GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

ServerRequestCache.removeMatchingRequest 

Issue: gh-4789
pull/4847/head
Rob Winch 8 years ago
parent
563139c469
commit
75a7c5268a
6 changed files with 10 additions and 43 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      web/src/main/java/org/springframework/security/web/server/csrf/WebSessionServerCsrfTokenRepository.java
  2. 7
      web/src/main/java/org/springframework/security/web/server/savedrequest/NoOpServerRequestCache.java
  3. 12
      web/src/main/java/org/springframework/security/web/server/savedrequest/ServerRequestCache.java
  4. 3
      web/src/main/java/org/springframework/security/web/server/savedrequest/ServerRequestCacheWebFilter.java
  5. 16
      web/src/main/java/org/springframework/security/web/server/savedrequest/WebSessionServerRequestCache.java
  6. 4
      web/src/test/java/org/springframework/security/web/server/savedrequest/WebSessionServerRequestCacheTests.java

11
web/src/main/java/org/springframework/security/web/server/csrf/WebSessionServerCsrfTokenRepository.java
Unescape View File

@ -60,15 +60,8 @@ public class WebSessionServerCsrfTokenRepository @@ -60,15 +60,8 @@ public class WebSessionServerCsrfTokenRepository
return Mono.just(token);
}
return exchange.getSession()
.map(WebSession::getAttributes)
.flatMap( attrs -> save(attrs, token));
}
private Mono<CsrfToken> save(Map<String, Object> attributes, CsrfToken token) {
return Mono.defer(() -> {
putToken(attributes, token);
return Mono.justOrEmpty(token);
});
.doOnSuccess(session -> putToken(session.getAttributes(), token))
.flatMap(r -> Mono.justOrEmpty(token));
}
private void putToken(Map<String, Object> attributes, CsrfToken token) {

7
web/src/main/java/org/springframework/security/web/server/savedrequest/NoOpServerRequestCache.java
Unescape View File

@ -38,16 +38,11 @@ public class NoOpServerRequestCache implements ServerRequestCache { @@ -38,16 +38,11 @@ public class NoOpServerRequestCache implements ServerRequestCache {
}
@Override
public Mono<ServerHttpRequest> getMatchingRequest(
public Mono<ServerHttpRequest> removeMatchingRequest(
ServerWebExchange exchange) {
return Mono.empty();
}
@Override
public Mono<ServerHttpRequest> removeRequest(ServerWebExchange exchange) {
return Mono.empty();
}
public static NoOpServerRequestCache getInstance() {
return new NoOpServerRequestCache();
}

12
web/src/main/java/org/springframework/security/web/server/savedrequest/ServerRequestCache.java
Unescape View File

@ -52,15 +52,5 @@ public interface ServerRequestCache { @@ -52,15 +52,5 @@ public interface ServerRequestCache {
* @param exchange the exchange to obtain the request from
* @return the {@link ServerHttpRequest}
*/
Mono<ServerHttpRequest> getMatchingRequest(ServerWebExchange exchange);
/**
* If the {@link ServerWebExchange} contains a saved {@link ServerHttpRequest} remove
* and return it.
*
* @param exchange the {@link ServerWebExchange} to obtain and remove the
* {@link ServerHttpRequest}
* @return the {@link ServerHttpRequest}
*/
Mono<ServerHttpRequest> removeRequest(ServerWebExchange exchange);
Mono<ServerHttpRequest> removeMatchingRequest(ServerWebExchange exchange);
}

3
web/src/main/java/org/springframework/security/web/server/savedrequest/ServerRequestCacheWebFilter.java
Unescape View File

@ -33,8 +33,7 @@ public class ServerRequestCacheWebFilter implements WebFilter { @@ -33,8 +33,7 @@ public class ServerRequestCacheWebFilter implements WebFilter {
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
return this.requestCache.getMatchingRequest(exchange)
.flatMap(r -> this.requestCache.removeRequest(exchange))
return this.requestCache.removeMatchingRequest(exchange)
.map(r -> exchange.mutate().request(r).build())
.defaultIfEmpty(exchange)
.flatMap(e -> chain.filter(e));

16
web/src/main/java/org/springframework/security/web/server/savedrequest/WebSessionServerRequestCache.java
Unescape View File

@ -77,22 +77,12 @@ public class WebSessionServerRequestCache implements ServerRequestCache { @@ -77,22 +77,12 @@ public class WebSessionServerRequestCache implements ServerRequestCache {
}
@Override
public Mono<ServerHttpRequest> getMatchingRequest(
public Mono<ServerHttpRequest> removeMatchingRequest(
ServerWebExchange exchange) {
return getRedirectUri(exchange)
.map(URI::toASCIIString)
.map(path -> exchange.getRequest().mutate().path(path).build())
.filter( request -> pathInApplication(request).equals(
pathInApplication(exchange.getRequest())));
}
@Override
public Mono<ServerHttpRequest> removeRequest(ServerWebExchange exchange) {
return exchange.getSession()
.map(WebSession::getAttributes)
.flatMap(attrs -> Mono.justOrEmpty(attrs.remove(this.sessionAttrName)))
.cast(String.class)
.map(path -> exchange.getRequest().mutate().path(path).build());
.filter(attributes -> attributes.remove(this.sessionAttrName, pathInApplication(exchange.getRequest())))
.map(attributes -> exchange.getRequest());
}
private static String pathInApplication(ServerHttpRequest request) {

4
web/src/test/java/org/springframework/security/web/server/savedrequest/WebSessionServerRequestCacheTests.java
Unescape View File

@ -67,7 +67,7 @@ public class WebSessionServerRequestCacheTests { @@ -67,7 +67,7 @@ public class WebSessionServerRequestCacheTests {
MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/secured/"));
this.cache.saveRequest(exchange).block();
ServerHttpRequest saved = this.cache.removeRequest(exchange).block();
ServerHttpRequest saved = this.cache.removeMatchingRequest(exchange).block();
assertThat(saved.getURI()).isEqualTo(exchange.getRequest().getURI());
}
@ -77,7 +77,7 @@ public class WebSessionServerRequestCacheTests { @@ -77,7 +77,7 @@ public class WebSessionServerRequestCacheTests {
MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/secured/"));
this.cache.saveRequest(exchange).block();
this.cache.removeRequest(exchange).block();
this.cache.removeMatchingRequest(exchange).block();
assertThat(this.cache.getRedirectUri(exchange).block()).isNull();
}

Write Preview
Loading…
Cancel
Save