// MemberController.java
import lombok.Data;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/member")
public class MemberController {
@PostMapping("/login")
public String login(@RequestBody LoginDto loginDto) {
return "username : %s, password : %s".formatted(loginDto.getUsername(), loginDto.getPassword());
}
@Data
public static class LoginDto {
private String username;
private String password;
}
}
// AuthTests.java
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.http.MediaType;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.ResultActions;
import org.springframework.transaction.annotation.Transactional;
import java.nio.charset.StandardCharsets;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
@SpringBootTest
@AutoConfigureMockMvc
@Transactional
@ActiveProfiles("test")
class AuthTests {
@Autowired
private MockMvc mvc;
@Test
void t1() throws Exception {
// When
ResultActions resultActions = mvc
.perform(
post("/member/login")
.content("""
{
"username": "user1",
"password": "1234"
}
""".stripIndent())
.contentType(new MediaType(MediaType.APPLICATION_JSON, StandardCharsets.UTF_8))
)
.andDo(print());
// Then
resultActions
.andExpect(status().is2xxSuccessful());
}
}
스프링 시큐리티를 꺼두지 않으면 테스트에서 401(Unauthorized) 에러가 난다. 따라서 스프링 시큐리티 일부 설정들을 임의로 꺼두어야 테스트를 진행할 수 있다.
cf. Http Status 403(Forbidden): 권한없음
package com.ll.exam.sb_jwt_exam.app.security;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;
import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS;
@EnableWebSecurity
@RequiredArgsConstructor
public class SecurityConfig {
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http, AuthenticationConfiguration authenticationConfiguration) throws Exception {
http
.cors().disable() // 타 도메인에서 API 호출 가능
.csrf().disable() // CSRF 토큰 끄기
.httpBasic().disable() // httpBaic 로그인 방식 끄기
.formLogin().disable() // 폼 로그인 방식 끄기
.sessionManagement(sessionManagement ->
sessionManagement.sessionCreationPolicy(STATELESS)
); // 세션 사용안함
return http.build();
}
}
Http Status = 200
응답(요청 처리) 성공!