mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-05-31 09:12:14 +00:00
HttpSecurity->ServerHttpSecurity
Issue gh-4615
This commit is contained in:
Rob Winch
parent
185d3032f5
commit
792944eee7
@ -22,14 +22,14 @@ import org.springframework.context.annotation.Scope;
|
||||
import org.springframework.core.ReactiveAdapterRegistry;
|
||||
import org.springframework.security.authentication.ReactiveAuthenticationManager;
|
||||
import org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager;
|
||||
import org.springframework.security.config.web.server.HttpSecurity;
|
||||
import org.springframework.security.config.web.server.ServerHttpSecurity;
|
||||
import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.security.web.reactive.result.method.annotation.AuthenticationPrincipalArgumentResolver;
|
||||
import org.springframework.web.reactive.config.WebFluxConfigurer;
|
||||
import org.springframework.web.reactive.result.method.annotation.ArgumentResolverConfigurer;
|
||||
|
||||
import static org.springframework.security.config.web.server.HttpSecurity.http;
|
||||
import static org.springframework.security.config.web.server.ServerHttpSecurity.http;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@ -63,7 +63,7 @@ public class HttpSecurityConfiguration implements WebFluxConfigurer {
|
||||
|
||||
@Bean(HTTPSECURITY_BEAN_NAME)
|
||||
@Scope("prototype")
|
||||
public HttpSecurity httpSecurity() {
|
||||
public ServerHttpSecurity httpSecurity() {
|
||||
return http()
|
||||
.authenticationManager(authenticationManager())
|
||||
.headers().and()
|
||||
|
||||
@ -21,7 +21,7 @@ import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.security.config.web.server.HttpSecurity;
|
||||
import org.springframework.security.config.web.server.ServerHttpSecurity;
|
||||
import org.springframework.security.web.server.SecurityWebFilterChain;
|
||||
import org.springframework.security.web.server.WebFilterChainProxy;
|
||||
import org.springframework.util.ObjectUtils;
|
||||
@ -62,7 +62,7 @@ public class WebFluxSecurityConfiguration {
|
||||
}
|
||||
|
||||
private List<SecurityWebFilterChain> defaultSecurityWebFilterChains() {
|
||||
HttpSecurity http = context.getBean(HttpSecurity.class);
|
||||
ServerHttpSecurity http = context.getBean(ServerHttpSecurity.class);
|
||||
http
|
||||
.authorizeExchange()
|
||||
.anyExchange().authenticated();
|
||||
|
||||
@ -79,7 +79,7 @@ import static org.springframework.security.web.server.DelegatingServerAuthentica
|
||||
* @author Rob Winch
|
||||
* @since 5.0
|
||||
*/
|
||||
public class HttpSecurity {
|
||||
public class ServerHttpSecurity {
|
||||
private ServerWebExchangeMatcher securityMatcher = ServerWebExchangeMatchers.anyExchange();
|
||||
|
||||
private AuthorizeExchangeBuilder authorizeExchangeBuilder;
|
||||
@ -108,13 +108,13 @@ public class HttpSecurity {
|
||||
* @param matcher the ServerExchangeMatcher that determines which requests apply to this HttpSecurity instance.
|
||||
* Default is all requests.
|
||||
*/
|
||||
public HttpSecurity securityMatcher(ServerWebExchangeMatcher matcher) {
|
||||
public ServerHttpSecurity securityMatcher(ServerWebExchangeMatcher matcher) {
|
||||
Assert.notNull(matcher, "matcher cannot be null");
|
||||
this.securityMatcher = matcher;
|
||||
return this;
|
||||
}
|
||||
|
||||
public HttpSecurity addFilterAt(WebFilter webFilter, SecurityWebFiltersOrder order) {
|
||||
public ServerHttpSecurity addFilterAt(WebFilter webFilter, SecurityWebFiltersOrder order) {
|
||||
this.webFilters.add(new OrderedWebFilter(webFilter, order.getOrder()));
|
||||
return this;
|
||||
}
|
||||
@ -127,7 +127,7 @@ public class HttpSecurity {
|
||||
return this.securityMatcher;
|
||||
}
|
||||
|
||||
public HttpSecurity securityContextRepository(SecurityContextServerRepository securityContextServerRepository) {
|
||||
public ServerHttpSecurity securityContextRepository(SecurityContextServerRepository securityContextServerRepository) {
|
||||
Assert.notNull(securityContextServerRepository, "securityContextRepository cannot be null");
|
||||
this.securityContextServerRepository = securityContextServerRepository;
|
||||
return this;
|
||||
@ -168,7 +168,7 @@ public class HttpSecurity {
|
||||
return this.logout;
|
||||
}
|
||||
|
||||
public HttpSecurity authenticationManager(ReactiveAuthenticationManager manager) {
|
||||
public ServerHttpSecurity authenticationManager(ReactiveAuthenticationManager manager) {
|
||||
this.authenticationManager = manager;
|
||||
return this;
|
||||
}
|
||||
@ -228,8 +228,8 @@ public class HttpSecurity {
|
||||
return result;
|
||||
}
|
||||
|
||||
public static HttpSecurity http() {
|
||||
return new HttpSecurity();
|
||||
public static ServerHttpSecurity http() {
|
||||
return new ServerHttpSecurity();
|
||||
}
|
||||
|
||||
private WebFilter securityContextRepositoryWebFilter() {
|
||||
@ -241,7 +241,7 @@ public class HttpSecurity {
|
||||
return new OrderedWebFilter(result, SecurityWebFiltersOrder.SECURITY_CONTEXT_REPOSITORY.getOrder());
|
||||
}
|
||||
|
||||
private HttpSecurity() {}
|
||||
private ServerHttpSecurity() {}
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@ -252,8 +252,8 @@ public class HttpSecurity {
|
||||
private ServerWebExchangeMatcher matcher;
|
||||
private boolean anyExchangeRegistered;
|
||||
|
||||
public HttpSecurity and() {
|
||||
return HttpSecurity.this;
|
||||
public ServerHttpSecurity and() {
|
||||
return ServerHttpSecurity.this;
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -275,7 +275,7 @@ public class HttpSecurity {
|
||||
return new Access();
|
||||
}
|
||||
|
||||
protected void configure(HttpSecurity http) {
|
||||
protected void configure(ServerHttpSecurity http) {
|
||||
if(this.matcher != null) {
|
||||
throw new IllegalStateException("The matcher " + this.matcher + " does not have an access rule defined");
|
||||
}
|
||||
@ -336,23 +336,23 @@ public class HttpSecurity {
|
||||
return this;
|
||||
}
|
||||
|
||||
public HttpSecurity and() {
|
||||
return HttpSecurity.this;
|
||||
public ServerHttpSecurity and() {
|
||||
return ServerHttpSecurity.this;
|
||||
}
|
||||
|
||||
public HttpSecurity disable() {
|
||||
HttpSecurity.this.httpBasic = null;
|
||||
return HttpSecurity.this;
|
||||
public ServerHttpSecurity disable() {
|
||||
ServerHttpSecurity.this.httpBasic = null;
|
||||
return ServerHttpSecurity.this;
|
||||
}
|
||||
|
||||
protected void configure(HttpSecurity http) {
|
||||
protected void configure(ServerHttpSecurity http) {
|
||||
MediaTypeServerWebExchangeMatcher restMatcher = new MediaTypeServerWebExchangeMatcher(
|
||||
MediaType.APPLICATION_ATOM_XML,
|
||||
MediaType.APPLICATION_FORM_URLENCODED, MediaType.APPLICATION_JSON,
|
||||
MediaType.APPLICATION_OCTET_STREAM, MediaType.APPLICATION_XML,
|
||||
MediaType.MULTIPART_FORM_DATA, MediaType.TEXT_XML);
|
||||
restMatcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL));
|
||||
HttpSecurity.this.defaultEntryPoints.add(new DelegateEntry(restMatcher, this.entryPoint));
|
||||
ServerHttpSecurity.this.defaultEntryPoints.add(new DelegateEntry(restMatcher, this.entryPoint));
|
||||
AuthenticationWebFilter authenticationFilter = new AuthenticationWebFilter(
|
||||
this.authenticationManager);
|
||||
authenticationFilter.setServerAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(this.entryPoint));
|
||||
@ -413,23 +413,23 @@ public class HttpSecurity {
|
||||
return this;
|
||||
}
|
||||
|
||||
public HttpSecurity and() {
|
||||
return HttpSecurity.this;
|
||||
public ServerHttpSecurity and() {
|
||||
return ServerHttpSecurity.this;
|
||||
}
|
||||
|
||||
public HttpSecurity disable() {
|
||||
HttpSecurity.this.formLogin = null;
|
||||
return HttpSecurity.this;
|
||||
public ServerHttpSecurity disable() {
|
||||
ServerHttpSecurity.this.formLogin = null;
|
||||
return ServerHttpSecurity.this;
|
||||
}
|
||||
|
||||
protected void configure(HttpSecurity http) {
|
||||
protected void configure(ServerHttpSecurity http) {
|
||||
if(this.serverAuthenticationEntryPoint == null) {
|
||||
loginPage("/login");
|
||||
}
|
||||
MediaTypeServerWebExchangeMatcher htmlMatcher = new MediaTypeServerWebExchangeMatcher(
|
||||
MediaType.TEXT_HTML);
|
||||
htmlMatcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL));
|
||||
HttpSecurity.this.defaultEntryPoints.add(0, new DelegateEntry(htmlMatcher, this.serverAuthenticationEntryPoint));
|
||||
ServerHttpSecurity.this.defaultEntryPoints.add(0, new DelegateEntry(htmlMatcher, this.serverAuthenticationEntryPoint));
|
||||
AuthenticationWebFilter authenticationFilter = new AuthenticationWebFilter(
|
||||
this.authenticationManager);
|
||||
authenticationFilter.setRequiresAuthenticationMatcher(this.requiresAuthenticationMatcher);
|
||||
@ -461,8 +461,8 @@ public class HttpSecurity {
|
||||
|
||||
private XXssProtectionServerHttpHeadersWriter xss = new XXssProtectionServerHttpHeadersWriter();
|
||||
|
||||
public HttpSecurity and() {
|
||||
return HttpSecurity.this;
|
||||
public ServerHttpSecurity and() {
|
||||
return ServerHttpSecurity.this;
|
||||
}
|
||||
|
||||
public CacheSpec cache() {
|
||||
@ -481,7 +481,7 @@ public class HttpSecurity {
|
||||
return new HstsSpec();
|
||||
}
|
||||
|
||||
protected void configure(HttpSecurity http) {
|
||||
protected void configure(ServerHttpSecurity http) {
|
||||
ServerHttpHeadersWriter writer = new CompositeServerHttpHeadersWriter(this.writers);
|
||||
HttpHeaderWriterWebFilter result = new HttpHeaderWriterWebFilter(writer);
|
||||
http.addFilterAt(result, SecurityWebFiltersOrder.HTTP_HEADERS_WRITER);
|
||||
@ -575,21 +575,21 @@ public class HttpSecurity {
|
||||
return this;
|
||||
}
|
||||
|
||||
public HttpSecurity disable() {
|
||||
HttpSecurity.this.logout = null;
|
||||
public ServerHttpSecurity disable() {
|
||||
ServerHttpSecurity.this.logout = null;
|
||||
return and();
|
||||
}
|
||||
|
||||
public HttpSecurity and() {
|
||||
return HttpSecurity.this;
|
||||
public ServerHttpSecurity and() {
|
||||
return ServerHttpSecurity.this;
|
||||
}
|
||||
|
||||
public void configure(HttpSecurity http) {
|
||||
public void configure(ServerHttpSecurity http) {
|
||||
LogoutWebFilter logoutWebFilter = createLogoutWebFilter(http);
|
||||
http.addFilterAt(logoutWebFilter, SecurityWebFiltersOrder.LOGOUT);
|
||||
}
|
||||
|
||||
private LogoutWebFilter createLogoutWebFilter(HttpSecurity http) {
|
||||
private LogoutWebFilter createLogoutWebFilter(ServerHttpSecurity http) {
|
||||
LogoutWebFilter logoutWebFilter = new LogoutWebFilter();
|
||||
logoutWebFilter.setServerLogoutHandler(this.serverLogoutHandler);
|
||||
logoutWebFilter.setRequiresLogout(this.requiresLogout);
|
||||
@ -40,7 +40,7 @@ import spock.lang.Unroll;
|
||||
* @author Rob Winch
|
||||
*
|
||||
*/
|
||||
public class HttpSecurityTests extends BaseSpringSpec {
|
||||
public class ServerHttpSecurityTests extends BaseSpringSpec {
|
||||
def "addFilter with unregistered Filter"() {
|
||||
when:
|
||||
loadConfig(UnregisteredFilterConfig)
|
||||
|
||||
@ -48,7 +48,7 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
|
||||
@RunWith(SpringJUnit4ClassRunner.class)
|
||||
@ContextConfiguration
|
||||
@WebAppConfiguration
|
||||
public class HttpSecurityHeadersTests {
|
||||
public class ServerHttpSecurityHeadersTests {
|
||||
@Autowired
|
||||
WebApplicationContext wac;
|
||||
@Autowired
|
||||
@ -39,7 +39,7 @@ import org.springframework.web.context.support.AnnotationConfigWebApplicationCon
|
||||
* @author Rob Winch
|
||||
*
|
||||
*/
|
||||
public class HttpSecurityAntMatchersTests {
|
||||
public class ServerHttpSecurityAntMatchersTests {
|
||||
AnnotationConfigWebApplicationContext context;
|
||||
|
||||
MockHttpServletRequest request;
|
||||
@ -40,7 +40,7 @@ import org.springframework.web.context.support.AnnotationConfigWebApplicationCon
|
||||
* @author Rob Winch
|
||||
*
|
||||
*/
|
||||
public class HttpSecurityLogoutTests {
|
||||
public class ServerHttpSecurityLogoutTests {
|
||||
AnnotationConfigWebApplicationContext context;
|
||||
|
||||
MockHttpServletRequest request;
|
||||
@ -43,7 +43,7 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
* @author Rob Winch
|
||||
*
|
||||
*/
|
||||
public class HttpSecurityRequestMatchersTests {
|
||||
public class ServerHttpSecurityRequestMatchersTests {
|
||||
AnnotationConfigWebApplicationContext context;
|
||||
|
||||
MockHttpServletRequest request;
|
||||
@ -268,4 +268,4 @@ public class HttpSecurityRequestMatchersTests {
|
||||
|
||||
this.context.getAutowireCapableBeanFactory().autowireBean(this);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -26,7 +26,7 @@ import org.springframework.core.annotation.Order;
|
||||
import org.springframework.core.io.buffer.DataBuffer;
|
||||
import org.springframework.core.io.buffer.DefaultDataBufferFactory;
|
||||
import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
import org.springframework.security.config.web.server.HttpSecurity;
|
||||
import org.springframework.security.config.web.server.ServerHttpSecurity;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
@ -234,7 +234,7 @@ public class EnableWebFluxSecurityTests {
|
||||
}
|
||||
|
||||
@RunWith(SpringRunner.class)
|
||||
public static class MultiHttpSecurity {
|
||||
public static class MultiServerHttpSecurity {
|
||||
@Autowired WebFilterChainProxy springSecurityFilterChain;
|
||||
|
||||
@Test
|
||||
@ -257,7 +257,7 @@ public class EnableWebFluxSecurityTests {
|
||||
static class Config {
|
||||
@Order(Ordered.HIGHEST_PRECEDENCE)
|
||||
@Bean
|
||||
public SecurityWebFilterChain apiHttpSecurity(HttpSecurity http) {
|
||||
public SecurityWebFilterChain apiHttpSecurity(ServerHttpSecurity http) {
|
||||
http
|
||||
.securityMatcher(new PathPatternParserServerWebExchangeMatcher("/api/**"))
|
||||
.authorizeExchange()
|
||||
@ -266,7 +266,7 @@ public class EnableWebFluxSecurityTests {
|
||||
}
|
||||
|
||||
@Bean
|
||||
public SecurityWebFilterChain httpSecurity(HttpSecurity http) {
|
||||
public SecurityWebFilterChain httpSecurity(ServerHttpSecurity http) {
|
||||
return http.build();
|
||||
}
|
||||
|
||||
|
||||
@ -42,7 +42,7 @@ import org.springframework.security.web.FilterChainProxy;
|
||||
* @author Rob Winch
|
||||
*
|
||||
*/
|
||||
public class CustomHttpSecurityConfigurerTests {
|
||||
public class CustomServerHttpSecurityConfigurerTests {
|
||||
@Autowired
|
||||
ConfigurableApplicationContext context;
|
||||
|
||||
@ -19,7 +19,6 @@ package org.springframework.security.config.web.server;
|
||||
import org.junit.Test;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.test.web.reactive.server.WebTestClientBuilder;
|
||||
import org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter;
|
||||
import org.springframework.test.web.reactive.server.WebTestClient;
|
||||
|
||||
/**
|
||||
@ -27,8 +26,8 @@ import org.springframework.test.web.reactive.server.WebTestClient;
|
||||
* @since 5.0
|
||||
*/
|
||||
public class AuthorizeExchangeBuilderTests {
|
||||
HttpSecurity http = HttpSecurity.http();
|
||||
HttpSecurity.AuthorizeExchangeBuilder authorization = this.http.authorizeExchange();
|
||||
ServerHttpSecurity http = ServerHttpSecurity.http();
|
||||
ServerHttpSecurity.AuthorizeExchangeBuilder authorization = this.http.authorizeExchange();
|
||||
|
||||
@Test
|
||||
public void antMatchersWhenMethodAndPatternsThenDiscriminatesByMethod() {
|
||||
|
||||
@ -43,7 +43,7 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
*/
|
||||
public class FormLoginTests {
|
||||
private UserDetails user = User.withUsername("user").password("password").roles("USER").build();
|
||||
private HttpSecurity http = HttpSecurity.http();
|
||||
private ServerHttpSecurity http = ServerHttpSecurity.http();
|
||||
|
||||
ReactiveAuthenticationManager manager = new UserDetailsRepositoryReactiveAuthenticationManager(new MapReactiveUserDetailsService(this.user));
|
||||
|
||||
|
||||
@ -41,7 +41,7 @@ import static org.assertj.core.api.AssertionsForInterfaceTypes.assertThat;
|
||||
*/
|
||||
public class HeaderBuilderTests {
|
||||
|
||||
HttpSecurity.HeaderBuilder headers = HttpSecurity.http().headers();
|
||||
ServerHttpSecurity.HeaderBuilder headers = ServerHttpSecurity.http().headers();
|
||||
|
||||
HttpHeaders expectedHeaders = new HttpHeaders();
|
||||
|
||||
|
||||
@ -35,7 +35,7 @@ import org.springframework.security.test.web.reactive.server.WebTestClientBuilde
|
||||
public class LogoutBuilderTests {
|
||||
|
||||
private UserDetails user = User.withUsername("user").password("password").roles("USER").build();
|
||||
private HttpSecurity http = HttpSecurity.http();
|
||||
private ServerHttpSecurity http = ServerHttpSecurity.http();
|
||||
|
||||
ReactiveAuthenticationManager manager = new UserDetailsRepositoryReactiveAuthenticationManager(new MapReactiveUserDetailsService(this.user));
|
||||
|
||||
|
||||
@ -44,16 +44,16 @@ import static org.springframework.web.reactive.function.client.ExchangeFilterFun
|
||||
* @since 5.0
|
||||
*/
|
||||
@RunWith(MockitoJUnitRunner.class)
|
||||
public class HttpSecurityTests {
|
||||
public class ServerHttpSecurityTests {
|
||||
@Mock SecurityContextServerRepository contextRepository;
|
||||
@Mock
|
||||
ReactiveAuthenticationManager authenticationManager;
|
||||
|
||||
HttpSecurity http;
|
||||
ServerHttpSecurity http;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
this.http = HttpSecurity.http().headers().and();
|
||||
this.http = ServerHttpSecurity.http().headers().and();
|
||||
}
|
||||
|
||||
@Test
|
||||
@ -80,7 +80,7 @@ public class HttpSecurityTests {
|
||||
this.http.securityContextRepository(new WebSessionSecurityContextServerRepository());
|
||||
this.http.httpBasic();
|
||||
this.http.authenticationManager(this.authenticationManager);
|
||||
HttpSecurity.AuthorizeExchangeBuilder authorize = this.http.authorizeExchange();
|
||||
ServerHttpSecurity.AuthorizeExchangeBuilder authorize = this.http.authorizeExchange();
|
||||
authorize.anyExchange().authenticated();
|
||||
|
||||
WebTestClient client = buildClient();
|
||||
@ -20,7 +20,7 @@ import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity;
|
||||
import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
|
||||
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
|
||||
import org.springframework.security.config.web.server.HttpSecurity;
|
||||
import org.springframework.security.config.web.server.ServerHttpSecurity;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.web.server.SecurityWebFilterChain;
|
||||
@ -34,7 +34,7 @@ import org.springframework.security.web.server.SecurityWebFilterChain;
|
||||
public class SecurityConfig {
|
||||
|
||||
@Bean
|
||||
SecurityWebFilterChain springWebFilterChain(HttpSecurity http) throws Exception {
|
||||
SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception {
|
||||
return http
|
||||
// we rely on method security
|
||||
.authorizeExchange()
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user