Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

EnableWebFluxSecurity creates CsrfRequestDataValueProcessor 

Fixes gh-4762
This commit is contained in:
Rob Winch 2017-11-03 22:54:34 -05:00
parent 676020321e
commit adec62cdf2
2 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
config/src/main/java/org/springframework/security/config/annotation/web/reactive/WebFluxSecurityConfiguration.java
View File

@ -22,9 +22,11 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor;
import org.springframework.security.web.server.SecurityWebFilterChain;
import org.springframework.security.web.server.WebFilterChainProxy;
import org.springframework.util.ObjectUtils;
import org.springframework.web.reactive.result.view.AbstractView;
import java.util.Arrays;
import java.util.List;
@ -53,6 +55,11 @@ class WebFluxSecurityConfiguration {
return new WebFilterChainProxy(getSecurityWebFilterChains());
}
@Bean(name = AbstractView.REQUEST_DATA_VALUE_PROCESSOR_BEAN_NAME)
public CsrfRequestDataValueProcessor requestDataValueProcessor() {
return new CsrfRequestDataValueProcessor();
}
private List<SecurityWebFilterChain> getSecurityWebFilterChains() {
List<SecurityWebFilterChain> result = this.securityWebFilterChains;
if(ObjectUtils.isEmpty(result)) {

12
config/src/test/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurityTests.java
View File

@ -19,6 +19,7 @@ package org.springframework.security.config.annotation.web.reactive;
import org.junit.Rule;
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Import;
import org.springframework.context.annotation.ImportResource;
@ -40,6 +41,7 @@ import org.springframework.security.core.userdetails.User;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.test.web.reactive.server.WebTestClientBuilder;
import org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor;
import org.springframework.security.web.server.SecurityWebFilterChain;
import org.springframework.security.web.server.WebFilterChainProxy;
import org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository;
@ -49,6 +51,7 @@ import org.springframework.test.web.reactive.server.WebTestClient;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.web.reactive.function.BodyInserters;
import org.springframework.web.reactive.result.view.AbstractView;
import reactor.core.publisher.Mono;
import java.nio.charset.StandardCharsets;
@ -151,6 +154,15 @@ public class EnableWebFluxSecurityTests {
.expectBody(String.class).consumeWith( result -> assertThat(result.getResponseBody()).isEqualTo("user"));
}
@Test
public void requestDataValueProcessor() {
this.spring.register(Config.class).autowire();
ConfigurableApplicationContext context = this.spring.getContext();
CsrfRequestDataValueProcessor rdvp = context.getBean(AbstractView.REQUEST_DATA_VALUE_PROCESSOR_BEAN_NAME, CsrfRequestDataValueProcessor.class);
assertThat(rdvp).isNotNull();
}
@EnableWebFluxSecurity
@Import(ReactiveAuthenticationTestConfiguration.class)
static class Config {