Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add Anonymous Support to AuthenticatedReactiveAuthorizationManager 

Fixes: gh-6235
This commit is contained in:
mibo 2018-12-10 21:17:44 +01:00 committed by Rob Winch
parent 1706a5cb83
commit 60e3bf4093
2 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
core/src/main/java/org/springframework/security/authorization/AuthenticatedReactiveAuthorizationManager.java
View File

@ -16,6 +16,8 @@
package org.springframework.security.authorization;
import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
import org.springframework.security.core.Authentication;
import reactor.core.publisher.Mono;
@ -30,13 +32,25 @@ import reactor.core.publisher.Mono;
*/
public class AuthenticatedReactiveAuthorizationManager<T> implements ReactiveAuthorizationManager<T> {
private AuthenticationTrustResolver authTrustResolver = new AuthenticationTrustResolverImpl();
@Override
public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, T object) {
return authentication
.filter(this::isNotAnonymous)
.map(a -> new AuthorizationDecision(a.isAuthenticated()))
.defaultIfEmpty(new AuthorizationDecision(false));
}
/**
* Verify (via {@link AuthenticationTrustResolver}) that the given authentication is not anonymous.
* @param authentication to be checked
* @return <code>true</code> if not anonymous, otherwise <code>false</code>.
*/
private boolean isNotAnonymous(Authentication authentication) {
return !authTrustResolver.isAnonymous(authentication);
}
/**
* Gets an instance of {@link AuthenticatedReactiveAuthorizationManager}
* @param <T>

10
core/src/test/java/org/springframework/security/authorization/AuthenticatedReactiveAuthorizationManagerTests.java
View File

@ -20,11 +20,13 @@ import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.junit.MockitoJUnitRunner;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import reactor.core.publisher.Mono;
import reactor.test.StepVerifier;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
/**
@ -62,6 +64,14 @@ public class AuthenticatedReactiveAuthorizationManagerTests {
assertThat(granted).isFalse();
}
@Test
public void checkWhenAnonymousAuthenticatedThenReturnFalse() {
AnonymousAuthenticationToken anonymousAuthenticationToken = mock(AnonymousAuthenticationToken.class);
boolean granted = manager.check(Mono.just(anonymousAuthenticationToken), null).block().isGranted();
assertThat(granted).isFalse();
}
@Test
public void checkWhenErrorThenError() {