GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Add denyAll method in AuthorizePayloadsSpec.Access 

See gh-7437

Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
pull/7451/head
Jesús Ascama 6 years ago
parent
338b637ab5
commit
daf6b53e3a
2 changed files with 23 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
  2. 17
      config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java

6
config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
Unescape View File

@ -104,6 +104,7 @@ import java.util.List; @@ -104,6 +104,7 @@ import java.util.List;
* }
* </pre>
* @author Rob Winch
* @author Jesús Ascama Arias
* @since 5.2
*/
public class RSocketSecurity {
@ -325,6 +326,11 @@ public class RSocketSecurity { @@ -325,6 +326,11 @@ public class RSocketSecurity {
AuthorizePayloadsSpec.this.authzBuilder.add(new PayloadExchangeMatcherEntry<>(this.matcher, authorization));
return AuthorizePayloadsSpec.this;
}
public AuthorizePayloadsSpec denyAll() {
return access((a, ctx) -> Mono
.just(new AuthorizationDecision(false)));
}
}
}

17
config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java
Unescape View File

@ -51,6 +51,7 @@ import static org.assertj.core.api.Assertions.assertThatCode; @@ -51,6 +51,7 @@ import static org.assertj.core.api.Assertions.assertThatCode;
/**
* @author Rob Winch
* @author Jesús Ascama Arias
*/
@ContextConfiguration
@RunWith(SpringRunner.class)
@ -167,6 +168,21 @@ public class RSocketMessageHandlerConnectionITests { @@ -167,6 +168,21 @@ public class RSocketMessageHandlerConnectionITests {
// .isInstanceOf(RejectedSetupException.class);
}
@Test
public void connectionDenied() {
UsernamePasswordMetadata credentials = new UsernamePasswordMetadata("user", "password");
this.requester = requester()
.setupMetadata(credentials, UsernamePasswordMetadata.BASIC_AUTHENTICATION_MIME_TYPE)
.connectTcp(this.server.address().getHostName(), this.server.address().getPort())
.block();
assertThatCode(() -> this.requester.route("prohibit")
.data("data")
.retrieveMono(String.class)
.block())
.isInstanceOf(ApplicationErrorException.class);
}
private RSocketRequester.Builder requester() {
return RSocketRequester.builder()
.rsocketStrategies(this.handler.getRSocketStrategies());
@ -225,6 +241,7 @@ public class RSocketMessageHandlerConnectionITests { @@ -225,6 +241,7 @@ public class RSocketMessageHandlerConnectionITests {
.setup().hasRole("SETUP")
.route("secure.admin.*").hasRole("ADMIN")
.route("secure.**").hasRole("USER")
.route("prohibit").denyAll()
.anyRequest().permitAll()
)
.basicAuthentication(Customizer.withDefaults());

Write Preview
Loading…
Cancel
Save