jakarta.ws.rs.core.SecurityContext throws exception when testing in Quarkus

[tol3ador]

Custom class that has jakarta core @( at )Context SecurityContext throws following exception:

Method threw 'java.lang.IllegalStateException' exception. Cannot evaluate jakarta.ws.rs.core.ContextProducers_ProducerMethod_securityContext_4dee4dfc4a691eaefdabc3490f54879a07ccb609_ClientProxy.toString()

This happens when I do testing and invoking service method to test, which has this custom class injected. We utilize SecurityContext to retrieve some information and do some checks later in code.

Custom class is @RequestScoped.

We tried some different approaches from Quarkus documentation but without success. Is there a way to mock or initialize SecurityContext when doing unit tests or to have it in some test scope? How do you do unit test when having @context SecurityContext usage?

[sberyozkin]

@tol3ador If your endpoint had an injected Quarkus SecurityIdentity then, with the @TestSecurity annotation, the unit tests should be working, please see
https://quarkus.io/guides/security-testing#testing-security

and also:

https://quarkus.io/guides/security-customization#jaxrs-security-context
(the filter creating a custom context should be in the pre-match state).

If you do prefer to keep @Context SecurityContext then in order to unit test it, there'd have to be a CDI producer registered as part of the test setup, but I haven't done it before. If you can, replace it with @Inject SecurityIdentity and it should be fine. If you decide to do it, then, instead of customizing SecurityContext, consider registering SecurityIdentityAugmentor instead