(window.webpackJsonp=window.webpackJsonp||[]).push([[663],{1094:function(t,a,e){"use strict";e.r(a);var s=e(56),r=Object(s.a)({},(function(){var t=this,a=t.$createElement,e=t._self._c||a;return e("ContentSlotsDistributor",{attrs:{"slot-key":t.$parent.slotKey}},[e("h2",{attrs:{id:"安全mckmvcresultmatchers"}},[e("a",{staticClass:"header-anchor",attrs:{href:"#安全mckmvcresultmatchers"}},[t._v("#")]),t._v(" 安全mckmvcresultmatchers")]),t._v(" "),e("p",[t._v("有时，希望对请求做出各种与安全相关的断言。为了满足这一需求， Spring 安全测试支持实现了 Spring MVC测试的"),e("code",[t._v("ResultMatcher")]),t._v("接口。为了使用 Spring Security的"),e("code",[t._v("ResultMatcher")]),t._v("实现，确保使用以下静态导入：")]),t._v(" "),e("p",[t._v("Java")]),t._v(" "),e("div",{staticClass:"language- extra-class"},[e("pre",{pre:!0,attrs:{class:"language-text"}},[e("code",[t._v("import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.*;\n")])])]),e("p",[t._v("Kotlin")]),t._v(" "),e("div",{staticClass:"language- extra-class"},[e("pre",{pre:!0,attrs:{class:"language-text"}},[e("code",[t._v("import org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.*\n")])])]),e("h3",{attrs:{id:"未经验证的断言"}},[e("a",{staticClass:"header-anchor",attrs:{href:"#未经验证的断言"}},[t._v("#")]),t._v(" 未经验证的断言")]),t._v(" "),e("p",[t._v("有时，断言没有经过身份验证的用户与"),e("code",[t._v("MockMvc")]),t._v("调用的结果相关联可能是有价值的。例如，你可能想要测试提交的用户名和密码是否无效，并验证是否有用户通过了身份验证。使用 Spring Security的测试支持，你可以很容易地使用以下内容来实现这一点：")]),t._v(" "),e("p",[t._v("Java")]),t._v(" "),e("div",{staticClass:"language- extra-class"},[e("pre",{pre:!0,attrs:{class:"language-text"}},[e("code",[t._v('mvc\n\t.perform(formLogin().password("invalid"))\n\t.andExpect(unauthenticated());\n')])])]),e("p",[t._v("Kotlin")]),t._v(" "),e("div",{staticClass:"language- extra-class"},[e("pre",{pre:!0,attrs:{class:"language-text"}},[e("code",[t._v('mvc\n    .perform(formLogin().password("invalid"))\n    .andExpect { unauthenticated() }\n')])])]),e("h3",{attrs:{id:"经过验证的断言"}},[e("a",{staticClass:"header-anchor",attrs:{href:"#经过验证的断言"}},[t._v("#")]),t._v(" 经过验证的断言")]),t._v(" "),e("p",[t._v("通常情况下，我们必须断言存在经过身份验证的用户。例如，我们可能想要验证我们的身份验证是否成功。我们可以使用以下代码片段来验证基于表单的登录是否成功：")]),t._v(" "),e("p",[t._v("Java")]),t._v(" "),e("div",{staticClass:"language- extra-class"},[e("pre",{pre:!0,attrs:{class:"language-text"}},[e("code",[t._v("mvc\n\t.perform(formLogin())\n\t.andExpect(authenticated());\n")])])]),e("p",[t._v("Kotlin")]),t._v(" "),e("div",{staticClass:"language- extra-class"},[e("pre",{pre:!0,attrs:{class:"language-text"}},[e("code",[t._v("mvc\n    .perform(formLogin())\n    .andExpect { authenticated() }\n")])])]),e("p",[t._v("如果我们想要确定用户的角色，我们可以改进以前的代码，如下所示：")]),t._v(" "),e("p",[t._v("Java")]),t._v(" "),e("div",{staticClass:"language- extra-class"},[e("pre",{pre:!0,attrs:{class:"language-text"}},[e("code",[t._v('mvc\n\t.perform(formLogin().user("admin"))\n\t.andExpect(authenticated().withRoles("USER","ADMIN"));\n')])])]),e("p",[t._v("Kotlin")]),t._v(" "),e("div",{staticClass:"language- extra-class"},[e("pre",{pre:!0,attrs:{class:"language-text"}},[e("code",[t._v('mvc\n    .perform(formLogin())\n    .andExpect { authenticated().withRoles("USER","ADMIN") }\n')])])]),e("p",[t._v("或者，我们可以验证用户名：")]),t._v(" "),e("p",[t._v("Java")]),t._v(" "),e("div",{staticClass:"language- extra-class"},[e("pre",{pre:!0,attrs:{class:"language-text"}},[e("code",[t._v('mvc\n\t.perform(formLogin().user("admin"))\n\t.andExpect(authenticated().withUsername("admin"));\n')])])]),e("p",[t._v("Kotlin")]),t._v(" "),e("div",{staticClass:"language- extra-class"},[e("pre",{pre:!0,attrs:{class:"language-text"}},[e("code",[t._v('mvc\n    .perform(formLogin().user("admin"))\n    .andExpect { authenticated().withUsername("admin") }\n')])])]),e("p",[t._v("我们也可以将这些断言结合起来：")]),t._v(" "),e("p",[t._v("Java")]),t._v(" "),e("div",{staticClass:"language- extra-class"},[e("pre",{pre:!0,attrs:{class:"language-text"}},[e("code",[t._v('mvc\n\t.perform(formLogin().user("admin"))\n\t.andExpect(authenticated().withUsername("admin").withRoles("USER", "ADMIN"));\n')])])]),e("p",[t._v("Kotlin")]),t._v(" "),e("div",{staticClass:"language- extra-class"},[e("pre",{pre:!0,attrs:{class:"language-text"}},[e("code",[t._v('mvc\n    .perform(formLogin().user("admin"))\n    .andExpect { authenticated().withUsername("admin").withRoles("USER", "ADMIN") }\n')])])]),e("p",[t._v("我们还可以对身份验证进行任意断言。")]),t._v(" "),e("p",[t._v("Java")]),t._v(" "),e("div",{staticClass:"language- extra-class"},[e("pre",{pre:!0,attrs:{class:"language-text"}},[e("code",[t._v("mvc\n\t.perform(formLogin())\n\t.andExpect(authenticated().withAuthentication(auth ->\n\t\tassertThat(auth).isInstanceOf(UsernamePasswordAuthenticationToken.class)));\n")])])]),e("p",[t._v("Kotlin")]),t._v(" "),e("div",{staticClass:"language- extra-class"},[e("pre",{pre:!0,attrs:{class:"language-text"}},[e("code",[t._v("mvc\n    .perform(formLogin())\n    .andExpect {\n        authenticated().withAuthentication { auth ->\n            assertThat(auth).isInstanceOf(UsernamePasswordAuthenticationToken::class.java) }\n        }\n    }\n")])])]),e("p",[e("RouterLink",{attrs:{to:"/spring-security/request-builders.html"}},[t._v("安全请求者")]),e("RouterLink",{attrs:{to:"/spring-security/result-handlers.html"}},[t._v("安全结果制造者")])],1)])}),[],!1,null,null,null);a.default=r.exports}}]);