webauthn: introduce DefaultResourcesFilter#webauthn

2025-06-25 21:42:17 +00:00 · 2024-10-22 14:46:15 +02:00 · 2024-10-22 14:46:15 +02:00 · a1526361b6
commit a1526361b6
parent ca1f891f25
2 changed files with 71 additions and 16 deletions
--- a/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultResourcesFilter.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultResourcesFilter.java
@ -94,4 +94,21 @@ public final class DefaultResourcesFilter extends GenericFilterBean {
 				new MediaType("text", "css", StandardCharsets.UTF_8));
 	}
 	/**
 	 * Create an instance of {@link DefaultResourcesFilter} serving Spring Security's
 	 * default webauthn javascript.
 	 * <p>
 	 * The created {@link DefaultResourcesFilter} matches requests
 	 * {@code HTTP GET /login/webauthn.js}, and returns the default webauthn javascript at
 	 * {@code org/springframework/security/spring-security-webauthn.js} with content-type
 	 * {@code text/javascript;charset=UTF-8}. This file is generated in the
 	 * {@code spring-security-javascript} project.
 	 * @return -
 	 */
 	public static DefaultResourcesFilter webauthn() {
 		return new DefaultResourcesFilter(AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/login/webauthn.js"),
 				new ClassPathResource("org/springframework/security/spring-security-webauthn.js"),
 				new MediaType("text", "javascript", StandardCharsets.UTF_8));
 	}
 }
--- a/web/src/test/java/org/springframework/security/web/authentication/ui/DefaultResourcesFilterTests.java
+++ b/web/src/test/java/org/springframework/security/web/authentication/ui/DefaultResourcesFilterTests.java
@ -16,6 +16,7 @@
 package org.springframework.security.web.authentication.ui;
 import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
 import org.springframework.test.web.servlet.MockMvc;
@ -33,27 +34,64 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 */
 public class DefaultResourcesFilterTests {
-	private final DefaultResourcesFilter filter = DefaultResourcesFilter.css();
+	@Nested
 	class CssFilter {
-	private final MockMvc mockMvc = MockMvcBuilders.standaloneSetup(new Object()).addFilters(this.filter).build();
+		private final DefaultResourcesFilter cssFilter = DefaultResourcesFilter.css();
 		private final MockMvc mockMvc = MockMvcBuilders.standaloneSetup(new Object())
 			.addFilters(this.cssFilter)
 			.build();
 		@Test
 		void doFilterThenRender() throws Exception {
 			this.mockMvc.perform(get("/default-ui.css"))
 				.andExpect(status().isOk())
 				.andExpect(content().contentType("text/css;charset=UTF-8"))
 				.andExpect(content().string(containsString("body {")));
 		}
 		@Test
 		void doFilterWhenPathDoesNotMatchThenCallsThrough() throws Exception {
 			this.mockMvc.perform(get("/does-not-match")).andExpect(status().isNotFound());
 		}
 		@Test
 		void toStringPrintsPathAndResource() {
 			assertThat(this.cssFilter.toString()).isEqualTo(
 					"DefaultResourcesFilter [matcher=Ant [pattern='/default-ui.css', GET], resource=org/springframework/security/default-ui.css]");
 		}
 	@Test
 	public void doFilterThenRender() throws Exception {
 		this.mockMvc.perform(get("/default-ui.css"))
 			.andExpect(status().isOk())
 			.andExpect(content().contentType("text/css;charset=UTF-8"))
 			.andExpect(content().string(containsString("body {")));
 	}
-	@Test
+	@Nested
-	public void doFilterWhenPathDoesNotMatchThenCallsThrough() throws Exception {
+	class WebAuthnFilter {
-		this.mockMvc.perform(get("/does-not-match")).andExpect(status().isNotFound());
+
-	}
+		private final DefaultResourcesFilter webauthnFilter = DefaultResourcesFilter.webauthn();
 		private final MockMvc mockMvc = MockMvcBuilders.standaloneSetup(new Object())
 			.addFilters(this.webauthnFilter)
 			.build();
 		@Test
 		void doFilterThenRender() throws Exception {
 			this.mockMvc.perform(get("/login/webauthn.js"))
 				.andExpect(status().isOk())
 				.andExpect(content().contentType("text/javascript;charset=UTF-8"))
 				.andExpect(content().string(containsString("async function authenticate(")));
 		}
 		@Test
 		void doFilterWhenPathDoesNotMatchThenCallsThrough() throws Exception {
 			this.mockMvc.perform(get("/does-not-match")).andExpect(status().isNotFound());
 		}
 		@Test
 		void toStringPrintsPathAndResource() {
 			assertThat(this.webauthnFilter.toString()).isEqualTo(
 					"DefaultResourcesFilter [matcher=Ant [pattern='/login/webauthn.js', GET], resource=org/springframework/security/spring-security-webauthn.js]");
 		}
 	@Test
 	void toStringPrintsPathAndResource() {
 		assertThat(this.filter.toString()).isEqualTo(
 				"DefaultResourcesFilter [matcher=Ant [pattern='/default-ui.css', GET], resource=org/springframework/security/default-ui.css]");
 	}
 }