From 99f06ca58c04fa5d584d88af0577135e6cf5fd38 Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Fri, 29 Sep 2017 14:45:58 -0500 Subject: [PATCH] HttpSecurity invokes configure(this) Issue gh-4542 --- .../config/web/server/HttpSecurity.java | 31 +++++++++---------- .../server/AuthorizeExchangeBuilderTests.java | 8 ++--- .../config/web/server/HeaderBuilderTests.java | 2 +- 3 files changed, 20 insertions(+), 21 deletions(-) diff --git a/config/src/main/java/org/springframework/security/config/web/server/HttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/HttpSecurity.java index 8b3cb4a973..4c39dcbfc6 100644 --- a/config/src/main/java/org/springframework/security/config/web/server/HttpSecurity.java +++ b/config/src/main/java/org/springframework/security/config/web/server/HttpSecurity.java @@ -165,7 +165,7 @@ public class HttpSecurity { public SecurityWebFilterChain build() { if(this.headers != null) { - this.webFilters.add(this.headers.build()); + this.headers.configure(this); } WebFilter securityContextRepositoryWebFilter = securityContextRepositoryWebFilter(); if(securityContextRepositoryWebFilter != null) { @@ -176,7 +176,7 @@ public class HttpSecurity { if(this.securityContextRepository != null) { this.httpBasic.securityContextRepository(this.securityContextRepository); } - this.webFilters.add(this.httpBasic.build()); + this.httpBasic.configure(this); } if(this.formLogin != null) { this.formLogin.authenticationManager(this.authenticationManager); @@ -186,19 +186,18 @@ public class HttpSecurity { if(this.formLogin.authenticationEntryPoint == null) { this.webFilters.add(new OrderedWebFilter(new LoginPageGeneratingWebFilter(), SecurityWebFiltersOrder.LOGIN_PAGE_GENERATING.getOrder())); } - this.webFilters.add(this.formLogin.build()); - this.webFilters - .add(new OrderedWebFilter(new LogoutWebFiter(), SecurityWebFiltersOrder.LOGOUT.getOrder())); + this.formLogin.configure(this); + this.addFilterAt(new LogoutWebFiter(), SecurityWebFiltersOrder.LOGOUT); } - this.webFilters.add(new OrderedWebFilter(new AuthenticationReactorContextFilter(), SecurityWebFiltersOrder.AUTHENTICATION_CONTEXT.getOrder())); + this.addFilterAt(new AuthenticationReactorContextFilter(), SecurityWebFiltersOrder.AUTHENTICATION_CONTEXT); if(this.authorizeExchangeBuilder != null) { AuthenticationEntryPoint authenticationEntryPoint = getAuthenticationEntryPoint(); ExceptionTranslationWebFilter exceptionTranslationWebFilter = new ExceptionTranslationWebFilter(); if(authenticationEntryPoint != null) { exceptionTranslationWebFilter.setAuthenticationEntryPoint(authenticationEntryPoint); } - this.webFilters.add(new OrderedWebFilter(exceptionTranslationWebFilter, SecurityWebFiltersOrder.EXCEPTION_TRANSLATION.getOrder())); - this.webFilters.add(this.authorizeExchangeBuilder.build()); + this.addFilterAt(exceptionTranslationWebFilter, SecurityWebFiltersOrder.EXCEPTION_TRANSLATION); + this.authorizeExchangeBuilder.configure(this); } AnnotationAwareOrderComparator.sort(this.webFilters); return new MatcherSecurityWebFilterChain(getSecurityMatcher(), this.webFilters); @@ -263,12 +262,12 @@ public class HttpSecurity { return new Access(); } - protected WebFilter build() { + protected void configure(HttpSecurity http) { if(this.matcher != null) { throw new IllegalStateException("The matcher " + this.matcher + " does not have an access rule defined"); } AuthorizationWebFilter result = new AuthorizationWebFilter(this.managerBldr.build()); - return new OrderedWebFilter(result, SecurityWebFiltersOrder.AUTHORIZATION.getOrder()); + http.addFilterAt(result, SecurityWebFiltersOrder.AUTHORIZATION); } public final class Access { @@ -333,7 +332,7 @@ public class HttpSecurity { return HttpSecurity.this; } - protected WebFilter build() { + protected void configure(HttpSecurity http) { MediaTypeServerWebExchangeMatcher restMatcher = new MediaTypeServerWebExchangeMatcher( MediaType.APPLICATION_ATOM_XML, MediaType.APPLICATION_FORM_URLENCODED, MediaType.APPLICATION_JSON, @@ -348,7 +347,7 @@ public class HttpSecurity { if(this.securityContextRepository != null) { authenticationFilter.setSecurityContextRepository(this.securityContextRepository); } - return new OrderedWebFilter(authenticationFilter, SecurityWebFiltersOrder.HTTP_BASIC.getOrder()); + http.addFilterAt(authenticationFilter, SecurityWebFiltersOrder.HTTP_BASIC); } private HttpBasicBuilder() {} @@ -410,7 +409,7 @@ public class HttpSecurity { return HttpSecurity.this; } - protected WebFilter build() { + protected void configure(HttpSecurity http) { if(this.authenticationEntryPoint == null) { loginPage("/login"); } @@ -425,7 +424,7 @@ public class HttpSecurity { authenticationFilter.setAuthenticationConverter(new FormLoginAuthenticationConverter()); authenticationFilter.setAuthenticationSuccessHandler(new RedirectAuthenticationSuccessHandler("/")); authenticationFilter.setSecurityContextRepository(this.securityContextRepository); - return new OrderedWebFilter(authenticationFilter, SecurityWebFiltersOrder.FORM_LOGIN.getOrder()); + http.addFilterAt(authenticationFilter, SecurityWebFiltersOrder.FORM_LOGIN); } private FormLoginBuilder() { @@ -469,10 +468,10 @@ public class HttpSecurity { return new HstsSpec(); } - protected WebFilter build() { + protected void configure(HttpSecurity http) { HttpHeadersWriter writer = new CompositeHttpHeadersWriter(this.writers); HttpHeaderWriterWebFilter result = new HttpHeaderWriterWebFilter(writer); - return new OrderedWebFilter(result, SecurityWebFiltersOrder.HTTP_HEADERS_WRITER.getOrder()); + http.addFilterAt(result, SecurityWebFiltersOrder.HTTP_HEADERS_WRITER); } public XssProtectionSpec xssProtection() { diff --git a/config/src/test/java/org/springframework/security/config/web/server/AuthorizeExchangeBuilderTests.java b/config/src/test/java/org/springframework/security/config/web/server/AuthorizeExchangeBuilderTests.java index 95bad541e0..92a41c8b4e 100644 --- a/config/src/test/java/org/springframework/security/config/web/server/AuthorizeExchangeBuilderTests.java +++ b/config/src/test/java/org/springframework/security/config/web/server/AuthorizeExchangeBuilderTests.java @@ -27,7 +27,8 @@ import org.springframework.test.web.reactive.server.WebTestClient; * @since 5.0 */ public class AuthorizeExchangeBuilderTests { - HttpSecurity.AuthorizeExchangeBuilder authorization = HttpSecurity.http().new AuthorizeExchangeBuilder(); + HttpSecurity http = HttpSecurity.http(); + HttpSecurity.AuthorizeExchangeBuilder authorization = this.http.authorizeExchange(); @Test public void antMatchersWhenMethodAndPatternsThenDiscriminatesByMethod() { @@ -101,11 +102,10 @@ public class AuthorizeExchangeBuilderTests { @Test(expected = IllegalStateException.class) public void buildWhenMatcherDefinedWithNoAccessThenThrowsException() { this.authorization.pathMatchers("/incomplete"); - this.authorization.build(); + this.http.build(); } private WebTestClient buildClient() { - return WebTestClientBuilder.bindToWebFilters(new ExceptionTranslationWebFilter(), - this.authorization.build()).build(); + return WebTestClientBuilder.bindToWebFilters(this.http.build()).build(); } } diff --git a/config/src/test/java/org/springframework/security/config/web/server/HeaderBuilderTests.java b/config/src/test/java/org/springframework/security/config/web/server/HeaderBuilderTests.java index 0de5f9acd4..fc5096d516 100644 --- a/config/src/test/java/org/springframework/security/config/web/server/HeaderBuilderTests.java +++ b/config/src/test/java/org/springframework/security/config/web/server/HeaderBuilderTests.java @@ -142,6 +142,6 @@ public class HeaderBuilderTests { } private WebTestClient buildClient() { - return WebTestClientBuilder.bindToWebFilters(this.headers.build()).build(); + return WebTestClientBuilder.bindToWebFilters(this.headers.and().build()).build(); } }