Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-29 23:32:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Extract out HttpSecurityConfiguration

Browse Source 
Fixes gh-4394
This commit is contained in:
Rob Winch 2017-06-14 13:48:44 -05:00
parent 2deb1cda9f
commit 406e1e6951
3 changed files with 83 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config/src/main/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurity.java
View File

@ -21,6 +21,7 @@ package org.springframework.security.config.annotation.web.reactive;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import; import org.springframework.context.annotation.Import;
import javax.servlet.http.HttpServletRequest;
import java.lang.annotation.*; import java.lang.annotation.*;
/** /**
@ -30,7 +31,7 @@ import java.lang.annotation.*;
@Retention(RetentionPolicy.RUNTIME) @Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.TYPE) @Target(ElementType.TYPE)
@Documented @Documented
@Import(WebFluxSecurityConfiguration.class) @Import({HttpSecurityConfiguration.class, WebFluxSecurityConfiguration.class})
@Configuration @Configuration
public @interface EnableWebFluxSecurity { public @interface EnableWebFluxSecurity {
} }

79
config/src/main/java/org/springframework/security/config/annotation/web/reactive/HttpSecurityConfiguration.java Normal file
View File

@ -0,0 +1,79 @@
/*
*
* * Copyright 2002-2017 the original author or authors.
* *
* * Licensed under the Apache License, Version 2.0 (the "License");
* * you may not use this file except in compliance with the License.
* * You may obtain a copy of the License at
* *
* * http://www.apache.org/licenses/LICENSE-2.0
* *
* * Unless required by applicable law or agreed to in writing, software
* * distributed under the License is distributed on an "AS IS" BASIS,
* * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* * See the License for the specific language governing permissions and
* * limitations under the License.
*
*/
package org.springframework.security.config.annotation.web.reactive;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Scope;
import org.springframework.core.ReactiveAdapterRegistry;
import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.authentication.UserDetailsRepositoryAuthenticationManager;
import org.springframework.security.config.web.server.HttpSecurity;
import org.springframework.security.core.userdetails.UserDetailsRepository;
import org.springframework.security.web.reactive.result.method.annotation.AuthenticationPrincipalArgumentResolver;
import org.springframework.security.web.server.context.WebSessionSecurityContextRepository;
import org.springframework.web.reactive.config.WebFluxConfigurer;
import org.springframework.web.reactive.result.method.annotation.ArgumentResolverConfigurer;
import static org.springframework.security.config.web.server.HttpSecurity.http;
/**
* @author Rob Winch
* @since 5.0
*/
public class HttpSecurityConfiguration implements WebFluxConfigurer {
@Autowired(required = false)
private ReactiveAdapterRegistry adapterRegistry = new ReactiveAdapterRegistry();
@Autowired(required = false)
private ReactiveAuthenticationManager authenticationManager;
@Autowired(required = false)
private UserDetailsRepository userDetailsRepository;
@Override
public void configureArgumentResolvers(ArgumentResolverConfigurer configurer) {
configurer.addCustomResolver(authenticationPrincipalArgumentResolver());
}
@Bean
public AuthenticationPrincipalArgumentResolver authenticationPrincipalArgumentResolver() {
return new AuthenticationPrincipalArgumentResolver(adapterRegistry);
}
@Bean
@Scope("prototype")
public HttpSecurity httpSecurity() {
HttpSecurity http = http();
http.httpBasic();
http.authenticationManager(authenticationManager());
http.securityContextRepository(new WebSessionSecurityContextRepository());
return http;
}
private ReactiveAuthenticationManager authenticationManager() {
if(authenticationManager != null) {
return authenticationManager;
}
if(userDetailsRepository != null) {
return new UserDetailsRepositoryAuthenticationManager(userDetailsRepository);
}
return null;
}
}

52
config/src/main/java/org/springframework/security/config/annotation/web/reactive/WebFluxSecurityConfiguration.java
View File

@ -18,62 +18,14 @@
package org.springframework.security.config.annotation.web.reactive; package org.springframework.security.config.annotation.web.reactive;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.ReactiveAdapterRegistry;
import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.core.userdetails.UserDetailsRepository;
import org.springframework.security.authentication.UserDetailsRepositoryAuthenticationManager;
import org.springframework.security.config.web.server.HttpSecurity;
import org.springframework.security.web.reactive.result.method.annotation.AuthenticationPrincipalArgumentResolver;
import org.springframework.security.web.server.context.WebSessionSecurityContextRepository;
import org.springframework.web.reactive.config.WebFluxConfigurer;
import org.springframework.web.reactive.result.method.annotation.ArgumentResolverConfigurer;
import static org.springframework.security.config.web.server.HttpSecurity.http; import org.springframework.context.annotation.Configuration;
/** /**
* @author Rob Winch * @author Rob Winch
* @since 5.0 * @since 5.0
*/ */
@Configuration @Configuration
public class WebFluxSecurityConfiguration implements WebFluxConfigurer { public class WebFluxSecurityConfiguration {
@Autowired(required = false)
private ReactiveAdapterRegistry adapterRegistry = new ReactiveAdapterRegistry();
@Autowired(required = false)
private ReactiveAuthenticationManager authenticationManager;
@Autowired(required = false)
private UserDetailsRepository userDetailsRepository;
@Override
public void configureArgumentResolvers(ArgumentResolverConfigurer configurer) {
configurer.addCustomResolver(authenticationPrincipalArgumentResolver());
}
@Bean
public AuthenticationPrincipalArgumentResolver authenticationPrincipalArgumentResolver() {
return new AuthenticationPrincipalArgumentResolver(adapterRegistry);
}
@Bean
public HttpSecurity httpSecurity() {
HttpSecurity http = http();
http.httpBasic();
http.authenticationManager(authenticationManager());
http.securityContextRepository(new WebSessionSecurityContextRepository());
return http;
}
private ReactiveAuthenticationManager authenticationManager() {
if(authenticationManager != null) {
return authenticationManager;
}
if(userDetailsRepository != null) {
return new UserDetailsRepositoryAuthenticationManager(userDetailsRepository);
}
return null;
}
} }