Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

AuthenticationWebFilter wraps the ServerWebExchange 

Fixes gh-45-25
This commit is contained in:
Rob Winch 2017-09-11 19:51:47 -05:00
parent 8d997fd079
commit 8ce3b08136
2 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
webflux/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java
View File

@ -25,6 +25,7 @@ import org.springframework.security.web.server.AuthenticationEntryPoint;
import org.springframework.security.web.server.HttpBasicAuthenticationConverter; import org.springframework.security.web.server.HttpBasicAuthenticationConverter;
import org.springframework.security.web.server.authentication.www.HttpBasicAuthenticationEntryPoint; import org.springframework.security.web.server.authentication.www.HttpBasicAuthenticationEntryPoint;
import org.springframework.security.web.server.context.SecurityContextRepository; import org.springframework.security.web.server.context.SecurityContextRepository;
import org.springframework.security.web.server.context.SecurityContextRepositoryServerWebExchange;
import org.springframework.security.web.server.context.ServerWebExchangeAttributeSecurityContextRepository; import org.springframework.security.web.server.context.ServerWebExchangeAttributeSecurityContextRepository;
import org.springframework.util.Assert; import org.springframework.util.Assert;
import org.springframework.web.server.ServerWebExchange; import org.springframework.web.server.ServerWebExchange;
@ -58,14 +59,19 @@ public class AuthenticationWebFilter implements WebFilter {
@Override @Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) { public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
return this.authenticationConverter.apply(exchange) ServerWebExchange wrappedExchange = wrap(exchange);
.switchIfEmpty(Mono.defer(() -> chain.filter(exchange).cast(Authentication.class))) return this.authenticationConverter.apply(wrappedExchange)
.switchIfEmpty(Mono.defer(() -> chain.filter(wrappedExchange).cast(Authentication.class)))
.flatMap( token -> this.authenticationManager.authenticate(token) .flatMap( token -> this.authenticationManager.authenticate(token)
.flatMap(authentication -> onAuthenticationSuccess(authentication, exchange, chain)) .flatMap(authentication -> onAuthenticationSuccess(authentication, wrappedExchange, chain))
.onErrorResume( AuthenticationException.class, t -> this.entryPoint.commence(exchange, t)) .onErrorResume( AuthenticationException.class, t -> this.entryPoint.commence(wrappedExchange, t))
); );
} }
private ServerWebExchange wrap(ServerWebExchange exchange) {
return new SecurityContextRepositoryServerWebExchange(exchange, this.securityContextRepository);
}
private Mono<Void> onAuthenticationSuccess(Authentication authentication, ServerWebExchange exchange, WebFilterChain chain) { private Mono<Void> onAuthenticationSuccess(Authentication authentication, ServerWebExchange exchange, WebFilterChain chain) {
SecurityContextImpl securityContext = new SecurityContextImpl(); SecurityContextImpl securityContext = new SecurityContextImpl();
securityContext.setAuthentication(authentication); securityContext.setAuthentication(authentication);

2
webflux/src/main/java/org/springframework/security/web/server/context/SecurityContextRepositoryServerWebExchange.java
View File

@ -28,7 +28,7 @@ import reactor.core.publisher.Mono;
* @author Rob Winch * @author Rob Winch
* @since 5.0 * @since 5.0
*/ */
final class SecurityContextRepositoryServerWebExchange extends ServerWebExchangeDecorator { public class SecurityContextRepositoryServerWebExchange extends ServerWebExchangeDecorator {
private final SecurityContextRepository repository; private final SecurityContextRepository repository;
public SecurityContextRepositoryServerWebExchange(ServerWebExchange delegate, SecurityContextRepository repository) { public SecurityContextRepositoryServerWebExchange(ServerWebExchange delegate, SecurityContextRepository repository) {