Lets add

@AutoConfigureMockMvc(addFilters = false)

to ImportControllerTest. By setting addFilters = false in @AutoConfigureMockMvc, you instruct Spring to disable the entire Security Filter Chain for the test. This allows the request to be routed directly to your ImportController, bypassing any potential misconfiguration in the auto-configured OAuth2 resource server setup that is preventing the dispatcher from finding the controller.