Cwikius-Spring
/
Spring-Security-Samples
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix muti-tenancy whitespace

This commit is contained in:
Rob Winch 2020-08-27 14:19:55 -05:00
parent 14b32590e9
commit 80f17ae566
6 changed files with 27 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
servlet/spring-boot/java/oauth2/resource-server/multi-tenancy/src/integTest/java/example/OAuth2ResourceServerApplicationITests.java
View File

@ -55,8 +55,7 @@ public class OAuth2ResourceServerApplicationITests {
MockMvc mvc; MockMvc mvc;
@Test @Test
void tenantOnePerformWhenValidBearerTokenThenAllows() void tenantOnePerformWhenValidBearerTokenThenAllows() throws Exception {
throws Exception {
// @formatter:off // @formatter:off
this.mvc.perform(get("/tenantOne").with(bearerToken(this.tenantOneNoScopesToken))) this.mvc.perform(get("/tenantOne").with(bearerToken(this.tenantOneNoScopesToken)))
@ -66,8 +65,7 @@ public class OAuth2ResourceServerApplicationITests {
} }
@Test @Test
void tenantOnePerformWhenValidBearerTokenWithServletPathThenAllows() void tenantOnePerformWhenValidBearerTokenWithServletPathThenAllows() throws Exception {
throws Exception {
// @formatter:off // @formatter:off
this.mvc.perform(get("/tenantOne").servletPath("/tenantOne").with(bearerToken(this.tenantOneNoScopesToken))) this.mvc.perform(get("/tenantOne").servletPath("/tenantOne").with(bearerToken(this.tenantOneNoScopesToken)))
@ -79,8 +77,7 @@ public class OAuth2ResourceServerApplicationITests {
// -- tests with scopes // -- tests with scopes
@Test @Test
void tenantOnePerformWhenValidBearerTokenThenScopedRequestsAlsoWork() void tenantOnePerformWhenValidBearerTokenThenScopedRequestsAlsoWork() throws Exception {
throws Exception {
// @formatter:off // @formatter:off
this.mvc.perform(get("/tenantOne/message").with(bearerToken(this.tenantOneMessageReadToken))) this.mvc.perform(get("/tenantOne/message").with(bearerToken(this.tenantOneMessageReadToken)))
@ -90,8 +87,7 @@ public class OAuth2ResourceServerApplicationITests {
} }
@Test @Test
void tenantOnePerformWhenInsufficientlyScopedBearerTokenThenDeniesScopedMethodAccess() void tenantOnePerformWhenInsufficientlyScopedBearerTokenThenDeniesScopedMethodAccess() throws Exception {
throws Exception {
// @formatter:off // @formatter:off
this.mvc.perform(get("/tenantOne/message").with(bearerToken(this.tenantOneNoScopesToken))) this.mvc.perform(get("/tenantOne/message").with(bearerToken(this.tenantOneNoScopesToken)))
@ -102,8 +98,7 @@ public class OAuth2ResourceServerApplicationITests {
} }
@Test @Test
void tenantTwoPerformWhenValidBearerTokenThenAllows() void tenantTwoPerformWhenValidBearerTokenThenAllows() throws Exception {
throws Exception {
// @formatter:off // @formatter:off
this.mvc.perform(get("/tenantTwo").with(bearerToken(this.tenantTwoNoScopesToken))) this.mvc.perform(get("/tenantTwo").with(bearerToken(this.tenantTwoNoScopesToken)))
@ -115,8 +110,7 @@ public class OAuth2ResourceServerApplicationITests {
// -- tests with scopes // -- tests with scopes
@Test @Test
void tenantTwoPerformWhenValidBearerTokenThenScopedRequestsAlsoWork() void tenantTwoPerformWhenValidBearerTokenThenScopedRequestsAlsoWork() throws Exception {
throws Exception {
// @formatter:off // @formatter:off
this.mvc.perform(get("/tenantTwo/message").with(bearerToken(this.tenantTwoMessageReadToken))) this.mvc.perform(get("/tenantTwo/message").with(bearerToken(this.tenantTwoMessageReadToken)))
@ -126,8 +120,7 @@ public class OAuth2ResourceServerApplicationITests {
} }
@Test @Test
void tenantTwoPerformWhenInsufficientlyScopedBearerTokenThenDeniesScopedMethodAccess() void tenantTwoPerformWhenInsufficientlyScopedBearerTokenThenDeniesScopedMethodAccess() throws Exception {
throws Exception {
// @formatter:off // @formatter:off
this.mvc.perform(get("/tenantTwo/message").with(bearerToken(this.tenantTwoNoScopesToken))) this.mvc.perform(get("/tenantTwo/message").with(bearerToken(this.tenantTwoNoScopesToken)))
@ -138,8 +131,7 @@ public class OAuth2ResourceServerApplicationITests {
} }
@Test @Test
void invalidTenantPerformWhenValidBearerTokenThenThrowsException() void invalidTenantPerformWhenValidBearerTokenThenThrowsException() throws Exception {
throws Exception {
// @formatter:off // @formatter:off
assertThatIllegalArgumentException() assertThatIllegalArgumentException()
@ -155,6 +147,7 @@ public class OAuth2ResourceServerApplicationITests {
} }
private static class BearerTokenRequestPostProcessor implements RequestPostProcessor { private static class BearerTokenRequestPostProcessor implements RequestPostProcessor {
private String token; private String token;
BearerTokenRequestPostProcessor(String token) { BearerTokenRequestPostProcessor(String token) {
@ -166,5 +159,7 @@ public class OAuth2ResourceServerApplicationITests {
request.addHeader("Authorization", "Bearer " + this.token); request.addHeader("Authorization", "Bearer " + this.token);
return request; return request;
} }
} }
} }

2
servlet/spring-boot/java/oauth2/resource-server/multi-tenancy/src/main/java/example/OAuth2ResourceServerApplication.java
View File

@ -20,6 +20,7 @@ import org.springframework.boot.autoconfigure.SpringBootApplication;
/** /**
* OAuth Resource Server application. * OAuth Resource Server application.
*
* @author Josh Cummings * @author Josh Cummings
*/ */
@SpringBootApplication @SpringBootApplication
@ -28,4 +29,5 @@ public class OAuth2ResourceServerApplication {
public static void main(String[] args) { public static void main(String[] args) {
SpringApplication.run(OAuth2ResourceServerApplication.class, args); SpringApplication.run(OAuth2ResourceServerApplication.class, args);
} }
} }

5
servlet/spring-boot/java/oauth2/resource-server/multi-tenancy/src/main/java/example/OAuth2ResourceServerController.java
View File

@ -23,13 +23,15 @@ import org.springframework.web.bind.annotation.RestController;
/** /**
* A controller demonstrating OAuth2 Resource server. * A controller demonstrating OAuth2 Resource server.
*
* @author Josh Cummings * @author Josh Cummings
*/ */
@RestController @RestController
public class OAuth2ResourceServerController { public class OAuth2ResourceServerController {
@GetMapping("/{tenantId}") @GetMapping("/{tenantId}")
public String index(@AuthenticationPrincipal OAuth2AuthenticatedPrincipal token, @PathVariable("tenantId") String tenantId) { public String index(@AuthenticationPrincipal OAuth2AuthenticatedPrincipal token,
@PathVariable("tenantId") String tenantId) {
String subject = token.getAttribute("sub"); String subject = token.getAttribute("sub");
return String.format("Hello, %s for %s!", subject, tenantId); return String.format("Hello, %s for %s!", subject, tenantId);
} }
@ -38,4 +40,5 @@ public class OAuth2ResourceServerController {
public String message(@PathVariable("tenantId") String tenantId) { public String message(@PathVariable("tenantId") String tenantId) {
return String.format("secret message for %s", tenantId); return String.format("secret message for %s", tenantId);
} }
} }

7
servlet/spring-boot/java/oauth2/resource-server/multi-tenancy/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
View File

@ -38,6 +38,7 @@ import org.springframework.security.oauth2.server.resource.introspection.OpaqueT
/** /**
* OAuth Resource Security configuration. * OAuth Resource Security configuration.
*
* @author Josh Cummings * @author Josh Cummings
*/ */
@EnableWebSecurity @EnableWebSecurity
@ -93,9 +94,9 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
} }
AuthenticationManager opaque() { AuthenticationManager opaque() {
OpaqueTokenIntrospector introspectionClient = OpaqueTokenIntrospector introspectionClient = new NimbusOpaqueTokenIntrospector(this.introspectionUri,
new NimbusOpaqueTokenIntrospector(this.introspectionUri, this.introspectionClientId, this.introspectionClientSecret);
this.introspectionClientId, this.introspectionClientSecret);
return new OpaqueTokenAuthenticationProvider(introspectionClient)::authenticate; return new OpaqueTokenAuthenticationProvider(introspectionClient)::authenticate;
} }
} }

8
servlet/spring-boot/java/oauth2/resource-server/multi-tenancy/src/main/java/org/springframework/boot/env/MockWebServerEnvironmentPostProcessor.java vendored
View File

@ -22,16 +22,15 @@ import org.springframework.core.env.ConfigurableEnvironment;
/** /**
* Adds {@link MockWebServerPropertySource} to the environment. * Adds {@link MockWebServerPropertySource} to the environment.
*
* @author Rob Winch * @author Rob Winch
*/ */
public class MockWebServerEnvironmentPostProcessor public class MockWebServerEnvironmentPostProcessor implements EnvironmentPostProcessor, DisposableBean {
implements EnvironmentPostProcessor, DisposableBean {
private final MockWebServerPropertySource propertySource = new MockWebServerPropertySource(); private final MockWebServerPropertySource propertySource = new MockWebServerPropertySource();
@Override @Override
public void postProcessEnvironment(ConfigurableEnvironment environment, public void postProcessEnvironment(ConfigurableEnvironment environment, SpringApplication application) {
SpringApplication application) {
environment.getPropertySources().addFirst(this.propertySource); environment.getPropertySources().addFirst(this.propertySource);
} }
@ -39,4 +38,5 @@ public class MockWebServerEnvironmentPostProcessor
public void destroy() throws Exception { public void destroy() throws Exception {
this.propertySource.destroy(); this.propertySource.destroy();
} }
} }

4
servlet/spring-boot/java/oauth2/resource-server/multi-tenancy/src/main/java/org/springframework/boot/env/MockWebServerPropertySource.java vendored
View File

@ -38,10 +38,10 @@ import org.springframework.http.MediaType;
/** /**
* Adds the mock server url. * Adds the mock server url.
*
* @author Rob Winch * @author Rob Winch
*/ */
public class MockWebServerPropertySource extends PropertySource<MockWebServer> implements public class MockWebServerPropertySource extends PropertySource<MockWebServer> implements DisposableBean {
DisposableBean {
// introspection endpoint // introspection endpoint