From cb9fd091502187cd73610d12b8a19045962be252 Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Fri, 31 Jan 2020 09:25:26 -0700 Subject: [PATCH] Change AuthenticationWebFilter's constructor Fixes gh-7872 --- .../config/web/server/ServerHttpSecurity.java | 9 +++------ .../web/server/OAuth2ResourceServerSpecTests.java | 8 ++++---- .../authentication/AuthenticationWebFilter.java | 13 ++++++------- .../AuthenticationWebFilterTests.java | 11 ++++++++--- 4 files changed, 21 insertions(+), 20 deletions(-) diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java index 04fd40d84f..f377ccd816 100644 --- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java +++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java @@ -31,8 +31,6 @@ import java.util.UUID; import java.util.function.Function; import java.util.function.Supplier; -import org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository; -import org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository; import reactor.core.publisher.Mono; import reactor.util.context.Context; @@ -44,7 +42,6 @@ import org.springframework.core.annotation.AnnotationAwareOrderComparator; import org.springframework.core.convert.converter.Converter; import org.springframework.http.HttpMethod; import org.springframework.http.MediaType; -import org.springframework.http.server.reactive.ServerHttpRequest; import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.authentication.DelegatingReactiveAuthenticationManager; import org.springframework.security.authentication.ReactiveAuthenticationManager; @@ -1581,7 +1578,7 @@ public class ServerHttpSecurity { private JwtSpec jwt; private OpaqueTokenSpec opaqueToken; - private ReactiveAuthenticationManagerResolver authenticationManagerResolver; + private ReactiveAuthenticationManagerResolver authenticationManagerResolver; /** * Configures the {@link ServerAccessDeniedHandler} to use for requests authenticating with @@ -1631,10 +1628,10 @@ public class ServerHttpSecurity { * * @param authenticationManagerResolver the {@link ReactiveAuthenticationManagerResolver} * @return the {@link OAuth2ResourceServerSpec} for additional configuration - * @since 5.2 + * @since 5.3 */ public OAuth2ResourceServerSpec authenticationManagerResolver( - ReactiveAuthenticationManagerResolver authenticationManagerResolver) { + ReactiveAuthenticationManagerResolver authenticationManagerResolver) { Assert.notNull(authenticationManagerResolver, "authenticationManagerResolver cannot be null"); this.authenticationManagerResolver = authenticationManagerResolver; return this; diff --git a/config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java b/config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java index 8362ea105c..31346199b3 100644 --- a/config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java +++ b/config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java @@ -49,7 +49,6 @@ import org.springframework.context.annotation.Bean; import org.springframework.core.convert.converter.Converter; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; -import org.springframework.http.server.reactive.ServerHttpRequest; import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.authentication.ReactiveAuthenticationManager; import org.springframework.security.authentication.ReactiveAuthenticationManagerResolver; @@ -76,6 +75,7 @@ import org.springframework.web.bind.annotation.RestController; import org.springframework.web.context.support.GenericWebApplicationContext; import org.springframework.web.reactive.DispatcherHandler; import org.springframework.web.reactive.config.EnableWebFlux; +import org.springframework.web.server.ServerWebExchange; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatCode; @@ -280,13 +280,13 @@ public class OAuth2ResourceServerSpecTests { public void getWhenUsingCustomAuthenticationManagerResolverThenUsesItAccordingly() { this.spring.register(CustomAuthenticationManagerResolverConfig.class).autowire(); - ReactiveAuthenticationManagerResolver authenticationManagerResolver = + ReactiveAuthenticationManagerResolver authenticationManagerResolver = this.spring.getContext().getBean(ReactiveAuthenticationManagerResolver.class); ReactiveAuthenticationManager authenticationManager = this.spring.getContext().getBean(ReactiveAuthenticationManager.class); - when(authenticationManagerResolver.resolve(any(ServerHttpRequest.class))) + when(authenticationManagerResolver.resolve(any(ServerWebExchange.class))) .thenReturn(Mono.just(authenticationManager)); when(authenticationManager.authenticate(any(Authentication.class))) .thenReturn(Mono.error(new OAuth2AuthenticationException(new OAuth2Error("mock-failure")))); @@ -697,7 +697,7 @@ public class OAuth2ResourceServerSpecTests { } @Bean - ReactiveAuthenticationManagerResolver authenticationManagerResolver() { + ReactiveAuthenticationManagerResolver authenticationManagerResolver() { return mock(ReactiveAuthenticationManagerResolver.class); } diff --git a/web/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java b/web/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java index 330157ec76..1693381294 100644 --- a/web/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java +++ b/web/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java @@ -17,7 +17,8 @@ package org.springframework.security.web.server.authentication; import java.util.function.Function; -import org.springframework.http.server.reactive.ServerHttpRequest; +import reactor.core.publisher.Mono; + import org.springframework.security.authentication.ReactiveAuthenticationManager; import org.springframework.security.authentication.ReactiveAuthenticationManagerResolver; import org.springframework.security.core.Authentication; @@ -34,8 +35,6 @@ import org.springframework.web.server.ServerWebExchange; import org.springframework.web.server.WebFilter; import org.springframework.web.server.WebFilterChain; -import reactor.core.publisher.Mono; - /** * A {@link WebFilter} that performs authentication of a particular request. An outline of the logic: * @@ -69,7 +68,7 @@ import reactor.core.publisher.Mono; * @since 5.0 */ public class AuthenticationWebFilter implements WebFilter { - private final ReactiveAuthenticationManagerResolver authenticationManagerResolver; + private final ReactiveAuthenticationManagerResolver authenticationManagerResolver; private ServerAuthenticationSuccessHandler authenticationSuccessHandler = new WebFilterChainServerAuthenticationSuccessHandler(); @@ -93,9 +92,9 @@ public class AuthenticationWebFilter implements WebFilter { /** * Creates an instance * @param authenticationManagerResolver the authentication manager resolver to use - * @since 5.2 + * @since 5.3 */ - public AuthenticationWebFilter(ReactiveAuthenticationManagerResolver authenticationManagerResolver) { + public AuthenticationWebFilter(ReactiveAuthenticationManagerResolver authenticationManagerResolver) { Assert.notNull(authenticationManagerResolver, "authenticationResolverManager cannot be null"); this.authenticationManagerResolver = authenticationManagerResolver; } @@ -113,7 +112,7 @@ public class AuthenticationWebFilter implements WebFilter { WebFilterChain chain, Authentication token) { WebFilterExchange webFilterExchange = new WebFilterExchange(exchange, chain); - return this.authenticationManagerResolver.resolve(exchange.getRequest()) + return this.authenticationManagerResolver.resolve(exchange) .flatMap(authenticationManager -> authenticationManager.authenticate(token)) .switchIfEmpty(Mono.defer(() -> Mono.error(new IllegalStateException("No provider found for " + token.getClass())))) .flatMap(authentication -> onAuthenticationSuccess(authentication, webFilterExchange)) diff --git a/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java b/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java index 6ad6333dc7..257e566c39 100644 --- a/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java @@ -23,7 +23,6 @@ import org.mockito.Mock; import org.mockito.junit.MockitoJUnitRunner; import reactor.core.publisher.Mono; -import org.springframework.http.server.reactive.ServerHttpRequest; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.ReactiveAuthenticationManager; import org.springframework.security.authentication.ReactiveAuthenticationManagerResolver; @@ -34,9 +33,15 @@ import org.springframework.security.web.server.context.ServerSecurityContextRepo import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher; import org.springframework.test.web.reactive.server.EntityExchangeResult; import org.springframework.test.web.reactive.server.WebTestClient; +import org.springframework.web.server.ServerWebExchange; import static org.assertj.core.api.Assertions.assertThat; -import static org.mockito.Mockito.*; +import static org.mockito.Mockito.any; +import static org.mockito.Mockito.eq; +import static org.mockito.Mockito.never; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.verifyZeroInteractions; +import static org.mockito.Mockito.when; /** * @author Rob Winch @@ -56,7 +61,7 @@ public class AuthenticationWebFilterTests { @Mock private ServerSecurityContextRepository securityContextRepository; @Mock - private ReactiveAuthenticationManagerResolver authenticationManagerResolver; + private ReactiveAuthenticationManagerResolver authenticationManagerResolver; private AuthenticationWebFilter filter;