mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-07-12 21:33:30 +00:00
Replace dynamic error message with static "Access Denied"
Closes gh-16514 Signed-off-by: Daeho Kwon <trewq231@naver.com>
This commit is contained in:
parent
555fe1f147
commit
24b7287d55
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2002-2017 the original author or authors.
|
* Copyright 2002-2025 the original author or authors.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
@ -54,7 +54,7 @@ public class HttpStatusServerAccessDeniedHandler implements ServerAccessDeniedHa
|
|||||||
response.setStatusCode(this.httpStatus);
|
response.setStatusCode(this.httpStatus);
|
||||||
response.getHeaders().setContentType(MediaType.TEXT_PLAIN);
|
response.getHeaders().setContentType(MediaType.TEXT_PLAIN);
|
||||||
DataBufferFactory dataBufferFactory = response.bufferFactory();
|
DataBufferFactory dataBufferFactory = response.bufferFactory();
|
||||||
DataBuffer buffer = dataBufferFactory.wrap(ex.getMessage().getBytes(Charset.defaultCharset()));
|
DataBuffer buffer = dataBufferFactory.wrap("Access Denied".getBytes(Charset.defaultCharset()));
|
||||||
return response.writeWith(Mono.just(buffer)).doOnError((error) -> DataBufferUtils.release(buffer));
|
return response.writeWith(Mono.just(buffer)).doOnError((error) -> DataBufferUtils.release(buffer));
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2002-2017 the original author or authors.
|
* Copyright 2002-2025 the original author or authors.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
@ -23,9 +23,9 @@ import org.mockito.junit.jupiter.MockitoExtension;
|
|||||||
|
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
|
import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
|
||||||
|
import org.springframework.mock.http.server.reactive.MockServerHttpResponse;
|
||||||
import org.springframework.mock.web.server.MockServerWebExchange;
|
import org.springframework.mock.web.server.MockServerWebExchange;
|
||||||
import org.springframework.security.access.AccessDeniedException;
|
import org.springframework.security.access.AccessDeniedException;
|
||||||
import org.springframework.web.server.ServerWebExchange;
|
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||||
@ -39,7 +39,7 @@ import static org.mockito.Mockito.verifyNoMoreInteractions;
|
|||||||
public class HttpStatusServerAccessDeniedHandlerTests {
|
public class HttpStatusServerAccessDeniedHandlerTests {
|
||||||
|
|
||||||
@Mock
|
@Mock
|
||||||
private ServerWebExchange exchange;
|
private MockServerWebExchange exchange;
|
||||||
|
|
||||||
private HttpStatus httpStatus = HttpStatus.FORBIDDEN;
|
private HttpStatus httpStatus = HttpStatus.FORBIDDEN;
|
||||||
|
|
||||||
@ -62,7 +62,9 @@ public class HttpStatusServerAccessDeniedHandlerTests {
|
|||||||
public void commenceWhenSubscribeThenStatusSet() {
|
public void commenceWhenSubscribeThenStatusSet() {
|
||||||
this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
|
this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
|
||||||
this.handler.handle(this.exchange, this.exception).block();
|
this.handler.handle(this.exchange, this.exception).block();
|
||||||
assertThat(this.exchange.getResponse().getStatusCode()).isEqualTo(this.httpStatus);
|
MockServerHttpResponse response = this.exchange.getResponse();
|
||||||
|
assertThat(response.getStatusCode()).isEqualTo(this.httpStatus);
|
||||||
|
assertThat(response.getBodyAsString().block()).isEqualTo("Access Denied");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@ -71,7 +73,9 @@ public class HttpStatusServerAccessDeniedHandlerTests {
|
|||||||
this.handler = new HttpStatusServerAccessDeniedHandler(this.httpStatus);
|
this.handler = new HttpStatusServerAccessDeniedHandler(this.httpStatus);
|
||||||
this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
|
this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
|
||||||
this.handler.handle(this.exchange, this.exception).block();
|
this.handler.handle(this.exchange, this.exception).block();
|
||||||
assertThat(this.exchange.getResponse().getStatusCode()).isEqualTo(this.httpStatus);
|
MockServerHttpResponse response = this.exchange.getResponse();
|
||||||
|
assertThat(response.getStatusCode()).isEqualTo(this.httpStatus);
|
||||||
|
assertThat(response.getBodyAsString().block()).isEqualTo("Access Denied");
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user