Merge pull request #26954 from dreis2211

snicoll · snicoll · commit a2a69ad71016 · 2021-06-22T08:26:25.000+02:00
* pr/26954: Avoid illegal reflective access in RabbitAutoConfigurationTests Closes gh-26954
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/amqp/RabbitAutoConfigurationTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/amqp/RabbitAutoConfigurationTests.java
@@ -20,20 +20,17 @@
 import java.util.List;
 import java.util.concurrent.atomic.AtomicInteger;
 
-import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSocketFactory;
-import javax.net.ssl.TrustManager;
 
 import com.rabbitmq.client.Address;
 import com.rabbitmq.client.Connection;
 import com.rabbitmq.client.JDKSaslConfig;
-import com.rabbitmq.client.SslContextFactory;
-import com.rabbitmq.client.TrustEverythingTrustManager;
 import com.rabbitmq.client.impl.CredentialsProvider;
 import com.rabbitmq.client.impl.CredentialsRefreshService;
 import com.rabbitmq.client.impl.DefaultCredentialsProvider;
 import org.aopalliance.aop.Advice;
 import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.InOrder;
 
 import org.springframework.amqp.core.AcknowledgeMode;
@@ -59,6 +56,8 @@
 import org.springframework.boot.autoconfigure.AutoConfigurations;
 import org.springframework.boot.test.context.assertj.AssertableApplicationContext;
 import org.springframework.boot.test.context.runner.ApplicationContextRunner;
+import org.springframework.boot.test.system.CapturedOutput;
+import org.springframework.boot.test.system.OutputCaptureExtension;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Primary;
@@ -92,6 +91,7 @@
  * @author HaiTao Zhang
  * @author Franjo Zilic
  */
+@ExtendWith(OutputCaptureExtension.class)
 class RabbitAutoConfigurationTests {
 
 	private final ApplicationContextRunner contextRunner = new ApplicationContextRunner()
@@ -722,24 +722,24 @@ void enableSslWithKeystoreTypeAndTrustStoreTypeShouldWork() {
 	}
 
 	@Test
-	void enableSslWithValidateServerCertificateFalse() {
+	void enableSslWithValidateServerCertificateFalse(CapturedOutput output) {
 		this.contextRunner.withUserConfiguration(TestConfiguration.class)
 				.withPropertyValues("spring.rabbitmq.ssl.enabled:true",
 						"spring.rabbitmq.ssl.validateServerCertificate=false")
 				.run((context) -> {
 					com.rabbitmq.client.ConnectionFactory rabbitConnectionFactory = getTargetConnectionFactory(context);
-					TrustManager trustManager = getTrustManager(rabbitConnectionFactory);
-					assertThat(trustManager).isInstanceOf(TrustEverythingTrustManager.class);
+					assertThat(rabbitConnectionFactory.isSSL()).isTrue();
+					assertThat(output).contains("TrustEverythingTrustManager", "SECURITY ALERT");
 				});
 	}
 
 	@Test
-	void enableSslWithValidateServerCertificateDefault() {
+	void enableSslWithValidateServerCertificateDefault(CapturedOutput output) {
 		this.contextRunner.withUserConfiguration(TestConfiguration.class)
 				.withPropertyValues("spring.rabbitmq.ssl.enabled:true").run((context) -> {
 					com.rabbitmq.client.ConnectionFactory rabbitConnectionFactory = getTargetConnectionFactory(context);
-					TrustManager trustManager = getTrustManager(rabbitConnectionFactory);
-					assertThat(trustManager).isNotInstanceOf(TrustEverythingTrustManager.class);
+					assertThat(rabbitConnectionFactory.isSSL()).isTrue();
+					assertThat(output).doesNotContain("TrustEverythingTrustManager", "SECURITY ALERT");
 				});
 	}
 
@@ -849,18 +849,6 @@ void whenMultipleConnectionFactoryCustomizersAreDefinedThenTheyAreCalledInOrder(
 				});
 	}
 
-	private TrustManager getTrustManager(com.rabbitmq.client.ConnectionFactory rabbitConnectionFactory) {
-		SslContextFactory sslContextFactory = (SslContextFactory) ReflectionTestUtils.getField(rabbitConnectionFactory,
-				"sslContextFactory");
-		SSLContext sslContext = sslContextFactory.create("connection");
-		Object spi = ReflectionTestUtils.getField(sslContext, "contextSpi");
-		Object trustManager = ReflectionTestUtils.getField(spi, "trustManager");
-		while (trustManager.getClass().getName().endsWith("Wrapper")) {
-			trustManager = ReflectionTestUtils.getField(trustManager, "tm");
-		}
-		return (TrustManager) trustManager;
-	}
-
 	private com.rabbitmq.client.ConnectionFactory getTargetConnectionFactory(AssertableApplicationContext context) {
 		CachingConnectionFactory connectionFactory = context.getBean(CachingConnectionFactory.class);
 		return connectionFactory.getRabbitConnectionFactory();
