GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Change AuthenticationWebFilter's constructor 

Fixes gh-7872
pull/7937/head
Josh Cummings 6 years ago
parent
7550907e03
commit
cb9fd09150
No known key found for this signature in database
GPG Key ID: 49EF60DD7FF83443
4 changed files with 21 additions and 20 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
  2. 8
      config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java
  3. 13
      web/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java
  4. 11
      web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java

9
config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
Unescape View File

@ -31,8 +31,6 @@ import java.util.UUID;
import java.util.function.Function; import java.util.function.Function;
import java.util.function.Supplier; import java.util.function.Supplier;
import org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository;
import org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
import reactor.util.context.Context; import reactor.util.context.Context;
@ -44,7 +42,6 @@ import org.springframework.core.annotation.AnnotationAwareOrderComparator;
import org.springframework.core.convert.converter.Converter; import org.springframework.core.convert.converter.Converter;
import org.springframework.http.HttpMethod; import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.authentication.DelegatingReactiveAuthenticationManager; import org.springframework.security.authentication.DelegatingReactiveAuthenticationManager;
import org.springframework.security.authentication.ReactiveAuthenticationManager; import org.springframework.security.authentication.ReactiveAuthenticationManager;
@ -1581,7 +1578,7 @@ public class ServerHttpSecurity {
private JwtSpec jwt; private JwtSpec jwt;
private OpaqueTokenSpec opaqueToken; private OpaqueTokenSpec opaqueToken;
private ReactiveAuthenticationManagerResolver<ServerHttpRequest> authenticationManagerResolver; private ReactiveAuthenticationManagerResolver<ServerWebExchange> authenticationManagerResolver;
/** /**
* Configures the {@link ServerAccessDeniedHandler} to use for requests authenticating with * Configures the {@link ServerAccessDeniedHandler} to use for requests authenticating with
@ -1631,10 +1628,10 @@ public class ServerHttpSecurity {
* *
* @param authenticationManagerResolver the {@link ReactiveAuthenticationManagerResolver} * @param authenticationManagerResolver the {@link ReactiveAuthenticationManagerResolver}
* @return the {@link OAuth2ResourceServerSpec} for additional configuration * @return the {@link OAuth2ResourceServerSpec} for additional configuration
* @since 5.2 * @since 5.3
*/ */
public OAuth2ResourceServerSpec authenticationManagerResolver( public OAuth2ResourceServerSpec authenticationManagerResolver(
ReactiveAuthenticationManagerResolver<ServerHttpRequest> authenticationManagerResolver) { ReactiveAuthenticationManagerResolver<ServerWebExchange> authenticationManagerResolver) {
Assert.notNull(authenticationManagerResolver, "authenticationManagerResolver cannot be null"); Assert.notNull(authenticationManagerResolver, "authenticationManagerResolver cannot be null");
this.authenticationManagerResolver = authenticationManagerResolver; this.authenticationManagerResolver = authenticationManagerResolver;
return this; return this;

8
config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java
Unescape View File

@ -49,7 +49,6 @@ import org.springframework.context.annotation.Bean;
import org.springframework.core.convert.converter.Converter; import org.springframework.core.convert.converter.Converter;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.authentication.ReactiveAuthenticationManager; import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.authentication.ReactiveAuthenticationManagerResolver; import org.springframework.security.authentication.ReactiveAuthenticationManagerResolver;
@ -76,6 +75,7 @@ import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.context.support.GenericWebApplicationContext; import org.springframework.web.context.support.GenericWebApplicationContext;
import org.springframework.web.reactive.DispatcherHandler; import org.springframework.web.reactive.DispatcherHandler;
import org.springframework.web.reactive.config.EnableWebFlux; import org.springframework.web.reactive.config.EnableWebFlux;
import org.springframework.web.server.ServerWebExchange;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatCode; import static org.assertj.core.api.Assertions.assertThatCode;
@ -280,13 +280,13 @@ public class OAuth2ResourceServerSpecTests {
public void getWhenUsingCustomAuthenticationManagerResolverThenUsesItAccordingly() { public void getWhenUsingCustomAuthenticationManagerResolverThenUsesItAccordingly() {
this.spring.register(CustomAuthenticationManagerResolverConfig.class).autowire(); this.spring.register(CustomAuthenticationManagerResolverConfig.class).autowire();
ReactiveAuthenticationManagerResolver<ServerHttpRequest> authenticationManagerResolver = ReactiveAuthenticationManagerResolver<ServerWebExchange> authenticationManagerResolver =
this.spring.getContext().getBean(ReactiveAuthenticationManagerResolver.class); this.spring.getContext().getBean(ReactiveAuthenticationManagerResolver.class);
ReactiveAuthenticationManager authenticationManager = ReactiveAuthenticationManager authenticationManager =
this.spring.getContext().getBean(ReactiveAuthenticationManager.class); this.spring.getContext().getBean(ReactiveAuthenticationManager.class);
when(authenticationManagerResolver.resolve(any(ServerHttpRequest.class))) when(authenticationManagerResolver.resolve(any(ServerWebExchange.class)))
.thenReturn(Mono.just(authenticationManager)); .thenReturn(Mono.just(authenticationManager));
when(authenticationManager.authenticate(any(Authentication.class))) when(authenticationManager.authenticate(any(Authentication.class)))
.thenReturn(Mono.error(new OAuth2AuthenticationException(new OAuth2Error("mock-failure")))); .thenReturn(Mono.error(new OAuth2AuthenticationException(new OAuth2Error("mock-failure"))));
@ -697,7 +697,7 @@ public class OAuth2ResourceServerSpecTests {
} }
@Bean @Bean
ReactiveAuthenticationManagerResolver<ServerHttpRequest> authenticationManagerResolver() { ReactiveAuthenticationManagerResolver<ServerWebExchange> authenticationManagerResolver() {
return mock(ReactiveAuthenticationManagerResolver.class); return mock(ReactiveAuthenticationManagerResolver.class);
} }

13
web/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java
Unescape View File

@ -17,7 +17,8 @@ package org.springframework.security.web.server.authentication;
import java.util.function.Function; import java.util.function.Function;
import org.springframework.http.server.reactive.ServerHttpRequest; import reactor.core.publisher.Mono;
import org.springframework.security.authentication.ReactiveAuthenticationManager; import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.authentication.ReactiveAuthenticationManagerResolver; import org.springframework.security.authentication.ReactiveAuthenticationManagerResolver;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
@ -34,8 +35,6 @@ import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter; import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain; import org.springframework.web.server.WebFilterChain;
import reactor.core.publisher.Mono;
/** /**
* A {@link WebFilter} that performs authentication of a particular request. An outline of the logic: * A {@link WebFilter} that performs authentication of a particular request. An outline of the logic:
* *
@ -69,7 +68,7 @@ import reactor.core.publisher.Mono;
* @since 5.0 * @since 5.0
*/ */
public class AuthenticationWebFilter implements WebFilter { public class AuthenticationWebFilter implements WebFilter {
private final ReactiveAuthenticationManagerResolver<ServerHttpRequest> authenticationManagerResolver; private final ReactiveAuthenticationManagerResolver<ServerWebExchange> authenticationManagerResolver;
private ServerAuthenticationSuccessHandler authenticationSuccessHandler = new WebFilterChainServerAuthenticationSuccessHandler(); private ServerAuthenticationSuccessHandler authenticationSuccessHandler = new WebFilterChainServerAuthenticationSuccessHandler();
@ -93,9 +92,9 @@ public class AuthenticationWebFilter implements WebFilter {
/** /**
* Creates an instance * Creates an instance
* @param authenticationManagerResolver the authentication manager resolver to use * @param authenticationManagerResolver the authentication manager resolver to use
* @since 5.2 * @since 5.3
*/ */
public AuthenticationWebFilter(ReactiveAuthenticationManagerResolver<ServerHttpRequest> authenticationManagerResolver) { public AuthenticationWebFilter(ReactiveAuthenticationManagerResolver<ServerWebExchange> authenticationManagerResolver) {
Assert.notNull(authenticationManagerResolver, "authenticationResolverManager cannot be null"); Assert.notNull(authenticationManagerResolver, "authenticationResolverManager cannot be null");
this.authenticationManagerResolver = authenticationManagerResolver; this.authenticationManagerResolver = authenticationManagerResolver;
} }
@ -113,7 +112,7 @@ public class AuthenticationWebFilter implements WebFilter {
WebFilterChain chain, Authentication token) { WebFilterChain chain, Authentication token) {
WebFilterExchange webFilterExchange = new WebFilterExchange(exchange, chain); WebFilterExchange webFilterExchange = new WebFilterExchange(exchange, chain);
return this.authenticationManagerResolver.resolve(exchange.getRequest()) return this.authenticationManagerResolver.resolve(exchange)
.flatMap(authenticationManager -> authenticationManager.authenticate(token)) .flatMap(authenticationManager -> authenticationManager.authenticate(token))
.switchIfEmpty(Mono.defer(() -> Mono.error(new IllegalStateException("No provider found for " + token.getClass())))) .switchIfEmpty(Mono.defer(() -> Mono.error(new IllegalStateException("No provider found for " + token.getClass()))))
.flatMap(authentication -> onAuthenticationSuccess(authentication, webFilterExchange)) .flatMap(authentication -> onAuthenticationSuccess(authentication, webFilterExchange))

11
web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java
Unescape View File

@ -23,7 +23,6 @@ import org.mockito.Mock;
import org.mockito.junit.MockitoJUnitRunner; import org.mockito.junit.MockitoJUnitRunner;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.ReactiveAuthenticationManager; import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.authentication.ReactiveAuthenticationManagerResolver; import org.springframework.security.authentication.ReactiveAuthenticationManagerResolver;
@ -34,9 +33,15 @@ import org.springframework.security.web.server.context.ServerSecurityContextRepo
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher; import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
import org.springframework.test.web.reactive.server.EntityExchangeResult; import org.springframework.test.web.reactive.server.EntityExchangeResult;
import org.springframework.test.web.reactive.server.WebTestClient; import org.springframework.test.web.reactive.server.WebTestClient;
import org.springframework.web.server.ServerWebExchange;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.*; import static org.mockito.Mockito.any;
import static org.mockito.Mockito.eq;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.verifyZeroInteractions;
import static org.mockito.Mockito.when;
/** /**
* @author Rob Winch * @author Rob Winch
@ -56,7 +61,7 @@ public class AuthenticationWebFilterTests {
@Mock @Mock
private ServerSecurityContextRepository securityContextRepository; private ServerSecurityContextRepository securityContextRepository;
@Mock @Mock
private ReactiveAuthenticationManagerResolver<ServerHttpRequest> authenticationManagerResolver; private ReactiveAuthenticationManagerResolver<ServerWebExchange> authenticationManagerResolver;
private AuthenticationWebFilter filter; private AuthenticationWebFilter filter;

Write Preview
Loading…
Cancel
Save