upgrade springboot version and some related unit test fixes (#904)

* upgrade springboot version and some related unit test fixes * removed log for test * removed junit version property
2020-11-28 17:35:55 +01:00 · 2020-11-28 17:35:55 +01:00 · 89f43229ab
commit 89f43229ab
parent 8235ea0f58
13 changed files with 84 additions and 81 deletions
--- a/pom.xml
+++ b/pom.xml
@ -21,7 +21,7 @@
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
-        <version>2.2.2.RELEASE</version>
+        <version>2.4.0</version>
    </parent>
    <licenses>
@ -127,7 +127,6 @@
        <commons-lang3.version>3.4</commons-lang3.version>
        <commons-io.version>2.6</commons-io.version>
        <guava.version>18.0</guava.version>
        <junit.version>4.12</junit.version>
        <lombok.version>1.18.4</lombok.version>
        <maven-compiler-plugin.version>3.8.0</maven-compiler-plugin.version>
        <maven-failsafe-plugin.version>2.22.0</maven-failsafe-plugin.version>
@ -148,6 +147,10 @@
    </modules>
    <dependencies>
 	    <dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-validation</artifactId>
 		</dependency>
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
--- a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/GeneralLessonTest.java
+++ b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/GeneralLessonTest.java
@ -3,7 +3,7 @@ package org.owasp.webgoat;
 import io.restassured.RestAssured;
 import io.restassured.http.ContentType;
 import org.hamcrest.CoreMatchers;
-import org.junit.Assert;
+import org.hamcrest.MatcherAssert;
 import org.junit.jupiter.api.Test;
 import java.util.HashMap;
@ -38,7 +38,7 @@ public class GeneralLessonTest extends IntegrationTest {
    @Test
    public void httpProxies() {
        startLesson("HttpProxies");
-        Assert.assertThat(RestAssured.given()
+        MatcherAssert.assertThat(RestAssured.given()
                .when().relaxedHTTPSValidation().cookie("JSESSIONID", getWebGoatCookie()).header("x-request-intercepted", "true")
                .contentType(ContentType.JSON)
                .get(url("HttpProxies/intercept-request?changeMe=Requests are tampered easily"))
@ -114,7 +114,7 @@ public class GeneralLessonTest extends IntegrationTest {
        checkResults("/auth-bypass/");
        startLesson("HttpProxies");
-        Assert.assertThat(RestAssured.given().when().relaxedHTTPSValidation().cookie("JSESSIONID", getWebGoatCookie()).header("x-request-intercepted", "true")
+        MatcherAssert.assertThat(RestAssured.given().when().relaxedHTTPSValidation().cookie("JSESSIONID", getWebGoatCookie()).header("x-request-intercepted", "true")
                .contentType(ContentType.JSON)
                .get(url("/WebGoat/HttpProxies/intercept-request?changeMe=Requests are tampered easily")).then()
                .statusCode(200).extract().path("lessonCompleted"), CoreMatchers.is(true));
--- a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/IDORTest.java
+++ b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/IDORTest.java
@ -9,7 +9,7 @@ import java.util.HashMap;
 import java.util.Map;
 import org.hamcrest.CoreMatchers;
-import org.junit.Assert;
+import org.hamcrest.MatcherAssert;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.DynamicTest;
@ -53,7 +53,7 @@ public class IDORTest extends IntegrationTest {
    }
    private void profile() {
-    	Assert.assertThat(
+    	MatcherAssert.assertThat(
                RestAssured.given()
                        .when()
                        .relaxedHTTPSValidation()
@ -70,7 +70,7 @@ public class IDORTest extends IntegrationTest {
        params.put("url", "WebGoat/IDOR/profile/2342384");
        checkAssignment(url("/WebGoat/IDOR/profile/alt-path"), params, true);
-        Assert.assertThat(
+        MatcherAssert.assertThat(
                RestAssured.given()
                        .when()
                        .relaxedHTTPSValidation()
@ -80,7 +80,7 @@ public class IDORTest extends IntegrationTest {
                        .statusCode(200)
                        .extract().path("lessonCompleted"), CoreMatchers.is(true));
-        Assert.assertThat(
+        MatcherAssert.assertThat(
                RestAssured.given()
                        .when()
                        .relaxedHTTPSValidation()
--- a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/IntegrationTest.java
+++ b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/IntegrationTest.java
@ -4,10 +4,7 @@ import io.restassured.RestAssured;
 import io.restassured.http.ContentType;
 import lombok.Getter;
 import org.hamcrest.CoreMatchers;
-import org.junit.After;
+import org.hamcrest.MatcherAssert;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.BeforeClass;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.BeforeEach;
@ -49,7 +46,6 @@ public abstract class IntegrationTest {
    private static boolean started = false;
    @BeforeClass
    @BeforeAll
    public static void beforeAll() {
        if (WG_SSL) {
@ -91,7 +87,6 @@ public abstract class IntegrationTest {
        return WEBWOLF_URL + url;
    }
    @Before
    @BeforeEach
    public void login() {
@ -143,7 +138,6 @@ public abstract class IntegrationTest {
                .cookie("WEBWOLFSESSION");
    }
    @After
    @AfterEach
    public void logout() {
        RestAssured.given()
@ -193,7 +187,7 @@ public abstract class IntegrationTest {
     * @param expectedResult
     */
    public void checkAssignment(String url, Map<String, ?> params, boolean expectedResult) {
-        Assert.assertThat(
+        MatcherAssert.assertThat(
                RestAssured.given()
                        .when()
                        .relaxedHTTPSValidation()
@ -215,7 +209,7 @@ public abstract class IntegrationTest {
     * @param expectedResult
     */
    public void checkAssignmentWithPUT(String url, Map<String, ?> params, boolean expectedResult) {
-        Assert.assertThat(
+    	MatcherAssert.assertThat(
                RestAssured.given()
                        .when()
                        .relaxedHTTPSValidation()
@ -231,7 +225,7 @@ public abstract class IntegrationTest {
    public void checkResults(String prefix) {
        checkResults();
-        Assert.assertThat(RestAssured.given()
+        MatcherAssert.assertThat(RestAssured.given()
                .when()
                .relaxedHTTPSValidation()
                .cookie("JSESSIONID", getWebGoatCookie())
@ -242,7 +236,7 @@ public abstract class IntegrationTest {
    }
    public void checkResults() {
-        Assert.assertThat(RestAssured.given()
+    	MatcherAssert.assertThat(RestAssured.given()
                .when()
                .relaxedHTTPSValidation()
                .cookie("JSESSIONID", getWebGoatCookie())
@ -252,7 +246,7 @@ public abstract class IntegrationTest {
    }
    public void checkAssignment(String url, ContentType contentType, String body, boolean expectedResult) {
-        Assert.assertThat(
+    	MatcherAssert.assertThat(
                RestAssured.given()
                        .when()
                        .relaxedHTTPSValidation()
@ -266,7 +260,7 @@ public abstract class IntegrationTest {
    }
    public void checkAssignmentWithGet(String url, Map<String, ?> params, boolean expectedResult) {
-        Assert.assertThat(
+    	MatcherAssert.assertThat(
                RestAssured.given()
                        .when()
                        .relaxedHTTPSValidation()
--- a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/JWTLessonTest.java
+++ b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/JWTLessonTest.java
@ -12,7 +12,7 @@ import java.util.HashMap;
 import java.util.Map;
 import org.hamcrest.CoreMatchers;
-import org.junit.Assert;
+import org.hamcrest.MatcherAssert;
 import org.junit.jupiter.api.Test;
 import org.owasp.webgoat.jwt.JWTSecretKeyEndpoint;
@ -86,7 +86,7 @@ public class JWTLessonTest extends IntegrationTest {
    	String secret = getSecretToken(accessToken);
-        Assert.assertThat(
+    	MatcherAssert.assertThat(
                RestAssured.given()
                        .when()
                        .relaxedHTTPSValidation()
@ -126,7 +126,7 @@ public class JWTLessonTest extends IntegrationTest {
        		.concat(new String(Base64.getUrlEncoder().encode(bodyObject.toString().getBytes())).toString())
        		.concat(".").replace("=", "");
-        Assert.assertThat(
+        MatcherAssert.assertThat(
                RestAssured.given()
                        .when()
                        .relaxedHTTPSValidation()
@ -154,7 +154,7 @@ public class JWTLessonTest extends IntegrationTest {
 				.concat(new String(Base64.getUrlEncoder().encode(body.getBytes())).toString())
 				.concat(".").replace("=", "");
-		Assert.assertThat(RestAssured.given()
+		MatcherAssert.assertThat(RestAssured.given()
 				.when().relaxedHTTPSValidation()
 				.cookie("JSESSIONID", getWebGoatCookie())
 				.header("Authorization","Bearer "+replacedToken)
@ -180,7 +180,7 @@ public class JWTLessonTest extends IntegrationTest {
 				.claim("Role", new String[] {"Manager", "Project Administrator"})
 				.signWith(SignatureAlgorithm.HS256, "deletingTom").compact();
-		Assert.assertThat(RestAssured.given()
+		MatcherAssert.assertThat(RestAssured.given()
 				.when().relaxedHTTPSValidation()
 				.cookie("JSESSIONID", getWebGoatCookie())
 				.post(url("/WebGoat/JWT/final/delete?token="+token))
--- a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/PathTraversalTest.java
+++ b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/PathTraversalTest.java
@ -10,7 +10,7 @@ import java.util.Arrays;
 import java.util.Map;
 import org.hamcrest.CoreMatchers;
-import org.junit.Assert;
+import org.hamcrest.MatcherAssert;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.DynamicTest;
@ -49,7 +49,7 @@ public class PathTraversalTest extends IntegrationTest {
    }
    public void assignment1() throws IOException {
-        Assert.assertThat(
+    	MatcherAssert.assertThat(
                RestAssured.given()
                        .when()
                        .relaxedHTTPSValidation()
@ -63,7 +63,7 @@ public class PathTraversalTest extends IntegrationTest {
    }
    public void assignment2() throws IOException {
-        Assert.assertThat(
+    	MatcherAssert.assertThat(
                RestAssured.given()
                        .when()
                        .relaxedHTTPSValidation()
@ -77,7 +77,7 @@ public class PathTraversalTest extends IntegrationTest {
    }
    public void assignment3() throws IOException {
-        Assert.assertThat(
+    	MatcherAssert.assertThat(
                RestAssured.given()
                        .when()
                        .relaxedHTTPSValidation()
--- a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/SqlInjectionMitigationTest.java
+++ b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/SqlInjectionMitigationTest.java
@ -59,7 +59,7 @@ public class SqlInjectionMitigationTest extends IntegrationTest {
                .get(url("/WebGoat/SqlInjectionMitigations/servers?column=unknown"))
                .then()
                .statusCode(500)
-                .body("message", containsString("select id, hostname, ip, mac, status, description from servers  where status <> 'out of order' order by"));
+                .body("trace", containsString("select id, hostname, ip, mac, status, description from servers  where status <> 'out of order' order by"));
        params.clear();
        params.put("ip", "104.130.219.202");
--- a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/WebWolfTest.java
+++ b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/WebWolfTest.java
@ -1,6 +1,6 @@
 package org.owasp.webgoat;
-import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 import java.io.IOException;
 import java.util.HashMap;
--- a/webwolf/pom.xml
+++ b/webwolf/pom.xml
@ -10,6 +10,10 @@
    </parent>
    <dependencies>
    	<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-validation</artifactId>
 		</dependency>
        <dependency>
            <groupId>com.fasterxml.jackson.datatype</groupId>
            <artifactId>jackson-datatype-jsr310</artifactId>
--- a/webwolf/src/test/java/org/owasp/webwolf/mailbox/MailboxControllerTest.java
+++ b/webwolf/src/test/java/org/owasp/webwolf/mailbox/MailboxControllerTest.java
@ -22,12 +22,20 @@
 package org.owasp.webwolf.mailbox;
-import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import static org.hamcrest.CoreMatchers.containsString;
-import com.fasterxml.jackson.databind.ObjectMapper;
+import static org.hamcrest.CoreMatchers.not;
-import com.google.common.collect.Lists;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
-import org.junit.Before;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
-import org.junit.Test;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
-import org.junit.runner.RunWith;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.view;
 import java.time.LocalDateTime;
 import java.time.format.DateTimeFormatter;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.Mockito;
 import org.owasp.webwolf.user.UserService;
 import org.springframework.beans.factory.annotation.Autowired;
@ -36,19 +44,14 @@ import org.springframework.boot.test.mock.mockito.MockBean;
 import org.springframework.http.MediaType;
 import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.ActiveProfiles;
-import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
 import org.springframework.test.web.servlet.MockMvc;
-import java.time.LocalDateTime;
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
-import java.time.format.DateTimeFormatter;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.collect.Lists;
-import static org.hamcrest.CoreMatchers.containsString;
+@ExtendWith(SpringExtension.class)
 import static org.hamcrest.CoreMatchers.not;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
@RunWith(SpringRunner.class)
@WebMvcTest(MailboxController.class)
@ActiveProfiles({"test", "webwolf"})
 public class MailboxControllerTest {
@ -66,7 +69,7 @@ public class MailboxControllerTest {
    public static class EmailMixIn {
    }
-    @Before
+    @BeforeEach
    public void setup() {
        objectMapper.addMixIn(Email.class, EmailMixIn.class);
    }
--- a/webwolf/src/test/java/org/owasp/webwolf/mailbox/MailboxRepositoryTest.java
+++ b/webwolf/src/test/java/org/owasp/webwolf/mailbox/MailboxRepositoryTest.java
@ -22,20 +22,19 @@
 package org.owasp.webwolf.mailbox;
-import org.hamcrest.CoreMatchers;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest;
 import org.springframework.test.context.junit4.SpringRunner;
 import java.time.LocalDateTime;
 import java.util.List;
-import static org.junit.Assert.*;
+import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest;
 import org.springframework.test.context.junit.jupiter.SpringExtension;
@DataJpaTest
-@RunWith(SpringRunner.class)
+@ExtendWith(SpringExtension.class)
 public class MailboxRepositoryTest {
@ -65,7 +64,7 @@ public class MailboxRepositoryTest {
        List<Email> emails = mailboxRepository.findByRecipientOrderByTimeDesc("someone@webwolf.org");
-        assertThat(emails.size(), CoreMatchers.is(1));
+        assertEquals(emails.size(), 1);
    }
 }
--- a/webwolf/src/test/java/org/owasp/webwolf/user/UserServiceTest.java
+++ b/webwolf/src/test/java/org/owasp/webwolf/user/UserServiceTest.java
@ -22,18 +22,21 @@
 package org.owasp.webwolf.user;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 import org.assertj.core.api.Assertions;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
-import org.junit.runner.RunWith;
+import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
+import org.mockito.junit.jupiter.MockitoExtension;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import static org.mockito.Mockito.*;
+@ExtendWith(MockitoExtension.class)
@RunWith(MockitoJUnitRunner.class)
 public class UserServiceTest {
    @Mock
@ -55,12 +58,13 @@ public class UserServiceTest {
        Assertions.assertThat(password).isEqualTo(webGoatUser.getPassword());
    }
-    @Test(expected = UsernameNotFoundException.class)
+    @Test
    public void testLoadUserByUsername_NULL(){
        var username = "guest";
        when(mockUserRepository.findByUsername(username)).thenReturn(null);
-        sut.loadUserByUsername(username);
+        assertThrows(UsernameNotFoundException.class, ()->sut.loadUserByUsername(username));
    }
    @Test
--- a/webwolf/src/test/java/org/owasp/webwolf/user/UserValidatorTest.java
+++ b/webwolf/src/test/java/org/owasp/webwolf/user/UserValidatorTest.java
@ -22,21 +22,17 @@
 package org.owasp.webwolf.user;
 import org.assertj.core.api.Assertions;
 import org.junit.Assert;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.junit.MockitoJUnitRunner;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.validation.BindException;
 import static junit.framework.TestCase.assertTrue;
 import static org.junit.Assert.assertFalse;
 import static org.mockito.Mockito.when;
-@RunWith(MockitoJUnitRunner.class)
+import org.assertj.core.api.Assertions;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.junit.jupiter.MockitoExtension;
 import org.springframework.validation.BindException;
@ExtendWith(MockitoExtension.class)
 public class UserValidatorTest {
    @Mock