Add DeferredSecurityContext

Issue gh-12023
This commit is contained in:
Steve Riesenberg
2022-10-17 12:10:03 -05:00
parent cfb7c87dfd
commit c75ca10900
11 changed files with 190 additions and 23 deletions

View File

@@ -76,7 +76,8 @@ class SecurityContextHolderFilterTests {
void doFilterThenSetsAndClearsSecurityContextHolder() throws Exception {
Authentication authentication = TestAuthentication.authenticatedUser();
SecurityContext expectedContext = new SecurityContextImpl(authentication);
given(this.repository.loadContext(this.requestArg.capture())).willReturn(() -> expectedContext);
given(this.repository.loadDeferredContext(this.requestArg.capture()))
.willReturn(new SupplierDeferredSecurityContext(() -> expectedContext, this.strategy));
FilterChain filterChain = (request, response) -> assertThat(SecurityContextHolder.getContext())
.isEqualTo(expectedContext);
@@ -89,7 +90,8 @@ class SecurityContextHolderFilterTests {
void doFilterThenSetsAndClearsSecurityContextHolderStrategy() throws Exception {
Authentication authentication = TestAuthentication.authenticatedUser();
SecurityContext expectedContext = new SecurityContextImpl(authentication);
given(this.repository.loadContext(this.requestArg.capture())).willReturn(() -> expectedContext);
given(this.repository.loadDeferredContext(this.requestArg.capture()))
.willReturn(new SupplierDeferredSecurityContext(() -> expectedContext, this.strategy));
FilterChain filterChain = (request, response) -> {
};

View File

@@ -16,13 +16,11 @@
package org.springframework.security.web.context;
import java.util.function.Supplier;
import javax.servlet.http.HttpServletRequest;
import org.junit.jupiter.api.Test;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.DeferredSecurityContext;
import org.springframework.security.core.context.SecurityContextImpl;
import static org.mockito.ArgumentMatchers.any;
@@ -42,8 +40,8 @@ class SecurityContextRepositoryTests {
@Test
void loadContextHttpRequestResponseHolderWhenInvokeSupplierTwiceThenOnlyInvokesLoadContextOnce() {
given(this.repository.loadContext(any(HttpRequestResponseHolder.class))).willReturn(new SecurityContextImpl());
Supplier<SecurityContext> deferredContext = this.repository.loadContext(mock(HttpServletRequest.class));
verify(this.repository).loadContext(any(HttpServletRequest.class));
DeferredSecurityContext deferredContext = this.repository.loadDeferredContext(mock(HttpServletRequest.class));
verify(this.repository).loadDeferredContext(any(HttpServletRequest.class));
deferredContext.get();
verify(this.repository).loadContext(any(HttpRequestResponseHolder.class));
deferredContext.get();