Skip to content

Commit

Permalink
upgrade springboot version and some related unit test fixes (WebGoat#904
Browse files Browse the repository at this point in the history 
)

* upgrade springboot version and some related unit test fixes

* removed log for test

* removed junit version property
  • Loading branch information
@zubcevic
zubcevic authored Nov 28, 2020
1 parent 8235ea0 commit 89f4322
Show file tree
Hide file tree
Showing 13 changed files with 81 additions and 78 deletions.
7 changes: 5 additions & 2 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.2.2.RELEASE</version>
<version>2.4.0</version>
</parent>

<licenses>
Expand Down Expand Up @@ -127,7 +127,6 @@
<commons-lang3.version>3.4</commons-lang3.version>
<commons-io.version>2.6</commons-io.version>
<guava.version>18.0</guava.version>
<junit.version>4.12</junit.version>
<lombok.version>1.18.4</lombok.version>
<maven-compiler-plugin.version>3.8.0</maven-compiler-plugin.version>
<maven-failsafe-plugin.version>2.22.0</maven-failsafe-plugin.version>
Expand All @@ -148,6 +147,10 @@
</modules>

<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
Expand Down
6 changes: 3 additions & 3 deletions webgoat-integration-tests/src/test/java/org/owasp/webgoat/GeneralLessonTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
import io.restassured.RestAssured;
import io.restassured.http.ContentType;
import org.hamcrest.CoreMatchers;
import org.junit.Assert;
import org.hamcrest.MatcherAssert;
import org.junit.jupiter.api.Test;

import java.util.HashMap;
Expand Down Expand Up @@ -38,7 +38,7 @@ public void httpBasics() {
@Test
public void httpProxies() {
startLesson("HttpProxies");
Assert.assertThat(RestAssured.given()
MatcherAssert.assertThat(RestAssured.given()
.when().relaxedHTTPSValidation().cookie("JSESSIONID", getWebGoatCookie()).header("x-request-intercepted", "true")
.contentType(ContentType.JSON)
.get(url("HttpProxies/intercept-request?changeMe=Requests are tampered easily"))
Expand Down Expand Up @@ -114,7 +114,7 @@ public void securePasswords() {
checkResults("/auth-bypass/");

startLesson("HttpProxies");
Assert.assertThat(RestAssured.given().when().relaxedHTTPSValidation().cookie("JSESSIONID", getWebGoatCookie()).header("x-request-intercepted", "true")
MatcherAssert.assertThat(RestAssured.given().when().relaxedHTTPSValidation().cookie("JSESSIONID", getWebGoatCookie()).header("x-request-intercepted", "true")
.contentType(ContentType.JSON)
.get(url("/WebGoat/HttpProxies/intercept-request?changeMe=Requests are tampered easily")).then()
.statusCode(200).extract().path("lessonCompleted"), CoreMatchers.is(true));
Expand Down
8 changes: 4 additions & 4 deletions webgoat-integration-tests/src/test/java/org/owasp/webgoat/IDORTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
import java.util.Map;

import org.hamcrest.CoreMatchers;
import org.junit.Assert;
import org.hamcrest.MatcherAssert;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DynamicTest;
Expand Down Expand Up @@ -53,7 +53,7 @@ private void loginIDOR() throws IOException {
}

private void profile() {
Assert.assertThat(
MatcherAssert.assertThat(
RestAssured.given()
.when()
.relaxedHTTPSValidation()
Expand All @@ -70,7 +70,7 @@ private void profile() {
params.put("url", "WebGoat/IDOR/profile/2342384");
checkAssignment(url("/WebGoat/IDOR/profile/alt-path"), params, true);

Assert.assertThat(
MatcherAssert.assertThat(
RestAssured.given()
.when()
.relaxedHTTPSValidation()
Expand All @@ -80,7 +80,7 @@ private void profile() {
.statusCode(200)
.extract().path("lessonCompleted"), CoreMatchers.is(true));

Assert.assertThat(
MatcherAssert.assertThat(
RestAssured.given()
.when()
.relaxedHTTPSValidation()
Expand Down
20 changes: 7 additions & 13 deletions webgoat-integration-tests/src/test/java/org/owasp/webgoat/IntegrationTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,7 @@
import io.restassured.http.ContentType;
import lombok.Getter;
import org.hamcrest.CoreMatchers;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.hamcrest.MatcherAssert;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.BeforeEach;
Expand Down Expand Up @@ -49,7 +46,6 @@ public abstract class IntegrationTest {

private static boolean started = false;

@BeforeClass
@BeforeAll
public static void beforeAll() {
if (WG_SSL) {
Expand Down Expand Up @@ -91,7 +87,6 @@ protected String webWolfUrl(String url) {
return WEBWOLF_URL + url;
}

@Before
@BeforeEach
public void login() {

Expand Down Expand Up @@ -143,7 +138,6 @@ public void login() {
.cookie("WEBWOLFSESSION");
}

@After
@AfterEach
public void logout() {
RestAssured.given()
Expand Down Expand Up @@ -193,7 +187,7 @@ public void startLesson(String lessonName, boolean restart) {
* @param expectedResult
*/
public void checkAssignment(String url, Map<String, ?> params, boolean expectedResult) {
Assert.assertThat(
MatcherAssert.assertThat(
RestAssured.given()
.when()
.relaxedHTTPSValidation()
Expand All @@ -215,7 +209,7 @@ public void checkAssignment(String url, Map<String, ?> params, boolean expectedR
* @param expectedResult
*/
public void checkAssignmentWithPUT(String url, Map<String, ?> params, boolean expectedResult) {
Assert.assertThat(
MatcherAssert.assertThat(
RestAssured.given()
.when()
.relaxedHTTPSValidation()
Expand All @@ -231,7 +225,7 @@ public void checkAssignmentWithPUT(String url, Map<String, ?> params, boolean ex
public void checkResults(String prefix) {
checkResults();

Assert.assertThat(RestAssured.given()
MatcherAssert.assertThat(RestAssured.given()
.when()
.relaxedHTTPSValidation()
.cookie("JSESSIONID", getWebGoatCookie())
Expand All @@ -242,7 +236,7 @@ public void checkResults(String prefix) {
}

public void checkResults() {
Assert.assertThat(RestAssured.given()
MatcherAssert.assertThat(RestAssured.given()
.when()
.relaxedHTTPSValidation()
.cookie("JSESSIONID", getWebGoatCookie())
Expand All @@ -252,7 +246,7 @@ public void checkResults() {
}

public void checkAssignment(String url, ContentType contentType, String body, boolean expectedResult) {
Assert.assertThat(
MatcherAssert.assertThat(
RestAssured.given()
.when()
.relaxedHTTPSValidation()
Expand All @@ -266,7 +260,7 @@ public void checkAssignment(String url, ContentType contentType, String body, bo
}

public void checkAssignmentWithGet(String url, Map<String, ?> params, boolean expectedResult) {
Assert.assertThat(
MatcherAssert.assertThat(
RestAssured.given()
.when()
.relaxedHTTPSValidation()
Expand Down
10 changes: 5 additions & 5 deletions webgoat-integration-tests/src/test/java/org/owasp/webgoat/JWTLessonTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
import java.util.Map;

import org.hamcrest.CoreMatchers;
import org.junit.Assert;
import org.hamcrest.MatcherAssert;
import org.junit.jupiter.api.Test;
import org.owasp.webgoat.jwt.JWTSecretKeyEndpoint;

Expand Down Expand Up @@ -86,7 +86,7 @@ private void findPassword() throws IOException, NoSuchAlgorithmException, Invali

String secret = getSecretToken(accessToken);

Assert.assertThat(
MatcherAssert.assertThat(
RestAssured.given()
.when()
.relaxedHTTPSValidation()
Expand Down Expand Up @@ -126,7 +126,7 @@ private void resetVotes() throws IOException {
.concat(new String(Base64.getUrlEncoder().encode(bodyObject.toString().getBytes())).toString())
.concat(".").replace("=", "");

Assert.assertThat(
MatcherAssert.assertThat(
RestAssured.given()
.when()
.relaxedHTTPSValidation()
Expand Down Expand Up @@ -154,7 +154,7 @@ private void buyAsTom() throws IOException {
.concat(new String(Base64.getUrlEncoder().encode(body.getBytes())).toString())
.concat(".").replace("=", "");

Assert.assertThat(RestAssured.given()
MatcherAssert.assertThat(RestAssured.given()
.when().relaxedHTTPSValidation()
.cookie("JSESSIONID", getWebGoatCookie())
.header("Authorization","Bearer "+replacedToken)
Expand All @@ -180,7 +180,7 @@ private void deleteTom() {
.claim("Role", new String[] {"Manager", "Project Administrator"})
.signWith(SignatureAlgorithm.HS256, "deletingTom").compact();

Assert.assertThat(RestAssured.given()
MatcherAssert.assertThat(RestAssured.given()
.when().relaxedHTTPSValidation()
.cookie("JSESSIONID", getWebGoatCookie())
.post(url("/WebGoat/JWT/final/delete?token="+token))
Expand Down
8 changes: 4 additions & 4 deletions webgoat-integration-tests/src/test/java/org/owasp/webgoat/PathTraversalTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
import java.util.Map;

import org.hamcrest.CoreMatchers;
import org.junit.Assert;
import org.hamcrest.MatcherAssert;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DynamicTest;
Expand Down Expand Up @@ -49,7 +49,7 @@ Iterable<DynamicTest> testPathTraversal() {
}

public void assignment1() throws IOException {
Assert.assertThat(
MatcherAssert.assertThat(
RestAssured.given()
.when()
.relaxedHTTPSValidation()
Expand All @@ -63,7 +63,7 @@ public void assignment1() throws IOException {
}

public void assignment2() throws IOException {
Assert.assertThat(
MatcherAssert.assertThat(
RestAssured.given()
.when()
.relaxedHTTPSValidation()
Expand All @@ -77,7 +77,7 @@ public void assignment2() throws IOException {
}

public void assignment3() throws IOException {
Assert.assertThat(
MatcherAssert.assertThat(
RestAssured.given()
.when()
.relaxedHTTPSValidation()
Expand Down
2 changes: 1 addition & 1 deletion webgoat-integration-tests/src/test/java/org/owasp/webgoat/SqlInjectionMitigationTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ public void runTests() {
.get(url("/WebGoat/SqlInjectionMitigations/servers?column=unknown"))
.then()
.statusCode(500)
.body("message", containsString("select id, hostname, ip, mac, status, description from servers where status <> 'out of order' order by"));
.body("trace", containsString("select id, hostname, ip, mac, status, description from servers where status <> 'out of order' order by"));

params.clear();
params.put("ip", "104.130.219.202");
Expand Down
2 changes: 1 addition & 1 deletion webgoat-integration-tests/src/test/java/org/owasp/webgoat/WebWolfTest.java
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
package org.owasp.webgoat;

import static org.junit.Assert.assertTrue;
import static org.junit.jupiter.api.Assertions.assertTrue;

import java.io.IOException;
import java.util.HashMap;
Expand Down
4 changes: 4 additions & 0 deletions webwolf/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,10 @@
</parent>

<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.datatype</groupId>
<artifactId>jackson-datatype-jsr310</artifactId>
Expand Down
37 changes: 20 additions & 17 deletions webwolf/src/test/java/org/owasp/webwolf/mailbox/MailboxControllerTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,12 +22,20 @@

package org.owasp.webwolf.mailbox;

import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.collect.Lists;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import static org.hamcrest.CoreMatchers.containsString;
import static org.hamcrest.CoreMatchers.not;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.view;

import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;

import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mockito;
import org.owasp.webwolf.user.UserService;
import org.springframework.beans.factory.annotation.Autowired;
Expand All @@ -36,19 +44,14 @@
import org.springframework.http.MediaType;
import org.springframework.security.test.context.support.WithMockUser;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.context.junit.jupiter.SpringExtension;
import org.springframework.test.web.servlet.MockMvc;

import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;

import static org.hamcrest.CoreMatchers.containsString;
import static org.hamcrest.CoreMatchers.not;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.collect.Lists;

@RunWith(SpringRunner.class)
@ExtendWith(SpringExtension.class)
@WebMvcTest(MailboxController.class)
@ActiveProfiles({"test", "webwolf"})
public class MailboxControllerTest {
Expand All @@ -66,7 +69,7 @@ public class MailboxControllerTest {
public static class EmailMixIn {
}

@Before
@BeforeEach
public void setup() {
objectMapper.addMixIn(Email.class, EmailMixIn.class);
}
Expand Down
17 changes: 8 additions & 9 deletions webwolf/src/test/java/org/owasp/webwolf/mailbox/MailboxRepositoryTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,20 +22,19 @@

package org.owasp.webwolf.mailbox;

import org.hamcrest.CoreMatchers;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest;
import org.springframework.test.context.junit4.SpringRunner;
import static org.junit.jupiter.api.Assertions.assertEquals;

import java.time.LocalDateTime;
import java.util.List;

import static org.junit.Assert.*;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest;
import org.springframework.test.context.junit.jupiter.SpringExtension;

@DataJpaTest
@RunWith(SpringRunner.class)
@ExtendWith(SpringExtension.class)
public class MailboxRepositoryTest {


Expand Down Expand Up @@ -65,7 +64,7 @@ public void savedEmailShouldBeFoundByReceipient() {

List<Email> emails = mailboxRepository.findByRecipientOrderByTimeDesc("[email protected]");

assertThat(emails.size(), CoreMatchers.is(1));
assertEquals(emails.size(), 1);
}

}
Loading

0 comments on commit 89f4322

Please sign in to comment.