Add AuthenticationReactorContextFilter

Fixes gh-4501
This commit is contained in:
Rob Winch
2017-08-14 15:55:29 -05:00
parent e16b8e7976
commit b0b9b32c0c
4 changed files with 202 additions and 1 deletions

View File

@@ -25,7 +25,11 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DefaultDataBufferFactory;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.config.web.server.HttpSecurity;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.MapUserDetailsRepository;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsRepository;
@@ -35,8 +39,14 @@ import org.springframework.security.web.server.WebFilterChainFilter;
import org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.web.reactive.server.WebTestClient;
import reactor.core.publisher.Mono;
import static org.mockito.Mockito.mock;
import java.nio.charset.StandardCharsets;
import java.security.Principal;
import static org.assertj.core.api.Assertions.assertThat;
import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.Credentials.basicAuthenticationCredentials;
import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.basicAuthentication;
/**
* @author Rob Winch
@@ -60,6 +70,50 @@ public class EnableWebFluxSecurityTests {
.expectBody().isEmpty();
}
@Test
public void defaultPopulatesReactorContext() {
Principal currentPrincipal = new TestingAuthenticationToken("user", "password", "ROLE_USER");
WebTestClient client = WebTestClientBuilder.bindToWebFilters(
(exchange, chain) ->
chain.filter(exchange.mutate().principal(Mono.just(currentPrincipal)).build()),
springSecurityFilterChain,
(exchange,chain) ->
Mono.currentContext()
.flatMap( c -> c.<Mono<Principal>>get(Authentication.class))
.flatMap( principal -> exchange.getResponse()
.writeWith(Mono.just(toDataBuffer(principal.getName()))))
).build();
client
.get()
.uri("/")
.exchange()
.expectStatus().isOk()
.expectBody(String.class).consumeWith( result -> assertThat(result.getResponseBody()).isEqualTo(currentPrincipal.getName()));
}
@Test
public void defaultPopulatesReactorContextWhenAuthenticating() {
WebTestClient client = WebTestClientBuilder.bindToWebFilters(
springSecurityFilterChain,
(exchange,chain) ->
Mono.currentContext()
.flatMap( c -> c.<Mono<Principal>>get(Authentication.class))
.flatMap( principal -> exchange.getResponse()
.writeWith(Mono.just(toDataBuffer(principal.getName()))))
)
.filter(basicAuthentication())
.build();
client
.get()
.uri("/")
.attributes(basicAuthenticationCredentials("user","password"))
.exchange()
.expectStatus().isOk()
.expectBody(String.class).consumeWith( result -> assertThat(result.getResponseBody()).isEqualTo("user"));
}
@EnableWebFluxSecurity
static class Config {
@Bean
@@ -121,4 +175,10 @@ public class EnableWebFluxSecurityTests {
}
}
}
private static DataBuffer toDataBuffer(String body) {
DataBuffer buffer = new DefaultDataBufferFactory().allocateBuffer();
buffer.write(body.getBytes(StandardCharsets.UTF_8));
return buffer;
}
}