
 - For oauth2 request, add ability to set ResourceServerSecurityConfigurer.stateless to false, maybe add an 
-annotation like `@ResourceStateLess(false)`
+annotation like `@ResourceStateless(false)`
 
 - Add support for `RestTemplate`

src/main/java/com/github/ahunigel/test/security/AttachClaims.java

@@ -22,7 +22,7 @@
   Claim[] value();
 
   /**
-   * key-value paired string array, redundant value will be ignored
+   * key-value paired string array, separated by <code>:</code> or <code>=</code>
    * <p>
    * would merge with #value() if key is absent
    *

src/main/java/com/github/ahunigel/test/security/AttachClaimsTestExecutionListener.java

@@ -11,7 +11,6 @@
 import org.springframework.test.context.support.AbstractTestExecutionListener;
 
 import java.lang.reflect.AnnotatedElement;
-import java.util.HashMap;
 import java.util.Map;
 
 /**
@@ -47,9 +46,7 @@ private AttachClaims findAnnotation(AnnotatedElement annotated) {
   public void attachClaimsToAuthentication(AttachClaims annotation) {
     Authentication authentication = TestSecurityContextHolder.getContext().getAuthentication();
     if (authentication != null && authentication instanceof AbstractAuthenticationToken) {
-      Map<String, Object> claims = ClaimUtils.getClaims(annotation.value());
-      Map<String, String> stringMap = toMap(annotation.claims());
-      stringMap.entrySet().stream().forEach(entry -> claims.putIfAbsent(entry.getKey(), entry.getValue()));
+      Map<String, Object> claims = ClaimUtils.extractClaims(annotation);
       if (!claims.isEmpty()) {
         ((AbstractAuthenticationToken) authentication).setDetails(claims);
       }
@@ -58,11 +55,4 @@ public void attachClaimsToAuthentication(AttachClaims annotation) {
     }
   }
 
-  private Map<String, String> toMap(String[] claims) {
-    final Map<String, String> map = new HashMap<>();
-    for (int i = 0; i + 1 < claims.length; i += 2) {
-      map.put(claims[i], claims[i + 1]);
-    }
-    return map;
-  }
 }

src/main/java/com/github/ahunigel/test/security/WithMockUserAndClaims.java

@@ -28,15 +28,15 @@
 @WithSecurityContext(factory = WithMockUserAndClaims.WithMockUserWithClaimsSecurityContextFactory.class)
 public @interface WithMockUserAndClaims {
   /**
-   * Return the contained {@link Claim} annotations.
+   * Return the contained {@link AttachClaims} annotations.
    *
    * @return the claims
    */
   @AliasFor("claims")
-  Claim[] value();
+  AttachClaims value();
 
   @AliasFor("value")
-  Claim[] claims();
+  AttachClaims claims();
 
   WithMockUser user() default @WithMockUser();
 
@@ -45,7 +45,7 @@ class WithMockUserWithClaimsSecurityContextFactory implements WithSecurityContex
     public SecurityContext createSecurityContext(WithMockUserAndClaims annotation) {
       SecurityContext context = MockUserUtils.getSecurityContext(annotation.user());
       Authentication authentication = context.getAuthentication();
-      Map<String, Object> claims = ClaimUtils.getClaims(annotation.value());
+      Map<String, Object> claims = ClaimUtils.extractClaims(annotation.value());
       if (!claims.isEmpty() && authentication instanceof AbstractAuthenticationToken) {
         ((AbstractAuthenticationToken) authentication).setDetails(claims);
       }

src/main/java/com/github/ahunigel/test/security/oauth2/WithMockOAuth2User.java

@@ -1,6 +1,6 @@
 package com.github.ahunigel.test.security.oauth2;
 
-import com.github.ahunigel.test.security.Claim;
+import com.github.ahunigel.test.security.AttachClaims;
 import com.github.ahunigel.test.security.util.ClaimUtils;
 import com.github.ahunigel.test.security.util.MockUserUtils;
 import org.springframework.security.core.context.SecurityContext;
@@ -29,11 +29,11 @@
   WithMockUser user() default @WithMockUser();
 
   /**
-   * Return the contained {@link Claim} annotations.
+   * Return the contained {@link AttachClaims} annotations.
    *
    * @return the claims
    */
-  Claim[] claims();
+  AttachClaims claims() default @AttachClaims({});
 
   class WithMockOAuth2UserSecurityContextFactory implements WithSecurityContextFactory<WithMockOAuth2User> {
 
@@ -43,7 +43,7 @@ public SecurityContext createSecurityContext(final WithMockOAuth2User annotation
       OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(
           WithMockOAuth2Client.WithMockOAuth2ClientSecurityContextFactory.getOAuth2Request(annotation.client()),
           MockUserUtils.getAuthentication(annotation.user()));
-      Map<String, Object> claims = ClaimUtils.getClaims(annotation.claims());
+      Map<String, Object> claims = ClaimUtils.extractClaims(annotation.claims());
       if (!claims.isEmpty()) {
         oAuth2Authentication.setDetails(claims);
       }

src/main/java/com/github/ahunigel/test/security/util/ClaimUtils.java

@@ -1,9 +1,11 @@
 package com.github.ahunigel.test.security.util;
 
+import com.github.ahunigel.test.security.AttachClaims;
 import com.github.ahunigel.test.security.Claim;
 import org.apache.commons.beanutils.ConvertUtils;
 
 import java.util.Arrays;
+import java.util.HashMap;
 import java.util.Map;
 import java.util.stream.Collectors;
 
@@ -17,10 +19,32 @@ private ClaimUtils() {
     throw new InstantiationError();
   }
 
-  public static Map<String, Object> getClaims(Claim[] claims) {
+  public static Map<String, Object> extractClaims(AttachClaims annotation) {
+    Map<String, Object> claims = extractClaims(annotation.value());
+    Map<String, String> pairs = extractClaims(annotation.claims());
+    pairs.entrySet().stream().forEach(entry -> claims.putIfAbsent(entry.getKey(), entry.getValue()));
+    return claims;
+  }
+
+  public static Map<String, Object> extractClaims(Claim[] claims) {
     return Arrays.stream(claims)
         .collect(Collectors.toMap(Claim::name, claim ->
             ConvertUtils.convert(claim.value(), claim.type())
         ));
   }
+
+  public static Map<String, String> extractClaims(String... pairs) {
+    final Map<String, String> map = new HashMap<>();
+    for (String pair : pairs) {
+      String separator = ":";
+      if (!pair.contains(separator) && pair.contains("=")) {
+        separator = "=";
+      }
+      int index = pair.indexOf(separator);
+      String key = pair.substring(0, index > 0 ? index : pair.length());
+      String value = index > 0 ? pair.substring(index + 1) : null;
+      map.put(key, value);
+    }
+    return map;
+  }
 }