Update config tests

1livv · 1livv · commit c5219e3f80ed · 2024-03-04T17:28:46.000+02:00
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurerTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -371,7 +371,7 @@ public void saml2LogoutRequestWhenLowercaseEncodingAndDifferentQueryParamOrderTh
 	}
 
 	@Test
-	public void saml2LogoutRequestWhenNoRegistrationThen400() throws Exception {
+	public void saml2LogoutRequestWhenNoRegistrationThen401() throws Exception {
 		this.spring.register(Saml2LogoutDefaultsConfig.class).autowire();
 		DefaultSaml2AuthenticatedPrincipal principal = new DefaultSaml2AuthenticatedPrincipal("user",
 				Collections.emptyMap());
@@ -384,19 +384,19 @@ public void saml2LogoutRequestWhenNoRegistrationThen400() throws Exception {
 				.param("SigAlg", this.apLogoutRequestSigAlg)
 				.param("Signature", this.apLogoutRequestSignature)
 				.with(authentication(user)))
-			.andExpect(status().isBadRequest());
+			.andExpect(status().isUnauthorized());
 		verifyNoInteractions(getBean(LogoutHandler.class));
 	}
 
 	@Test
-	public void saml2LogoutRequestWhenInvalidSamlRequestThen401() throws Exception {
+	public void saml2LogoutRequestWhenInvalidSamlRequestThen302Redirect() throws Exception {
 		this.spring.register(Saml2LogoutDefaultsConfig.class).autowire();
 		this.mvc
 			.perform(get("/logout/saml2/slo").param("SAMLRequest", this.apLogoutRequest)
 				.param("RelayState", this.apLogoutRequestRelayState)
 				.param("SigAlg", this.apLogoutRequestSigAlg)
 				.with(authentication(this.user)))
-			.andExpect(status().isUnauthorized());
+			.andExpect(status().isFound());
 		verifyNoInteractions(getBean(LogoutHandler.class));
 	}
 
diff --git a/config/src/test/java/org/springframework/security/config/http/Saml2LogoutBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/http/Saml2LogoutBeanDefinitionParserTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -270,7 +270,7 @@ public void saml2LogoutRequestWhenCustomSecurityContextHolderStrategyThenUses()
 	}
 
 	@Test
-	public void saml2LogoutRequestWhenNoRegistrationThen400() throws Exception {
+	public void saml2LogoutRequestWhenNoRegistrationThen401() throws Exception {
 		this.spring.configLocations(this.xml("Default")).autowire();
 		DefaultSaml2AuthenticatedPrincipal principal = new DefaultSaml2AuthenticatedPrincipal("user",
 				Collections.emptyMap());
@@ -283,18 +283,18 @@ public void saml2LogoutRequestWhenNoRegistrationThen400() throws Exception {
 				.param("SigAlg", this.apLogoutRequestSigAlg)
 				.param("Signature", this.apLogoutRequestSignature)
 				.with(authentication(user)))
-			.andExpect(status().isBadRequest());
+			.andExpect(status().isUnauthorized());
 	}
 
 	@Test
-	public void saml2LogoutRequestWhenInvalidSamlRequestThen401() throws Exception {
+	public void saml2LogoutRequestWhenInvalidSamlRequestThen302Redirect() throws Exception {
 		this.spring.configLocations(this.xml("Default")).autowire();
 		this.mvc
 			.perform(get("/logout/saml2/slo").param("SAMLRequest", this.apLogoutRequest)
 				.param("RelayState", this.apLogoutRequestRelayState)
 				.param("SigAlg", this.apLogoutRequestSigAlg)
 				.with(authentication(this.saml2User)))
-			.andExpect(status().isUnauthorized());
+			.andExpect(status().isFound());
 	}
 
 	@Test
