diff --git a/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java index f63f6478ce..a05e90edcc 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java +++ b/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java @@ -104,12 +104,10 @@ import java.util.List; * } * * @author Rob Winch -<<<<<<< HEAD * @author Jesús Ascama Arias * @author Luis Felipe Vega -======= * @author Manuel Tejeda ->>>>>>> 9926ad68b8f4e465f6c5243a8ff993fbf9d1b7a2 + * @author Ebert Toribio * @since 5.2 */ public class RSocketSecurity { @@ -334,6 +332,10 @@ public class RSocketSecurity { .just(new AuthorizationDecision(true))); } + public AuthorizePayloadsSpec hasAnyAuthority(String... authorities) { + return access(AuthorityReactiveAuthorizationManager.hasAnyAuthority(authorities)); + } + public AuthorizePayloadsSpec access( ReactiveAuthorizationManager authorization) { AuthorizePayloadsSpec.this.authzBuilder.add(new PayloadExchangeMatcherEntry<>(this.matcher, authorization)); diff --git a/config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java b/config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java index 9056a3acda..269bcbb951 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java @@ -54,6 +54,7 @@ import static org.assertj.core.api.Assertions.assertThatCode; * @author Luis Felipe Vega * @author Jesús Ascama Arias * @author Manuel Tejeda + * @author Ebert Toribio */ @ContextConfiguration @RunWith(SpringRunner.class) @@ -219,6 +220,23 @@ public class RSocketMessageHandlerConnectionITests { assertThat(hiRob).isEqualTo("Hi rob"); } + @Test + public void connectWithAnyAuthority() { + UsernamePasswordMetadata credentials = + new UsernamePasswordMetadata("admin", "password"); + this.requester = requester() + .setupMetadata(credentials, UsernamePasswordMetadata.BASIC_AUTHENTICATION_MIME_TYPE) + .connectTcp(this.server.address().getHostName(), this.server.address().getPort()) + .block(); + + String hiEbert = this.requester.route("management.users") + .data("admin") + .retrieveMono(String.class) + .block(); + + assertThat(hiEbert).isEqualTo("Hi admin"); + } + private RSocketRequester.Builder requester() { return RSocketRequester.builder() .rsocketStrategies(this.handler.getRSocketStrategies()); @@ -278,6 +296,7 @@ public class RSocketMessageHandlerConnectionITests { .route("secure.admin.*").hasRole("ADMIN") .route("secure.**").hasRole("USER") .route("secure.authority.*").hasAuthority("ROLE_USER") + .route("management.*").hasAnyAuthority("ROLE_ADMIN") .route("prohibit").denyAll() .anyRequest().permitAll() )