Migrate to assertThatExceptionOfType

Consistently use `assertThatExceptionOfType(...).isThrownBy(...)`
rather than `assertThatCode` or `assertThatThrownBy`. This aligns with
Spring Boot and Spring Cloud. It also allows the convenience
`assertThatIllegalArgument` and `assertThatIllegalState` methods to
be used.

Issue gh-8945

Author: philwebb

config/src/integration-test/java/org/springframework/security/config/annotation/rsocket/HelloRSocketITests.java

@@ -20,6 +20,7 @@
 import java.util.List;
 
 import io.rsocket.RSocketFactory;
+import io.rsocket.exceptions.RejectedSetupException;
 import io.rsocket.frame.decoder.PayloadDecoder;
 import io.rsocket.transport.netty.server.CloseableChannel;
 import io.rsocket.transport.netty.server.TcpServerTransport;
@@ -46,7 +47,7 @@
 import org.springframework.test.context.junit4.SpringRunner;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatCode;
+import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
 
 /**
  * @author Rob Winch
@@ -87,10 +88,11 @@ public void retrieveMonoWhenSecureThenDenied() throws Exception {
 		this.requester = RSocketRequester.builder().rsocketStrategies(this.handler.getRSocketStrategies())
 				.connectTcp("localhost", this.server.address().getPort()).block();
 		String data = "rob";
-		assertThatCode(() -> this.requester.route("secure.retrieve-mono").data(data).retrieveMono(String.class).block())
-				.isNotNull();
+		assertThatExceptionOfType(Exception.class).isThrownBy(
+				() -> this.requester.route("secure.retrieve-mono").data(data).retrieveMono(String.class).block())
+				.matches((ex) -> ex instanceof RejectedSetupException
+						|| ex.getClass().toString().contains("ReactiveException"));
 		// FIXME: https://github.com/rsocket/rsocket-java/issues/686
-		// .isInstanceOf(RejectedSetupException.class);
 		assertThat(this.controller.payloads).isEmpty();
 	}
 

config/src/integration-test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java

@@ -21,6 +21,7 @@
 
 import io.rsocket.RSocketFactory;
 import io.rsocket.exceptions.ApplicationErrorException;
+import io.rsocket.exceptions.RejectedSetupException;
 import io.rsocket.frame.decoder.PayloadDecoder;
 import io.rsocket.transport.netty.server.CloseableChannel;
 import io.rsocket.transport.netty.server.TcpServerTransport;
@@ -49,7 +50,7 @@
 import org.springframework.test.context.junit4.SpringRunner;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatCode;
+import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
 
 /**
  * @author Rob Winch
@@ -103,8 +104,8 @@ public void routeWhenNotAuthorized() {
 		UsernamePasswordMetadata credentials = new UsernamePasswordMetadata("user", "password");
 		this.requester = requester().setupMetadata(credentials, UsernamePasswordMetadata.BASIC_AUTHENTICATION_MIME_TYPE)
 				.connectTcp(this.server.address().getHostName(), this.server.address().getPort()).block();
-		assertThatCode(() -> this.requester.route("secure.admin.retrieve-mono").data("data").retrieveMono(String.class)
-				.block()).isInstanceOf(ApplicationErrorException.class);
+		assertThatExceptionOfType(ApplicationErrorException.class).isThrownBy(() -> this.requester
+				.route("secure.admin.retrieve-mono").data("data").retrieveMono(String.class).block());
 	}
 
 	@Test
@@ -137,30 +138,32 @@ public void routeWhenStreamCredentialsHaveAuthority() {
 	public void connectWhenNotAuthenticated() {
 		this.requester = requester().connectTcp(this.server.address().getHostName(), this.server.address().getPort())
 				.block();
-		assertThatCode(() -> this.requester.route("retrieve-mono").data("data").retrieveMono(String.class).block())
-				.isNotNull();
+		assertThatExceptionOfType(Exception.class)
+				.isThrownBy(() -> this.requester.route("retrieve-mono").data("data").retrieveMono(String.class).block())
+				.matches((ex) -> ex instanceof RejectedSetupException
+						|| ex.getClass().toString().contains("ReactiveException"));
 		// FIXME: https://github.com/rsocket/rsocket-java/issues/686
-		// .isInstanceOf(RejectedSetupException.class);
 	}
 
 	@Test
 	public void connectWhenNotAuthorized() {
 		UsernamePasswordMetadata credentials = new UsernamePasswordMetadata("evil", "password");
 		this.requester = requester().setupMetadata(credentials, UsernamePasswordMetadata.BASIC_AUTHENTICATION_MIME_TYPE)
 				.connectTcp(this.server.address().getHostName(), this.server.address().getPort()).block();
-		assertThatCode(() -> this.requester.route("retrieve-mono").data("data").retrieveMono(String.class).block())
-				.isNotNull();
+		assertThatExceptionOfType(Exception.class)
+				.isThrownBy(() -> this.requester.route("retrieve-mono").data("data").retrieveMono(String.class).block())
+				.matches((ex) -> ex instanceof RejectedSetupException
+						|| ex.getClass().toString().contains("ReactiveException"));
 		// FIXME: https://github.com/rsocket/rsocket-java/issues/686
-		// .isInstanceOf(RejectedSetupException.class);
 	}
 
 	@Test
 	public void connectionDenied() {
 		UsernamePasswordMetadata credentials = new UsernamePasswordMetadata("user", "password");
 		this.requester = requester().setupMetadata(credentials, UsernamePasswordMetadata.BASIC_AUTHENTICATION_MIME_TYPE)
 				.connectTcp(this.server.address().getHostName(), this.server.address().getPort()).block();
-		assertThatCode(() -> this.requester.route("prohibit").data("data").retrieveMono(String.class).block())
-				.isInstanceOf(ApplicationErrorException.class);
+		assertThatExceptionOfType(ApplicationErrorException.class)
+				.isThrownBy(() -> this.requester.route("prohibit").data("data").retrieveMono(String.class).block());
 	}
 
 	@Test

config/src/integration-test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerITests.java

@@ -52,7 +52,7 @@
 import org.springframework.test.context.junit4.SpringRunner;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatCode;
+import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
 
 /**
  * @author Rob Winch
@@ -96,19 +96,21 @@ public void dispose() {
 	@Test
 	public void retrieveMonoWhenSecureThenDenied() throws Exception {
 		String data = "rob";
-		assertThatCode(() -> this.requester.route("secure.retrieve-mono").data(data).retrieveMono(String.class).block())
-				.isInstanceOf(ApplicationErrorException.class).hasMessageContaining("Access Denied");
+		assertThatExceptionOfType(ApplicationErrorException.class).isThrownBy(
+				() -> this.requester.route("secure.retrieve-mono").data(data).retrieveMono(String.class).block())
+				.withMessageContaining("Access Denied");
 		assertThat(this.controller.payloads).isEmpty();
 	}
 
 	@Test
 	public void retrieveMonoWhenAuthenticationFailedThenException() throws Exception {
 		String data = "rob";
 		UsernamePasswordMetadata credentials = new UsernamePasswordMetadata("invalid", "password");
-		assertThatCode(() -> this.requester.route("secure.retrieve-mono")
-				.metadata(credentials, UsernamePasswordMetadata.BASIC_AUTHENTICATION_MIME_TYPE).data(data)
-				.retrieveMono(String.class).block()).isInstanceOf(ApplicationErrorException.class)
-						.hasMessageContaining("Invalid Credentials");
+		assertThatExceptionOfType(ApplicationErrorException.class)
+				.isThrownBy(() -> this.requester.route("secure.retrieve-mono")
+						.metadata(credentials, UsernamePasswordMetadata.BASIC_AUTHENTICATION_MIME_TYPE).data(data)
+						.retrieveMono(String.class).block())
+				.withMessageContaining("Invalid Credentials");
 		assertThat(this.controller.payloads).isEmpty();
 	}
 
@@ -134,9 +136,10 @@ public void retrieveMonoWhenPublicThenGranted() throws Exception {
 	@Test
 	public void retrieveFluxWhenDataFluxAndSecureThenDenied() throws Exception {
 		Flux<String> data = Flux.just("a", "b", "c");
-		assertThatCode(() -> this.requester.route("secure.retrieve-flux").data(data, String.class)
-				.retrieveFlux(String.class).collectList().block()).isInstanceOf(ApplicationErrorException.class)
-						.hasMessageContaining("Access Denied");
+		assertThatExceptionOfType(ApplicationErrorException.class)
+				.isThrownBy(() -> this.requester.route("secure.retrieve-flux").data(data, String.class)
+						.retrieveFlux(String.class).collectList().block())
+				.withMessageContaining("Access Denied");
 		assertThat(this.controller.payloads).isEmpty();
 	}
 
@@ -152,9 +155,9 @@ public void retrieveFluxWhenDataFluxAndPublicThenGranted() throws Exception {
 	@Test
 	public void retrieveFluxWhenDataStringAndSecureThenDenied() throws Exception {
 		String data = "a";
-		assertThatCode(
+		assertThatExceptionOfType(ApplicationErrorException.class).isThrownBy(
 				() -> this.requester.route("secure.hello").data(data).retrieveFlux(String.class).collectList().block())
-						.isInstanceOf(ApplicationErrorException.class).hasMessageContaining("Access Denied");
+				.withMessageContaining("Access Denied");
 		assertThat(this.controller.payloads).isEmpty();
 	}
 

config/src/integration-test/java/org/springframework/security/config/annotation/rsocket/SimpleAuthenticationITests.java

@@ -52,7 +52,7 @@
 import org.springframework.util.MimeTypeUtils;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatCode;
+import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
 
 /**
  * @author Rob Winch
@@ -93,8 +93,8 @@ public void retrieveMonoWhenSecureThenDenied() throws Exception {
 		this.requester = RSocketRequester.builder().rsocketStrategies(this.handler.getRSocketStrategies())
 				.connectTcp("localhost", this.server.address().getPort()).block();
 		String data = "rob";
-		assertThatCode(() -> this.requester.route("secure.retrieve-mono").data(data).retrieveMono(String.class).block())
-				.isInstanceOf(ApplicationErrorException.class);
+		assertThatExceptionOfType(ApplicationErrorException.class).isThrownBy(
+				() -> this.requester.route("secure.retrieve-mono").data(data).retrieveMono(String.class).block());
 		assertThat(this.controller.payloads).isEmpty();
 	}
 

config/src/test/java/org/springframework/security/config/annotation/authentication/configuration/AuthenticationConfigurationTests.java

@@ -63,7 +63,7 @@
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
+import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.ArgumentMatchers.startsWith;
@@ -165,9 +165,8 @@ public void getAuthenticationWhenConfiguredThenBootNotTrigger() throws Exception
 				new BootGlobalAuthenticationConfigurerAdapter()));
 		AuthenticationManager authenticationManager = config.getAuthenticationManager();
 		authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("user", "password"));
-		assertThatThrownBy(
-				() -> authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("boot", "password")))
-						.isInstanceOf(AuthenticationException.class);
+		assertThatExceptionOfType(AuthenticationException.class).isThrownBy(
+				() -> authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("boot", "password")));
 	}
 
 	@Test
@@ -207,8 +206,8 @@ public void getAuthenticationWhenUserDetailsServiceBeanThenAuthenticationManager
 				.getAuthenticationManager();
 		given(uds.loadUserByUsername("user")).willReturn(PasswordEncodedUser.user(), PasswordEncodedUser.user());
 		am.authenticate(new UsernamePasswordAuthenticationToken("user", "password"));
-		assertThatThrownBy(() -> am.authenticate(new UsernamePasswordAuthenticationToken("user", "invalid")))
-				.isInstanceOf(AuthenticationException.class);
+		assertThatExceptionOfType(AuthenticationException.class)
+				.isThrownBy(() -> am.authenticate(new UsernamePasswordAuthenticationToken("user", "invalid")));
 	}
 
 	@Test
@@ -222,8 +221,8 @@ public void getAuthenticationWhenUserDetailsServiceAndPasswordEncoderBeanThenEnc
 		given(uds.loadUserByUsername("user")).willReturn(User.withUserDetails(user).build(),
 				User.withUserDetails(user).build());
 		am.authenticate(new UsernamePasswordAuthenticationToken("user", "password"));
-		assertThatThrownBy(() -> am.authenticate(new UsernamePasswordAuthenticationToken("user", "invalid")))
-				.isInstanceOf(AuthenticationException.class);
+		assertThatExceptionOfType(AuthenticationException.class)
+				.isThrownBy(() -> am.authenticate(new UsernamePasswordAuthenticationToken("user", "invalid")));
 	}
 
 	@Test
@@ -291,7 +290,7 @@ public void getAuthenticationManagerWhenAuthenticationConfigurationSubclassedThe
 		this.spring.register(AuthenticationConfigurationSubclass.class).autowire();
 		AuthenticationManagerBuilder ap = this.spring.getContext().getBean(AuthenticationManagerBuilder.class);
 		this.spring.getContext().getBean(AuthenticationConfiguration.class).getAuthenticationManager();
-		assertThatThrownBy(ap::build).isInstanceOf(AlreadyBuiltException.class);
+		assertThatExceptionOfType(AlreadyBuiltException.class).isThrownBy(ap::build);
 	}
 
 	@EnableGlobalMethodSecurity(securedEnabled = true)

config/src/test/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurityTests.java

@@ -35,7 +35,7 @@
 import org.springframework.test.context.junit4.SpringRunner;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
+import static org.assertj.core.api.Assertions.assertThatIllegalStateException;
 import static org.mockito.BDDMockito.given;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.reset;
@@ -73,9 +73,11 @@ public void setConfig(Config config) {
 
 	@Test
 	public void notPublisherPreAuthorizeFindByIdThenThrowsIllegalStateException() {
-		assertThatThrownBy(() -> this.messageService.notPublisherPreAuthorizeFindById(1L))
-				.isInstanceOf(IllegalStateException.class).extracting(Throwable::getMessage).isEqualTo(
-						"The returnType class java.lang.String on public abstract java.lang.String org.springframework.security.config.annotation.method.configuration.ReactiveMessageService.notPublisherPreAuthorizeFindById(long) must return an instance of org.reactivestreams.Publisher (i.e. Mono / Flux) in order to support Reactor Context");
+		assertThatIllegalStateException().isThrownBy(() -> this.messageService.notPublisherPreAuthorizeFindById(1L))
+				.withMessage("The returnType class java.lang.String on public abstract java.lang.String "
+						+ "org.springframework.security.config.annotation.method.configuration.ReactiveMessageService"
+						+ ".notPublisherPreAuthorizeFindById(long) must return an instance of org.reactivestreams"
+						+ ".Publisher (i.e. Mono / Flux) in order to support Reactor Context");
 	}
 
 	@Test

config/src/test/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfigurationTests.java

@@ -61,7 +61,7 @@
 import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
+import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.BDDMockito.given;
@@ -125,7 +125,8 @@ public void methodSecurityWhenAuthenticationTrustResolverIsBeanThenAutowires() {
 		this.spring.register(CustomTrustResolverConfig.class).autowire();
 		AuthenticationTrustResolver trustResolver = this.spring.getContext().getBean(AuthenticationTrustResolver.class);
 		given(trustResolver.isAnonymous(any())).willReturn(true, false);
-		assertThatThrownBy(() -> this.service.preAuthorizeNotAnonymous()).isInstanceOf(AccessDeniedException.class);
+		assertThatExceptionOfType(AccessDeniedException.class)
+				.isThrownBy(() -> this.service.preAuthorizeNotAnonymous());
 		this.service.preAuthorizeNotAnonymous();
 		verify(trustResolver, atLeastOnce()).isAnonymous(any());
 	}
@@ -136,15 +137,15 @@ public void methodSecurityWhenAuthenticationTrustResolverIsBeanThenAutowires() {
 	public void defaultWebSecurityExpressionHandlerHasBeanResolverSet() {
 		this.spring.register(ExpressionHandlerHasBeanResolverSetConfig.class).autowire();
 		Authz authz = this.spring.getContext().getBean(Authz.class);
-		assertThatThrownBy(() -> this.service.preAuthorizeBean(false)).isInstanceOf(AccessDeniedException.class);
+		assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> this.service.preAuthorizeBean(false));
 		this.service.preAuthorizeBean(true);
 	}
 
 	@Test
 	@WithMockUser
 	public void methodSecuritySupportsAnnotaitonsOnInterfaceParamerNames() {
 		this.spring.register(MethodSecurityServiceConfig.class).autowire();
-		assertThatThrownBy(() -> this.service.postAnnotation("deny")).isInstanceOf(AccessDeniedException.class);
+		assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> this.service.postAnnotation("deny"));
 		this.service.postAnnotation("grant");
 		// no exception
 	}
@@ -157,7 +158,8 @@ public void globalMethodSecurityConfigurationAutowiresPermissionEvaluator() {
 		given(permission.hasPermission(any(), eq("something"), eq("read"))).willReturn(true, false);
 		this.service.hasPermission("something");
 		// no exception
-		assertThatThrownBy(() -> this.service.hasPermission("something")).isInstanceOf(AccessDeniedException.class);
+		assertThatExceptionOfType(AccessDeniedException.class)
+				.isThrownBy(() -> this.service.hasPermission("something"));
 	}
 
 	@Test
@@ -171,7 +173,7 @@ public void multiPermissionEvaluatorConfig() {
 	@WithMockUser
 	public void enableGlobalMethodSecurityWorksOnSuperclass() {
 		this.spring.register(ChildConfig.class).autowire();
-		assertThatThrownBy(() -> this.service.preAuthorize()).isInstanceOf(AccessDeniedException.class);
+		assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> this.service.preAuthorize());
 	}
 
 	// SEC-2479
@@ -186,7 +188,7 @@ public void supportAuthenticationManagerInParent() {
 				child.register(Sec2479ChildConfig.class);
 				child.refresh();
 				this.spring.context(child).autowire();
-				assertThatThrownBy(() -> this.service.preAuthorize()).isInstanceOf(AccessDeniedException.class);
+				assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> this.service.preAuthorize());
 			}
 		}
 	}
@@ -228,7 +230,7 @@ public void globalSecurityProxiesSecurity() {
 	@WithMockUser
 	public void preAuthorizeBeanSpel() {
 		this.spring.register(PreAuthorizeBeanSpelConfig.class).autowire();
-		assertThatThrownBy(() -> this.service.preAuthorizeBean(false)).isInstanceOf(AccessDeniedException.class);
+		assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> this.service.preAuthorizeBean(false));
 		this.service.preAuthorizeBean(true);
 	}
 
@@ -237,7 +239,7 @@ public void preAuthorizeBeanSpel() {
 	@WithMockUser
 	public void roleHierarchy() {
 		this.spring.register(RoleHierarchyConfig.class).autowire();
-		assertThatThrownBy(() -> this.service.preAuthorize()).isInstanceOf(AccessDeniedException.class);
+		assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> this.service.preAuthorize());
 		this.service.preAuthorizeAdmin();
 	}
 
@@ -247,7 +249,7 @@ public void grantedAuthorityDefaultsAutowires() {
 		this.spring.register(CustomGrantedAuthorityConfig.class).autowire();
 		CustomGrantedAuthorityConfig.CustomAuthorityService customService = this.spring.getContext()
 				.getBean(CustomGrantedAuthorityConfig.CustomAuthorityService.class);
-		assertThatThrownBy(() -> this.service.preAuthorize()).isInstanceOf(AccessDeniedException.class);
+		assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> this.service.preAuthorize());
 		customService.customPrefixRoleUser();
 		// no exception
 	}
@@ -258,7 +260,7 @@ public void grantedAuthorityDefaultsWithEmptyRolePrefix() {
 		this.spring.register(EmptyRolePrefixGrantedAuthorityConfig.class).autowire();
 		EmptyRolePrefixGrantedAuthorityConfig.CustomAuthorityService customService = this.spring.getContext()
 				.getBean(EmptyRolePrefixGrantedAuthorityConfig.CustomAuthorityService.class);
-		assertThatThrownBy(() -> this.service.securedUser()).isInstanceOf(AccessDeniedException.class);
+		assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> this.service.securedUser());
 		customService.emptyPrefixRoleUser();
 		// no exception
 	}