Refactoring Test Code to Reduce Duplication of Mock Object Creation for Issue#14768

.github/workflows/continuous-integration-workflow.yml

@@ -41,29 +41,29 @@ jobs:
       java-version: ${{ matrix.java-version }}
       test-args: --refresh-dependencies -PforceMavenRepositories=snapshot -PisOverrideVersionCatalog -PtestToolchain=${{ matrix.toolchain }} -PspringFrameworkVersion=6.2.+ -PreactorVersion=2023.0.+ -PspringDataVersion=2024.0.+ --stacktrace
     secrets: inherit
-#  check-samples:
-#    name: Check Samples
-#    runs-on: ubuntu-latest
-#    if: ${{ github.repository_owner == 'spring-projects' }}
-#    steps:
-#      - uses: actions/checkout@v4
-#      - name: Set up gradle
-#        uses: spring-io/spring-gradle-build-action@v2
-#        with:
-#          java-version: 17
-#          distribution: temurin
-#      - name: Check samples project
-#        env:
-#          LOCAL_REPOSITORY_PATH: ${{ github.workspace }}/build/publications/repos
-#          SAMPLES_DIR: ../spring-security-samples
-#        run: |
-#          # Extract version from gradle.properties
-#          version=$(cat gradle.properties | grep "version=" | awk -F'=' '{print $2}')
-#          # Extract samplesBranch from gradle.properties
-#          samples_branch=$(cat gradle.properties | grep "samplesBranch=" | awk -F'=' '{print $2}')
-#          ./gradlew publishMavenJavaPublicationToLocalRepository
-#          ./gradlew cloneRepository -PrepositoryName="spring-projects/spring-security-samples" -Pref="$samples_branch" -PcloneOutputDirectory="$SAMPLES_DIR"
-#          ./gradlew --project-dir "$SAMPLES_DIR" --init-script spring-security-ci.gradle -PlocalRepositoryPath="$LOCAL_REPOSITORY_PATH" -PspringSecurityVersion="$version" :runAllTests
+  check-samples:
+    name: Check Samples
+    runs-on: ubuntu-latest
+    if: ${{ github.repository_owner == 'spring-projects' }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up gradle
+        uses: spring-io/spring-gradle-build-action@v2
+        with:
+          java-version: 17
+          distribution: temurin
+      - name: Check samples project
+        env:
+          LOCAL_REPOSITORY_PATH: ${{ github.workspace }}/build/publications/repos
+          SAMPLES_DIR: ../spring-security-samples
+        run: |
+          # Extract version from gradle.properties
+          version=$(cat gradle.properties | grep "version=" | awk -F'=' '{print $2}')
+          # Extract samplesBranch from gradle.properties
+          samples_branch=$(cat gradle.properties | grep "samplesBranch=" | awk -F'=' '{print $2}')
+          ./gradlew publishMavenJavaPublicationToLocalRepository
+          ./gradlew cloneRepository -PrepositoryName="spring-projects/spring-security-samples" -Pref="$samples_branch" -PcloneOutputDirectory="$SAMPLES_DIR"
+          ./gradlew --project-dir "$SAMPLES_DIR" --init-script spring-security-ci.gradle -PlocalRepositoryPath="$LOCAL_REPOSITORY_PATH" -PspringSecurityVersion="$version" check
   check-tangles:
     name: Check for Package Tangles
     runs-on: ubuntu-latest
@@ -82,21 +82,21 @@ jobs:
           ./gradlew check s101 -Ps101.licenseId="$STRUCTURE101_LICENSEID" --stacktrace
   deploy-artifacts:
     name: Deploy Artifacts
-    needs: [ build, test, check-tangles ]
+    needs: [ build, test, check-samples, check-tangles ]
     uses: spring-io/spring-security-release-tools/.github/workflows/deploy-artifacts.yml@v1
     with:
       should-deploy-artifacts: ${{ needs.build.outputs.should-deploy-artifacts }}
     secrets: inherit
   deploy-docs:
     name: Deploy Docs
-    needs: [ build, test, check-tangles ]
+    needs: [ build, test, check-samples, check-tangles ]
     uses: spring-io/spring-security-release-tools/.github/workflows/deploy-docs.yml@v1
     with:
       should-deploy-docs: ${{ needs.build.outputs.should-deploy-artifacts }}
     secrets: inherit
   deploy-schema:
     name: Deploy Schema
-    needs: [ build, test, check-tangles ]
+    needs: [ build, test, check-samples, check-tangles ]
     uses: spring-io/spring-security-release-tools/.github/workflows/deploy-schema.yml@v1
     with:
       should-deploy-schema: ${{ needs.build.outputs.should-deploy-artifacts }}

.github/workflows/mark-duplicate-dependabot-prs.yml

@@ -0,0 +1,46 @@
+name: Mark Duplicate Dependabot PRs
+
+on:
+  pull_request:
+    types: [closed]
+
+jobs:
+  check_duplicate_prs:
+    runs-on: ubuntu-latest
+    if: github.event.pull_request.merged == true && github.event.pull_request.user.login == 'dependabot[bot]'
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      - name: Extract Dependency Name from PR Title
+        id: extract
+        run: |
+          PR_TITLE="${{ github.event.pull_request.title }}"
+          DEPENDENCY_NAME=$(echo "$PR_TITLE" | awk -F ' from ' '{print $1}')
+          echo "dependency_name=$DEPENDENCY_NAME" >> $GITHUB_OUTPUT
+
+      - name: Find PRs
+        id: find_duplicates
+        env:
+          DEPENDENCY_NAME: ${{ steps.extract.outputs.dependency_name }}
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          PRS=$(gh pr list --search 'milestone:${{ github.event.pull_request.milestone.title }} is:merged in:title "$DEPENDENCY_NAME"' --json number --jq 'map(.number) | join(",")')
+          echo "prs=$PRS" >> $GITHUB_OUTPUT
+
+      - name: Label Duplicate PRs
+        if: steps.find_duplicates.outputs.prs != ''
+        env:
+          PRS: ${{ steps.find_duplicates.outputs.prs }}
+          CURRENT_PR_NUMBER: ${{ github.event.pull_request.number }}
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        shell: bash
+        run: |
+          for i in ${PRS//,/ }
+          do
+            if [ ! $i -eq "$CURRENT_PR_NUMBER" ]; then
+              echo "Marking PR $i as duplicate"
+              gh pr edit "$i" --add-label "status: duplicate"
+              gh pr comment "$i" --body "Duplicate of #$CURRENT_PR_NUMBER"
+            fi
+          done

.github/workflows/pr-build-workflow.yml

@@ -21,7 +21,7 @@ jobs:
           java-version: '17'
           distribution: 'temurin'
       - name: Build with Gradle
-        run: ./gradlew clean build --continue
+        run: ./gradlew clean build -PskipCheckExpectedBranchVersion --continue
   generate-docs:
     name: Generate Docs
     runs-on: ubuntu-latest

README.adoc

@@ -18,7 +18,7 @@ Please see our https://github.com/spring-projects/.github/blob/main/CODE_OF_COND
 See https://docs.spring.io/spring-security/reference/getting-spring-security.html[Getting Spring Security] for how to obtain Spring Security.
 
 == Documentation
-Be sure to read the https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/[Spring Security Reference].
+Be sure to read the https://docs.spring.io/spring-security/reference/[Spring Security Reference].
 Extensive JavaDoc for the Spring Security code is also available in the https://docs.spring.io/spring-security/site/docs/current/api/[Spring Security API Documentation].
 
 == Quick Start

build.gradle

@@ -24,6 +24,7 @@ apply plugin: 's101'
 apply plugin: 'io.spring.convention.root'
 apply plugin: 'org.jetbrains.kotlin.jvm'
 apply plugin: 'org.springframework.security.versions.verify-dependencies-versions'
+apply plugin: 'org.springframework.security.check-expected-branch-version'
 apply plugin: 'io.spring.security.release'
 
 group = 'org.springframework.security'

buildSrc/build.gradle

@@ -47,6 +47,10 @@ gradlePlugin {
 			id = "org.springframework.security.versions.verify-dependencies-versions"
 			implementationClass = "org.springframework.security.convention.versions.VerifyDependenciesVersionsPlugin"
 		}
+		checkExpectedBranchVersion {
+			id = "org.springframework.security.check-expected-branch-version"
+			implementationClass = "org.springframework.security.CheckExpectedBranchVersionPlugin"
+		}
 	}
 }
 

buildSrc/src/main/java/org/springframework/security/CheckExpectedBranchVersionPlugin.java

@@ -0,0 +1,85 @@
+/*
+ * Copyright 2002-2024 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.security;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+import org.gradle.api.DefaultTask;
+import org.gradle.api.Plugin;
+import org.gradle.api.Project;
+import org.gradle.api.plugins.JavaBasePlugin;
+import org.gradle.api.tasks.TaskAction;
+import org.gradle.api.tasks.TaskProvider;
+
+/**
+ * @author Marcus da Coregio
+ */
+public class CheckExpectedBranchVersionPlugin implements Plugin<Project> {
+
+	@Override
+	public void apply(Project project) {
+		TaskProvider<CheckExpectedBranchVersionTask> checkExpectedBranchVersionTask = project.getTasks().register("checkExpectedBranchVersion", CheckExpectedBranchVersionTask.class, (task) -> {
+			task.setGroup("Build");
+			task.setDescription("Check if the project version matches the branch version");
+		});
+		project.getTasks().named(JavaBasePlugin.CHECK_TASK_NAME, checkTask -> checkTask.dependsOn(checkExpectedBranchVersionTask));
+	}
+
+	public static class CheckExpectedBranchVersionTask extends DefaultTask {
+
+		@TaskAction
+		public void run() throws IOException {
+			Project project = getProject();
+			if (project.hasProperty("skipCheckExpectedBranchVersion")) {
+				return;
+			}
+			String version = (String) project.getVersion();
+			String branchVersion = getBranchVersion(project);
+			if (!branchVersion.matches("^[0-9]+\\.[0-9]+\\.x$")) {
+				System.out.println("Branch version does not match *.x, ignoring");
+				return;
+			}
+			if (!versionsMatch(version, branchVersion)) {
+				throw new IllegalStateException(String.format("Project version [%s] does not match branch version [%s]. " +
+						"Please verify that the branch contains the right version.", version, branchVersion));
+			}
+		}
+
+		private static String getBranchVersion(Project project) throws IOException {
+			try (ByteArrayOutputStream baos = new ByteArrayOutputStream()) {
+				project.exec((exec) -> {
+					exec.commandLine("git", "symbolic-ref", "--short", "HEAD");
+					exec.setErrorOutput(System.err);
+					exec.setStandardOutput(baos);
+				});
+				return baos.toString();
+			}
+		}
+
+		private boolean versionsMatch(String projectVersion, String branchVersion) {
+			String[] projectVersionParts = projectVersion.split("\\.");
+			String[] branchVersionParts = branchVersion.split("\\.");
+			if (projectVersionParts.length < 2 || branchVersionParts.length < 2) {
+				return false;
+			}
+			return projectVersionParts[0].equals(branchVersionParts[0]) && projectVersionParts[1].equals(branchVersionParts[1]);
+		}
+
+	}
+
+}

config/src/main/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurer.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,8 +18,6 @@
 
 import java.util.ArrayList;
 import java.util.List;
-import java.util.Objects;
-import java.util.function.Predicate;
 
 import jakarta.servlet.http.HttpServletRequest;
 
@@ -60,6 +58,7 @@
 import org.springframework.security.web.csrf.CsrfTokenRepository;
 import org.springframework.security.web.util.matcher.AndRequestMatcher;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+import org.springframework.security.web.util.matcher.ParameterRequestMatcher;
 import org.springframework.security.web.util.matcher.RequestMatcher;
 
 /**
@@ -508,23 +507,6 @@ public boolean matches(HttpServletRequest request) {
 
 	}
 
-	private static class ParameterRequestMatcher implements RequestMatcher {
-
-		Predicate<String> test = Objects::nonNull;
-
-		String name;
-
-		ParameterRequestMatcher(String name) {
-			this.name = name;
-		}
-
-		@Override
-		public boolean matches(HttpServletRequest request) {
-			return this.test.test(request.getParameter(this.name));
-		}
-
-	}
-
 	private static class Saml2RelyingPartyInitiatedLogoutFilter extends LogoutFilter {
 
 		Saml2RelyingPartyInitiatedLogoutFilter(LogoutSuccessHandler logoutSuccessHandler, LogoutHandler... handlers) {

config/src/main/java/org/springframework/security/config/http/Saml2LogoutBeanDefinitionParser.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,8 +18,6 @@
 
 import java.util.Arrays;
 import java.util.List;
-import java.util.Objects;
-import java.util.function.Predicate;
 
 import jakarta.servlet.http.HttpServletRequest;
 import org.w3c.dom.Element;
@@ -44,6 +42,7 @@
 import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
 import org.springframework.security.web.util.matcher.AndRequestMatcher;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+import org.springframework.security.web.util.matcher.ParameterRequestMatcher;
 import org.springframework.security.web.util.matcher.RequestMatcher;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.StringUtils;
@@ -228,23 +227,6 @@ BeanDefinition getLogoutFilter() {
 		return this.logoutFilter;
 	}
 
-	private static class ParameterRequestMatcher implements RequestMatcher {
-
-		Predicate<String> test = Objects::nonNull;
-
-		String name;
-
-		ParameterRequestMatcher(String name) {
-			this.name = name;
-		}
-
-		@Override
-		public boolean matches(HttpServletRequest request) {
-			return this.test.test(request.getParameter(this.name));
-		}
-
-	}
-
 	public static class Saml2RequestMatcher implements RequestMatcher {
 
 		private SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder

core/src/test/java/org/springframework/security/authorization/method/AuthorizationManagerAfterMethodInterceptorTests.java

@@ -82,9 +82,8 @@ public void beforeWhenMockAuthorizationManagerThenCheckAndReturnedObject() throw
 
 	@Test
 	public void afterWhenMockSecurityContextHolderStrategyThenUses() throws Throwable {
-		SecurityContextHolderStrategy strategy = mock(SecurityContextHolderStrategy.class);
 		Authentication authentication = TestAuthentication.authenticatedUser();
-		given(strategy.getContext()).willReturn(new SecurityContextImpl(authentication));
+		SecurityContextHolderStrategy strategy = MockSecurityContextHolderStrategy.getmock(new SecurityContextImpl(authentication));
 		MethodInvocation invocation = mock(MethodInvocation.class);
 		AuthorizationManager<MethodInvocationResult> authorizationManager = AuthenticatedAuthorizationManager
 			.authenticated();
@@ -98,10 +97,9 @@ public void afterWhenMockSecurityContextHolderStrategyThenUses() throws Throwabl
 	// gh-12877
 	@Test
 	public void afterWhenStaticSecurityContextHolderStrategyAfterConstructorThenUses() throws Throwable {
-		SecurityContextHolderStrategy strategy = mock(SecurityContextHolderStrategy.class);
 		Authentication authentication = new TestingAuthenticationToken("john", "password",
 				AuthorityUtils.createAuthorityList("authority"));
-		given(strategy.getContext()).willReturn(new SecurityContextImpl(authentication));
+		SecurityContextHolderStrategy strategy = MockSecurityContextHolderStrategy.getmock(new SecurityContextImpl(authentication));
 		MethodInvocation invocation = mock(MethodInvocation.class);
 		AuthorizationManager<MethodInvocationResult> authorizationManager = AuthenticatedAuthorizationManager
 			.authenticated();

core/src/test/java/org/springframework/security/authorization/method/AuthorizationManagerBeforeMethodInterceptorTests.java

@@ -77,10 +77,9 @@ public void beforeWhenMockAuthorizationManagerThenCheck() throws Throwable {
 
 	@Test
 	public void beforeWhenMockSecurityContextHolderStrategyThenUses() throws Throwable {
-		SecurityContextHolderStrategy strategy = mock(SecurityContextHolderStrategy.class);
 		Authentication authentication = new TestingAuthenticationToken("user", "password",
 				AuthorityUtils.createAuthorityList("authority"));
-		given(strategy.getContext()).willReturn(new SecurityContextImpl(authentication));
+		SecurityContextHolderStrategy strategy = MockSecurityContextHolderStrategy.getmock(new SecurityContextImpl(authentication));
 		MethodInvocation invocation = mock(MethodInvocation.class);
 		AuthorizationManager<MethodInvocation> authorizationManager = AuthenticatedAuthorizationManager.authenticated();
 		AuthorizationManagerBeforeMethodInterceptor advice = new AuthorizationManagerBeforeMethodInterceptor(
@@ -93,10 +92,10 @@ public void beforeWhenMockSecurityContextHolderStrategyThenUses() throws Throwab
 	// gh-12877
 	@Test
 	public void beforeWhenStaticSecurityContextHolderStrategyAfterConstructorThenUses() throws Throwable {
-		SecurityContextHolderStrategy strategy = mock(SecurityContextHolderStrategy.class);
+
 		Authentication authentication = new TestingAuthenticationToken("john", "password",
 				AuthorityUtils.createAuthorityList("authority"));
-		given(strategy.getContext()).willReturn(new SecurityContextImpl(authentication));
+		SecurityContextHolderStrategy strategy = MockSecurityContextHolderStrategy.getmock(new SecurityContextImpl(authentication));
 		MethodInvocation invocation = mock(MethodInvocation.class);
 		AuthorizationManager<MethodInvocation> authorizationManager = AuthenticatedAuthorizationManager.authenticated();
 		AuthorizationManagerBeforeMethodInterceptor advice = new AuthorizationManagerBeforeMethodInterceptor(