mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-07-08 19:42:48 +00:00
Use PathPatternRequestMatcher in web
Issue gh-16887
This commit is contained in:
parent
3e53cc2c4a
commit
e8ed0f1b03
@ -1,98 +0,0 @@
|
|||||||
/*
|
|
||||||
* Copyright 2002-2023 the original author or authors.
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* https://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
package org.springframework.security.web.access;
|
|
||||||
|
|
||||||
import java.util.Collections;
|
|
||||||
import java.util.Enumeration;
|
|
||||||
import java.util.HashMap;
|
|
||||||
import java.util.Map;
|
|
||||||
|
|
||||||
import jakarta.servlet.DispatcherType;
|
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
|
||||||
import jakarta.servlet.http.HttpServletRequestWrapper;
|
|
||||||
|
|
||||||
import org.springframework.util.Assert;
|
|
||||||
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Transforms by passing it into
|
|
||||||
* {@link HandlerMappingIntrospector#setCache(HttpServletRequest)}. Before, it wraps the
|
|
||||||
* {@link HttpServletRequest} to ensure that the methods needed work since some methods by
|
|
||||||
* default throw {@link UnsupportedOperationException}.
|
|
||||||
*
|
|
||||||
* @author Rob Winch
|
|
||||||
* @deprecated please use {@link PathPatternRequestTransformer} instead
|
|
||||||
*/
|
|
||||||
@Deprecated(forRemoval = true)
|
|
||||||
public class HandlerMappingIntrospectorRequestTransformer
|
|
||||||
implements AuthorizationManagerWebInvocationPrivilegeEvaluator.HttpServletRequestTransformer {
|
|
||||||
|
|
||||||
private final HandlerMappingIntrospector introspector;
|
|
||||||
|
|
||||||
public HandlerMappingIntrospectorRequestTransformer(HandlerMappingIntrospector introspector) {
|
|
||||||
Assert.notNull(introspector, "introspector canot be null");
|
|
||||||
this.introspector = introspector;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public HttpServletRequest transform(HttpServletRequest request) {
|
|
||||||
CacheableRequestWrapper cacheableRequest = new CacheableRequestWrapper(request);
|
|
||||||
this.introspector.setCache(cacheableRequest);
|
|
||||||
return cacheableRequest;
|
|
||||||
}
|
|
||||||
|
|
||||||
static final class CacheableRequestWrapper extends HttpServletRequestWrapper {
|
|
||||||
|
|
||||||
private final Map<String, Object> attributes = new HashMap<>();
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Constructs a request object wrapping the given request.
|
|
||||||
* @param request the {@link HttpServletRequest} to be wrapped.
|
|
||||||
* @throws IllegalArgumentException if the request is null
|
|
||||||
*/
|
|
||||||
CacheableRequestWrapper(HttpServletRequest request) {
|
|
||||||
super(request);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public DispatcherType getDispatcherType() {
|
|
||||||
return DispatcherType.REQUEST;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public Enumeration<String> getAttributeNames() {
|
|
||||||
return Collections.enumeration(this.attributes.keySet());
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public Object getAttribute(String name) {
|
|
||||||
return this.attributes.get(name);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void setAttribute(String name, Object o) {
|
|
||||||
this.attributes.put(name, o);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void removeAttribute(String name) {
|
|
||||||
this.attributes.remove(name);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
@ -46,11 +46,12 @@ import org.springframework.security.web.authentication.session.NullAuthenticated
|
|||||||
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
|
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
|
||||||
import org.springframework.security.web.context.RequestAttributeSecurityContextRepository;
|
import org.springframework.security.web.context.RequestAttributeSecurityContextRepository;
|
||||||
import org.springframework.security.web.context.SecurityContextRepository;
|
import org.springframework.security.web.context.SecurityContextRepository;
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|
||||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
import org.springframework.web.filter.GenericFilterBean;
|
import org.springframework.web.filter.GenericFilterBean;
|
||||||
|
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Abstract processor of browser-based HTTP-based authentication requests.
|
* Abstract processor of browser-based HTTP-based authentication requests.
|
||||||
*
|
*
|
||||||
@ -395,7 +396,7 @@ public abstract class AbstractAuthenticationProcessingFilter extends GenericFilt
|
|||||||
* @param filterProcessesUrl
|
* @param filterProcessesUrl
|
||||||
*/
|
*/
|
||||||
public void setFilterProcessesUrl(String filterProcessesUrl) {
|
public void setFilterProcessesUrl(String filterProcessesUrl) {
|
||||||
setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher(filterProcessesUrl));
|
setRequiresAuthenticationRequestMatcher(pathPattern(filterProcessesUrl));
|
||||||
}
|
}
|
||||||
|
|
||||||
public final void setRequiresAuthenticationRequestMatcher(RequestMatcher requestMatcher) {
|
public final void setRequiresAuthenticationRequestMatcher(RequestMatcher requestMatcher) {
|
||||||
|
@ -29,13 +29,14 @@ import org.springframework.core.log.LogMessage;
|
|||||||
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
import org.springframework.security.core.context.SecurityContextHolderStrategy;
|
import org.springframework.security.core.context.SecurityContextHolderStrategy;
|
||||||
import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
|
|
||||||
import org.springframework.security.web.util.UrlUtils;
|
import org.springframework.security.web.util.UrlUtils;
|
||||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
import org.springframework.util.StringUtils;
|
import org.springframework.util.StringUtils;
|
||||||
import org.springframework.web.filter.GenericFilterBean;
|
import org.springframework.web.filter.GenericFilterBean;
|
||||||
|
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Logs a principal out.
|
* Logs a principal out.
|
||||||
* <p>
|
* <p>
|
||||||
@ -140,7 +141,7 @@ public class LogoutFilter extends GenericFilterBean {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public void setFilterProcessesUrl(String filterProcessesUrl) {
|
public void setFilterProcessesUrl(String filterProcessesUrl) {
|
||||||
this.logoutRequestMatcher = PathPatternRequestMatcher.withDefaults().matcher(filterProcessesUrl);
|
this.logoutRequestMatcher = pathPattern(filterProcessesUrl);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -18,7 +18,8 @@ package org.springframework.security.web.authentication.ott;
|
|||||||
|
|
||||||
import org.springframework.http.HttpMethod;
|
import org.springframework.http.HttpMethod;
|
||||||
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
|
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
|
||||||
import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
|
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Filter that processes a one-time token for log in.
|
* Filter that processes a one-time token for log in.
|
||||||
@ -34,7 +35,7 @@ public final class OneTimeTokenAuthenticationFilter extends AbstractAuthenticati
|
|||||||
public static final String DEFAULT_LOGIN_PROCESSING_URL = "/login/ott";
|
public static final String DEFAULT_LOGIN_PROCESSING_URL = "/login/ott";
|
||||||
|
|
||||||
public OneTimeTokenAuthenticationFilter() {
|
public OneTimeTokenAuthenticationFilter() {
|
||||||
super(PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.POST, DEFAULT_LOGIN_PROCESSING_URL));
|
super(pathPattern(HttpMethod.POST, DEFAULT_LOGIN_PROCESSING_URL));
|
||||||
setAuthenticationConverter(new OneTimeTokenAuthenticationConverter());
|
setAuthenticationConverter(new OneTimeTokenAuthenticationConverter());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -63,13 +63,12 @@ import org.springframework.security.web.authentication.WebAuthenticationDetailsS
|
|||||||
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
|
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
|
||||||
import org.springframework.security.web.context.RequestAttributeSecurityContextRepository;
|
import org.springframework.security.web.context.RequestAttributeSecurityContextRepository;
|
||||||
import org.springframework.security.web.context.SecurityContextRepository;
|
import org.springframework.security.web.context.SecurityContextRepository;
|
||||||
import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
|
|
||||||
import org.springframework.security.web.util.UrlUtils;
|
import org.springframework.security.web.util.UrlUtils;
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|
||||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
import org.springframework.web.filter.GenericFilterBean;
|
import org.springframework.web.filter.GenericFilterBean;
|
||||||
import org.springframework.web.util.UrlPathHelper;
|
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Switch User processing filter responsible for user context switching.
|
* Switch User processing filter responsible for user context switching.
|
||||||
@ -129,9 +128,9 @@ public class SwitchUserFilter extends GenericFilterBean implements ApplicationEv
|
|||||||
|
|
||||||
protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
|
protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
|
||||||
|
|
||||||
private RequestMatcher exitUserMatcher = createMatcher("/logout/impersonate", true);
|
private RequestMatcher exitUserMatcher = createMatcher("/logout/impersonate");
|
||||||
|
|
||||||
private RequestMatcher switchUserMatcher = createMatcher("/login/impersonate", true);
|
private RequestMatcher switchUserMatcher = createMatcher("/login/impersonate");
|
||||||
|
|
||||||
private String targetUrl;
|
private String targetUrl;
|
||||||
|
|
||||||
@ -408,7 +407,7 @@ public class SwitchUserFilter extends GenericFilterBean implements ApplicationEv
|
|||||||
public void setExitUserUrl(String exitUserUrl) {
|
public void setExitUserUrl(String exitUserUrl) {
|
||||||
Assert.isTrue(UrlUtils.isValidRedirectUrl(exitUserUrl),
|
Assert.isTrue(UrlUtils.isValidRedirectUrl(exitUserUrl),
|
||||||
"exitUserUrl cannot be empty and must be a valid redirect URL");
|
"exitUserUrl cannot be empty and must be a valid redirect URL");
|
||||||
this.exitUserMatcher = createMatcher(exitUserUrl, false);
|
this.exitUserMatcher = createMatcher(exitUserUrl);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -428,7 +427,7 @@ public class SwitchUserFilter extends GenericFilterBean implements ApplicationEv
|
|||||||
public void setSwitchUserUrl(String switchUserUrl) {
|
public void setSwitchUserUrl(String switchUserUrl) {
|
||||||
Assert.isTrue(UrlUtils.isValidRedirectUrl(switchUserUrl),
|
Assert.isTrue(UrlUtils.isValidRedirectUrl(switchUserUrl),
|
||||||
"switchUserUrl cannot be empty and must be a valid redirect URL");
|
"switchUserUrl cannot be empty and must be a valid redirect URL");
|
||||||
this.switchUserMatcher = createMatcher(switchUserUrl, false);
|
this.switchUserMatcher = createMatcher(switchUserUrl);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -547,11 +546,8 @@ public class SwitchUserFilter extends GenericFilterBean implements ApplicationEv
|
|||||||
this.securityContextRepository = securityContextRepository;
|
this.securityContextRepository = securityContextRepository;
|
||||||
}
|
}
|
||||||
|
|
||||||
private static RequestMatcher createMatcher(String pattern, boolean usePathPatterns) {
|
private static RequestMatcher createMatcher(String pattern) {
|
||||||
if (usePathPatterns) {
|
return pathPattern(HttpMethod.POST, pattern);
|
||||||
return PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.POST, pattern);
|
|
||||||
}
|
|
||||||
return new AntPathRequestMatcher(pattern, "POST", true, new UrlPathHelper());
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -28,11 +28,12 @@ import jakarta.servlet.http.HttpServletResponse;
|
|||||||
|
|
||||||
import org.springframework.core.log.LogMessage;
|
import org.springframework.core.log.LogMessage;
|
||||||
import org.springframework.http.HttpMethod;
|
import org.springframework.http.HttpMethod;
|
||||||
import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
|
|
||||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
import org.springframework.web.filter.OncePerRequestFilter;
|
import org.springframework.web.filter.OncePerRequestFilter;
|
||||||
|
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Generates a default log out page.
|
* Generates a default log out page.
|
||||||
*
|
*
|
||||||
@ -41,7 +42,7 @@ import org.springframework.web.filter.OncePerRequestFilter;
|
|||||||
*/
|
*/
|
||||||
public class DefaultLogoutPageGeneratingFilter extends OncePerRequestFilter {
|
public class DefaultLogoutPageGeneratingFilter extends OncePerRequestFilter {
|
||||||
|
|
||||||
private RequestMatcher matcher = PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.GET, "/logout");
|
private RequestMatcher matcher = pathPattern(HttpMethod.GET, "/logout");
|
||||||
|
|
||||||
private Function<HttpServletRequest, Map<String, String>> resolveHiddenInputs = (request) -> Collections.emptyMap();
|
private Function<HttpServletRequest, Map<String, String>> resolveHiddenInputs = (request) -> Collections.emptyMap();
|
||||||
|
|
||||||
|
@ -28,11 +28,12 @@ import jakarta.servlet.http.HttpServletRequest;
|
|||||||
import org.springframework.core.io.ClassPathResource;
|
import org.springframework.core.io.ClassPathResource;
|
||||||
import org.springframework.http.HttpMethod;
|
import org.springframework.http.HttpMethod;
|
||||||
import org.springframework.http.MediaType;
|
import org.springframework.http.MediaType;
|
||||||
import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
|
|
||||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
import org.springframework.web.filter.GenericFilterBean;
|
import org.springframework.web.filter.GenericFilterBean;
|
||||||
|
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Serve common static assets used in default UIs, such as CSS or Javascript files. For
|
* Serve common static assets used in default UIs, such as CSS or Javascript files. For
|
||||||
* internal use only.
|
* internal use only.
|
||||||
@ -89,8 +90,7 @@ public final class DefaultResourcesFilter extends GenericFilterBean {
|
|||||||
* @return -
|
* @return -
|
||||||
*/
|
*/
|
||||||
public static DefaultResourcesFilter css() {
|
public static DefaultResourcesFilter css() {
|
||||||
return new DefaultResourcesFilter(
|
return new DefaultResourcesFilter(pathPattern(HttpMethod.GET, "/default-ui.css"),
|
||||||
PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.GET, "/default-ui.css"),
|
|
||||||
new ClassPathResource("org/springframework/security/default-ui.css"),
|
new ClassPathResource("org/springframework/security/default-ui.css"),
|
||||||
new MediaType("text", "css", StandardCharsets.UTF_8));
|
new MediaType("text", "css", StandardCharsets.UTF_8));
|
||||||
}
|
}
|
||||||
@ -107,8 +107,7 @@ public final class DefaultResourcesFilter extends GenericFilterBean {
|
|||||||
* @return -
|
* @return -
|
||||||
*/
|
*/
|
||||||
public static DefaultResourcesFilter webauthn() {
|
public static DefaultResourcesFilter webauthn() {
|
||||||
return new DefaultResourcesFilter(
|
return new DefaultResourcesFilter(pathPattern(HttpMethod.GET, "/login/webauthn.js"),
|
||||||
PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.GET, "/login/webauthn.js"),
|
|
||||||
new ClassPathResource("org/springframework/security/spring-security-webauthn.js"),
|
new ClassPathResource("org/springframework/security/spring-security-webauthn.js"),
|
||||||
new MediaType("text", "javascript", StandardCharsets.UTF_8));
|
new MediaType("text", "javascript", StandardCharsets.UTF_8));
|
||||||
}
|
}
|
||||||
|
@ -202,7 +202,7 @@ public final class PathPatternRequestMatcher implements RequestMatcher {
|
|||||||
* <p>
|
* <p>
|
||||||
* To match a request URI like {@code /app/servlet/my/resource/**} where {@code /app}
|
* To match a request URI like {@code /app/servlet/my/resource/**} where {@code /app}
|
||||||
* is the context path, you can do
|
* is the context path, you can do
|
||||||
* {@code PathPatternRequestMatcher.withDefaults().matcher("/servlet/my/resource/**")}
|
* {@code PathPatternRequestMatcher.pathPattern("/servlet/my/resource/**")}
|
||||||
*
|
*
|
||||||
* <p>
|
* <p>
|
||||||
* If you have many paths that have a common path prefix, you can use
|
* If you have many paths that have a common path prefix, you can use
|
||||||
|
@ -37,7 +37,6 @@ import org.springframework.security.web.authentication.AuthenticationEntryPointF
|
|||||||
import org.springframework.security.web.authentication.HttpMessageConverterAuthenticationSuccessHandler;
|
import org.springframework.security.web.authentication.HttpMessageConverterAuthenticationSuccessHandler;
|
||||||
import org.springframework.security.web.authentication.HttpStatusEntryPoint;
|
import org.springframework.security.web.authentication.HttpStatusEntryPoint;
|
||||||
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
|
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
|
||||||
import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
|
|
||||||
import org.springframework.security.web.webauthn.api.AuthenticatorAssertionResponse;
|
import org.springframework.security.web.webauthn.api.AuthenticatorAssertionResponse;
|
||||||
import org.springframework.security.web.webauthn.api.PublicKeyCredential;
|
import org.springframework.security.web.webauthn.api.PublicKeyCredential;
|
||||||
import org.springframework.security.web.webauthn.api.PublicKeyCredentialRequestOptions;
|
import org.springframework.security.web.webauthn.api.PublicKeyCredentialRequestOptions;
|
||||||
@ -45,6 +44,8 @@ import org.springframework.security.web.webauthn.jackson.WebauthnJackson2Module;
|
|||||||
import org.springframework.security.web.webauthn.management.RelyingPartyAuthenticationRequest;
|
import org.springframework.security.web.webauthn.management.RelyingPartyAuthenticationRequest;
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
|
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Authenticates {@code PublicKeyCredential<AuthenticatorAssertionResponse>} that is
|
* Authenticates {@code PublicKeyCredential<AuthenticatorAssertionResponse>} that is
|
||||||
* parsed from the body of the {@link HttpServletRequest} using the
|
* parsed from the body of the {@link HttpServletRequest} using the
|
||||||
@ -77,7 +78,7 @@ public class WebAuthnAuthenticationFilter extends AbstractAuthenticationProcessi
|
|||||||
private PublicKeyCredentialRequestOptionsRepository requestOptionsRepository = new HttpSessionPublicKeyCredentialRequestOptionsRepository();
|
private PublicKeyCredentialRequestOptionsRepository requestOptionsRepository = new HttpSessionPublicKeyCredentialRequestOptionsRepository();
|
||||||
|
|
||||||
public WebAuthnAuthenticationFilter() {
|
public WebAuthnAuthenticationFilter() {
|
||||||
super(PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.POST, "/login/webauthn"));
|
super(pathPattern(HttpMethod.POST, "/login/webauthn"));
|
||||||
setSecurityContextRepository(new HttpSessionSecurityContextRepository());
|
setSecurityContextRepository(new HttpSessionSecurityContextRepository());
|
||||||
setAuthenticationFailureHandler(
|
setAuthenticationFailureHandler(
|
||||||
new AuthenticationEntryPointFailureHandler(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)));
|
new AuthenticationEntryPointFailureHandler(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)));
|
||||||
|
@ -22,7 +22,6 @@ import org.junit.jupiter.api.Test;
|
|||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
import org.springframework.mock.web.MockHttpServletRequest;
|
import org.springframework.mock.web.MockHttpServletRequest;
|
||||||
import org.springframework.mock.web.MockHttpServletResponse;
|
import org.springframework.mock.web.MockHttpServletResponse;
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||||
@ -30,6 +29,7 @@ import static org.mockito.Mockito.mock;
|
|||||||
import static org.mockito.Mockito.verify;
|
import static org.mockito.Mockito.verify;
|
||||||
import static org.mockito.Mockito.verifyNoInteractions;
|
import static org.mockito.Mockito.verifyNoInteractions;
|
||||||
import static org.springframework.security.web.servlet.TestMockHttpServletRequests.get;
|
import static org.springframework.security.web.servlet.TestMockHttpServletRequests.get;
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests for {@link RequestMatcherRedirectFilter}.
|
* Tests for {@link RequestMatcherRedirectFilter}.
|
||||||
@ -40,8 +40,7 @@ public class RequestMatcherRedirectFilterTests {
|
|||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void doFilterWhenRequestMatchThenRedirectToSpecifiedUrl() throws Exception {
|
public void doFilterWhenRequestMatchThenRedirectToSpecifiedUrl() throws Exception {
|
||||||
RequestMatcherRedirectFilter filter = new RequestMatcherRedirectFilter(new AntPathRequestMatcher("/context"),
|
RequestMatcherRedirectFilter filter = new RequestMatcherRedirectFilter(pathPattern("/context"), "/test");
|
||||||
"/test");
|
|
||||||
|
|
||||||
MockHttpServletRequest request = get("/context").build();
|
MockHttpServletRequest request = get("/context").build();
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
@ -57,8 +56,7 @@ public class RequestMatcherRedirectFilterTests {
|
|||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void doFilterWhenRequestNotMatchThenNextFilter() throws Exception {
|
public void doFilterWhenRequestNotMatchThenNextFilter() throws Exception {
|
||||||
RequestMatcherRedirectFilter filter = new RequestMatcherRedirectFilter(new AntPathRequestMatcher("/context"),
|
RequestMatcherRedirectFilter filter = new RequestMatcherRedirectFilter(pathPattern("/context"), "/test");
|
||||||
"/test");
|
|
||||||
|
|
||||||
MockHttpServletRequest request = get("/test").build();
|
MockHttpServletRequest request = get("/test").build();
|
||||||
|
|
||||||
@ -81,21 +79,19 @@ public class RequestMatcherRedirectFilterTests {
|
|||||||
@Test
|
@Test
|
||||||
public void constructWhenRedirectUrlNull() {
|
public void constructWhenRedirectUrlNull() {
|
||||||
assertThatIllegalArgumentException()
|
assertThatIllegalArgumentException()
|
||||||
.isThrownBy(() -> new RequestMatcherRedirectFilter(new AntPathRequestMatcher("/**"), null))
|
.isThrownBy(() -> new RequestMatcherRedirectFilter(pathPattern("/**"), null))
|
||||||
.withMessage("redirectUrl cannot be empty");
|
.withMessage("redirectUrl cannot be empty");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void constructWhenRedirectUrlEmpty() {
|
public void constructWhenRedirectUrlEmpty() {
|
||||||
assertThatIllegalArgumentException()
|
assertThatIllegalArgumentException().isThrownBy(() -> new RequestMatcherRedirectFilter(pathPattern("/**"), ""))
|
||||||
.isThrownBy(() -> new RequestMatcherRedirectFilter(new AntPathRequestMatcher("/**"), ""))
|
|
||||||
.withMessage("redirectUrl cannot be empty");
|
.withMessage("redirectUrl cannot be empty");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void constructWhenRedirectUrlBlank() {
|
public void constructWhenRedirectUrlBlank() {
|
||||||
assertThatIllegalArgumentException()
|
assertThatIllegalArgumentException().isThrownBy(() -> new RequestMatcherRedirectFilter(pathPattern("/**"), " "))
|
||||||
.isThrownBy(() -> new RequestMatcherRedirectFilter(new AntPathRequestMatcher("/**"), " "))
|
|
||||||
.withMessage("redirectUrl cannot be empty");
|
.withMessage("redirectUrl cannot be empty");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -32,7 +32,6 @@ import org.springframework.security.authorization.AuthorizationDecision;
|
|||||||
import org.springframework.security.authorization.AuthorizationManager;
|
import org.springframework.security.authorization.AuthorizationManager;
|
||||||
import org.springframework.security.web.access.AuthorizationManagerWebInvocationPrivilegeEvaluator.HttpServletRequestTransformer;
|
import org.springframework.security.web.access.AuthorizationManagerWebInvocationPrivilegeEvaluator.HttpServletRequestTransformer;
|
||||||
import org.springframework.security.web.access.intercept.RequestMatcherDelegatingAuthorizationManager;
|
import org.springframework.security.web.access.intercept.RequestMatcherDelegatingAuthorizationManager;
|
||||||
import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
|
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||||
@ -40,6 +39,7 @@ import static org.mockito.ArgumentMatchers.any;
|
|||||||
import static org.mockito.ArgumentMatchers.eq;
|
import static org.mockito.ArgumentMatchers.eq;
|
||||||
import static org.mockito.BDDMockito.given;
|
import static org.mockito.BDDMockito.given;
|
||||||
import static org.mockito.Mockito.verify;
|
import static org.mockito.Mockito.verify;
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
@ExtendWith(MockitoExtension.class)
|
@ExtendWith(MockitoExtension.class)
|
||||||
class AuthorizationManagerWebInvocationPrivilegeEvaluatorTests {
|
class AuthorizationManagerWebInvocationPrivilegeEvaluatorTests {
|
||||||
@ -118,7 +118,7 @@ class AuthorizationManagerWebInvocationPrivilegeEvaluatorTests {
|
|||||||
void isAllowedWhenInvokesDelegateThenCachesRequestPath() {
|
void isAllowedWhenInvokesDelegateThenCachesRequestPath() {
|
||||||
RequestMatcherDelegatingAuthorizationManager authorizationManager = RequestMatcherDelegatingAuthorizationManager
|
RequestMatcherDelegatingAuthorizationManager authorizationManager = RequestMatcherDelegatingAuthorizationManager
|
||||||
.builder()
|
.builder()
|
||||||
.add(PathPatternRequestMatcher.withDefaults().matcher("/test/**"),
|
.add(pathPattern("/test/**"),
|
||||||
(authentication, context) -> this.authorizationManager.check(authentication, context.getRequest()))
|
(authentication, context) -> this.authorizationManager.check(authentication, context.getRequest()))
|
||||||
.build();
|
.build();
|
||||||
AuthorizationManagerWebInvocationPrivilegeEvaluator privilegeEvaluator = new AuthorizationManagerWebInvocationPrivilegeEvaluator(
|
AuthorizationManagerWebInvocationPrivilegeEvaluator privilegeEvaluator = new AuthorizationManagerWebInvocationPrivilegeEvaluator(
|
||||||
|
@ -1,206 +0,0 @@
|
|||||||
/*
|
|
||||||
* Copyright 2002-2023 the original author or authors.
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* https://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
|
|
||||||
package org.springframework.security.web.access;
|
|
||||||
|
|
||||||
import java.util.Collections;
|
|
||||||
|
|
||||||
import jakarta.servlet.DispatcherType;
|
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
|
||||||
import org.assertj.core.api.AssertionsForClassTypes;
|
|
||||||
import org.junit.jupiter.api.BeforeEach;
|
|
||||||
import org.junit.jupiter.api.Test;
|
|
||||||
import org.junit.jupiter.api.extension.ExtendWith;
|
|
||||||
import org.mockito.ArgumentCaptor;
|
|
||||||
import org.mockito.Mock;
|
|
||||||
import org.mockito.junit.jupiter.MockitoExtension;
|
|
||||||
|
|
||||||
import org.springframework.mock.web.MockHttpServletRequest;
|
|
||||||
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
|
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
|
||||||
import static org.mockito.Mockito.mock;
|
|
||||||
import static org.mockito.Mockito.verify;
|
|
||||||
import static org.mockito.Mockito.verifyNoInteractions;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @author Rob Winch
|
|
||||||
*/
|
|
||||||
@ExtendWith(MockitoExtension.class)
|
|
||||||
class HandlerMappingIntrospectorRequestTransformerTests {
|
|
||||||
|
|
||||||
@Mock
|
|
||||||
HandlerMappingIntrospector hmi;
|
|
||||||
|
|
||||||
HandlerMappingIntrospectorRequestTransformer transformer;
|
|
||||||
|
|
||||||
@BeforeEach
|
|
||||||
void setup() {
|
|
||||||
this.transformer = new HandlerMappingIntrospectorRequestTransformer(this.hmi);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
void constructorWhenHmiIsNullThenIllegalArgumentException() {
|
|
||||||
AssertionsForClassTypes.assertThatExceptionOfType(IllegalArgumentException.class)
|
|
||||||
.isThrownBy(() -> new HandlerMappingIntrospectorRequestTransformer(null));
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
void transformThenNewRequestPassedToSetCache() {
|
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
|
||||||
|
|
||||||
HttpServletRequest transformedRequest = this.transformer.transform(request);
|
|
||||||
|
|
||||||
ArgumentCaptor<HttpServletRequest> requestArg = ArgumentCaptor.forClass(HttpServletRequest.class);
|
|
||||||
verify(this.hmi).setCache(requestArg.capture());
|
|
||||||
assertThat(transformedRequest).isNotEqualTo(request);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
void transformThenResultPassedToSetCache() {
|
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
|
||||||
|
|
||||||
HttpServletRequest transformedRequest = this.transformer.transform(request);
|
|
||||||
|
|
||||||
ArgumentCaptor<HttpServletRequest> requestArg = ArgumentCaptor.forClass(HttpServletRequest.class);
|
|
||||||
verify(this.hmi).setCache(requestArg.capture());
|
|
||||||
assertThat(requestArg.getValue()).isEqualTo(transformedRequest);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* The request passed into the transformer does not allow interactions on certain
|
|
||||||
* methods, we need to ensure that the methods used by
|
|
||||||
* {@link HandlerMappingIntrospector#setCache(HttpServletRequest)} are overridden.
|
|
||||||
*/
|
|
||||||
@Test
|
|
||||||
void transformThenResultDoesNotDelegateToSetAttribute() {
|
|
||||||
HttpServletRequest request = mock(HttpServletRequest.class);
|
|
||||||
|
|
||||||
this.transformer.transform(request);
|
|
||||||
|
|
||||||
ArgumentCaptor<HttpServletRequest> requestArg = ArgumentCaptor.forClass(HttpServletRequest.class);
|
|
||||||
verify(this.hmi).setCache(requestArg.capture());
|
|
||||||
HttpServletRequest transformedRequest = requestArg.getValue();
|
|
||||||
String attrName = "any";
|
|
||||||
String attrValue = "value";
|
|
||||||
transformedRequest.setAttribute(attrName, attrValue);
|
|
||||||
verifyNoInteractions(request);
|
|
||||||
assertThat(transformedRequest.getAttribute(attrName)).isEqualTo(attrValue);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
void transformThenSetAttributeWorks() {
|
|
||||||
HttpServletRequest request = mock(HttpServletRequest.class);
|
|
||||||
|
|
||||||
this.transformer.transform(request);
|
|
||||||
|
|
||||||
ArgumentCaptor<HttpServletRequest> requestArg = ArgumentCaptor.forClass(HttpServletRequest.class);
|
|
||||||
verify(this.hmi).setCache(requestArg.capture());
|
|
||||||
HttpServletRequest transformedRequest = requestArg.getValue();
|
|
||||||
String attrName = "any";
|
|
||||||
String attrValue = "value";
|
|
||||||
transformedRequest.setAttribute(attrName, attrValue);
|
|
||||||
assertThat(transformedRequest.getAttribute(attrName)).isEqualTo(attrValue);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* The request passed into the transformer does not allow interactions on certain
|
|
||||||
* methods, we need to ensure that the methods used by
|
|
||||||
* {@link HandlerMappingIntrospector#setCache(HttpServletRequest)} are overridden.
|
|
||||||
*/
|
|
||||||
@Test
|
|
||||||
void transformThenResultDoesNotDelegateToGetAttribute() {
|
|
||||||
HttpServletRequest request = mock(HttpServletRequest.class);
|
|
||||||
|
|
||||||
this.transformer.transform(request);
|
|
||||||
|
|
||||||
ArgumentCaptor<HttpServletRequest> requestArg = ArgumentCaptor.forClass(HttpServletRequest.class);
|
|
||||||
verify(this.hmi).setCache(requestArg.capture());
|
|
||||||
HttpServletRequest transformedRequest = requestArg.getValue();
|
|
||||||
transformedRequest.getAttribute("any");
|
|
||||||
verifyNoInteractions(request);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* The request passed into the transformer does not allow interactions on certain
|
|
||||||
* methods, we need to ensure that the methods used by
|
|
||||||
* {@link HandlerMappingIntrospector#setCache(HttpServletRequest)} are overridden.
|
|
||||||
*/
|
|
||||||
@Test
|
|
||||||
void transformThenResultDoesNotDelegateToGetAttributeNames() {
|
|
||||||
HttpServletRequest request = mock(HttpServletRequest.class);
|
|
||||||
|
|
||||||
this.transformer.transform(request);
|
|
||||||
|
|
||||||
ArgumentCaptor<HttpServletRequest> requestArg = ArgumentCaptor.forClass(HttpServletRequest.class);
|
|
||||||
verify(this.hmi).setCache(requestArg.capture());
|
|
||||||
HttpServletRequest transformedRequest = requestArg.getValue();
|
|
||||||
transformedRequest.getAttributeNames();
|
|
||||||
verifyNoInteractions(request);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
void transformThenGetAttributeNamesWorks() {
|
|
||||||
HttpServletRequest request = mock(HttpServletRequest.class);
|
|
||||||
|
|
||||||
this.transformer.transform(request);
|
|
||||||
|
|
||||||
ArgumentCaptor<HttpServletRequest> requestArg = ArgumentCaptor.forClass(HttpServletRequest.class);
|
|
||||||
verify(this.hmi).setCache(requestArg.capture());
|
|
||||||
HttpServletRequest transformedRequest = requestArg.getValue();
|
|
||||||
String attrName = "any";
|
|
||||||
String attrValue = "value";
|
|
||||||
transformedRequest.setAttribute(attrName, attrValue);
|
|
||||||
assertThat(Collections.list(transformedRequest.getAttributeNames())).containsExactly(attrName);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* The request passed into the transformer does not allow interactions on certain
|
|
||||||
* methods, we need to ensure that the methods used by
|
|
||||||
* {@link HandlerMappingIntrospector#setCache(HttpServletRequest)} are overridden.
|
|
||||||
*/
|
|
||||||
@Test
|
|
||||||
void transformThenResultDoesNotDelegateToRemoveAttribute() {
|
|
||||||
HttpServletRequest request = mock(HttpServletRequest.class);
|
|
||||||
|
|
||||||
this.transformer.transform(request);
|
|
||||||
|
|
||||||
ArgumentCaptor<HttpServletRequest> requestArg = ArgumentCaptor.forClass(HttpServletRequest.class);
|
|
||||||
verify(this.hmi).setCache(requestArg.capture());
|
|
||||||
HttpServletRequest transformedRequest = requestArg.getValue();
|
|
||||||
transformedRequest.removeAttribute("any");
|
|
||||||
verifyNoInteractions(request);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* The request passed into the transformer does not allow interactions on certain
|
|
||||||
* methods, we need to ensure that the methods used by
|
|
||||||
* {@link HandlerMappingIntrospector#setCache(HttpServletRequest)} are overridden.
|
|
||||||
*/
|
|
||||||
@Test
|
|
||||||
void transformThenResultDoesNotDelegateToGetDispatcherType() {
|
|
||||||
HttpServletRequest request = mock(HttpServletRequest.class);
|
|
||||||
|
|
||||||
this.transformer.transform(request);
|
|
||||||
|
|
||||||
ArgumentCaptor<HttpServletRequest> requestArg = ArgumentCaptor.forClass(HttpServletRequest.class);
|
|
||||||
verify(this.hmi).setCache(requestArg.capture());
|
|
||||||
HttpServletRequest transformedRequest = requestArg.getValue();
|
|
||||||
assertThat(transformedRequest.getDispatcherType()).isEqualTo(DispatcherType.REQUEST);
|
|
||||||
verifyNoInteractions(request);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
@ -22,17 +22,18 @@ import java.util.LinkedHashMap;
|
|||||||
import jakarta.servlet.FilterChain;
|
import jakarta.servlet.FilterChain;
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
|
|
||||||
|
import org.springframework.http.HttpMethod;
|
||||||
import org.springframework.mock.web.MockHttpServletRequest;
|
import org.springframework.mock.web.MockHttpServletRequest;
|
||||||
import org.springframework.mock.web.MockHttpServletResponse;
|
import org.springframework.mock.web.MockHttpServletResponse;
|
||||||
import org.springframework.security.access.ConfigAttribute;
|
import org.springframework.security.access.ConfigAttribute;
|
||||||
import org.springframework.security.access.SecurityConfig;
|
import org.springframework.security.access.SecurityConfig;
|
||||||
import org.springframework.security.web.FilterInvocation;
|
import org.springframework.security.web.FilterInvocation;
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|
||||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
import static org.mockito.Mockito.mock;
|
import static org.mockito.Mockito.mock;
|
||||||
import static org.springframework.security.web.servlet.TestMockHttpServletRequests.request;
|
import static org.springframework.security.web.servlet.TestMockHttpServletRequests.request;
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests {@link DefaultFilterInvocationSecurityMetadataSource}.
|
* Tests {@link DefaultFilterInvocationSecurityMetadataSource}.
|
||||||
@ -45,9 +46,9 @@ public class DefaultFilterInvocationSecurityMetadataSourceTests {
|
|||||||
|
|
||||||
private Collection<ConfigAttribute> def = SecurityConfig.createList("ROLE_ONE");
|
private Collection<ConfigAttribute> def = SecurityConfig.createList("ROLE_ONE");
|
||||||
|
|
||||||
private void createFids(String pattern, String method) {
|
private void createFids(String pattern, HttpMethod method) {
|
||||||
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
|
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
|
||||||
requestMap.put(new AntPathRequestMatcher(pattern, method), this.def);
|
requestMap.put(pathPattern(method, pattern), this.def);
|
||||||
this.fids = new DefaultFilterInvocationSecurityMetadataSource(requestMap);
|
this.fids = new DefaultFilterInvocationSecurityMetadataSource(requestMap);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -89,7 +90,7 @@ public class DefaultFilterInvocationSecurityMetadataSourceTests {
|
|||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void httpMethodLookupSucceeds() {
|
public void httpMethodLookupSucceeds() {
|
||||||
createFids("/somepage**", "GET");
|
createFids("/somepage**", HttpMethod.GET);
|
||||||
FilterInvocation fi = createFilterInvocation("/somepage", null, null, "GET");
|
FilterInvocation fi = createFilterInvocation("/somepage", null, null, "GET");
|
||||||
Collection<ConfigAttribute> attrs = this.fids.getAttributes(fi);
|
Collection<ConfigAttribute> attrs = this.fids.getAttributes(fi);
|
||||||
assertThat(attrs).isEqualTo(this.def);
|
assertThat(attrs).isEqualTo(this.def);
|
||||||
@ -105,7 +106,7 @@ public class DefaultFilterInvocationSecurityMetadataSourceTests {
|
|||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void requestWithDifferentHttpMethodDoesntMatch() {
|
public void requestWithDifferentHttpMethodDoesntMatch() {
|
||||||
createFids("/somepage**", "GET");
|
createFids("/somepage**", HttpMethod.GET);
|
||||||
FilterInvocation fi = createFilterInvocation("/somepage", null, null, "POST");
|
FilterInvocation fi = createFilterInvocation("/somepage", null, null, "POST");
|
||||||
Collection<ConfigAttribute> attrs = this.fids.getAttributes(fi);
|
Collection<ConfigAttribute> attrs = this.fids.getAttributes(fi);
|
||||||
assertThat(attrs).isNull();
|
assertThat(attrs).isNull();
|
||||||
@ -116,8 +117,8 @@ public class DefaultFilterInvocationSecurityMetadataSourceTests {
|
|||||||
public void mixingPatternsWithAndWithoutHttpMethodsIsSupported() {
|
public void mixingPatternsWithAndWithoutHttpMethodsIsSupported() {
|
||||||
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
|
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
|
||||||
Collection<ConfigAttribute> userAttrs = SecurityConfig.createList("A");
|
Collection<ConfigAttribute> userAttrs = SecurityConfig.createList("A");
|
||||||
requestMap.put(new AntPathRequestMatcher("/user/**", null), userAttrs);
|
requestMap.put(pathPattern("/user/**"), userAttrs);
|
||||||
requestMap.put(new AntPathRequestMatcher("/teller/**", "GET"), SecurityConfig.createList("B"));
|
requestMap.put(pathPattern(HttpMethod.GET, "/teller/**"), SecurityConfig.createList("B"));
|
||||||
this.fids = new DefaultFilterInvocationSecurityMetadataSource(requestMap);
|
this.fids = new DefaultFilterInvocationSecurityMetadataSource(requestMap);
|
||||||
FilterInvocation fi = createFilterInvocation("/user", null, null, "GET");
|
FilterInvocation fi = createFilterInvocation("/user", null, null, "GET");
|
||||||
Collection<ConfigAttribute> attrs = this.fids.getAttributes(fi);
|
Collection<ConfigAttribute> attrs = this.fids.getAttributes(fi);
|
||||||
|
@ -28,14 +28,13 @@ import org.springframework.security.authorization.AuthorityAuthorizationManager;
|
|||||||
import org.springframework.security.authorization.AuthorizationDecision;
|
import org.springframework.security.authorization.AuthorizationDecision;
|
||||||
import org.springframework.security.authorization.SingleResultAuthorizationManager;
|
import org.springframework.security.authorization.SingleResultAuthorizationManager;
|
||||||
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
|
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|
||||||
import org.springframework.security.web.util.matcher.AnyRequestMatcher;
|
import org.springframework.security.web.util.matcher.AnyRequestMatcher;
|
||||||
import org.springframework.security.web.util.matcher.RequestMatcherEntry;
|
import org.springframework.security.web.util.matcher.RequestMatcherEntry;
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||||
import static org.assertj.core.api.Assertions.assertThatIllegalStateException;
|
import static org.assertj.core.api.Assertions.assertThatIllegalStateException;
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests for {@link RequestMatcherDelegatingAuthorizationManager}.
|
* Tests for {@link RequestMatcherDelegatingAuthorizationManager}.
|
||||||
@ -63,18 +62,16 @@ public class RequestMatcherDelegatingAuthorizationManagerTests {
|
|||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void addWhenManagerNullThenException() {
|
public void addWhenManagerNullThenException() {
|
||||||
assertThatIllegalArgumentException()
|
assertThatIllegalArgumentException().isThrownBy(
|
||||||
.isThrownBy(() -> RequestMatcherDelegatingAuthorizationManager.builder()
|
() -> RequestMatcherDelegatingAuthorizationManager.builder().add(pathPattern("/grant"), null).build())
|
||||||
.add(new MvcRequestMatcher(null, "/grant"), null)
|
|
||||||
.build())
|
|
||||||
.withMessage("manager cannot be null");
|
.withMessage("manager cannot be null");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void checkWhenMultipleMappingsConfiguredThenDelegatesMatchingManager() {
|
public void checkWhenMultipleMappingsConfiguredThenDelegatesMatchingManager() {
|
||||||
RequestMatcherDelegatingAuthorizationManager manager = RequestMatcherDelegatingAuthorizationManager.builder()
|
RequestMatcherDelegatingAuthorizationManager manager = RequestMatcherDelegatingAuthorizationManager.builder()
|
||||||
.add(new MvcRequestMatcher(null, "/grant"), SingleResultAuthorizationManager.permitAll())
|
.add(pathPattern(null, "/grant"), SingleResultAuthorizationManager.permitAll())
|
||||||
.add(new MvcRequestMatcher(null, "/deny"), SingleResultAuthorizationManager.denyAll())
|
.add(pathPattern(null, "/deny"), SingleResultAuthorizationManager.denyAll())
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
Supplier<Authentication> authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_USER");
|
Supplier<Authentication> authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_USER");
|
||||||
@ -97,11 +94,10 @@ public class RequestMatcherDelegatingAuthorizationManagerTests {
|
|||||||
public void checkWhenMultipleMappingsConfiguredWithConsumerThenDelegatesMatchingManager() {
|
public void checkWhenMultipleMappingsConfiguredWithConsumerThenDelegatesMatchingManager() {
|
||||||
RequestMatcherDelegatingAuthorizationManager manager = RequestMatcherDelegatingAuthorizationManager.builder()
|
RequestMatcherDelegatingAuthorizationManager manager = RequestMatcherDelegatingAuthorizationManager.builder()
|
||||||
.mappings((m) -> {
|
.mappings((m) -> {
|
||||||
m.add(new RequestMatcherEntry<>(new MvcRequestMatcher(null, "/grant"),
|
m.add(new RequestMatcherEntry<>(pathPattern("/grant"), SingleResultAuthorizationManager.permitAll()));
|
||||||
SingleResultAuthorizationManager.permitAll()));
|
|
||||||
m.add(new RequestMatcherEntry<>(AnyRequestMatcher.INSTANCE,
|
m.add(new RequestMatcherEntry<>(AnyRequestMatcher.INSTANCE,
|
||||||
AuthorityAuthorizationManager.hasRole("ADMIN")));
|
AuthorityAuthorizationManager.hasRole("ADMIN")));
|
||||||
m.add(new RequestMatcherEntry<>(new MvcRequestMatcher(null, "/afterAny"),
|
m.add(new RequestMatcherEntry<>(pathPattern("/afterAny"),
|
||||||
SingleResultAuthorizationManager.permitAll()));
|
SingleResultAuthorizationManager.permitAll()));
|
||||||
})
|
})
|
||||||
.build();
|
.build();
|
||||||
@ -156,7 +152,7 @@ public class RequestMatcherDelegatingAuthorizationManagerTests {
|
|||||||
.isThrownBy(() -> RequestMatcherDelegatingAuthorizationManager.builder()
|
.isThrownBy(() -> RequestMatcherDelegatingAuthorizationManager.builder()
|
||||||
.anyRequest()
|
.anyRequest()
|
||||||
.authenticated()
|
.authenticated()
|
||||||
.requestMatchers(new AntPathRequestMatcher("/authenticated"))
|
.requestMatchers(pathPattern("/authenticated"))
|
||||||
.authenticated()
|
.authenticated()
|
||||||
.build())
|
.build())
|
||||||
.withMessage("Can't configure requestMatchers after anyRequest");
|
.withMessage("Can't configure requestMatchers after anyRequest");
|
||||||
|
@ -47,7 +47,6 @@ import org.springframework.security.web.authentication.session.SessionAuthentica
|
|||||||
import org.springframework.security.web.context.RequestAttributeSecurityContextRepository;
|
import org.springframework.security.web.context.RequestAttributeSecurityContextRepository;
|
||||||
import org.springframework.security.web.context.SecurityContextRepository;
|
import org.springframework.security.web.context.SecurityContextRepository;
|
||||||
import org.springframework.security.web.firewall.DefaultHttpFirewall;
|
import org.springframework.security.web.firewall.DefaultHttpFirewall;
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|
||||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||||
import org.springframework.test.util.ReflectionTestUtils;
|
import org.springframework.test.util.ReflectionTestUtils;
|
||||||
|
|
||||||
@ -62,6 +61,7 @@ import static org.mockito.Mockito.verify;
|
|||||||
import static org.springframework.security.web.servlet.TestMockHttpServletRequests.Builder;
|
import static org.springframework.security.web.servlet.TestMockHttpServletRequests.Builder;
|
||||||
import static org.springframework.security.web.servlet.TestMockHttpServletRequests.get;
|
import static org.springframework.security.web.servlet.TestMockHttpServletRequests.get;
|
||||||
import static org.springframework.security.web.servlet.TestMockHttpServletRequests.post;
|
import static org.springframework.security.web.servlet.TestMockHttpServletRequests.post;
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests {@link AbstractAuthenticationProcessingFilter}.
|
* Tests {@link AbstractAuthenticationProcessingFilter}.
|
||||||
@ -238,8 +238,8 @@ public class AbstractAuthenticationProcessingFilterTests {
|
|||||||
MockFilterChain chain = new MockFilterChain(false);
|
MockFilterChain chain = new MockFilterChain(false);
|
||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
// Setup our test object, to grant access
|
// Setup our test object, to grant access
|
||||||
MockAuthenticationFilter filter = new MockAuthenticationFilter(
|
MockAuthenticationFilter filter = new MockAuthenticationFilter(pathPattern("/j_eradicate_corona_virus"),
|
||||||
new AntPathRequestMatcher("/j_eradicate_corona_virus"), mock(AuthenticationManager.class));
|
mock(AuthenticationManager.class));
|
||||||
filter.setSessionAuthenticationStrategy(mock(SessionAuthenticationStrategy.class));
|
filter.setSessionAuthenticationStrategy(mock(SessionAuthenticationStrategy.class));
|
||||||
filter.setAuthenticationSuccessHandler(this.successHandler);
|
filter.setAuthenticationSuccessHandler(this.successHandler);
|
||||||
filter.setAuthenticationFailureHandler(this.failureHandler);
|
filter.setAuthenticationFailureHandler(this.failureHandler);
|
||||||
@ -273,7 +273,7 @@ public class AbstractAuthenticationProcessingFilterTests {
|
|||||||
filter.setAuthenticationManager(mock(AuthenticationManager.class));
|
filter.setAuthenticationManager(mock(AuthenticationManager.class));
|
||||||
filter.setAuthenticationSuccessHandler(this.successHandler);
|
filter.setAuthenticationSuccessHandler(this.successHandler);
|
||||||
assertThatIllegalArgumentException().isThrownBy(() -> filter.setFilterProcessesUrl(null))
|
assertThatIllegalArgumentException().isThrownBy(() -> filter.setFilterProcessesUrl(null))
|
||||||
.withMessage("Pattern cannot be null or empty");
|
.withMessage("pattern cannot be null");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -23,12 +23,12 @@ import org.springframework.security.authentication.AuthenticationManager;
|
|||||||
import org.springframework.security.authentication.AuthenticationServiceException;
|
import org.springframework.security.authentication.AuthenticationServiceException;
|
||||||
import org.springframework.security.authentication.TestingAuthenticationToken;
|
import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||||
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||||
import static org.mockito.Mockito.mock;
|
import static org.mockito.Mockito.mock;
|
||||||
import static org.springframework.security.web.servlet.TestMockHttpServletRequests.get;
|
import static org.springframework.security.web.servlet.TestMockHttpServletRequests.get;
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests for {@link RequestMatcherDelegatingAuthenticationManagerResolverTests}
|
* Tests for {@link RequestMatcherDelegatingAuthenticationManagerResolverTests}
|
||||||
@ -45,8 +45,8 @@ public class RequestMatcherDelegatingAuthenticationManagerResolverTests {
|
|||||||
public void resolveWhenMatchesThenReturnsAuthenticationManager() {
|
public void resolveWhenMatchesThenReturnsAuthenticationManager() {
|
||||||
RequestMatcherDelegatingAuthenticationManagerResolver resolver = RequestMatcherDelegatingAuthenticationManagerResolver
|
RequestMatcherDelegatingAuthenticationManagerResolver resolver = RequestMatcherDelegatingAuthenticationManagerResolver
|
||||||
.builder()
|
.builder()
|
||||||
.add(new AntPathRequestMatcher("/one/**"), this.one)
|
.add(pathPattern("/one/**"), this.one)
|
||||||
.add(new AntPathRequestMatcher("/two/**"), this.two)
|
.add(pathPattern("/two/**"), this.two)
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
MockHttpServletRequest request = get("/one/location").build();
|
MockHttpServletRequest request = get("/one/location").build();
|
||||||
@ -57,8 +57,8 @@ public class RequestMatcherDelegatingAuthenticationManagerResolverTests {
|
|||||||
public void resolveWhenDoesNotMatchThenReturnsDefaultAuthenticationManager() {
|
public void resolveWhenDoesNotMatchThenReturnsDefaultAuthenticationManager() {
|
||||||
RequestMatcherDelegatingAuthenticationManagerResolver resolver = RequestMatcherDelegatingAuthenticationManagerResolver
|
RequestMatcherDelegatingAuthenticationManagerResolver resolver = RequestMatcherDelegatingAuthenticationManagerResolver
|
||||||
.builder()
|
.builder()
|
||||||
.add(new AntPathRequestMatcher("/one/**"), this.one)
|
.add(pathPattern("/one/**"), this.one)
|
||||||
.add(new AntPathRequestMatcher("/two/**"), this.two)
|
.add(pathPattern("/two/**"), this.two)
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
MockHttpServletRequest request = new MockHttpServletRequest("GET", "/wrong/location");
|
MockHttpServletRequest request = new MockHttpServletRequest("GET", "/wrong/location");
|
||||||
|
@ -41,7 +41,6 @@ import org.springframework.security.web.WebAttributes;
|
|||||||
import org.springframework.security.web.authentication.ForwardAuthenticationFailureHandler;
|
import org.springframework.security.web.authentication.ForwardAuthenticationFailureHandler;
|
||||||
import org.springframework.security.web.authentication.ForwardAuthenticationSuccessHandler;
|
import org.springframework.security.web.authentication.ForwardAuthenticationSuccessHandler;
|
||||||
import org.springframework.security.web.context.SecurityContextRepository;
|
import org.springframework.security.web.context.SecurityContextRepository;
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||||
@ -52,6 +51,7 @@ import static org.mockito.BDDMockito.given;
|
|||||||
import static org.mockito.Mockito.mock;
|
import static org.mockito.Mockito.mock;
|
||||||
import static org.mockito.Mockito.verify;
|
import static org.mockito.Mockito.verify;
|
||||||
import static org.mockito.Mockito.verifyNoMoreInteractions;
|
import static org.mockito.Mockito.verifyNoMoreInteractions;
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Rob Winch
|
* @author Rob Winch
|
||||||
@ -367,7 +367,7 @@ public class AbstractPreAuthenticatedProcessingFilterTests {
|
|||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
MockFilterChain chain = new MockFilterChain();
|
MockFilterChain chain = new MockFilterChain();
|
||||||
ConcretePreAuthenticatedProcessingFilter filter = new ConcretePreAuthenticatedProcessingFilter();
|
ConcretePreAuthenticatedProcessingFilter filter = new ConcretePreAuthenticatedProcessingFilter();
|
||||||
filter.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher("/no-matching"));
|
filter.setRequiresAuthenticationRequestMatcher(pathPattern("/no-matching"));
|
||||||
AuthenticationManager am = mock(AuthenticationManager.class);
|
AuthenticationManager am = mock(AuthenticationManager.class);
|
||||||
filter.setAuthenticationManager(am);
|
filter.setAuthenticationManager(am);
|
||||||
filter.afterPropertiesSet();
|
filter.afterPropertiesSet();
|
||||||
@ -381,7 +381,7 @@ public class AbstractPreAuthenticatedProcessingFilterTests {
|
|||||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||||
MockFilterChain chain = new MockFilterChain();
|
MockFilterChain chain = new MockFilterChain();
|
||||||
ConcretePreAuthenticatedProcessingFilter filter = new ConcretePreAuthenticatedProcessingFilter();
|
ConcretePreAuthenticatedProcessingFilter filter = new ConcretePreAuthenticatedProcessingFilter();
|
||||||
filter.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher("/**"));
|
filter.setRequiresAuthenticationRequestMatcher(pathPattern("/**"));
|
||||||
AuthenticationManager am = mock(AuthenticationManager.class);
|
AuthenticationManager am = mock(AuthenticationManager.class);
|
||||||
filter.setAuthenticationManager(am);
|
filter.setAuthenticationManager(am);
|
||||||
filter.afterPropertiesSet();
|
filter.afterPropertiesSet();
|
||||||
|
@ -46,7 +46,6 @@ import org.springframework.security.web.authentication.AuthenticationConverter;
|
|||||||
import org.springframework.security.web.authentication.WebAuthenticationDetails;
|
import org.springframework.security.web.authentication.WebAuthenticationDetails;
|
||||||
import org.springframework.security.web.context.RequestAttributeSecurityContextRepository;
|
import org.springframework.security.web.context.RequestAttributeSecurityContextRepository;
|
||||||
import org.springframework.security.web.context.SecurityContextRepository;
|
import org.springframework.security.web.context.SecurityContextRepository;
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|
||||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||||
import org.springframework.web.util.WebUtils;
|
import org.springframework.web.util.WebUtils;
|
||||||
|
|
||||||
@ -62,6 +61,7 @@ import static org.mockito.Mockito.spy;
|
|||||||
import static org.mockito.Mockito.verify;
|
import static org.mockito.Mockito.verify;
|
||||||
import static org.mockito.Mockito.verifyNoMoreInteractions;
|
import static org.mockito.Mockito.verifyNoMoreInteractions;
|
||||||
import static org.springframework.security.web.servlet.TestMockHttpServletRequests.get;
|
import static org.springframework.security.web.servlet.TestMockHttpServletRequests.get;
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests {@link BasicAuthenticationFilter}.
|
* Tests {@link BasicAuthenticationFilter}.
|
||||||
@ -513,7 +513,7 @@ public class BasicAuthenticationFilterTests {
|
|||||||
|
|
||||||
static class TestAuthenticationConverter implements AuthenticationConverter {
|
static class TestAuthenticationConverter implements AuthenticationConverter {
|
||||||
|
|
||||||
private final RequestMatcher matcher = AntPathRequestMatcher.antMatcher("/ignored");
|
private final RequestMatcher matcher = pathPattern("/ignored");
|
||||||
|
|
||||||
private final BasicAuthenticationConverter delegate = new BasicAuthenticationConverter();
|
private final BasicAuthenticationConverter delegate = new BasicAuthenticationConverter();
|
||||||
|
|
||||||
|
@ -29,6 +29,7 @@ import org.springframework.web.util.ServletRequestPathUtils;
|
|||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -38,49 +39,49 @@ public class PathPatternRequestMatcherTests {
|
|||||||
|
|
||||||
@Test
|
@Test
|
||||||
void matcherWhenPatternMatchesRequestThenMatchResult() {
|
void matcherWhenPatternMatchesRequestThenMatchResult() {
|
||||||
RequestMatcher matcher = PathPatternRequestMatcher.withDefaults().matcher("/uri");
|
RequestMatcher matcher = pathPattern("/uri");
|
||||||
assertThat(matcher.matches(request("/uri"))).isTrue();
|
assertThat(matcher.matches(request("/uri"))).isTrue();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void matcherWhenPatternContainsPlaceholdersThenMatchResult() {
|
void matcherWhenPatternContainsPlaceholdersThenMatchResult() {
|
||||||
RequestMatcher matcher = PathPatternRequestMatcher.withDefaults().matcher("/uri/{username}");
|
RequestMatcher matcher = pathPattern("/uri/{username}");
|
||||||
assertThat(matcher.matcher(request("/uri/bob")).getVariables()).containsEntry("username", "bob");
|
assertThat(matcher.matcher(request("/uri/bob")).getVariables()).containsEntry("username", "bob");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void matcherWhenOnlyPathInfoMatchesThenNoMatch() {
|
void matcherWhenOnlyPathInfoMatchesThenNoMatch() {
|
||||||
RequestMatcher matcher = PathPatternRequestMatcher.withDefaults().matcher("/uri");
|
RequestMatcher matcher = pathPattern("/uri");
|
||||||
assertThat(matcher.matches(request("GET", "/mvc/uri", "/mvc"))).isFalse();
|
assertThat(matcher.matches(request("GET", "/mvc/uri", "/mvc"))).isFalse();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void matcherWhenUriContainsServletPathThenMatch() {
|
void matcherWhenUriContainsServletPathThenMatch() {
|
||||||
RequestMatcher matcher = PathPatternRequestMatcher.withDefaults().matcher("/mvc/uri");
|
RequestMatcher matcher = pathPattern("/mvc/uri");
|
||||||
assertThat(matcher.matches(request("GET", "/mvc/uri", "/mvc"))).isTrue();
|
assertThat(matcher.matches(request("GET", "/mvc/uri", "/mvc"))).isTrue();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void matcherWhenSameMethodThenMatchResult() {
|
void matcherWhenSameMethodThenMatchResult() {
|
||||||
RequestMatcher matcher = PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.GET, "/uri");
|
RequestMatcher matcher = pathPattern(HttpMethod.GET, "/uri");
|
||||||
assertThat(matcher.matches(request("/uri"))).isTrue();
|
assertThat(matcher.matches(request("/uri"))).isTrue();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void matcherWhenDifferentPathThenNoMatch() {
|
void matcherWhenDifferentPathThenNoMatch() {
|
||||||
RequestMatcher matcher = PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.GET, "/uri");
|
RequestMatcher matcher = pathPattern(HttpMethod.GET, "/uri");
|
||||||
assertThat(matcher.matches(request("GET", "/urj", ""))).isFalse();
|
assertThat(matcher.matches(request("GET", "/urj", ""))).isFalse();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void matcherWhenDifferentMethodThenNoMatch() {
|
void matcherWhenDifferentMethodThenNoMatch() {
|
||||||
RequestMatcher matcher = PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.GET, "/uri");
|
RequestMatcher matcher = pathPattern(HttpMethod.GET, "/uri");
|
||||||
assertThat(matcher.matches(request("POST", "/mvc/uri", "/mvc"))).isFalse();
|
assertThat(matcher.matches(request("POST", "/mvc/uri", "/mvc"))).isFalse();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void matcherWhenNoMethodThenMatches() {
|
void matcherWhenNoMethodThenMatches() {
|
||||||
RequestMatcher matcher = PathPatternRequestMatcher.withDefaults().matcher("/uri");
|
RequestMatcher matcher = pathPattern("/uri");
|
||||||
assertThat(matcher.matches(request("POST", "/uri", ""))).isTrue();
|
assertThat(matcher.matches(request("POST", "/uri", ""))).isTrue();
|
||||||
assertThat(matcher.matches(request("GET", "/uri", ""))).isTrue();
|
assertThat(matcher.matches(request("GET", "/uri", ""))).isTrue();
|
||||||
}
|
}
|
||||||
|
@ -33,6 +33,7 @@ import static org.assertj.core.api.Assertions.assertThat;
|
|||||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||||
import static org.assertj.core.api.Assertions.assertThatNullPointerException;
|
import static org.assertj.core.api.Assertions.assertThatNullPointerException;
|
||||||
import static org.mockito.BDDMockito.given;
|
import static org.mockito.BDDMockito.given;
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Rob Winch
|
* @author Rob Winch
|
||||||
@ -59,7 +60,7 @@ public class AndRequestMatcherTests {
|
|||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void constructorListOfDoesNotThrowNullPointer() {
|
public void constructorListOfDoesNotThrowNullPointer() {
|
||||||
new AndRequestMatcher(List.of(new AntPathRequestMatcher("/test")));
|
new AndRequestMatcher(List.of(pathPattern("/test")));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -34,6 +34,7 @@ import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException
|
|||||||
import static org.assertj.core.api.Assertions.assertThatNullPointerException;
|
import static org.assertj.core.api.Assertions.assertThatNullPointerException;
|
||||||
import static org.mockito.BDDMockito.given;
|
import static org.mockito.BDDMockito.given;
|
||||||
import static org.mockito.Mockito.verifyNoInteractions;
|
import static org.mockito.Mockito.verifyNoInteractions;
|
||||||
|
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Rob Winch
|
* @author Rob Winch
|
||||||
@ -60,7 +61,7 @@ public class OrRequestMatcherTests {
|
|||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void constructorListOfDoesNotThrowNullPointer() {
|
public void constructorListOfDoesNotThrowNullPointer() {
|
||||||
new OrRequestMatcher(List.of(new AntPathRequestMatcher("/test")));
|
new OrRequestMatcher(List.of(pathPattern("/test")));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
Loading…
x
Reference in New Issue
Block a user