Use ReactorSecurityContextHolder

Issue gh-4713
This commit is contained in:
Rob Winch
2017-10-25 16:18:27 -05:00
parent 9ea4df5b5d
commit 747473257f
8 changed files with 55 additions and 43 deletions

View File

@@ -25,7 +25,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringRunner;
import reactor.core.publisher.Flux;
@@ -34,8 +34,6 @@ import reactor.test.StepVerifier;
import reactor.test.publisher.TestPublisher;
import reactor.util.context.Context;
import java.util.function.Function;
import static org.mockito.Mockito.*;
/**
@@ -49,10 +47,8 @@ public class EnableReactiveMethodSecurityTests {
ReactiveMessageService delegate;
TestPublisher<String> result = TestPublisher.create();
Function<Context, Context> withAdmin = context -> context.put(Authentication.class, Mono
.just(new TestingAuthenticationToken("admin","password","ROLE_USER", "ROLE_ADMIN")));
Function<Context, Context> withUser = context -> context.put(Authentication.class, Mono
.just(new TestingAuthenticationToken("user","password","ROLE_USER")));
Context withAdmin = ReactiveSecurityContextHolder.withAuthentication(new TestingAuthenticationToken("admin","password","ROLE_USER", "ROLE_ADMIN"));
Context withUser = ReactiveSecurityContextHolder.withAuthentication(new TestingAuthenticationToken("user","password","ROLE_USER"));
@After
public void cleanup() {

View File

@@ -31,6 +31,8 @@ import org.springframework.security.config.test.SpringTestRule;
import org.springframework.security.config.users.ReactiveAuthenticationTestConfiguration;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
import org.springframework.security.core.userdetails.User;
@@ -106,8 +108,8 @@ public class EnableWebFluxSecurityTests {
chain.filter(exchange.mutate().principal(Mono.just(currentPrincipal)).build()),
this.springSecurityFilterChain,
(exchange,chain) ->
Mono.subscriberContext()
.flatMap( c -> c.<Mono<Principal>>get(Authentication.class))
ReactiveSecurityContextHolder.getContext()
.map(SecurityContext::getAuthentication)
.flatMap( principal -> exchange.getResponse()
.writeWith(Mono.just(toDataBuffer(principal.getName()))))
).build();
@@ -126,8 +128,8 @@ public class EnableWebFluxSecurityTests {
WebTestClient client = WebTestClientBuilder.bindToWebFilters(
this.springSecurityFilterChain,
(exchange,chain) ->
Mono.subscriberContext()
.flatMap( c -> c.<Mono<Principal>>get(Authentication.class))
ReactiveSecurityContextHolder.getContext()
.map(SecurityContext::getAuthentication)
.flatMap( principal -> exchange.getResponse()
.writeWith(Mono.just(toDataBuffer(principal.getName()))))
)
@@ -154,8 +156,8 @@ public class EnableWebFluxSecurityTests {
WebTestClient client = WebTestClientBuilder.bindToWebFilters(
this.springSecurityFilterChain,
(exchange,chain) ->
Mono.subscriberContext()
.flatMap( c -> c.<Mono<Principal>>get(Authentication.class))
ReactiveSecurityContextHolder.getContext()
.map(SecurityContext::getAuthentication)
.flatMap( principal -> exchange.getResponse()
.writeWith(Mono.just(toDataBuffer(principal.getName()))))
)