diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/CsrfDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/CsrfDslTests.kt index 8ecca56eb3..22322bf308 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/CsrfDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/CsrfDslTests.kt @@ -33,6 +33,7 @@ import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf +import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy import org.springframework.security.web.csrf.CsrfTokenRepository import org.springframework.security.web.csrf.DefaultCsrfToken @@ -180,7 +181,7 @@ class CsrfDslTests { open class CustomStrategyConfig : WebSecurityConfigurerAdapter() { companion object { - val STRATEGY: SessionAuthenticationStrategy = SessionAuthenticationStrategy { _, _, _ -> } + var STRATEGY: SessionAuthenticationStrategy = NullAuthenticatedSessionStrategy() } override fun configure(http: HttpSecurity) { diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt index f60692be1c..587994961d 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt @@ -17,6 +17,7 @@ package org.springframework.security.config.annotation.web import io.mockk.every +import io.mockk.mockk import io.mockk.mockkObject import io.mockk.verify import org.junit.jupiter.api.Test @@ -41,6 +42,8 @@ import org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirec import org.springframework.test.web.servlet.result.MockMvcResultMatchers.status import org.springframework.web.bind.annotation.GetMapping import jakarta.servlet.http.HttpServletRequest +import org.springframework.security.web.authentication.WebAuthenticationDetails +import org.springframework.security.web.authentication.WebAuthenticationDetailsSource /** * Tests for [FormLoginDsl] @@ -293,7 +296,7 @@ class FormLoginDslTests { mockkObject(CustomAuthenticationDetailsSourceConfig.AUTHENTICATION_DETAILS_SOURCE) every { CustomAuthenticationDetailsSourceConfig.AUTHENTICATION_DETAILS_SOURCE.buildDetails(any()) - } returns Any() + } returns mockk() this.mockMvc.perform(formLogin()) .andExpect { @@ -308,8 +311,7 @@ class FormLoginDslTests { open class CustomAuthenticationDetailsSourceConfig : WebSecurityConfigurerAdapter() { companion object { - val AUTHENTICATION_DETAILS_SOURCE: AuthenticationDetailsSource = - AuthenticationDetailsSource { Any() } + val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource() } override fun configure(http: HttpSecurity) { diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpBasicDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpBasicDslTests.kt index 31e2f05721..18edff7f17 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpBasicDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpBasicDslTests.kt @@ -17,6 +17,7 @@ package org.springframework.security.config.annotation.web import io.mockk.every +import io.mockk.mockk import io.mockk.mockkObject import io.mockk.verify import jakarta.servlet.http.HttpServletRequest @@ -25,6 +26,7 @@ import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration +import org.springframework.http.HttpStatus import org.springframework.security.authentication.AuthenticationDetailsSource import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity @@ -36,6 +38,8 @@ import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic import org.springframework.security.web.AuthenticationEntryPoint +import org.springframework.security.web.authentication.HttpStatusEntryPoint +import org.springframework.security.web.authentication.WebAuthenticationDetailsSource import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get import org.springframework.web.bind.annotation.GetMapping @@ -136,7 +140,7 @@ class HttpBasicDslTests { open class CustomAuthenticationEntryPointConfig : WebSecurityConfigurerAdapter() { companion object { - val ENTRY_POINT: AuthenticationEntryPoint = AuthenticationEntryPoint { _, _, _ -> } + val ENTRY_POINT: AuthenticationEntryPoint = HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED) } override fun configure(http: HttpSecurity) { @@ -159,7 +163,7 @@ class HttpBasicDslTests { mockkObject(CustomAuthenticationDetailsSourceConfig.AUTHENTICATION_DETAILS_SOURCE) every { CustomAuthenticationDetailsSourceConfig.AUTHENTICATION_DETAILS_SOURCE.buildDetails(any()) - } returns Any() + } returns mockk() this.mockMvc.get("/") { with(httpBasic("username", "password")) @@ -172,8 +176,7 @@ class HttpBasicDslTests { open class CustomAuthenticationDetailsSourceConfig : WebSecurityConfigurerAdapter() { companion object { - val AUTHENTICATION_DETAILS_SOURCE: AuthenticationDetailsSource = - AuthenticationDetailsSource { Any() } + val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource() } override fun configure(http: HttpSecurity) { diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/LogoutDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/LogoutDslTests.kt index ecf5eafa46..03eee86a24 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/LogoutDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/LogoutDslTests.kt @@ -19,6 +19,8 @@ package org.springframework.security.config.annotation.web import io.mockk.every import io.mockk.mockkObject import io.mockk.verify +import jakarta.servlet.http.HttpServletRequest +import jakarta.servlet.http.HttpServletResponse import org.assertj.core.api.Assertions.assertThat import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith @@ -30,6 +32,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.core.Authentication import org.springframework.security.core.context.SecurityContextHolder import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf import org.springframework.security.web.authentication.logout.LogoutHandler @@ -300,7 +303,7 @@ class LogoutDslTests { open class CustomLogoutHandlerConfig : WebSecurityConfigurerAdapter() { companion object { - val HANDLER: LogoutHandler = LogoutHandler { _, _, _ -> } + val HANDLER: LogoutHandler = NoopLogoutHandler() } override fun configure(http: HttpSecurity) { @@ -311,4 +314,13 @@ class LogoutDslTests { } } } + + class NoopLogoutHandler: LogoutHandler { + override fun logout( + request: HttpServletRequest?, + response: HttpServletResponse?, + authentication: Authentication? + ) { } + + } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDslTests.kt index 2becea0713..8de517bc6a 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDslTests.kt @@ -30,6 +30,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository @@ -123,9 +124,7 @@ class OAuth2ClientDslTests { val REQUEST_REPOSITORY: AuthorizationRequestRepository = HttpSessionOAuth2AuthorizationRequestRepository() val CLIENT: OAuth2AccessTokenResponseClient = - OAuth2AccessTokenResponseClient { - OAuth2AccessTokenResponse.withToken("some tokenValue").build() - } + DefaultAuthorizationCodeTokenResponseClient() val CLIENT_REPOSITORY: OAuth2AuthorizedClientRepository = HttpSessionOAuth2AuthorizedClientRepository() } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDslTests.kt index 3a878b316e..026e079ac4 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDslTests.kt @@ -17,6 +17,7 @@ package org.springframework.security.config.annotation.web import io.mockk.every +import io.mockk.mockk import io.mockk.mockkObject import io.mockk.verify import org.junit.jupiter.api.Test @@ -43,6 +44,7 @@ import org.springframework.test.web.servlet.post import org.springframework.web.bind.annotation.GetMapping import org.springframework.web.bind.annotation.RestController import jakarta.servlet.http.HttpServletRequest +import org.springframework.security.web.authentication.WebAuthenticationDetailsSource /** * Tests for [OAuth2LoginDsl] @@ -131,7 +133,7 @@ class OAuth2LoginDslTests { mockkObject(CustomAuthenticationDetailsSourceConfig.AUTHENTICATION_DETAILS_SOURCE) every { CustomAuthenticationDetailsSourceConfig.AUTHENTICATION_DETAILS_SOURCE.buildDetails(any()) - } returns Any() + } returns mockk() mockkObject(CustomAuthenticationDetailsSourceConfig.AUTHORIZATION_REQUEST_REPOSITORY) every { CustomAuthenticationDetailsSourceConfig.AUTHORIZATION_REQUEST_REPOSITORY.removeAuthorizationRequest(any(), any()) @@ -158,8 +160,7 @@ class OAuth2LoginDslTests { open class CustomAuthenticationDetailsSourceConfig : WebSecurityConfigurerAdapter() { companion object { - val AUTHENTICATION_DETAILS_SOURCE: AuthenticationDetailsSource = - AuthenticationDetailsSource { Any() } + val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource() val AUTHORIZATION_REQUEST_REPOSITORY = HttpSessionOAuth2AuthorizationRequestRepository() } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDslTests.kt index b111f27f41..c7a2b8e2e0 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDslTests.kt @@ -27,9 +27,9 @@ import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.BeanCreationException import org.springframework.beans.factory.annotation.Autowired import org.springframework.context.annotation.Bean +import org.springframework.http.HttpStatus import org.springframework.security.authentication.AuthenticationManager import org.springframework.security.authentication.AuthenticationManagerResolver -import org.springframework.security.authentication.TestingAuthenticationToken import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter @@ -39,10 +39,13 @@ import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames.SUB import org.springframework.security.oauth2.jwt.Jwt import org.springframework.security.oauth2.jwt.JwtDecoder import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken +import org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolver import org.springframework.security.oauth2.server.resource.web.BearerTokenResolver import org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver import org.springframework.security.web.AuthenticationEntryPoint import org.springframework.security.web.access.AccessDeniedHandler +import org.springframework.security.web.access.AccessDeniedHandlerImpl +import org.springframework.security.web.authentication.HttpStatusEntryPoint import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -79,7 +82,7 @@ class OAuth2ResourceServerDslTests { open class EntryPointConfig : WebSecurityConfigurerAdapter() { companion object { - val ENTRY_POINT: AuthenticationEntryPoint = AuthenticationEntryPoint { _, _, _ -> } + val ENTRY_POINT: AuthenticationEntryPoint = HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED) } override fun configure(http: HttpSecurity) { @@ -116,12 +119,7 @@ class OAuth2ResourceServerDslTests { companion object { val RESOLVER: BearerTokenResolver = DefaultBearerTokenResolver() - val DECODER: JwtDecoder = JwtDecoder { - Jwt.withTokenValue("token") - .header("alg", "none") - .claim(SUB, "user") - .build() - } + val DECODER: JwtDecoder = MockJwtDecoder() } override fun configure(http: HttpSecurity) { @@ -140,6 +138,16 @@ class OAuth2ResourceServerDslTests { open fun jwtDecoder(): JwtDecoder = DECODER } + class MockJwtDecoder: JwtDecoder { + override fun decode(token: String?): Jwt { + return Jwt.withTokenValue("token") + .header("alg", "none") + .claim(SUB, "user") + .build() + } + + } + @Test fun `oauth2Resource server when custom access denied handler then handler used`() { this.spring.register(AccessDeniedHandlerConfig::class.java).autowire() @@ -163,13 +171,8 @@ class OAuth2ResourceServerDslTests { open class AccessDeniedHandlerConfig : WebSecurityConfigurerAdapter() { companion object { - val DECODER: JwtDecoder = JwtDecoder { _ -> - Jwt.withTokenValue("token") - .header("alg", "none") - .claim(SUB, "user") - .build() - } - val DENIED_HANDLER: AccessDeniedHandler = AccessDeniedHandler { _, _, _ -> } + val DECODER: JwtDecoder = MockJwtDecoder() + val DENIED_HANDLER: AccessDeniedHandler = AccessDeniedHandlerImpl() } override fun configure(http: HttpSecurity) { @@ -210,11 +213,7 @@ class OAuth2ResourceServerDslTests { companion object { val RESOLVER: AuthenticationManagerResolver = - AuthenticationManagerResolver { - AuthenticationManager { - TestingAuthenticationToken("a,", "b", "c") - } - } + JwtIssuerAuthenticationManagerResolver("issuer") } override fun configure(http: HttpSecurity) { diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt index c4de4e9289..fa793fa126 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt @@ -41,12 +41,14 @@ import org.springframework.security.core.userdetails.User import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder import org.springframework.security.crypto.password.PasswordEncoder +import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf import org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers import org.springframework.security.web.authentication.AuthenticationSuccessHandler import org.springframework.security.web.authentication.NullRememberMeServices import org.springframework.security.web.authentication.RememberMeServices +import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository import org.springframework.security.web.util.matcher.AntPathRequestMatcher @@ -438,7 +440,7 @@ internal class RememberMeDslTests { open class RememberMeSuccessHandlerConfig : DefaultUserConfig() { companion object { - val SUCCESS_HANDLER: AuthenticationSuccessHandler = AuthenticationSuccessHandler { _ , _, _ -> } + val SUCCESS_HANDLER: AuthenticationSuccessHandler = SimpleUrlAuthenticationSuccessHandler() } override fun configure(http: HttpSecurity) { @@ -549,9 +551,9 @@ internal class RememberMeDslTests { open class RememberMeDefaultUserDetailsServiceConfig : DefaultUserConfig() { companion object { - val USER_DETAIL_SERVICE: UserDetailsService = UserDetailsService { _ -> + val USER_DETAIL_SERVICE: UserDetailsService = InMemoryUserDetailsManager( User("username", "password", emptyList()) - } + ) val PASSWORD_ENCODER: PasswordEncoder = BCryptPasswordEncoder() } @@ -575,9 +577,9 @@ internal class RememberMeDslTests { open class RememberMeUserDetailsServiceConfig : DefaultUserConfig() { companion object { - val USER_DETAIL_SERVICE: UserDetailsService = UserDetailsService { _ -> + val USER_DETAIL_SERVICE: UserDetailsService = InMemoryUserDetailsManager( User("username", "password", emptyList()) - } + ) } override fun configure(http: HttpSecurity) { diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/SessionManagementDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/SessionManagementDslTests.kt index 334a22388e..8875bb8cd2 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/SessionManagementDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/SessionManagementDslTests.kt @@ -36,6 +36,7 @@ import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.core.Authentication import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler +import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy import org.springframework.security.web.authentication.session.SessionAuthenticationException import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy import org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy @@ -210,7 +211,7 @@ class SessionManagementDslTests { open class SessionAuthenticationStrategyConfig : WebSecurityConfigurerAdapter() { companion object { - val STRATEGY: SessionAuthenticationStrategy = SessionAuthenticationStrategy { _, _, _ -> } + val STRATEGY: SessionAuthenticationStrategy = NullAuthenticatedSessionStrategy() } override fun configure(http: HttpSecurity) { diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/client/AuthorizationCodeGrantDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/client/AuthorizationCodeGrantDslTests.kt index d624a781c9..617b5f94ef 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/client/AuthorizationCodeGrantDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/client/AuthorizationCodeGrantDslTests.kt @@ -32,6 +32,7 @@ import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.annotation.web.invoke +import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository @@ -134,9 +135,7 @@ class AuthorizationCodeGrantDslTests { val REQUEST_REPOSITORY: AuthorizationRequestRepository = HttpSessionOAuth2AuthorizationRequestRepository() val CLIENT: OAuth2AccessTokenResponseClient = - OAuth2AccessTokenResponseClient { - OAuth2AccessTokenResponse.withToken("some tokenValue").build() - } + DefaultAuthorizationCodeTokenResponseClient() } override fun configure(http: HttpSecurity) { diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/RedirectionEndpointDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/RedirectionEndpointDslTests.kt index 051436c93a..eee2b8a92e 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/RedirectionEndpointDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/RedirectionEndpointDslTests.kt @@ -31,6 +31,7 @@ import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.annotation.web.invoke import org.springframework.security.core.authority.SimpleGrantedAuthority +import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository @@ -108,9 +109,7 @@ class RedirectionEndpointDslTests { val REPOSITORY: AuthorizationRequestRepository = HttpSessionOAuth2AuthorizationRequestRepository() val CLIENT: OAuth2AccessTokenResponseClient = - OAuth2AccessTokenResponseClient { - OAuth2AccessTokenResponse.withToken("some tokenValue").build() - } + DefaultAuthorizationCodeTokenResponseClient() val USER_SERVICE: OAuth2UserService = DefaultOAuth2UserService() } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/TokenEndpointDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/TokenEndpointDslTests.kt index 63f526a88c..c0a32af663 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/TokenEndpointDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/TokenEndpointDslTests.kt @@ -31,6 +31,7 @@ import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.annotation.web.invoke +import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository @@ -99,9 +100,7 @@ class TokenEndpointDslTests { val REPOSITORY: AuthorizationRequestRepository = HttpSessionOAuth2AuthorizationRequestRepository() val CLIENT: OAuth2AccessTokenResponseClient = - OAuth2AccessTokenResponseClient { - OAuth2AccessTokenResponse.withToken("some tokenValue").build() - } + DefaultAuthorizationCodeTokenResponseClient() } override fun configure(http: HttpSecurity) { diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/JwtDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/JwtDslTests.kt index fe57a566ce..e379bee340 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/JwtDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/JwtDslTests.kt @@ -130,10 +130,8 @@ class JwtDslTests { open class CustomJwtAuthenticationConverterConfig : WebSecurityConfigurerAdapter() { companion object { - val CONVERTER: Converter = Converter { _ -> - TestingAuthenticationToken("a", "b", "c") - } - val DECODER: JwtDecoder = JwtDecoder { Jwt.withTokenValue("some tokenValue").build() } + val CONVERTER: Converter = MockConverter() + val DECODER: JwtDecoder = MockJwtDecoder() } override fun configure(http: HttpSecurity) { @@ -153,6 +151,12 @@ class JwtDslTests { open fun jwtDecoder(): JwtDecoder = DECODER } + class MockConverter: Converter { + override fun convert(source: Jwt): AbstractAuthenticationToken { + return TestingAuthenticationToken("a", "b", "c") + } + } + @Test fun `JWT when custom JWT decoder set after jwkSetUri then decoder used`() { this.spring.register(JwtDecoderAfterJwkSetUriConfig::class.java).autowire() @@ -175,7 +179,7 @@ class JwtDslTests { open class JwtDecoderAfterJwkSetUriConfig : WebSecurityConfigurerAdapter() { companion object { - val DECODER: JwtDecoder = JwtDecoder { Jwt.withTokenValue("some tokenValue").build() } + val DECODER: JwtDecoder = MockJwtDecoder() } override fun configure(http: HttpSecurity) { @@ -193,6 +197,12 @@ class JwtDslTests { } } + class MockJwtDecoder: JwtDecoder { + override fun decode(token: String?): Jwt { + return Jwt.withTokenValue("some tokenValue").build() + } + } + @Test fun `JWT when custom authentication manager configured then used`() { this.spring.register(AuthenticationManagerConfig::class.java, AuthenticationController::class.java).autowire() diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/OpaqueTokenDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/OpaqueTokenDslTests.kt index 634cae0a78..44c61ae8e5 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/OpaqueTokenDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/OpaqueTokenDslTests.kt @@ -43,6 +43,7 @@ import org.springframework.security.oauth2.jwt.JwtClaimNames import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication import org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector +import org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get import org.springframework.web.bind.annotation.GetMapping @@ -147,9 +148,7 @@ class OpaqueTokenDslTests { open class CustomIntrospectorConfig : WebSecurityConfigurerAdapter() { companion object { - val INTROSPECTOR: OpaqueTokenIntrospector = OpaqueTokenIntrospector { - DefaultOAuth2AuthenticatedPrincipal(emptyMap(), emptyList()) - } + val INTROSPECTOR: OpaqueTokenIntrospector = SpringOpaqueTokenIntrospector("uri", "clientId", "clientSecret") } override fun configure(http: HttpSecurity) { @@ -185,9 +184,7 @@ class OpaqueTokenDslTests { open class IntrospectorAfterClientCredentialsConfig : WebSecurityConfigurerAdapter() { companion object { - val INTROSPECTOR: OpaqueTokenIntrospector = OpaqueTokenIntrospector { - DefaultOAuth2AuthenticatedPrincipal(emptyMap(), emptyList()) - } + val INTROSPECTOR: OpaqueTokenIntrospector = SpringOpaqueTokenIntrospector("uri", "clientId", "clientSecret") } override fun configure(http: HttpSecurity) { diff --git a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerCsrfDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerCsrfDslTests.kt index 659d598b27..4c8746695d 100644 --- a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerCsrfDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerCsrfDslTests.kt @@ -24,11 +24,13 @@ import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired import org.springframework.context.ApplicationContext import org.springframework.context.annotation.Bean +import org.springframework.http.HttpStatus import org.springframework.http.MediaType import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.web.server.SecurityWebFilterChain +import org.springframework.security.web.server.authorization.HttpStatusServerAccessDeniedHandler import org.springframework.security.web.server.authorization.ServerAccessDeniedHandler import org.springframework.security.web.server.csrf.CsrfToken import org.springframework.security.web.server.csrf.DefaultCsrfToken @@ -175,7 +177,7 @@ class ServerCsrfDslTests { @EnableWebFlux open class CustomAccessDeniedHandlerConfig { companion object { - val ACCESS_DENIED_HANDLER: ServerAccessDeniedHandler = ServerAccessDeniedHandler { _, _ -> Mono.empty() } + val ACCESS_DENIED_HANDLER: ServerAccessDeniedHandler = HttpStatusServerAccessDeniedHandler(HttpStatus.FORBIDDEN) } @Bean diff --git a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerFormLoginDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerFormLoginDslTests.kt index 8750440412..a6e78eca06 100644 --- a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerFormLoginDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerFormLoginDslTests.kt @@ -30,6 +30,7 @@ import org.springframework.security.authentication.ReactiveAuthenticationManager import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.core.Authentication import org.springframework.security.core.userdetails.MapReactiveUserDetailsService import org.springframework.security.core.userdetails.User import org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.csrf @@ -151,7 +152,7 @@ class ServerFormLoginDslTests { open class CustomAuthenticationManagerConfig { companion object { - val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = ReactiveAuthenticationManager { Mono.empty() } + val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = NoopReactiveAuthenticationManager() } @Bean @@ -167,6 +168,12 @@ class ServerFormLoginDslTests { } } + class NoopReactiveAuthenticationManager: ReactiveAuthenticationManager { + override fun authenticate(authentication: Authentication?): Mono { + return Mono.empty() + } + } + @Test fun `form login when custom authentication entry point then entry point used`() { this.spring.register(CustomConfig::class.java, UserDetailsConfig::class.java).autowire() diff --git a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerHttpBasicDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerHttpBasicDslTests.kt index 52a3fe3ec9..b1d0aa2626 100644 --- a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerHttpBasicDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerHttpBasicDslTests.kt @@ -26,6 +26,7 @@ import org.springframework.beans.factory.annotation.Autowired import org.springframework.context.ApplicationContext import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration +import org.springframework.http.HttpStatus import org.springframework.security.authentication.ReactiveAuthenticationManager import org.springframework.security.authentication.TestingAuthenticationToken import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity @@ -36,6 +37,7 @@ import org.springframework.security.core.userdetails.MapReactiveUserDetailsServi import org.springframework.security.core.userdetails.User import org.springframework.security.web.server.SecurityWebFilterChain import org.springframework.security.web.server.ServerAuthenticationEntryPoint +import org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint import org.springframework.security.web.server.context.ServerSecurityContextRepository import org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository import org.springframework.test.web.reactive.server.WebTestClient @@ -127,7 +129,7 @@ class ServerHttpBasicDslTests { open class CustomAuthenticationManagerConfig { companion object { - val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = ReactiveAuthenticationManager { Mono.empty() } + val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = NoopReactiveAuthenticationManager() } @Bean @@ -143,6 +145,12 @@ class ServerHttpBasicDslTests { } } + class NoopReactiveAuthenticationManager: ReactiveAuthenticationManager { + override fun authenticate(authentication: Authentication?): Mono { + return Mono.empty() + } + } + @Test fun `http basic when custom security context repository then repository used`() { this.spring.register(CustomSecurityContextRepositoryConfig::class.java, UserDetailsConfig::class.java).autowire() @@ -200,7 +208,7 @@ class ServerHttpBasicDslTests { open class CustomAuthenticationEntryPointConfig { companion object { - val ENTRY_POINT: ServerAuthenticationEntryPoint = ServerAuthenticationEntryPoint { _, _ -> Mono.empty() } + val ENTRY_POINT: ServerAuthenticationEntryPoint = HttpStatusServerEntryPoint(HttpStatus.UNAUTHORIZED) } @Bean diff --git a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerHttpSecurityDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerHttpSecurityDslTests.kt index eaebb5643e..4c456a834b 100644 --- a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerHttpSecurityDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerHttpSecurityDslTests.kt @@ -31,6 +31,7 @@ import org.springframework.security.authentication.TestingAuthenticationToken import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.core.Authentication import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter import org.springframework.security.web.server.SecurityWebFilterChain import org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter @@ -223,7 +224,7 @@ class ServerHttpSecurityDslTests { @EnableWebFluxSecurity open class AuthenticationManagerConfig { companion object { - val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = ReactiveAuthenticationManager { Mono.empty() } + val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = NoopReactiveAuthenticationManager() } @Bean @@ -237,4 +238,10 @@ class ServerHttpSecurityDslTests { } } } + + class NoopReactiveAuthenticationManager: ReactiveAuthenticationManager { + override fun authenticate(authentication: Authentication?): Mono { + return Mono.empty() + } + } } diff --git a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerJwtDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerJwtDslTests.kt index 2f01d9d538..57dcc80161 100644 --- a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerJwtDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerJwtDslTests.kt @@ -146,7 +146,7 @@ class ServerJwtDslTests { open class CustomDecoderConfig { companion object { - val JWT_DECODER: ReactiveJwtDecoder = ReactiveJwtDecoder { Mono.empty() } + val JWT_DECODER: ReactiveJwtDecoder = NullReactiveJwtDecoder() } @Bean @@ -164,6 +164,12 @@ class ServerJwtDslTests { } } + class NullReactiveJwtDecoder: ReactiveJwtDecoder { + override fun decode(token: String?): Mono { + return Mono.empty() + } + } + @Test fun `jwt when using custom JWK Set URI then custom URI used`() { this.spring.register(CustomJwkSetUriConfig::class.java).autowire() @@ -242,7 +248,7 @@ class ServerJwtDslTests { companion object { val CONVERTER: Converter> = Converter { Mono.empty() } - val DECODER: ReactiveJwtDecoder = ReactiveJwtDecoder { Mono.empty() } + val DECODER: ReactiveJwtDecoder = NullReactiveJwtDecoder() } @Bean diff --git a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerLogoutDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerLogoutDslTests.kt index 705e943c25..b44d2f5c20 100644 --- a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerLogoutDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerLogoutDslTests.kt @@ -25,11 +25,14 @@ import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired import org.springframework.context.ApplicationContext import org.springframework.context.annotation.Bean +import org.springframework.http.HttpStatus import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.csrf import org.springframework.security.web.server.SecurityWebFilterChain +import org.springframework.security.web.server.authentication.logout.HttpStatusReturningServerLogoutSuccessHandler +import org.springframework.security.web.server.authentication.logout.SecurityContextServerLogoutHandler import org.springframework.security.web.server.authentication.logout.ServerLogoutHandler import org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler import org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher @@ -171,7 +174,7 @@ class ServerLogoutDslTests { open class CustomLogoutHandlerConfig { companion object { - val LOGOUT_HANDLER: ServerLogoutHandler = ServerLogoutHandler { _, _ -> Mono.empty() } + val LOGOUT_HANDLER: ServerLogoutHandler = SecurityContextServerLogoutHandler() } @Bean @@ -206,7 +209,7 @@ class ServerLogoutDslTests { open class CustomLogoutSuccessHandlerConfig { companion object { - val LOGOUT_HANDLER: ServerLogoutSuccessHandler = ServerLogoutSuccessHandler { _, _ -> Mono.empty() } + val LOGOUT_HANDLER: ServerLogoutSuccessHandler = HttpStatusReturningServerLogoutSuccessHandler(HttpStatus.OK) } @Bean diff --git a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2ClientDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2ClientDslTests.kt index a49eea05e4..e93816ebdb 100644 --- a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2ClientDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2ClientDslTests.kt @@ -31,12 +31,14 @@ import org.springframework.security.config.annotation.web.reactive.EnableWebFlux import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.core.Authentication import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository import org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository import org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames +import org.springframework.security.oauth2.server.resource.web.server.ServerBearerTokenAuthenticationConverter import org.springframework.security.web.server.SecurityWebFilterChain import org.springframework.security.web.server.authentication.ServerAuthenticationConverter import org.springframework.test.web.reactive.server.WebTestClient @@ -162,7 +164,7 @@ class ServerOAuth2ClientDslTests { companion object { val AUTHORIZATION_REQUEST_REPOSITORY: ServerAuthorizationRequestRepository = WebSessionOAuth2ServerAuthorizationRequestRepository() - val AUTHENTICATION_CONVERTER: ServerAuthenticationConverter = ServerAuthenticationConverter { Mono.empty() } + val AUTHENTICATION_CONVERTER: ServerAuthenticationConverter = ServerBearerTokenAuthenticationConverter() } @Bean @@ -214,8 +216,8 @@ class ServerOAuth2ClientDslTests { companion object { val AUTHORIZATION_REQUEST_REPOSITORY: ServerAuthorizationRequestRepository = WebSessionOAuth2ServerAuthorizationRequestRepository() - val AUTHENTICATION_CONVERTER: ServerAuthenticationConverter = ServerAuthenticationConverter { Mono.empty() } - val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = ReactiveAuthenticationManager { Mono.empty() } + val AUTHENTICATION_CONVERTER: ServerAuthenticationConverter = ServerBearerTokenAuthenticationConverter() + val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = NoopReactiveAuthenticationManager() } @Bean @@ -230,6 +232,12 @@ class ServerOAuth2ClientDslTests { } } + class NoopReactiveAuthenticationManager: ReactiveAuthenticationManager { + override fun authenticate(authentication: Authentication?): Mono { + return Mono.empty() + } + } + @Configuration open class ClientConfig { @Bean diff --git a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2LoginDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2LoginDslTests.kt index 39b3c5d7dc..8c73b263e2 100644 --- a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2LoginDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2LoginDslTests.kt @@ -34,8 +34,10 @@ import org.springframework.security.oauth2.client.registration.ReactiveClientReg import org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository import org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest +import org.springframework.security.oauth2.server.resource.web.server.ServerBearerTokenAuthenticationConverter import org.springframework.security.web.server.SecurityWebFilterChain import org.springframework.security.web.server.authentication.ServerAuthenticationConverter +import org.springframework.security.web.server.util.matcher.IpAddressServerWebExchangeMatcher import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher import org.springframework.test.web.reactive.server.WebTestClient import org.springframework.web.reactive.config.EnableWebFlux @@ -159,7 +161,7 @@ class ServerOAuth2LoginDslTests { open class AuthenticationMatcherConfig { companion object { - val AUTHENTICATION_MATCHER: ServerWebExchangeMatcher = ServerWebExchangeMatcher { Mono.empty() } + val AUTHENTICATION_MATCHER: ServerWebExchangeMatcher = IpAddressServerWebExchangeMatcher("127.0.0.1") } @Bean @@ -192,7 +194,7 @@ class ServerOAuth2LoginDslTests { open class AuthenticationConverterConfig { companion object { - val AUTHENTICATION_CONVERTER: ServerAuthenticationConverter = ServerAuthenticationConverter { Mono.empty() } + val AUTHENTICATION_CONVERTER: ServerAuthenticationConverter = ServerBearerTokenAuthenticationConverter() } @Bean diff --git a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2ResourceServerDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2ResourceServerDslTests.kt index 275b28244c..484008c043 100644 --- a/config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2ResourceServerDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2ResourceServerDslTests.kt @@ -33,6 +33,7 @@ import org.springframework.security.authentication.ReactiveAuthenticationManager import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.oauth2.server.resource.authentication.JwtIssuerReactiveAuthenticationManagerResolver import org.springframework.security.oauth2.server.resource.web.server.ServerBearerTokenAuthenticationConverter import org.springframework.security.web.server.SecurityWebFilterChain import org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint @@ -186,7 +187,7 @@ class ServerOAuth2ResourceServerDslTests { open class AuthenticationManagerResolverConfig { companion object { - val RESOLVER: ReactiveAuthenticationManagerResolver = ReactiveAuthenticationManagerResolver { Mono.empty() } + val RESOLVER: ReactiveAuthenticationManagerResolver = JwtIssuerReactiveAuthenticationManagerResolver("issuer") } @Bean