GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

DigestAuthenticationFilter.securityContextRepository 

Issue gh-10953
pull/10849/head
Rob Winch 4 years ago
parent
09e730734b
commit
ba7fb0cb14
2 changed files with 41 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 17
      web/src/main/java/org/springframework/security/web/authentication/www/DigestAuthenticationFilter.java
  2. 24
      web/src/test/java/org/springframework/security/web/authentication/www/DigestAuthenticationFilterTests.java

17
web/src/main/java/org/springframework/security/web/authentication/www/DigestAuthenticationFilter.java
Unescape View File

@ -49,6 +49,8 @@ import org.springframework.security.core.userdetails.UserDetailsService; @@ -49,6 +49,8 @@ import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.core.userdetails.cache.NullUserCache;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.security.web.context.NullSecurityContextRepository;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.GenericFilterBean;
@ -106,6 +108,8 @@ public class DigestAuthenticationFilter extends GenericFilterBean implements Mes @@ -106,6 +108,8 @@ public class DigestAuthenticationFilter extends GenericFilterBean implements Mes
private boolean createAuthenticatedToken = false;
private SecurityContextRepository securityContextRepository = new NullSecurityContextRepository();
@Override
public void afterPropertiesSet() {
Assert.notNull(this.userDetailsService, "A UserDetailsService is required");
@ -192,6 +196,7 @@ public class DigestAuthenticationFilter extends GenericFilterBean implements Mes @@ -192,6 +196,7 @@ public class DigestAuthenticationFilter extends GenericFilterBean implements Mes
SecurityContext context = SecurityContextHolder.createEmptyContext();
context.setAuthentication(authentication);
SecurityContextHolder.setContext(context);
this.securityContextRepository.saveContext(context, request, response);
chain.doFilter(request, response);
}
@ -271,6 +276,18 @@ public class DigestAuthenticationFilter extends GenericFilterBean implements Mes @@ -271,6 +276,18 @@ public class DigestAuthenticationFilter extends GenericFilterBean implements Mes
this.createAuthenticatedToken = createAuthenticatedToken;
}
/**
* Sets the {@link SecurityContextRepository} to save the {@link SecurityContext} on
* authentication success. The default action is not to save the
* {@link SecurityContext}.
* @param securityContextRepository the {@link SecurityContextRepository} to use.
* Cannot be null.
*/
public void setSecurityContextRepository(SecurityContextRepository securityContextRepository) {
Assert.notNull(securityContextRepository, "securityContextRepository cannot be null");
this.securityContextRepository = securityContextRepository;
}
private class DigestData {
private final String username;

24
web/src/test/java/org/springframework/security/web/authentication/www/DigestAuthenticationFilterTests.java
Unescape View File

@ -29,6 +29,7 @@ import org.apache.commons.codec.digest.DigestUtils; @@ -29,6 +29,7 @@ import org.apache.commons.codec.digest.DigestUtils;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.mockito.ArgumentCaptor;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
@ -40,10 +41,12 @@ import org.springframework.security.core.userdetails.User; @@ -40,10 +41,12 @@ import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.cache.NullUserCache;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.util.StringUtils;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
@ -389,4 +392,25 @@ public class DigestAuthenticationFilterTests { @@ -389,4 +392,25 @@ public class DigestAuthenticationFilterTests {
assertThat(existingAuthentication).isSameAs(existingContext.getAuthentication());
}
@Test
public void testSecurityContextRepository() throws Exception {
SecurityContextRepository securityContextRepository = mock(SecurityContextRepository.class);
ArgumentCaptor<SecurityContext> contextArg = ArgumentCaptor.forClass(SecurityContext.class);
String responseDigest = DigestAuthUtils.generateDigest(false, USERNAME, REALM, PASSWORD, "GET", REQUEST_URI,
QOP, NONCE, NC, CNONCE);
this.request.addHeader("Authorization",
createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI, responseDigest, QOP, NC, CNONCE));
this.filter.setSecurityContextRepository(securityContextRepository);
this.filter.setCreateAuthenticatedToken(true);
MockHttpServletResponse response = executeFilterInContainerSimulator(this.filter, this.request, true);
assertThat(SecurityContextHolder.getContext().getAuthentication()).isNotNull();
assertThat(((UserDetails) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername())
.isEqualTo(USERNAME);
assertThat(SecurityContextHolder.getContext().getAuthentication().isAuthenticated()).isTrue();
assertThat(SecurityContextHolder.getContext().getAuthentication().getAuthorities())
.isEqualTo(AuthorityUtils.createAuthorityList("ROLE_ONE", "ROLE_TWO"));
verify(securityContextRepository).saveContext(contextArg.capture(), eq(this.request), eq(response));
assertThat(contextArg.getValue().getAuthentication().getName()).isEqualTo(USERNAME);
}
}

Write Preview
Loading…
Cancel
Save