Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-26 13:53:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

HttpSecurity invokes configure(this)

Browse Source 
Issue gh-4542
This commit is contained in:
Rob Winch 2017-09-29 14:45:58 -05:00
parent b3bd5ba946
commit 99f06ca58c
3 changed files with 20 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
config/src/main/java/org/springframework/security/config/web/server/HttpSecurity.java
View File

@ -165,7 +165,7 @@ public class HttpSecurity {
public SecurityWebFilterChain build() { public SecurityWebFilterChain build() {
if(this.headers != null) { if(this.headers != null) {
this.webFilters.add(this.headers.build()); this.headers.configure(this);
} }
WebFilter securityContextRepositoryWebFilter = securityContextRepositoryWebFilter(); WebFilter securityContextRepositoryWebFilter = securityContextRepositoryWebFilter();
if(securityContextRepositoryWebFilter != null) { if(securityContextRepositoryWebFilter != null) {
@ -176,7 +176,7 @@ public class HttpSecurity {
if(this.securityContextRepository != null) { if(this.securityContextRepository != null) {
this.httpBasic.securityContextRepository(this.securityContextRepository); this.httpBasic.securityContextRepository(this.securityContextRepository);
} }
this.webFilters.add(this.httpBasic.build()); this.httpBasic.configure(this);
} }
if(this.formLogin != null) { if(this.formLogin != null) {
this.formLogin.authenticationManager(this.authenticationManager); this.formLogin.authenticationManager(this.authenticationManager);
@ -186,19 +186,18 @@ public class HttpSecurity {
if(this.formLogin.authenticationEntryPoint == null) { if(this.formLogin.authenticationEntryPoint == null) {
this.webFilters.add(new OrderedWebFilter(new LoginPageGeneratingWebFilter(), SecurityWebFiltersOrder.LOGIN_PAGE_GENERATING.getOrder())); this.webFilters.add(new OrderedWebFilter(new LoginPageGeneratingWebFilter(), SecurityWebFiltersOrder.LOGIN_PAGE_GENERATING.getOrder()));
} }
this.webFilters.add(this.formLogin.build()); this.formLogin.configure(this);
this.webFilters this.addFilterAt(new LogoutWebFiter(), SecurityWebFiltersOrder.LOGOUT);
.add(new OrderedWebFilter(new LogoutWebFiter(), SecurityWebFiltersOrder.LOGOUT.getOrder()));
} }
this.webFilters.add(new OrderedWebFilter(new AuthenticationReactorContextFilter(), SecurityWebFiltersOrder.AUTHENTICATION_CONTEXT.getOrder())); this.addFilterAt(new AuthenticationReactorContextFilter(), SecurityWebFiltersOrder.AUTHENTICATION_CONTEXT);
if(this.authorizeExchangeBuilder != null) { if(this.authorizeExchangeBuilder != null) {
AuthenticationEntryPoint authenticationEntryPoint = getAuthenticationEntryPoint(); AuthenticationEntryPoint authenticationEntryPoint = getAuthenticationEntryPoint();
ExceptionTranslationWebFilter exceptionTranslationWebFilter = new ExceptionTranslationWebFilter(); ExceptionTranslationWebFilter exceptionTranslationWebFilter = new ExceptionTranslationWebFilter();
if(authenticationEntryPoint != null) { if(authenticationEntryPoint != null) {
exceptionTranslationWebFilter.setAuthenticationEntryPoint(authenticationEntryPoint); exceptionTranslationWebFilter.setAuthenticationEntryPoint(authenticationEntryPoint);
} }
this.webFilters.add(new OrderedWebFilter(exceptionTranslationWebFilter, SecurityWebFiltersOrder.EXCEPTION_TRANSLATION.getOrder())); this.addFilterAt(exceptionTranslationWebFilter, SecurityWebFiltersOrder.EXCEPTION_TRANSLATION);
this.webFilters.add(this.authorizeExchangeBuilder.build()); this.authorizeExchangeBuilder.configure(this);
} }
AnnotationAwareOrderComparator.sort(this.webFilters); AnnotationAwareOrderComparator.sort(this.webFilters);
return new MatcherSecurityWebFilterChain(getSecurityMatcher(), this.webFilters); return new MatcherSecurityWebFilterChain(getSecurityMatcher(), this.webFilters);
@ -263,12 +262,12 @@ public class HttpSecurity {
return new Access(); return new Access();
} }
protected WebFilter build() { protected void configure(HttpSecurity http) {
if(this.matcher != null) { if(this.matcher != null) {
throw new IllegalStateException("The matcher " + this.matcher + " does not have an access rule defined"); throw new IllegalStateException("The matcher " + this.matcher + " does not have an access rule defined");
} }
AuthorizationWebFilter result = new AuthorizationWebFilter(this.managerBldr.build()); AuthorizationWebFilter result = new AuthorizationWebFilter(this.managerBldr.build());
return new OrderedWebFilter(result, SecurityWebFiltersOrder.AUTHORIZATION.getOrder()); http.addFilterAt(result, SecurityWebFiltersOrder.AUTHORIZATION);
} }
public final class Access { public final class Access {
@ -333,7 +332,7 @@ public class HttpSecurity {
return HttpSecurity.this; return HttpSecurity.this;
} }
protected WebFilter build() { protected void configure(HttpSecurity http) {
MediaTypeServerWebExchangeMatcher restMatcher = new MediaTypeServerWebExchangeMatcher( MediaTypeServerWebExchangeMatcher restMatcher = new MediaTypeServerWebExchangeMatcher(
MediaType.APPLICATION_ATOM_XML, MediaType.APPLICATION_ATOM_XML,
MediaType.APPLICATION_FORM_URLENCODED, MediaType.APPLICATION_JSON, MediaType.APPLICATION_FORM_URLENCODED, MediaType.APPLICATION_JSON,
@ -348,7 +347,7 @@ public class HttpSecurity {
if(this.securityContextRepository != null) { if(this.securityContextRepository != null) {
authenticationFilter.setSecurityContextRepository(this.securityContextRepository); authenticationFilter.setSecurityContextRepository(this.securityContextRepository);
} }
return new OrderedWebFilter(authenticationFilter, SecurityWebFiltersOrder.HTTP_BASIC.getOrder()); http.addFilterAt(authenticationFilter, SecurityWebFiltersOrder.HTTP_BASIC);
} }
private HttpBasicBuilder() {} private HttpBasicBuilder() {}
@ -410,7 +409,7 @@ public class HttpSecurity {
return HttpSecurity.this; return HttpSecurity.this;
} }
protected WebFilter build() { protected void configure(HttpSecurity http) {
if(this.authenticationEntryPoint == null) { if(this.authenticationEntryPoint == null) {
loginPage("/login"); loginPage("/login");
} }
@ -425,7 +424,7 @@ public class HttpSecurity {
authenticationFilter.setAuthenticationConverter(new FormLoginAuthenticationConverter()); authenticationFilter.setAuthenticationConverter(new FormLoginAuthenticationConverter());
authenticationFilter.setAuthenticationSuccessHandler(new RedirectAuthenticationSuccessHandler("/")); authenticationFilter.setAuthenticationSuccessHandler(new RedirectAuthenticationSuccessHandler("/"));
authenticationFilter.setSecurityContextRepository(this.securityContextRepository); authenticationFilter.setSecurityContextRepository(this.securityContextRepository);
return new OrderedWebFilter(authenticationFilter, SecurityWebFiltersOrder.FORM_LOGIN.getOrder()); http.addFilterAt(authenticationFilter, SecurityWebFiltersOrder.FORM_LOGIN);
} }
private FormLoginBuilder() { private FormLoginBuilder() {
@ -469,10 +468,10 @@ public class HttpSecurity {
return new HstsSpec(); return new HstsSpec();
} }
protected WebFilter build() { protected void configure(HttpSecurity http) {
HttpHeadersWriter writer = new CompositeHttpHeadersWriter(this.writers); HttpHeadersWriter writer = new CompositeHttpHeadersWriter(this.writers);
HttpHeaderWriterWebFilter result = new HttpHeaderWriterWebFilter(writer); HttpHeaderWriterWebFilter result = new HttpHeaderWriterWebFilter(writer);
return new OrderedWebFilter(result, SecurityWebFiltersOrder.HTTP_HEADERS_WRITER.getOrder()); http.addFilterAt(result, SecurityWebFiltersOrder.HTTP_HEADERS_WRITER);
} }
public XssProtectionSpec xssProtection() { public XssProtectionSpec xssProtection() {

8
config/src/test/java/org/springframework/security/config/web/server/AuthorizeExchangeBuilderTests.java
View File

@ -27,7 +27,8 @@ import org.springframework.test.web.reactive.server.WebTestClient;
* @since 5.0 * @since 5.0
*/ */
public class AuthorizeExchangeBuilderTests { public class AuthorizeExchangeBuilderTests {
HttpSecurity.AuthorizeExchangeBuilder authorization = HttpSecurity.http().new AuthorizeExchangeBuilder(); HttpSecurity http = HttpSecurity.http();
HttpSecurity.AuthorizeExchangeBuilder authorization = this.http.authorizeExchange();
@Test @Test
public void antMatchersWhenMethodAndPatternsThenDiscriminatesByMethod() { public void antMatchersWhenMethodAndPatternsThenDiscriminatesByMethod() {
@ -101,11 +102,10 @@ public class AuthorizeExchangeBuilderTests {
@Test(expected = IllegalStateException.class) @Test(expected = IllegalStateException.class)
public void buildWhenMatcherDefinedWithNoAccessThenThrowsException() { public void buildWhenMatcherDefinedWithNoAccessThenThrowsException() {
this.authorization.pathMatchers("/incomplete"); this.authorization.pathMatchers("/incomplete");
this.authorization.build(); this.http.build();
} }
private WebTestClient buildClient() { private WebTestClient buildClient() {
return WebTestClientBuilder.bindToWebFilters(new ExceptionTranslationWebFilter(), return WebTestClientBuilder.bindToWebFilters(this.http.build()).build();
this.authorization.build()).build();
} }
} }

2
config/src/test/java/org/springframework/security/config/web/server/HeaderBuilderTests.java
View File

@ -142,6 +142,6 @@ public class HeaderBuilderTests {
} }
private WebTestClient buildClient() { private WebTestClient buildClient() {
return WebTestClientBuilder.bindToWebFilters(this.headers.build()).build(); return WebTestClientBuilder.bindToWebFilters(this.headers.and().build()).build();
} }
} }