Add UsernamePasswordAuthenticationToken factory methods
- unauthenticated factory method - authenticated factory method - test for unauthenticated factory method - test for authenticated factory method - make existing constructor protected - use newly factory methods in rest of the project - update copyright dates Closes gh-10790
This commit is contained in:
committed by
Josh Cummings
parent
d2f24ae5f5
commit
ac9c29b2a0
@@ -475,7 +475,7 @@ public class AbstractAuthenticationProcessingFilterTests {
|
||||
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
|
||||
throws AuthenticationException {
|
||||
if (this.grantAccess) {
|
||||
return new UsernamePasswordAuthenticationToken("test", "test",
|
||||
return UsernamePasswordAuthenticationToken.authenticated("test", "test",
|
||||
AuthorityUtils.createAuthorityList("TEST"));
|
||||
}
|
||||
else {
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
* Copyright 2002-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -280,8 +280,8 @@ public class AbstractPreAuthenticatedProcessingFilterTests {
|
||||
@Test
|
||||
public void requiresAuthenticationFalsePrincipalUser() throws Exception {
|
||||
User currentPrincipal = new User("user", "password", AuthorityUtils.createAuthorityList("ROLE_USER"));
|
||||
UsernamePasswordAuthenticationToken currentAuthentication = new UsernamePasswordAuthenticationToken(
|
||||
currentPrincipal, currentPrincipal.getPassword(), currentPrincipal.getAuthorities());
|
||||
UsernamePasswordAuthenticationToken currentAuthentication = UsernamePasswordAuthenticationToken
|
||||
.authenticated(currentPrincipal, currentPrincipal.getPassword(), currentPrincipal.getAuthorities());
|
||||
SecurityContextHolder.getContext().setAuthentication(currentAuthentication);
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
* Copyright 2002-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -46,7 +46,7 @@ public class PreAuthenticatedAuthenticationProviderTests {
|
||||
public final void authenticateInvalidToken() throws Exception {
|
||||
UserDetails ud = new User("dummyUser", "dummyPwd", true, true, true, true, AuthorityUtils.NO_AUTHORITIES);
|
||||
PreAuthenticatedAuthenticationProvider provider = getProvider(ud);
|
||||
Authentication request = new UsernamePasswordAuthenticationToken("dummyUser", "dummyPwd");
|
||||
Authentication request = UsernamePasswordAuthenticationToken.unauthenticated("dummyUser", "dummyPwd");
|
||||
Authentication result = provider.authenticate(request);
|
||||
assertThat(result).isNull();
|
||||
}
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2020 the original author or authors.
|
||||
* Copyright 2002-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -287,7 +287,7 @@ public class AbstractRememberMeServicesTests {
|
||||
MockRememberMeServices services = new MockRememberMeServices(this.uds);
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
Authentication auth = new UsernamePasswordAuthenticationToken("joe", "password");
|
||||
Authentication auth = UsernamePasswordAuthenticationToken.unauthenticated("joe", "password");
|
||||
// No parameter set
|
||||
services.loginSuccess(request, response, auth);
|
||||
assertThat(services.loginSuccessCalled).isFalse();
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2017 the original author or authors.
|
||||
* Copyright 2002-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -108,7 +108,7 @@ public class PersistentTokenBasedRememberMeServicesTests {
|
||||
this.services.setSeriesLength(12);
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
this.services.loginSuccess(new MockHttpServletRequest(), response,
|
||||
new UsernamePasswordAuthenticationToken("joe", "password"));
|
||||
UsernamePasswordAuthenticationToken.unauthenticated("joe", "password"));
|
||||
assertThat(this.repo.getStoredToken().getSeries().length()).isEqualTo(16);
|
||||
assertThat(this.repo.getStoredToken().getTokenValue().length()).isEqualTo(16);
|
||||
String[] cookie = this.services.decodeCookie(response.getCookie("mycookiename").getValue());
|
||||
|
||||
@@ -66,7 +66,8 @@ public class SwitchUserFilterTests {
|
||||
|
||||
@BeforeEach
|
||||
public void authenticateCurrentUser() {
|
||||
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("dano", "hawaii50");
|
||||
UsernamePasswordAuthenticationToken auth = UsernamePasswordAuthenticationToken.unauthenticated("dano",
|
||||
"hawaii50");
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
}
|
||||
|
||||
@@ -278,14 +279,14 @@ public class SwitchUserFilterTests {
|
||||
@Test
|
||||
public void exitUserJackLordToDanoSucceeds() throws Exception {
|
||||
// original user
|
||||
UsernamePasswordAuthenticationToken source = new UsernamePasswordAuthenticationToken("dano", "hawaii50",
|
||||
ROLES_12);
|
||||
UsernamePasswordAuthenticationToken source = UsernamePasswordAuthenticationToken.authenticated("dano",
|
||||
"hawaii50", ROLES_12);
|
||||
// set current user (Admin)
|
||||
List<GrantedAuthority> adminAuths = new ArrayList<>();
|
||||
adminAuths.addAll(ROLES_12);
|
||||
adminAuths.add(new SwitchUserGrantedAuthority("PREVIOUS_ADMINISTRATOR", source));
|
||||
UsernamePasswordAuthenticationToken admin = new UsernamePasswordAuthenticationToken("jacklord", "hawaii50",
|
||||
adminAuths);
|
||||
UsernamePasswordAuthenticationToken admin = UsernamePasswordAuthenticationToken.authenticated("jacklord",
|
||||
"hawaii50", adminAuths);
|
||||
SecurityContextHolder.getContext().setAuthentication(admin);
|
||||
MockHttpServletRequest request = createMockSwitchRequest();
|
||||
request.setRequestURI("/logout/impersonate");
|
||||
@@ -343,7 +344,8 @@ public class SwitchUserFilterTests {
|
||||
@Test
|
||||
public void redirectOmitsContextPathIfUseRelativeContextSet() throws Exception {
|
||||
// set current user
|
||||
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("dano", "hawaii50");
|
||||
UsernamePasswordAuthenticationToken auth = UsernamePasswordAuthenticationToken.unauthenticated("dano",
|
||||
"hawaii50");
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
MockHttpServletRequest request = createMockSwitchRequest();
|
||||
request.setContextPath("/webapp");
|
||||
@@ -368,7 +370,8 @@ public class SwitchUserFilterTests {
|
||||
@Test
|
||||
public void testSwitchRequestFromDanoToJackLord() throws Exception {
|
||||
// set current user
|
||||
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("dano", "hawaii50");
|
||||
UsernamePasswordAuthenticationToken auth = UsernamePasswordAuthenticationToken.unauthenticated("dano",
|
||||
"hawaii50");
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
// http request
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
@@ -395,7 +398,8 @@ public class SwitchUserFilterTests {
|
||||
|
||||
@Test
|
||||
public void modificationOfAuthoritiesWorks() {
|
||||
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("dano", "hawaii50");
|
||||
UsernamePasswordAuthenticationToken auth = UsernamePasswordAuthenticationToken.unauthenticated("dano",
|
||||
"hawaii50");
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
|
||||
@@ -416,8 +420,8 @@ public class SwitchUserFilterTests {
|
||||
@Test
|
||||
public void nestedSwitchesAreNotAllowed() {
|
||||
// original user
|
||||
UsernamePasswordAuthenticationToken source = new UsernamePasswordAuthenticationToken("orig", "hawaii50",
|
||||
ROLES_12);
|
||||
UsernamePasswordAuthenticationToken source = UsernamePasswordAuthenticationToken.authenticated("orig",
|
||||
"hawaii50", ROLES_12);
|
||||
SecurityContextHolder.getContext().setAuthentication(source);
|
||||
SecurityContextHolder.getContext().setAuthentication(switchToUser("jacklord"));
|
||||
Authentication switched = switchToUser("dano");
|
||||
@@ -444,8 +448,8 @@ public class SwitchUserFilterTests {
|
||||
public void switchAuthorityRoleCanBeChanged() {
|
||||
String switchAuthorityRole = "PREVIOUS_ADMINISTRATOR";
|
||||
// original user
|
||||
UsernamePasswordAuthenticationToken source = new UsernamePasswordAuthenticationToken("orig", "hawaii50",
|
||||
ROLES_12);
|
||||
UsernamePasswordAuthenticationToken source = UsernamePasswordAuthenticationToken.authenticated("orig",
|
||||
"hawaii50", ROLES_12);
|
||||
SecurityContextHolder.getContext().setAuthentication(source);
|
||||
SecurityContextHolder.getContext().setAuthentication(switchToUser("jacklord"));
|
||||
Authentication switched = switchToUserWithAuthorityRole("dano", switchAuthorityRole);
|
||||
|
||||
@@ -67,9 +67,10 @@ public class BasicAuthenticationFilterTests {
|
||||
@BeforeEach
|
||||
public void setUp() {
|
||||
SecurityContextHolder.clearContext();
|
||||
UsernamePasswordAuthenticationToken rodRequest = new UsernamePasswordAuthenticationToken("rod", "koala");
|
||||
UsernamePasswordAuthenticationToken rodRequest = UsernamePasswordAuthenticationToken.unauthenticated("rod",
|
||||
"koala");
|
||||
rodRequest.setDetails(new WebAuthenticationDetails(new MockHttpServletRequest()));
|
||||
Authentication rod = new UsernamePasswordAuthenticationToken("rod", "koala",
|
||||
Authentication rod = UsernamePasswordAuthenticationToken.authenticated("rod", "koala",
|
||||
AuthorityUtils.createAuthorityList("ROLE_1"));
|
||||
this.manager = mock(AuthenticationManager.class);
|
||||
given(this.manager.authenticate(rodRequest)).willReturn(rod);
|
||||
@@ -274,9 +275,10 @@ public class BasicAuthenticationFilterTests {
|
||||
@Test
|
||||
public void doFilterWhenTokenAndFilterCharsetMatchDefaultThenAuthenticated() throws Exception {
|
||||
SecurityContextHolder.clearContext();
|
||||
UsernamePasswordAuthenticationToken rodRequest = new UsernamePasswordAuthenticationToken("rod", "äöü");
|
||||
UsernamePasswordAuthenticationToken rodRequest = UsernamePasswordAuthenticationToken.unauthenticated("rod",
|
||||
"äöü");
|
||||
rodRequest.setDetails(new WebAuthenticationDetails(new MockHttpServletRequest()));
|
||||
Authentication rod = new UsernamePasswordAuthenticationToken("rod", "äöü",
|
||||
Authentication rod = UsernamePasswordAuthenticationToken.authenticated("rod", "äöü",
|
||||
AuthorityUtils.createAuthorityList("ROLE_1"));
|
||||
this.manager = mock(AuthenticationManager.class);
|
||||
given(this.manager.authenticate(rodRequest)).willReturn(rod);
|
||||
@@ -301,9 +303,10 @@ public class BasicAuthenticationFilterTests {
|
||||
@Test
|
||||
public void doFilterWhenTokenAndFilterCharsetMatchNonDefaultThenAuthenticated() throws Exception {
|
||||
SecurityContextHolder.clearContext();
|
||||
UsernamePasswordAuthenticationToken rodRequest = new UsernamePasswordAuthenticationToken("rod", "äöü");
|
||||
UsernamePasswordAuthenticationToken rodRequest = UsernamePasswordAuthenticationToken.unauthenticated("rod",
|
||||
"äöü");
|
||||
rodRequest.setDetails(new WebAuthenticationDetails(new MockHttpServletRequest()));
|
||||
Authentication rod = new UsernamePasswordAuthenticationToken("rod", "äöü",
|
||||
Authentication rod = UsernamePasswordAuthenticationToken.authenticated("rod", "äöü",
|
||||
AuthorityUtils.createAuthorityList("ROLE_1"));
|
||||
this.manager = mock(AuthenticationManager.class);
|
||||
given(this.manager.authenticate(rodRequest)).willReturn(rod);
|
||||
@@ -329,9 +332,10 @@ public class BasicAuthenticationFilterTests {
|
||||
@Test
|
||||
public void doFilterWhenTokenAndFilterCharsetDoNotMatchThenUnauthorized() throws Exception {
|
||||
SecurityContextHolder.clearContext();
|
||||
UsernamePasswordAuthenticationToken rodRequest = new UsernamePasswordAuthenticationToken("rod", "äöü");
|
||||
UsernamePasswordAuthenticationToken rodRequest = UsernamePasswordAuthenticationToken.unauthenticated("rod",
|
||||
"äöü");
|
||||
rodRequest.setDetails(new WebAuthenticationDetails(new MockHttpServletRequest()));
|
||||
Authentication rod = new UsernamePasswordAuthenticationToken("rod", "äöü",
|
||||
Authentication rod = UsernamePasswordAuthenticationToken.authenticated("rod", "äöü",
|
||||
AuthorityUtils.createAuthorityList("ROLE_1"));
|
||||
this.manager = mock(AuthenticationManager.class);
|
||||
given(this.manager.authenticate(rodRequest)).willReturn(rod);
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2021 the original author or authors.
|
||||
* Copyright 2002-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -728,7 +728,7 @@ public class HttpSessionSecurityContextRepositoryTests {
|
||||
}
|
||||
|
||||
private SecurityContext createSecurityContext(UserDetails userDetails) {
|
||||
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(userDetails,
|
||||
UsernamePasswordAuthenticationToken token = UsernamePasswordAuthenticationToken.authenticated(userDetails,
|
||||
userDetails.getPassword(), userDetails.getAuthorities());
|
||||
SecurityContext securityContext = new SecurityContextImpl(token);
|
||||
return securityContext;
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2020 the original author or authors.
|
||||
* Copyright 2002-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -110,7 +110,7 @@ public class SwitchUserWebFilterTests {
|
||||
final MockServerWebExchange exchange = MockServerWebExchange
|
||||
.from(MockServerHttpRequest.post("/login/impersonate?username={targetUser}", targetUsername));
|
||||
final WebFilterChain chain = mock(WebFilterChain.class);
|
||||
final Authentication originalAuthentication = new UsernamePasswordAuthenticationToken("principal",
|
||||
final Authentication originalAuthentication = UsernamePasswordAuthenticationToken.unauthenticated("principal",
|
||||
"credentials");
|
||||
final SecurityContextImpl securityContext = new SecurityContextImpl(originalAuthentication);
|
||||
given(this.userDetailsService.findByUsername(targetUsername)).willReturn(Mono.just(switchUserDetails));
|
||||
@@ -143,12 +143,12 @@ public class SwitchUserWebFilterTests {
|
||||
|
||||
@Test
|
||||
public void switchUserWhenUserAlreadySwitchedThenExitSwitchAndSwitchAgain() {
|
||||
final Authentication originalAuthentication = new UsernamePasswordAuthenticationToken("origPrincipal",
|
||||
"origCredentials");
|
||||
final Authentication originalAuthentication = UsernamePasswordAuthenticationToken
|
||||
.unauthenticated("origPrincipal", "origCredentials");
|
||||
final GrantedAuthority switchAuthority = new SwitchUserGrantedAuthority(
|
||||
SwitchUserWebFilter.ROLE_PREVIOUS_ADMINISTRATOR, originalAuthentication);
|
||||
final Authentication switchUserAuthentication = new UsernamePasswordAuthenticationToken("switchPrincipal",
|
||||
"switchCredentials", Collections.singleton(switchAuthority));
|
||||
final Authentication switchUserAuthentication = UsernamePasswordAuthenticationToken
|
||||
.authenticated("switchPrincipal", "switchCredentials", Collections.singleton(switchAuthority));
|
||||
final SecurityContextImpl securityContext = new SecurityContextImpl(switchUserAuthentication);
|
||||
final String targetUsername = "newSwitchPrincipal";
|
||||
final MockServerWebExchange exchange = MockServerWebExchange
|
||||
@@ -228,12 +228,12 @@ public class SwitchUserWebFilterTests {
|
||||
public void exitSwitchThenReturnToOriginalAuthentication() {
|
||||
final MockServerWebExchange exchange = MockServerWebExchange
|
||||
.from(MockServerHttpRequest.post("/logout/impersonate"));
|
||||
final Authentication originalAuthentication = new UsernamePasswordAuthenticationToken("origPrincipal",
|
||||
"origCredentials");
|
||||
final Authentication originalAuthentication = UsernamePasswordAuthenticationToken
|
||||
.unauthenticated("origPrincipal", "origCredentials");
|
||||
final GrantedAuthority switchAuthority = new SwitchUserGrantedAuthority(
|
||||
SwitchUserWebFilter.ROLE_PREVIOUS_ADMINISTRATOR, originalAuthentication);
|
||||
final Authentication switchUserAuthentication = new UsernamePasswordAuthenticationToken("switchPrincipal",
|
||||
"switchCredentials", Collections.singleton(switchAuthority));
|
||||
final Authentication switchUserAuthentication = UsernamePasswordAuthenticationToken
|
||||
.authenticated("switchPrincipal", "switchCredentials", Collections.singleton(switchAuthority));
|
||||
final WebFilterChain chain = mock(WebFilterChain.class);
|
||||
final SecurityContextImpl securityContext = new SecurityContextImpl(switchUserAuthentication);
|
||||
given(this.serverSecurityContextRepository.save(eq(exchange), any(SecurityContext.class)))
|
||||
@@ -259,8 +259,8 @@ public class SwitchUserWebFilterTests {
|
||||
public void exitSwitchWhenUserNotSwitchedThenThrowError() {
|
||||
final MockServerWebExchange exchange = MockServerWebExchange
|
||||
.from(MockServerHttpRequest.post("/logout/impersonate"));
|
||||
final Authentication originalAuthentication = new UsernamePasswordAuthenticationToken("origPrincipal",
|
||||
"origCredentials");
|
||||
final Authentication originalAuthentication = UsernamePasswordAuthenticationToken
|
||||
.unauthenticated("origPrincipal", "origCredentials");
|
||||
final WebFilterChain chain = mock(WebFilterChain.class);
|
||||
final SecurityContextImpl securityContext = new SecurityContextImpl(originalAuthentication);
|
||||
assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class).isThrownBy(() -> {
|
||||
|
||||
Reference in New Issue
Block a user