From 54bcef56ee1861301e8716c03a3e45916510a7c5 Mon Sep 17 00:00:00 2001
From: sapessi <stefano.buliani@gmail.com>
Date: Wed, 31 Jan 2018 14:46:45 -0800
Subject: [PATCH] Added unit test to validate the proposed solution for #111
 and warning log messages in request object when a framework tries to access
 the session

---
 .../servlet/AwsHttpServletRequest.java        |  7 ++
 aws-serverless-java-container-spring/pom.xml  | 67 +++++++++++++++++++
 .../proxy/spring/SpringBootAppTest.java       | 43 ++++++++++++
 .../spring/springbootapp/LambdaHandler.java   | 37 ++++++++++
 .../spring/springbootapp/TestApplication.java | 12 ++++
 .../spring/springbootapp/TestController.java  | 30 +++++++++
 6 files changed, 196 insertions(+)
 create mode 100644 aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/SpringBootAppTest.java
 create mode 100644 aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/springbootapp/LambdaHandler.java
 create mode 100644 aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/springbootapp/TestApplication.java
 create mode 100644 aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/springbootapp/TestController.java

diff --git a/aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/AwsHttpServletRequest.java b/aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/AwsHttpServletRequest.java
index 2530d67b2..b2e61430a 100644
--- a/aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/AwsHttpServletRequest.java
+++ b/aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/AwsHttpServletRequest.java
@@ -107,6 +107,7 @@ public String getRequestedSessionId() {
 
     @Override
     public HttpSession getSession(boolean b) {
+        log.warn("Trying to access session. Lambda functions are stateless and should not rely on the session");
         if (b && null == this.session) {
             ApiGatewayRequestContext requestContext = (ApiGatewayRequestContext) getAttribute(RequestReader.API_GATEWAY_CONTEXT_PROPERTY);
             this.session = new AwsHttpSession(requestContext.getRequestId());
@@ -117,30 +118,35 @@ public HttpSession getSession(boolean b) {
 
     @Override
     public HttpSession getSession() {
+        log.warn("Trying to access session. Lambda functions are stateless and should not rely on the session");
         return this.session;
     }
 
 
     @Override
     public String changeSessionId() {
+        log.warn("Trying to access session. Lambda functions are stateless and should not rely on the session");
         return null;
     }
 
 
     @Override
     public boolean isRequestedSessionIdValid() {
+        log.warn("Trying to access session. Lambda functions are stateless and should not rely on the session");
         return false;
     }
 
 
     @Override
     public boolean isRequestedSessionIdFromCookie() {
+        log.warn("Trying to access session. Lambda functions are stateless and should not rely on the session");
         return false;
     }
 
 
     @Override
     public boolean isRequestedSessionIdFromURL() {
+        log.warn("Trying to access session. Lambda functions are stateless and should not rely on the session");
         return false;
     }
 
@@ -148,6 +154,7 @@ public boolean isRequestedSessionIdFromURL() {
     @Override
     @Deprecated
     public boolean isRequestedSessionIdFromUrl() {
+        log.warn("Trying to access session. Lambda functions are stateless and should not rely on the session");
         return false;
     }
 
diff --git a/aws-serverless-java-container-spring/pom.xml b/aws-serverless-java-container-spring/pom.xml
index a0ff669bd..56e710483 100644
--- a/aws-serverless-java-container-spring/pom.xml
+++ b/aws-serverless-java-container-spring/pom.xml
@@ -16,6 +16,7 @@
 
     <properties>
         <spring.version>4.3.13.RELEASE</spring.version>
+        <spring-security.version>4.2.4.RELEASE</spring-security.version>
         <jackson.version>2.9.3</jackson.version>
     </properties>
 
@@ -77,6 +78,72 @@
             <version>2.2.4</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-autoconfigure</artifactId>
+            <version>1.5.9.RELEASE</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-config</artifactId>
+            <version>${spring-security.version}</version>
+            <scope>test</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-aop</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-expression</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-context</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-beans</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-core</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-web</artifactId>
+            <version>${spring-security.version}</version>
+            <scope>test</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-aop</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-expression</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-context</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-beans</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-core</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-web</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
     </dependencies>
 
     <reporting>
diff --git a/aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/SpringBootAppTest.java b/aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/SpringBootAppTest.java
new file mode 100644
index 000000000..f6829c473
--- /dev/null
+++ b/aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/SpringBootAppTest.java
@@ -0,0 +1,43 @@
+package com.amazonaws.serverless.proxy.spring;
+
+
+import com.amazonaws.serverless.proxy.internal.testutils.AwsProxyRequestBuilder;
+import com.amazonaws.serverless.proxy.internal.testutils.MockLambdaContext;
+import com.amazonaws.serverless.proxy.model.AwsProxyRequest;
+import com.amazonaws.serverless.proxy.model.AwsProxyResponse;
+import com.amazonaws.serverless.proxy.spring.echoapp.model.SingleValueModel;
+import com.amazonaws.serverless.proxy.spring.springbootapp.LambdaHandler;
+import com.amazonaws.serverless.proxy.spring.springbootapp.TestController;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.junit.Test;
+
+import java.io.IOException;
+
+import static org.junit.Assert.*;
+
+
+public class SpringBootAppTest {
+    private LambdaHandler handler = new LambdaHandler();
+    private MockLambdaContext context = new MockLambdaContext();
+    private ObjectMapper mapper = new ObjectMapper();
+
+    @Test
+    public void testMethod_springSecurity_doesNotThrowException() {
+        AwsProxyRequest req = new AwsProxyRequestBuilder("/test", "GET").build();
+        AwsProxyResponse resp = handler.handleRequest(req, context);
+        assertNotNull(resp);
+        validateSingleValueModel(resp, TestController.TEST_VALUE);
+    }
+
+    private void validateSingleValueModel(AwsProxyResponse output, String value) {
+        try {
+            SingleValueModel response = mapper.readValue(output.getBody(), SingleValueModel.class);
+            assertNotNull(response.getValue());
+            assertEquals(value, response.getValue());
+        } catch (IOException e) {
+            fail("Exception while parsing response body: " + e.getMessage());
+            e.printStackTrace();
+        }
+    }
+}
diff --git a/aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/springbootapp/LambdaHandler.java b/aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/springbootapp/LambdaHandler.java
new file mode 100644
index 000000000..1451b9c04
--- /dev/null
+++ b/aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/springbootapp/LambdaHandler.java
@@ -0,0 +1,37 @@
+package com.amazonaws.serverless.proxy.spring.springbootapp;
+
+
+import com.amazonaws.serverless.exceptions.ContainerInitializationException;
+import com.amazonaws.serverless.proxy.model.AwsProxyRequest;
+import com.amazonaws.serverless.proxy.model.AwsProxyResponse;
+import com.amazonaws.serverless.proxy.spring.SpringBootLambdaContainerHandler;
+import com.amazonaws.serverless.proxy.spring.SpringLambdaContainerHandler;
+import com.amazonaws.serverless.proxy.spring.springbootapp.TestApplication;
+import com.amazonaws.services.lambda.runtime.Context;
+import com.amazonaws.services.lambda.runtime.RequestHandler;
+
+import org.springframework.web.context.support.XmlWebApplicationContext;
+
+
+public class LambdaHandler
+        implements RequestHandler<AwsProxyRequest, AwsProxyResponse>
+{
+    SpringBootLambdaContainerHandler<AwsProxyRequest, AwsProxyResponse> handler;
+    boolean isinitialized = false;
+
+    public AwsProxyResponse handleRequest(AwsProxyRequest awsProxyRequest, Context context)
+    {
+        if (!isinitialized) {
+            isinitialized = true;
+            try {
+                handler = SpringBootLambdaContainerHandler.getAwsProxyHandler(TestApplication.class);
+            } catch (ContainerInitializationException e) {
+                e.printStackTrace();
+                return null;
+            }
+        }
+        AwsProxyResponse res = handler.proxy(awsProxyRequest, context);
+        return res;
+    }
+}
+
diff --git a/aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/springbootapp/TestApplication.java b/aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/springbootapp/TestApplication.java
new file mode 100644
index 000000000..d203a56e0
--- /dev/null
+++ b/aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/springbootapp/TestApplication.java
@@ -0,0 +1,12 @@
+package com.amazonaws.serverless.proxy.spring.springbootapp;
+
+
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.web.support.SpringBootServletInitializer;
+import org.springframework.context.annotation.ComponentScan;
+
+
+@SpringBootApplication
+@ComponentScan(basePackages = "com.amazonaws.serverless.proxy.spring.springbootapp")
+public class TestApplication extends SpringBootServletInitializer {
+}
diff --git a/aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/springbootapp/TestController.java b/aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/springbootapp/TestController.java
new file mode 100644
index 000000000..39433db3b
--- /dev/null
+++ b/aws-serverless-java-container-spring/src/test/java/com/amazonaws/serverless/proxy/spring/springbootapp/TestController.java
@@ -0,0 +1,30 @@
+package com.amazonaws.serverless.proxy.spring.springbootapp;
+
+
+import com.amazonaws.serverless.proxy.spring.echoapp.model.SingleValueModel;
+
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RestController;
+
+
+@RestController
+@EnableWebSecurity
+public class TestController extends WebSecurityConfigurerAdapter{
+    public static final String TEST_VALUE = "test";
+
+    @RequestMapping(path = "/test", method = { RequestMethod.GET })
+    public SingleValueModel testGet() {
+        SingleValueModel value = new SingleValueModel();
+        value.setValue(TEST_VALUE);
+        return value;
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.sessionManagement().disable();
+    }
+}