Question about usage of @WithMockJwtAuth #52
-
First of all, thank you very much for this great project. Since I can't get around with my questions, I thought to post the question here. I want to use this library to mock a brand new keycloak (version 18.0.0). My API routes are protected via method-level security. I tried from what I understood, but when I started implementing tests for the controller, I got a 200 response without any valid authorization. The mock user doesn't have any granted authorities, and the API is protected. test method:
Can you help me out? Thanks in advance and many greetings! |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
Hello @theexiile1305 , Sorry for late answer, I wasn't notified of your question. Did you have a look at the sample modules? More specifically at the tutorials section? You'll find a few working sample, including one with @WithMockJwtAuth. You might not have Side note, wit MokcMvc, the |
Beta Was this translation helpful? Give feedback.
Hello @theexiile1305 ,
Sorry for late answer, I wasn't notified of your question.
Did you have a look at the sample modules? More specifically at the tutorials section? You'll find a few working sample, including one with @WithMockJwtAuth.
You might not have
@Import
/@ComponentScan
your web-security config, (most probable reason for 200 on protected resource)Side note, wit MokcMvc, the
Authentication
instance is not build from the Authorization header (do not expect to find one). It is build by an authentication factory provided with test annotation. You can inspect the built Authentication by accessing it from SecurityContextHolder.getContext().getAuthentication()