Issue

  • The following tests in org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.CloudFoundryWebFluxEndpointIntegrationTests will fail when run at any time after running the test linksToOtherEndpointsForbidden()
  • operationWithSecurityInterceptorForbidden()
  • operationWithSecurityInterceptorSuccess()
  • linksToOtherEndpointsWithFullAccess()
  • linksToOtherEndpointsWithRestrictedAccess()
  • When the above mentioned tests are run after the test linksToOtherEndpointsForbidden(), we get the following error
invalid-token
org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundryAuthorizationException: invalid-token
    at app//org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.ReactiveTokenValidator.validate(ReactiveTokenValidator.java:53)
    at app//org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.CloudFoundryWebFluxEndpointIntegrationTests.operationWithSecurityInterceptorForbidden(CloudFoundryWebFluxEndpointIntegrationTests.java:97)
  • This makes the above mentioned tests to be order dependent

Reason

  • In the test CloudFoundryWebFluxEndpointIntegrationTests.linksToOtherEndpointsForbidden(), the ReactiveTokenValidator tokenValidator mock is set to throw CloudFoundryAuthorizationException when tokenValidator.validate(any()) is called. However, this is not reset after the unit test is run. https://github.com/spring-projects/spring-boot/blob/da67ce4a76091398ad336b49f4964a1b210568bb/spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/cloudfoundry/reactive/CloudFoundryWebFluxEndpointIntegrationTests.java#L170-L172
  • All the above mentioned tests mock the same validate(any()) method using given(tokenValidator.validate(any())).willReturn(Mono.empty());
  • So, when the above mentioned tests are called after linksToOtherEndpointsForbidden() without resetting the tokenValidator mock, the mock throws CloudFoundryAuthorizationException causing the tests to be order dependent

Steps to Reproduce

  • Run the above mentioned tests after running CloudFoundryWebFluxEndpointIntegrationTests.linksToOtherEndpointsForbidden()

Proposed Fix

  • Since using the same polluted state of the tokenValidator mock causes this issue, resetting the mock's state after each test run will resolve this issue.
  • Adding a tearDown() method with @AfterEach where the tokenValidator state is reset using Mockito.reset() will solve this issue.
  • I am happy to discuss further about this issue, and I can create a PR with the proposed fix

Version

  • Spring Version: 3.1.5

Comment From: wilkinsona

Thanks for the analysis and the description of one way to fix it. Rather than reseting the mocks, I'd prefer that the static state is removed. We can take care of that.

Comment From: SaaiVenkat

@wilkinsona , Thanks for your feedback.

  • The following tests in org.springframework.boot.actuate.autoconfigure.cloudfoundry.servlet.CloudFoundryMvcWebEndpointIntegrationTests also face the same issue, when run at any time after running the test linksToOtherEndpointsForbidden()
  • operationWithSecurityInterceptorForbidden()
  • operationWithSecurityInterceptorSuccess()
  • linksToOtherEndpointsWithFullAccess()
  • linksToOtherEndpointsWithRestrictedAccess()
java.lang.AssertionError: Status expected:<403 FORBIDDEN> but was:<401 UNAUTHORIZED>
    at org.springframework.test.util.AssertionErrors.fail(AssertionErrors.java:59)
    at org.springframework.test.util.AssertionErrors.assertEquals(AssertionErrors.java:122)
    at org.springframework.test.web.reactive.server.StatusAssertions.lambda$isEqualTo$0(StatusAssertions.java:53)
    at org.springframework.test.web.reactive.server.ExchangeResult.assertWithDiagnostics(ExchangeResult.java:222)
    at org.springframework.test.web.reactive.server.StatusAssertions.isEqualTo(StatusAssertions.java:53)
    at org.springframework.boot.actuate.autoconfigure.cloudfoundry.servlet.CloudFoundryMvcWebEndpointIntegrationTests.lambda$operationWithSecurityInterceptorForbidden$0(CloudFoundryMvcWebEndpointIntegrationTests.java:92)
    at org.springframework.boot.actuate.autoconfigure.cloudfoundry.servlet.CloudFoundryMvcWebEndpointIntegrationTests.lambda$load$2(CloudFoundryMvcWebEndpointIntegrationTests.java:216)
    at org.springframework.boot.actuate.autoconfigure.cloudfoundry.servlet.CloudFoundryMvcWebEndpointIntegrationTests.load(CloudFoundryMvcWebEndpointIntegrationTests.java:219)
    at org.springframework.boot.actuate.autoconfigure.cloudfoundry.servlet.CloudFoundryMvcWebEndpointIntegrationTests.operationWithSecurityInterceptorForbidden(CloudFoundryMvcWebEndpointIntegrationTests.java:85)

The reason is same as this issue.

Comment From: wilkinsona

Thanks again. It looks we can remove the static state there too.