Add shouldFilterAllDispatcherTypes to Kotlin DSL
Closes gh-11153
This commit is contained in:
parent
ac06057cf6
commit
a0232ed135
|
@ -24,6 +24,7 @@ import org.springframework.security.authorization.AuthorizationManager
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity
|
||||||
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer
|
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer
|
||||||
import org.springframework.security.core.Authentication
|
import org.springframework.security.core.Authentication
|
||||||
|
import org.springframework.security.web.access.intercept.AuthorizationFilter
|
||||||
import org.springframework.security.web.access.intercept.RequestAuthorizationContext
|
import org.springframework.security.web.access.intercept.RequestAuthorizationContext
|
||||||
import org.springframework.security.web.util.matcher.AnyRequestMatcher
|
import org.springframework.security.web.util.matcher.AnyRequestMatcher
|
||||||
import org.springframework.security.web.util.matcher.RequestMatcher
|
import org.springframework.security.web.util.matcher.RequestMatcher
|
||||||
|
@ -35,8 +36,11 @@ import java.util.function.Supplier
|
||||||
*
|
*
|
||||||
* @author Yuriy Savchenko
|
* @author Yuriy Savchenko
|
||||||
* @since 5.7
|
* @since 5.7
|
||||||
|
* @property shouldFilterAllDispatcherTypes whether the [AuthorizationFilter] should filter all dispatcher types
|
||||||
*/
|
*/
|
||||||
class AuthorizeHttpRequestsDsl : AbstractRequestMatcherDsl() {
|
class AuthorizeHttpRequestsDsl : AbstractRequestMatcherDsl() {
|
||||||
|
var shouldFilterAllDispatcherTypes: Boolean? = null
|
||||||
|
|
||||||
private val authorizationRules = mutableListOf<AuthorizationManagerRule>()
|
private val authorizationRules = mutableListOf<AuthorizationManagerRule>()
|
||||||
|
|
||||||
private val HANDLER_MAPPING_INTROSPECTOR = "org.springframework.web.servlet.handler.HandlerMappingIntrospector"
|
private val HANDLER_MAPPING_INTROSPECTOR = "org.springframework.web.servlet.handler.HandlerMappingIntrospector"
|
||||||
|
@ -248,6 +252,9 @@ class AuthorizeHttpRequestsDsl : AbstractRequestMatcherDsl() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
shouldFilterAllDispatcherTypes?.also { shouldFilter ->
|
||||||
|
requests.shouldFilterAllDispatcherTypes(shouldFilter)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -53,7 +53,9 @@ import org.springframework.web.bind.annotation.RestController
|
||||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc
|
import org.springframework.web.servlet.config.annotation.EnableWebMvc
|
||||||
import org.springframework.web.servlet.config.annotation.PathMatchConfigurer
|
import org.springframework.web.servlet.config.annotation.PathMatchConfigurer
|
||||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer
|
||||||
|
import org.springframework.web.util.WebUtils
|
||||||
import java.util.function.Supplier
|
import java.util.function.Supplier
|
||||||
|
import jakarta.servlet.DispatcherType
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests for [AuthorizeHttpRequestsDsl]
|
* Tests for [AuthorizeHttpRequestsDsl]
|
||||||
|
@ -641,4 +643,155 @@ class AuthorizeHttpRequestsDslTests {
|
||||||
return http.build()
|
return http.build()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
fun `request when shouldFilterAllDispatcherTypes and denyAll and ERROR then responds with forbidden`() {
|
||||||
|
this.spring.register(ShouldFilterAllDispatcherTypesTrueDenyAllConfig::class.java).autowire()
|
||||||
|
|
||||||
|
this.mockMvc.perform(get("/path")
|
||||||
|
.with { request ->
|
||||||
|
request.setAttribute(WebUtils.ERROR_REQUEST_URI_ATTRIBUTE, "/error")
|
||||||
|
request.apply {
|
||||||
|
dispatcherType = DispatcherType.ERROR
|
||||||
|
}
|
||||||
|
})
|
||||||
|
.andExpect(status().isForbidden)
|
||||||
|
}
|
||||||
|
|
||||||
|
@EnableWebSecurity
|
||||||
|
@EnableWebMvc
|
||||||
|
open class ShouldFilterAllDispatcherTypesTrueDenyAllConfig {
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
|
||||||
|
http {
|
||||||
|
authorizeHttpRequests {
|
||||||
|
shouldFilterAllDispatcherTypes = true
|
||||||
|
authorize(anyRequest, denyAll)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return http.build()
|
||||||
|
}
|
||||||
|
|
||||||
|
@RestController
|
||||||
|
internal class PathController {
|
||||||
|
@RequestMapping("/path")
|
||||||
|
fun path() {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
fun `request when shouldFilterAllDispatcherTypes and permitAll and ERROR then responds with ok`() {
|
||||||
|
this.spring.register(ShouldFilterAllDispatcherTypesTruePermitAllConfig::class.java).autowire()
|
||||||
|
|
||||||
|
this.mockMvc.perform(get("/path")
|
||||||
|
.with { request ->
|
||||||
|
request.setAttribute(WebUtils.ERROR_REQUEST_URI_ATTRIBUTE, "/error")
|
||||||
|
request.apply {
|
||||||
|
dispatcherType = DispatcherType.ERROR
|
||||||
|
}
|
||||||
|
})
|
||||||
|
.andExpect(status().isOk)
|
||||||
|
}
|
||||||
|
|
||||||
|
@EnableWebSecurity
|
||||||
|
@EnableWebMvc
|
||||||
|
open class ShouldFilterAllDispatcherTypesTruePermitAllConfig {
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
|
||||||
|
http {
|
||||||
|
authorizeHttpRequests {
|
||||||
|
shouldFilterAllDispatcherTypes = true
|
||||||
|
authorize(anyRequest, permitAll)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return http.build()
|
||||||
|
}
|
||||||
|
|
||||||
|
@RestController
|
||||||
|
internal class PathController {
|
||||||
|
@RequestMapping("/path")
|
||||||
|
fun path() {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
fun `request when shouldFilterAllDispatcherTypes false and ERROR dispatcher then responds with ok`() {
|
||||||
|
this.spring.register(ShouldFilterAllDispatcherTypesFalseAndDenyAllConfig::class.java).autowire()
|
||||||
|
|
||||||
|
this.mockMvc.perform(get("/path")
|
||||||
|
.with { request ->
|
||||||
|
request.setAttribute(WebUtils.ERROR_REQUEST_URI_ATTRIBUTE, "/error")
|
||||||
|
request.apply {
|
||||||
|
dispatcherType = DispatcherType.ERROR
|
||||||
|
}
|
||||||
|
})
|
||||||
|
.andExpect(status().isOk)
|
||||||
|
}
|
||||||
|
|
||||||
|
@EnableWebSecurity
|
||||||
|
@EnableWebMvc
|
||||||
|
open class ShouldFilterAllDispatcherTypesFalseAndDenyAllConfig {
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
|
||||||
|
http {
|
||||||
|
authorizeHttpRequests {
|
||||||
|
shouldFilterAllDispatcherTypes = false
|
||||||
|
authorize(anyRequest, denyAll)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return http.build()
|
||||||
|
}
|
||||||
|
|
||||||
|
@RestController
|
||||||
|
internal class PathController {
|
||||||
|
@RequestMapping("/path")
|
||||||
|
fun path() {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
fun `request when shouldFilterAllDispatcherTypes omitted and ERROR dispatcher then responds with forbidden`() {
|
||||||
|
this.spring.register(ShouldFilterAllDispatcherTypesOmittedAndDenyAllConfig::class.java).autowire()
|
||||||
|
|
||||||
|
this.mockMvc.perform(get("/path")
|
||||||
|
.with { request ->
|
||||||
|
request.setAttribute(WebUtils.ERROR_REQUEST_URI_ATTRIBUTE, "/error")
|
||||||
|
request.apply {
|
||||||
|
dispatcherType = DispatcherType.ERROR
|
||||||
|
}
|
||||||
|
})
|
||||||
|
.andExpect(status().isForbidden)
|
||||||
|
}
|
||||||
|
|
||||||
|
@EnableWebSecurity
|
||||||
|
@EnableWebMvc
|
||||||
|
open class ShouldFilterAllDispatcherTypesOmittedAndDenyAllConfig {
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
|
||||||
|
http {
|
||||||
|
authorizeHttpRequests {
|
||||||
|
authorize(anyRequest, denyAll)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return http.build()
|
||||||
|
}
|
||||||
|
|
||||||
|
@RestController
|
||||||
|
internal class PathController {
|
||||||
|
@RequestMapping("/path")
|
||||||
|
fun path() {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -190,4 +190,18 @@ SecurityFilterChain web(HttpSecurity http) throws Exception {
|
||||||
return http.build();
|
return http.build();
|
||||||
}
|
}
|
||||||
----
|
----
|
||||||
|
.Kotlin
|
||||||
|
[source,kotlin,role="secondary"]
|
||||||
|
----
|
||||||
|
@Bean
|
||||||
|
open fun web(http: HttpSecurity): SecurityFilterChain {
|
||||||
|
http {
|
||||||
|
authorizeHttpRequests {
|
||||||
|
shouldFilterAllDispatcherTypes = false
|
||||||
|
authorize(anyRequest, authenticated)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return http.build()
|
||||||
|
}
|
||||||
|
----
|
||||||
====
|
====
|
||||||
|
|
Loading…
Reference in New Issue