src/test/java/com/example/demo/controller/AuthFlowTest.java

package com.example.demo.controller;

import com.fasterxml.jackson.databind.ObjectMapper;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.http.MediaType;
import org.springframework.test.web.servlet.MockMvc;

import java.util.Map;

import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;

@SpringBootTest
@AutoConfigureMockMvc
class AuthFlowTest {

    @Autowired
    private MockMvc mockMvc;

    @Autowired
    private ObjectMapper objectMapper;

    @Test
    void secureEndpointShouldRejectWithoutToken() throws Exception {
        mockMvc.perform(get("/api/secure/me"))
                .andExpect(status().isUnauthorized())
                .andExpect(jsonPath("$.code").value(401));
    }

    @Test
    void shouldAccessSecureEndpointWithValidToken() throws Exception {
        String loginReq = objectMapper.writeValueAsString(Map.of("username", "admin", "password", "admin123"));

        String loginResp = mockMvc.perform(post("/api/auth/login")
                        .contentType(MediaType.APPLICATION_JSON)
                        .content(loginReq))
                .andExpect(status().isOk())
                .andExpect(jsonPath("$.code").value(0))
                .andReturn().getResponse().getContentAsString();

        String token = objectMapper.readTree(loginResp).path("data").path("token").asText();

        mockMvc.perform(get("/api/secure/me")
                        .header("Authorization", "Bearer " + token))
                .andExpect(status().isOk())
                .andExpect(jsonPath("$.code").value(0))
                .andExpect(jsonPath("$.data.principal").value("admin"));
    }
}
feat(learning-auth): add optional JWT learning flow with secure demo endpoint 2026-03-09 02:11:49 +08:00			`package com.example.demo.controller;`

			`import com.fasterxml.jackson.databind.ObjectMapper;`
			`import org.junit.jupiter.api.Test;`
			`import org.springframework.beans.factory.annotation.Autowired;`
			`import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;`
			`import org.springframework.boot.test.context.SpringBootTest;`
			`import org.springframework.http.MediaType;`
			`import org.springframework.test.web.servlet.MockMvc;`

			`import java.util.Map;`

			`import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;`
			`import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;`
			`import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;`
			`import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;`

			`@SpringBootTest`
			`@AutoConfigureMockMvc`
			`class AuthFlowTest {`

			`@Autowired`
			`private MockMvc mockMvc;`

			`@Autowired`
			`private ObjectMapper objectMapper;`

			`@Test`
			`void secureEndpointShouldRejectWithoutToken() throws Exception {`
			`mockMvc.perform(get("/api/secure/me"))`
			`.andExpect(status().isUnauthorized())`
			`.andExpect(jsonPath("$.code").value(401));`
			`}`

			`@Test`
			`void shouldAccessSecureEndpointWithValidToken() throws Exception {`
			`String loginReq = objectMapper.writeValueAsString(Map.of("username", "admin", "password", "admin123"));`

			`String loginResp = mockMvc.perform(post("/api/auth/login")`
			`.contentType(MediaType.APPLICATION_JSON)`
			`.content(loginReq))`
			`.andExpect(status().isOk())`
			`.andExpect(jsonPath("$.code").value(0))`
			`.andReturn().getResponse().getContentAsString();`

			`String token = objectMapper.readTree(loginResp).path("data").path("token").asText();`

			`mockMvc.perform(get("/api/secure/me")`
			`.header("Authorization", "Bearer " + token))`
			`.andExpect(status().isOk())`
			`.andExpect(jsonPath("$.code").value(0))`
			`.andExpect(jsonPath("$.data.principal").value("admin"));`
			`}`
			`}`