Skip to content

Commit

Permalink
Avoid illegal reflective access in RabbitAutoConfigurationTests
Browse files Browse the repository at this point in the history 
See spring-projectsgh-26767
  • Loading branch information
@dreis2211
dreis2211 committed Jun 17, 2021
1 parent b1c04e9 commit b6ebe0c
Showing 1 changed file with 10 additions and 22 deletions.
32 changes: 10 additions & 22 deletions ...c/test/java/org/springframework/boot/autoconfigure/amqp/RabbitAutoConfigurationTests.java
View file
Expand Up @@ -20,20 +20,17 @@
import java.util.List;
import java.util.concurrent.atomic.AtomicInteger;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;

import com.rabbitmq.client.Address;
import com.rabbitmq.client.Connection;
import com.rabbitmq.client.JDKSaslConfig;
import com.rabbitmq.client.SslContextFactory;
import com.rabbitmq.client.TrustEverythingTrustManager;
import com.rabbitmq.client.impl.CredentialsProvider;
import com.rabbitmq.client.impl.CredentialsRefreshService;
import com.rabbitmq.client.impl.DefaultCredentialsProvider;
import org.aopalliance.aop.Advice;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.InOrder;

import org.springframework.amqp.core.AcknowledgeMode;
Expand All @@ -59,6 +56,8 @@
import org.springframework.boot.autoconfigure.AutoConfigurations;
import org.springframework.boot.test.context.assertj.AssertableApplicationContext;
import org.springframework.boot.test.context.runner.ApplicationContextRunner;
import org.springframework.boot.test.system.CapturedOutput;
import org.springframework.boot.test.system.OutputCaptureExtension;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
Expand Down Expand Up @@ -92,6 +91,7 @@
* @author HaiTao Zhang
* @author Franjo Zilic
*/
@ExtendWith(OutputCaptureExtension.class)
class RabbitAutoConfigurationTests {

private final ApplicationContextRunner contextRunner = new ApplicationContextRunner()
Expand Down Expand Up @@ -722,24 +722,24 @@ void enableSslWithKeystoreTypeAndTrustStoreTypeShouldWork() {
}

@Test
void enableSslWithValidateServerCertificateFalse() {
void enableSslWithValidateServerCertificateFalse(CapturedOutput output) {
this.contextRunner.withUserConfiguration(TestConfiguration.class)
.withPropertyValues("spring.rabbitmq.ssl.enabled:true",
"spring.rabbitmq.ssl.validateServerCertificate=false")
.run((context) -> {
com.rabbitmq.client.ConnectionFactory rabbitConnectionFactory = getTargetConnectionFactory(context);
TrustManager trustManager = getTrustManager(rabbitConnectionFactory);
assertThat(trustManager).isInstanceOf(TrustEverythingTrustManager.class);
assertThat(rabbitConnectionFactory.isSSL()).isTrue();
assertThat(output).contains("TrustEverythingTrustManager", "SECURITY ALERT");
});
}

@Test
void enableSslWithValidateServerCertificateDefault() {
void enableSslWithValidateServerCertificateDefault(CapturedOutput output) {
this.contextRunner.withUserConfiguration(TestConfiguration.class)
.withPropertyValues("spring.rabbitmq.ssl.enabled:true").run((context) -> {
com.rabbitmq.client.ConnectionFactory rabbitConnectionFactory = getTargetConnectionFactory(context);
TrustManager trustManager = getTrustManager(rabbitConnectionFactory);
assertThat(trustManager).isNotInstanceOf(TrustEverythingTrustManager.class);
assertThat(rabbitConnectionFactory.isSSL()).isTrue();
assertThat(output).doesNotContain("TrustEverythingTrustManager", "SECURITY ALERT");
});
}

Expand Down Expand Up @@ -849,18 +849,6 @@ void whenMultipleConnectionFactoryCustomizersAreDefinedThenTheyAreCalledInOrder(
});
}

private TrustManager getTrustManager(com.rabbitmq.client.ConnectionFactory rabbitConnectionFactory) {
SslContextFactory sslContextFactory = (SslContextFactory) ReflectionTestUtils.getField(rabbitConnectionFactory,
"sslContextFactory");
SSLContext sslContext = sslContextFactory.create("connection");
Object spi = ReflectionTestUtils.getField(sslContext, "contextSpi");
Object trustManager = ReflectionTestUtils.getField(spi, "trustManager");
while (trustManager.getClass().getName().endsWith("Wrapper")) {
trustManager = ReflectionTestUtils.getField(trustManager, "tm");
}
return (TrustManager) trustManager;
}

private com.rabbitmq.client.ConnectionFactory getTargetConnectionFactory(AssertableApplicationContext context) {
CachingConnectionFactory connectionFactory = context.getBean(CachingConnectionFactory.class);
return connectionFactory.getRabbitConnectionFactory();
Expand Down

0 comments on commit b6ebe0c

Please sign in to comment.