Bael 9146 (#18272)

wynnteo · web-flow · commit d1435a3d7c06 · 2025-02-18T20:46:00.000-06:00
* BAEL-9146 refine the test case

* update the test case
diff --git a/testing-modules/mocks-3/src/test/java/com/baeldung/mockjwt/jwtdecoder/junit/MockJwtDecoderJUnitTest.java b/testing-modules/mocks-3/src/test/java/com/baeldung/mockjwt/jwtdecoder/junit/MockJwtDecoderJUnitTest.java
@@ -1,28 +1,43 @@
 package com.baeldung.mockjwt.jwtdecoder.junit;
 
+import static org.junit.Assert.assertTrue;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.mockito.ArgumentMatchers.anyString;
 import static org.mockito.Mockito.when;
 
 import java.time.Instant;
+import java.time.temporal.ChronoUnit;
 import java.util.Arrays;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
+import java.util.stream.Collectors;
 
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
+import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.oauth2.core.OAuth2Error;
 import org.springframework.security.oauth2.jwt.Jwt;
 import org.springframework.security.oauth2.jwt.JwtDecoder;
 import org.springframework.security.oauth2.jwt.JwtValidationException;
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
+import org.springframework.test.web.servlet.MockMvc;
+
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 @ExtendWith(MockitoExtension.class)
 public class MockJwtDecoderJUnitTest {
@@ -70,47 +85,65 @@ void whenTokenHasCustomClaims_thenProcessesCorrectly() {
             .claims(existingClaims -> existingClaims.putAll(claims))
             .build();
 
+        List<GrantedAuthority> authorities = ((List<String>) jwt.getClaim("roles")).stream()
+            .map(role -> new SimpleGrantedAuthority(role))
+            .collect(Collectors.toList());
+
+        JwtAuthenticationToken authentication = new JwtAuthenticationToken(jwt, authorities, jwt.getClaim("sub"));
+        SecurityContextHolder.getContext()
+            .setAuthentication(authentication);
+
         ResponseEntity<String> response = userController.getUserInfo(jwt);
 
         assertEquals("Hello, john.doe", response.getBody());
         assertEquals(HttpStatus.OK, response.getStatusCode());
+
+        assertTrue(authentication.getAuthorities()
+            .stream()
+            .anyMatch(auth -> auth.getAuthority()
+                .equals("ROLE_ADMIN")));
     }
 
     @Test
     void whenInvalidToken_thenThrowsException() {
         Map<String, Object> claims = new HashMap<>();
-        claims.put("sub", "invalid.user");
+        claims.put("sub", null);
 
         Jwt invalidJwt = Jwt.withTokenValue("invalid_token")
             .header("alg", "none")
             .claims(existingClaims -> existingClaims.putAll(claims))
             .build();
 
-        when(jwtDecoder.decode("invalid_token")).thenThrow(new JwtValidationException("Invalid token", Arrays.asList(new OAuth2Error("invalid_token"))));
+        JwtAuthenticationToken authentication = new JwtAuthenticationToken(invalidJwt);
+        SecurityContextHolder.getContext()
+            .setAuthentication(authentication);
 
-        JwtValidationException thrown = assertThrows(JwtValidationException.class, () -> jwtDecoder.decode("invalid_token"));
+        JwtValidationException exception = assertThrows(JwtValidationException.class, () -> {
+            userController.getUserInfo(invalidJwt);
+        });
 
-        assertEquals("Invalid token", thrown.getMessage());
+        assertEquals("Invalid token", exception.getMessage());
     }
 
     @Test
-    void whenTokenExpired_thenThrowsException() {
+    void whenExpiredToken_thenThrowsException() throws Exception {
+        // Simulate an expired JWT
         Map<String, Object> claims = new HashMap<>();
-        claims.put("sub", "expired.user");
-        claims.put("exp", Instant.now()
-            .minusSeconds(3600));
-        claims.put("iat", Instant.now()
-            .minusSeconds(7200));
+        claims.put("sub", "john.doe");
+        claims.put("exp", Instant.now().minus(1, ChronoUnit.DAYS));
 
         Jwt expiredJwt = Jwt.withTokenValue("expired_token")
             .header("alg", "none")
             .claims(existingClaims -> existingClaims.putAll(claims))
             .build();
 
-        when(jwtDecoder.decode("expired_token")).thenThrow(new JwtValidationException("Token expired", Arrays.asList(new OAuth2Error("invalid_token"))));
-
-        JwtValidationException thrown = assertThrows(JwtValidationException.class, () -> jwtDecoder.decode("expired_token"));
+        JwtAuthenticationToken authentication = new JwtAuthenticationToken(expiredJwt);
+        SecurityContextHolder.getContext()
+            .setAuthentication(authentication);
+        JwtValidationException exception = assertThrows(JwtValidationException.class, () -> {
+            userController.getUserInfo(expiredJwt);
+        });
 
-        assertEquals("Token expired", thrown.getMessage());
+        assertEquals("Token has expired", exception.getMessage());
     }
 }
diff --git a/testing-modules/mocks-3/src/test/java/com/baeldung/mockjwt/jwtdecoder/junit/UserController.java b/testing-modules/mocks-3/src/test/java/com/baeldung/mockjwt/jwtdecoder/junit/UserController.java
@@ -1,8 +1,13 @@
 package com.baeldung.mockjwt.jwtdecoder.junit;
 
+import java.time.Instant;
+import java.util.Arrays;
+
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.oauth2.core.OAuth2Error;
 import org.springframework.security.oauth2.jwt.Jwt;
+import org.springframework.security.oauth2.jwt.JwtValidationException;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -13,6 +18,15 @@ public class UserController {
 
     @GetMapping("/user")
     public ResponseEntity<String> getUserInfo(@AuthenticationPrincipal Jwt jwt) {
+        if (jwt == null || jwt.getSubject() == null) {
+            throw new JwtValidationException("Invalid token", Arrays.asList(new OAuth2Error("invalid_token")));
+        }
+
+        Instant expiration = jwt.getExpiresAt();
+        if (expiration != null && expiration.isBefore(Instant.now())) {
+            throw new JwtValidationException("Token has expired", Arrays.asList(new OAuth2Error("expired_token")));
+        }
+
         return ResponseEntity.ok("Hello, " + jwt.getSubject());
     }
 }
