From 0410bac559e45562c5fe262314ec799340a741b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Francesco=20Chicchiricc=C3=B2?= Date: Fri, 9 Aug 2019 10:18:37 +0200 Subject: [PATCH] Add support for oauth2Login().securityContextRepository(...) Fixes gh-7222 --- .../config/web/server/ServerHttpSecurity.java | 17 ++++++++++++++++- .../config/web/server/OAuth2LoginTests.java | 9 ++++++++- 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java index 25c3f2d582..ea806674ee 100644 --- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java +++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java @@ -972,6 +972,8 @@ public class ServerHttpSecurity { private ReactiveAuthenticationManager authenticationManager; + private ServerSecurityContextRepository securityContextRepository = new WebSessionServerSecurityContextRepository(); + private ServerAuthenticationConverter authenticationConverter; private ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver; @@ -993,6 +995,19 @@ public class ServerHttpSecurity { return this; } + /** + * The {@link ServerSecurityContextRepository} used to save the {@code Authentication}. Defaults to + * {@link WebSessionServerSecurityContextRepository}. + * + * @since 5.2 + * @param securityContextRepository the repository to use + * @return the {@link OAuth2LoginSpec} to continue configuring + */ + public OAuth2LoginSpec securityContextRepository(ServerSecurityContextRepository securityContextRepository) { + this.securityContextRepository = securityContextRepository; + return this; + } + /** * The {@link ServerAuthenticationSuccessHandler} used after authentication success. Defaults to * {@link RedirectServerAuthenticationSuccessHandler} redirecting to "/". @@ -1138,7 +1153,7 @@ public class ServerHttpSecurity { authenticationFilter.setAuthenticationSuccessHandler(this.authenticationSuccessHandler); authenticationFilter.setAuthenticationFailureHandler(this.authenticationFailureHandler); - authenticationFilter.setSecurityContextRepository(new WebSessionServerSecurityContextRepository()); + authenticationFilter.setSecurityContextRepository(this.securityContextRepository); MediaTypeServerWebExchangeMatcher htmlMatcher = new MediaTypeServerWebExchangeMatcher( MediaType.TEXT_HTML); diff --git a/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java b/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java index 147a1ea1e2..667d79c010 100644 --- a/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java +++ b/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java @@ -426,6 +426,9 @@ public class OAuth2LoginTests { ServerAuthenticationConverter converter = config.authenticationConverter; when(converter.convert(any())).thenReturn(Mono.just(token)); + ServerSecurityContextRepository securityContextRepository = config.securityContextRepository; + when(securityContextRepository.save(any(), any())).thenReturn(Mono.empty()); + Map additionalParameters = new HashMap<>(); additionalParameters.put(OidcParameterNames.ID_TOKEN, "id-token"); OAuth2AccessTokenResponse accessTokenResponse = OAuth2AccessTokenResponse.withToken(accessToken.getTokenValue()) @@ -447,6 +450,7 @@ public class OAuth2LoginTests { verify(config.jwtDecoderFactory).createDecoder(any()); verify(tokenResponseClient).getTokenResponse(any()); + verify(securityContextRepository).save(any(), any()); } @Configuration @@ -461,6 +465,8 @@ public class OAuth2LoginTests { ReactiveJwtDecoderFactory jwtDecoderFactory = spy(new JwtDecoderFactory()); + ServerSecurityContextRepository securityContextRepository = mock(ServerSecurityContextRepository.class); + @Bean public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) { // @formatter:off @@ -470,7 +476,8 @@ public class OAuth2LoginTests { .and() .oauth2Login() .authenticationConverter(authenticationConverter) - .authenticationManager(authenticationManager()); + .authenticationManager(authenticationManager()) + .securityContextRepository(securityContextRepository); return http.build(); // @formatter:on }