Add ServerAuthenticationConverter interface

- Adding an ServerAuthenticationConverter interface
- Retro-fitting ServerOAuth2LoginAuthenticationTokenConverter,
 ServerBearerTokenAuthentivationConverter, ServerFormLoginAuthenticationConverter,
 and ServerHttpBasicAuthenticationConverter to implement ServerAuthenticationConverter
- Deprecate existing AuthenticationWebFilter.setAuthenticationConverter
and add overloaded one which takes ServerAuthenticationConverter

Fixes gh-5338
This commit is contained in:
Eric Deandrea
2018-08-17 18:53:28 -04:00
committed by Rob Winch
parent 34c8d66017
commit b6afe66d32
11 changed files with 88 additions and 44 deletions

View File

@@ -55,7 +55,7 @@ public class ServerFormLoginAuthenticationConverterTests {
this.data.add("username", username);
this.data.add("password", password);
Authentication authentication = this.converter.apply(this.exchange).block();
Authentication authentication = this.converter.convert(this.exchange).block();
assertThat(authentication.getName()).isEqualTo(username);
assertThat(authentication.getCredentials()).isEqualTo(password);
@@ -73,7 +73,7 @@ public class ServerFormLoginAuthenticationConverterTests {
this.data.add(usernameParameter, username);
this.data.add(passwordParameter, password);
Authentication authentication = this.converter.apply(this.exchange).block();
Authentication authentication = this.converter.convert(this.exchange).block();
assertThat(authentication.getName()).isEqualTo(username);
assertThat(authentication.getCredentials()).isEqualTo(password);
@@ -82,7 +82,7 @@ public class ServerFormLoginAuthenticationConverterTests {
@Test
public void applyWhenNoDataThenCreatesTokenSuccess() {
Authentication authentication = this.converter.apply(this.exchange).block();
Authentication authentication = this.converter.convert(this.exchange).block();
assertThat(authentication.getName()).isNullOrEmpty();
assertThat(authentication.getCredentials()).isNull();

View File

@@ -96,6 +96,6 @@ public class ServerHttpBasicAuthenticationConverterTests {
}
private Mono<Authentication> apply(MockServerHttpRequest.BaseBuilder<?> request) {
return this.converter.apply(MockServerWebExchange.from(this.request.build()));
return this.converter.convert(MockServerWebExchange.from(this.request.build()));
}
}

View File

@@ -16,8 +16,6 @@
package org.springframework.security.web.server.authentication;
import java.util.function.Function;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -34,16 +32,11 @@ import org.springframework.security.web.server.context.ServerSecurityContextRepo
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
import org.springframework.test.web.reactive.server.EntityExchangeResult;
import org.springframework.test.web.reactive.server.WebTestClient;
import org.springframework.web.server.ServerWebExchange;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Matchers.any;
import static org.mockito.Matchers.eq;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.verifyZeroInteractions;
import static org.mockito.Mockito.when;
import static org.mockito.Mockito.*;
/**
* @author Rob Winch
@@ -54,7 +47,7 @@ public class AuthenticationWebFilterTests {
@Mock
private ServerAuthenticationSuccessHandler successHandler;
@Mock
private Function<ServerWebExchange, Mono<Authentication>> authenticationConverter;
private ServerAuthenticationConverter authenticationConverter;
@Mock
private ReactiveAuthenticationManager authenticationManager;
@Mock
@@ -136,7 +129,7 @@ public class AuthenticationWebFilterTests {
@Test
public void filterWhenConvertEmptyThenOk() {
when(this.authenticationConverter.apply(any())).thenReturn(Mono.empty());
when(this.authenticationConverter.convert(any())).thenReturn(Mono.empty());
WebTestClient client = WebTestClientBuilder
.bindToWebFilters(this.filter)
@@ -157,7 +150,7 @@ public class AuthenticationWebFilterTests {
@Test
public void filterWhenConvertErrorThenServerError() {
when(this.authenticationConverter.apply(any())).thenReturn(Mono.error(new RuntimeException("Unexpected")));
when(this.authenticationConverter.convert(any())).thenReturn(Mono.error(new RuntimeException("Unexpected")));
WebTestClient client = WebTestClientBuilder
.bindToWebFilters(this.filter)
@@ -178,7 +171,7 @@ public class AuthenticationWebFilterTests {
@Test
public void filterWhenConvertAndAuthenticationSuccessThenSuccess() {
Mono<Authentication> authentication = Mono.just(new TestingAuthenticationToken("test", "this", "ROLE_USER"));
when(this.authenticationConverter.apply(any())).thenReturn(authentication);
when(this.authenticationConverter.convert(any())).thenReturn(authentication);
when(this.authenticationManager.authenticate(any())).thenReturn(authentication);
when(this.successHandler.onAuthenticationSuccess(any(), any())).thenReturn(Mono.empty());
when(this.securityContextRepository.save(any(), any())).thenAnswer( a -> Mono.just(a.getArguments()[0]));
@@ -203,7 +196,7 @@ public class AuthenticationWebFilterTests {
@Test
public void filterWhenConvertAndAuthenticationEmptyThenServerError() {
Mono<Authentication> authentication = Mono.just(new TestingAuthenticationToken("test", "this", "ROLE_USER"));
when(this.authenticationConverter.apply(any())).thenReturn(authentication);
when(this.authenticationConverter.convert(any())).thenReturn(authentication);
when(this.authenticationManager.authenticate(any())).thenReturn(Mono.empty());
WebTestClient client = WebTestClientBuilder
@@ -245,7 +238,7 @@ public class AuthenticationWebFilterTests {
@Test
public void filterWhenConvertAndAuthenticationFailThenEntryPoint() {
Mono<Authentication> authentication = Mono.just(new TestingAuthenticationToken("test", "this", "ROLE_USER"));
when(this.authenticationConverter.apply(any())).thenReturn(authentication);
when(this.authenticationConverter.convert(any())).thenReturn(authentication);
when(this.authenticationManager.authenticate(any())).thenReturn(Mono.error(new BadCredentialsException("Failed")));
when(this.failureHandler.onAuthenticationFailure(any(), any())).thenReturn(Mono.empty());
@@ -268,7 +261,7 @@ public class AuthenticationWebFilterTests {
@Test
public void filterWhenConvertAndAuthenticationExceptionThenServerError() {
Mono<Authentication> authentication = Mono.just(new TestingAuthenticationToken("test", "this", "ROLE_USER"));
when(this.authenticationConverter.apply(any())).thenReturn(authentication);
when(this.authenticationConverter.convert(any())).thenReturn(authentication);
when(this.authenticationManager.authenticate(any())).thenReturn(Mono.error(new RuntimeException("Failed")));
WebTestClient client = WebTestClientBuilder