Created
September 8, 2017 19:17
-
-
Save BarathArivazhagan/59082f4f2b8a02d40c64937b17cbda95 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Controller : | |
| package com.example.stackoverflowsecurityissue; | |
| import org.springframework.http.ResponseEntity; | |
| import org.springframework.web.bind.annotation.RequestMapping; | |
| import org.springframework.web.bind.annotation.RequestMethod; | |
| import org.springframework.web.bind.annotation.RequestParam; | |
| import org.springframework.web.bind.annotation.RestController; | |
| import java.util.List; | |
| @RestController | |
| public class TestController { | |
| @RequestMapping(value = "/request", method = RequestMethod.GET) | |
| public ResponseEntity getMyRequests(MyUser user, @RequestParam(value = "status", required = true) String status) throws Exception { | |
| System.out.println(" user recevied " + user.toString()); | |
| return ResponseEntity.ok().build(); | |
| } | |
| protected static class MyUser { | |
| private String userName; | |
| private String password; | |
| public String getUserName() { | |
| return userName; | |
| } | |
| public void setUserName(String userName) { | |
| this.userName = userName; | |
| } | |
| public String getPassword() { | |
| return password; | |
| } | |
| public void setPassword(String password) { | |
| this.password = password; | |
| } | |
| public MyUser(String userName) { | |
| this.userName = userName; | |
| } | |
| public MyUser(String userName, String password) { | |
| this.userName = userName; | |
| this.password = password; | |
| } | |
| @Override | |
| public String toString() { | |
| return "MyUser{" + | |
| "userName='" + userName + '\'' + | |
| ", password='" + password + '\'' + | |
| '}'; | |
| } | |
| public MyUser() { | |
| } | |
| } | |
| } | |
| My Controller Test : | |
| package com.example.stackoverflowsecurityissue; | |
| import com.fasterxml.jackson.databind.ObjectMapper; | |
| import org.junit.Test; | |
| import org.junit.runner.RunWith; | |
| import org.springframework.beans.factory.annotation.Autowired; | |
| import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; | |
| import org.springframework.boot.test.context.SpringBootTest; | |
| import org.springframework.test.context.junit4.SpringRunner; | |
| import org.springframework.test.web.servlet.MockMvc; | |
| import org.springframework.test.web.servlet.MockMvcBuilder; | |
| import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*; | |
| import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*; | |
| import static org.springframework.test.web.servlet.setup.MockMvcBuilders.*; | |
| @RunWith(SpringRunner.class) | |
| @SpringBootTest | |
| @AutoConfigureMockMvc | |
| public class StackoverflowSecurityIssueApplicationTests { | |
| @Autowired | |
| private MockMvc mockMvc; | |
| @Test | |
| public void performGetReq() throws Exception { | |
| ObjectMapper mapper=new ObjectMapper(); | |
| mockMvc.perform(get("/request"). | |
| param("userName","hello").param("password","hello").param("status","hello")).andExpect(status().isOk()); | |
| } | |
| } | |
| output: | |
| user recevied MyUser{userName='hello', password='hello'} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment