Single ClientRegistration redirects by default

Fixes: gh-5339
This commit is contained in:
Rob Winch
2018-05-14 15:37:02 -05:00
parent f29e4cf91f
commit 32e368d9b7
3 changed files with 93 additions and 33 deletions

View File

@@ -21,29 +21,20 @@ import static org.assertj.core.api.Assertions.assertThat;
import org.junit.Rule;
import org.junit.Test;
import org.openqa.selenium.WebDriver;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
import org.openqa.selenium.support.PageFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.annotation.web.reactive.ServerHttpSecurityConfigurationBuilder;
import org.springframework.security.config.oauth2.client.CommonOAuth2Provider;
import org.springframework.security.config.test.SpringTestRule;
import org.springframework.security.htmlunit.server.WebTestClientHtmlUnitDriverBuilder;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
import org.springframework.security.test.web.reactive.server.WebTestClientBuilder;
import org.springframework.security.web.server.SecurityWebFilterChain;
import org.springframework.security.web.server.WebFilterChainProxy;
import org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler;
import org.springframework.security.web.server.csrf.CsrfToken;
import org.springframework.stereotype.Controller;
import org.springframework.test.web.reactive.server.WebTestClient;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import reactor.core.publisher.Mono;
@@ -59,7 +50,7 @@ public class OAuth2LoginTests {
@Autowired
private WebFilterChainProxy springSecurity;
private ClientRegistration github = CommonOAuth2Provider.GITHUB
private static ClientRegistration github = CommonOAuth2Provider.GITHUB
.getBuilder("github")
.clientId("client")
.clientSecret("secret")
@@ -90,11 +81,6 @@ public class OAuth2LoginTests {
static class OAuth2LoginWithMulitpleClientRegistrations {
@Bean
InMemoryReactiveClientRegistrationRepository clientRegistrationRepository() {
ClientRegistration github = CommonOAuth2Provider.GITHUB
.getBuilder("github")
.clientId("client")
.clientSecret("secret")
.build();
ClientRegistration google = CommonOAuth2Provider.GOOGLE
.getBuilder("google")
.clientId("client")
@@ -103,4 +89,40 @@ public class OAuth2LoginTests {
return new InMemoryReactiveClientRegistrationRepository(github, google);
}
}
@Test
public void defaultLoginPageWithSingleClientRegistrationThenRedirect() {
this.spring.register(OAuth2LoginWithSingleClientRegistrations.class).autowire();
WebTestClient webTestClient = WebTestClientBuilder
.bindToWebFilters(new GitHubWebFilter(), this.springSecurity)
.build();
WebDriver driver = WebTestClientHtmlUnitDriverBuilder
.webTestClientSetup(webTestClient)
.build();
driver.get("http://localhost/");
assertThat(driver.getCurrentUrl()).startsWith("https://github.com/login/oauth/authorize");
}
@EnableWebFluxSecurity
static class OAuth2LoginWithSingleClientRegistrations {
@Bean
InMemoryReactiveClientRegistrationRepository clientRegistrationRepository() {
return new InMemoryReactiveClientRegistrationRepository(github);
}
}
static class GitHubWebFilter implements WebFilter {
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
if (exchange.getRequest().getURI().getHost().equals("github.com")) {
return exchange.getResponse().setComplete();
}
return chain.filter(exchange);
}
}
}

View File

@@ -151,8 +151,14 @@ final class HtmlUnitWebTestClient {
private Mono<ClientResponse> redirectIfNecessary(ClientRequest request, ExchangeFunction next, ClientResponse response) {
URI location = response.headers().asHttpHeaders().getLocation();
String host = request.url().getHost();
String scheme = request.url().getScheme();
if(location != null) {
ClientRequest redirect = ClientRequest.method(HttpMethod.GET, URI.create("http://localhost" + location.toASCIIString()))
String redirectUrl = location.toASCIIString();
if (location.getHost() == null) {
redirectUrl = scheme+ "://" + host + location.toASCIIString();
}
ClientRequest redirect = ClientRequest.method(HttpMethod.GET, URI.create(redirectUrl))
.headers(headers -> headers.addAll(request.headers()))
.cookies(cookies -> cookies.addAll(request.cookies()))
.attributes(attributes -> attributes.putAll(request.attributes()))