Polish ServerAuthenticationConverter

Fix package tangles Issue: gh-5338
2018-08-24 09:37:18 -05:00 · 2018-08-24 09:37:18 -05:00 · 1640a1f462
parent 68d836d508
commit 1640a1f462
8 changed files with 93 additions and 38 deletions
--- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
@ -71,8 +71,6 @@ import org.springframework.security.web.server.DelegatingServerAuthenticationEnt
 import org.springframework.security.web.server.MatcherSecurityWebFilterChain;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 import org.springframework.security.web.server.ServerAuthenticationEntryPoint;
-import org.springframework.security.web.server.ServerFormLoginAuthenticationConverter;
-import org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter;
 import org.springframework.security.web.server.WebFilterExchange;
 import org.springframework.security.web.server.authentication.AuthenticationWebFilter;
 import org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint;
@ -82,6 +80,8 @@ import org.springframework.security.web.server.authentication.RedirectServerAuth
 import org.springframework.security.web.server.authentication.ServerAuthenticationEntryPointFailureHandler;
 import org.springframework.security.web.server.authentication.ServerAuthenticationFailureHandler;
 import org.springframework.security.web.server.authentication.ServerAuthenticationSuccessHandler;
+import org.springframework.security.web.server.authentication.ServerFormLoginAuthenticationConverter;
+import org.springframework.security.web.server.authentication.ServerHttpBasicAuthenticationConverter;
 import org.springframework.security.web.server.authentication.logout.LogoutWebFilter;
 import org.springframework.security.web.server.authentication.logout.ServerLogoutHandler;
 import org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler;
--- a/web/src/main/java/org/springframework/security/web/server/ServerFormLoginAuthenticationConverter.java
+++ b/web/src/main/java/org/springframework/security/web/server/ServerFormLoginAuthenticationConverter.java
@ -15,7 +15,6 @@
 */
 package org.springframework.security.web.server;

-import org.springframework.security.web.server.authentication.ServerAuthenticationConverter;
 import org.springframework.util.Assert;
 import reactor.core.publisher.Mono;

@ -32,31 +31,22 @@ import java.util.function.Function;
 *
 * @author Rob Winch
 * @since 5.0
+ * @deprecated use {@link org.springframework.security.web.server.authentication.ServerFormLoginAuthenticationConverter}
+ * instead.
 */
+@Deprecated
 public class ServerFormLoginAuthenticationConverter implements
-		ServerAuthenticationConverter,
 		Function<ServerWebExchange, Mono<Authentication>> {

 	private String usernameParameter = "username";

 	private String passwordParameter = "password";

-	@Override
-	public Mono<Authentication> convert(ServerWebExchange exchange) {
-		return exchange.getFormData()
-			.map( data -> createAuthentication(data));
-	}
-
-	/**
-	 * Alias for {@link #convert(ServerWebExchange)}
-	 * @param exchange the {@link ServerWebExchange} to use
-	 * @return the {@link Authentication}
-	 * @deprecated Use {@link #convert(ServerWebExchange)}
-	 */
 	@Override
 	@Deprecated
 	public Mono<Authentication> apply(ServerWebExchange exchange) {
-		return convert(exchange);
+		return exchange.getFormData()
+				.map( data -> createAuthentication(data));
 	}

 	private UsernamePasswordAuthenticationToken createAuthentication(
--- a/web/src/main/java/org/springframework/security/web/server/ServerHttpBasicAuthenticationConverter.java
+++ b/web/src/main/java/org/springframework/security/web/server/ServerHttpBasicAuthenticationConverter.java
@ -22,7 +22,6 @@ import org.springframework.http.HttpHeaders;
 import org.springframework.http.server.reactive.ServerHttpRequest;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
-import org.springframework.security.web.server.authentication.ServerAuthenticationConverter;
 import org.springframework.web.server.ServerWebExchange;

 import reactor.core.publisher.Mono;
@ -32,15 +31,18 @@ import reactor.core.publisher.Mono;
 *
 * @author Rob Winch
 * @since 5.0
+ * @deprecated Use {@link org.springframework.security.web.server.authentication.ServerHttpBasicAuthenticationConverter}
+ * instead.
 */
+@Deprecated
 public class ServerHttpBasicAuthenticationConverter implements
-		ServerAuthenticationConverter,
 		Function<ServerWebExchange, Mono<Authentication>> {

 	public static final String BASIC = "Basic ";

 	@Override
-	public Mono<Authentication> convert(ServerWebExchange exchange) {
+	@Deprecated
+	public Mono<Authentication> apply(ServerWebExchange exchange) {
 		ServerHttpRequest request = exchange.getRequest();

 		String authorization = request.getHeaders().getFirst(HttpHeaders.AUTHORIZATION);
@ -49,7 +51,7 @@ public class ServerHttpBasicAuthenticationConverter implements
 		}

 		String credentials = authorization.length() <= BASIC.length() ?
-			"" : authorization.substring(BASIC.length(), authorization.length());
+				"" : authorization.substring(BASIC.length(), authorization.length());
 		byte[] decodedCredentials = base64Decode(credentials);
 		String decodedAuthz = new String(decodedCredentials);
 		String[] userParts = decodedAuthz.split(":");
@ -64,18 +66,6 @@ public class ServerHttpBasicAuthenticationConverter implements
 		return Mono.just(new UsernamePasswordAuthenticationToken(username, password));
 	}

-	/**
-	 * Alias for {@link #convert(ServerWebExchange)}
-	 * @param exchange the {@link ServerWebExchange} to use
-	 * @return the {@link Authentication}
-	 * @deprecated Use {@link #convert(ServerWebExchange)}
-	 */
-	@Override
-	@Deprecated
-	public Mono<Authentication> apply(ServerWebExchange exchange) {
-		return convert(exchange);
-	}
-
 	private byte[] base64Decode(String value) {
 		try {
 			return Base64.getDecoder().decode(value);
--- a/web/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java
+++ b/web/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java
@ -22,7 +22,6 @@ import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.context.ReactiveSecurityContextHolder;
 import org.springframework.security.core.context.SecurityContextImpl;
-import org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter;
 import org.springframework.security.web.server.WebFilterExchange;
 import org.springframework.security.web.server.context.NoOpServerSecurityContextRepository;
 import org.springframework.security.web.server.context.ServerSecurityContextRepository;
--- a/web/src/main/java/org/springframework/security/web/server/authentication/ServerFormLoginAuthenticationConverter.java
+++ b/web/src/main/java/org/springframework/security/web/server/authentication/ServerFormLoginAuthenticationConverter.java
@ -0,0 +1,38 @@
+/*
+ * Copyright 2002-2018 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.web.server.authentication;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Mono;
+
+/**
+ * Converts a ServerWebExchange into a UsernamePasswordAuthenticationToken from the form
+ * data HTTP parameters.
+ *
+ * @author Rob Winch
+ * @since 5.1
+ */
+@SuppressWarnings("deprecation")
+public class ServerFormLoginAuthenticationConverter
+		extends org.springframework.security.web.server.ServerFormLoginAuthenticationConverter
+		implements ServerAuthenticationConverter {
+
+	@Override
+	public Mono<Authentication> convert(ServerWebExchange exchange) {
+		return apply(exchange);
+	}
+}
--- a/web/src/main/java/org/springframework/security/web/server/authentication/ServerHttpBasicAuthenticationConverter.java
+++ b/web/src/main/java/org/springframework/security/web/server/authentication/ServerHttpBasicAuthenticationConverter.java
@ -0,0 +1,38 @@
+/*
+ * Copyright 2002-2018 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.web.server.authentication;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Mono;
+
+/**
+ * Converts from a {@link ServerWebExchange} to an {@link Authentication} that can be authenticated.
+ *
+ * @author Rob Winch
+ * @since 5.1
+ */
+@SuppressWarnings("deprecation")
+public class ServerHttpBasicAuthenticationConverter
+		extends org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter
+		implements ServerAuthenticationConverter {
+
+
+	@Override
+	public Mono<Authentication> convert(ServerWebExchange exchange) {
+		return apply(exchange);
+	}
+}
--- a/web/src/test/java/org/springframework/security/web/server/authentication/ServerFormLoginAuthenticationConverterTests.java
+++ b/web/src/test/java/org/springframework/security/web/server/authentication/ServerFormLoginAuthenticationConverterTests.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -14,7 +14,7 @@
 * limitations under the License.
 */

-package org.springframework.security.web.server;
+package org.springframework.security.web.server.authentication;

 import org.junit.Before;
 import org.junit.Test;
--- a/web/src/test/java/org/springframework/security/web/server/authentication/ServerHttpBasicAuthenticationConverterTests.java
+++ b/web/src/test/java/org/springframework/security/web/server/authentication/ServerHttpBasicAuthenticationConverterTests.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -14,7 +14,7 @@
 * limitations under the License.
 */

-package org.springframework.security.web.server;
+package org.springframework.security.web.server.authentication;

 import org.junit.Test;
 import org.springframework.http.HttpHeaders;