Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

AuthenticationWebFilter wraps the ServerWebExchange 

Fixes gh-45-25
This commit is contained in:
Rob Winch 2017-09-11 19:51:47 -05:00
parent 8d997fd079
commit 8ce3b08136
2 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
webflux/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java
View File

@ -25,6 +25,7 @@ import org.springframework.security.web.server.AuthenticationEntryPoint;
import org.springframework.security.web.server.HttpBasicAuthenticationConverter;
import org.springframework.security.web.server.authentication.www.HttpBasicAuthenticationEntryPoint;
import org.springframework.security.web.server.context.SecurityContextRepository;
import org.springframework.security.web.server.context.SecurityContextRepositoryServerWebExchange;
import org.springframework.security.web.server.context.ServerWebExchangeAttributeSecurityContextRepository;
import org.springframework.util.Assert;
import org.springframework.web.server.ServerWebExchange;
@ -58,14 +59,19 @@ public class AuthenticationWebFilter implements WebFilter {
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
return this.authenticationConverter.apply(exchange)
.switchIfEmpty(Mono.defer(() -> chain.filter(exchange).cast(Authentication.class)))
ServerWebExchange wrappedExchange = wrap(exchange);
return this.authenticationConverter.apply(wrappedExchange)
.switchIfEmpty(Mono.defer(() -> chain.filter(wrappedExchange).cast(Authentication.class)))
.flatMap( token -> this.authenticationManager.authenticate(token)
.flatMap(authentication -> onAuthenticationSuccess(authentication, exchange, chain))
.onErrorResume( AuthenticationException.class, t -> this.entryPoint.commence(exchange, t))
.flatMap(authentication -> onAuthenticationSuccess(authentication, wrappedExchange, chain))
.onErrorResume( AuthenticationException.class, t -> this.entryPoint.commence(wrappedExchange, t))
);
}
private ServerWebExchange wrap(ServerWebExchange exchange) {
return new SecurityContextRepositoryServerWebExchange(exchange, this.securityContextRepository);
}
private Mono<Void> onAuthenticationSuccess(Authentication authentication, ServerWebExchange exchange, WebFilterChain chain) {
SecurityContextImpl securityContext = new SecurityContextImpl();
securityContext.setAuthentication(authentication);

2
webflux/src/main/java/org/springframework/security/web/server/context/SecurityContextRepositoryServerWebExchange.java
View File

@ -28,7 +28,7 @@ import reactor.core.publisher.Mono;
* @author Rob Winch
* @since 5.0
*/
final class SecurityContextRepositoryServerWebExchange extends ServerWebExchangeDecorator {
public class SecurityContextRepositoryServerWebExchange extends ServerWebExchangeDecorator {
private final SecurityContextRepository repository;
public SecurityContextRepositoryServerWebExchange(ServerWebExchange delegate, SecurityContextRepository repository) {