Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-12 05:13:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Clarify variable names

Browse Source 
Issue gh-11327
This commit is contained in:
Josh Cummings 2022-07-07 13:24:01 -06:00
parent 696da87478
commit ec8c13392c
No known key found for this signature in database
GPG Key ID: A306A51F43B8E5A5
2 changed files with 23 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
config/src/main/java/org/springframework/security/config/http/DefaultFilterChainValidator.java
View File

@ -133,11 +133,13 @@ public class DefaultFilterChainValidator implements FilterChainProxy.FilterChain
* interceptor * interceptor
*/ */
private void checkLoginPageIsntProtected(FilterChainProxy fcp, List<Filter> filterStack) { private void checkLoginPageIsntProtected(FilterChainProxy fcp, List<Filter> filterStack) {
ExceptionTranslationFilter etf = getFilter(ExceptionTranslationFilter.class, filterStack); ExceptionTranslationFilter exceptions = getFilter(ExceptionTranslationFilter.class, filterStack);
if (etf == null || !(etf.getAuthenticationEntryPoint() instanceof LoginUrlAuthenticationEntryPoint)) { if (exceptions == null
|| !(exceptions.getAuthenticationEntryPoint() instanceof LoginUrlAuthenticationEntryPoint)) {
return; return;
} }
String loginPage = ((LoginUrlAuthenticationEntryPoint) etf.getAuthenticationEntryPoint()).getLoginFormUrl(); String loginPage = ((LoginUrlAuthenticationEntryPoint) exceptions.getAuthenticationEntryPoint())
.getLoginFormUrl();
this.logger.info("Checking whether login URL '" + loginPage + "' is accessible with your configuration"); this.logger.info("Checking whether login URL '" + loginPage + "' is accessible with your configuration");
FilterInvocation loginRequest = new FilterInvocation(loginPage, "POST"); FilterInvocation loginRequest = new FilterInvocation(loginPage, "POST");
List<Filter> filters = null; List<Filter> filters = null;
@ -158,28 +160,28 @@ public class DefaultFilterChainValidator implements FilterChainProxy.FilterChain
this.logger.debug("Default generated login page is in use"); this.logger.debug("Default generated login page is in use");
return; return;
} }
FilterSecurityInterceptor fsi = getFilter(FilterSecurityInterceptor.class, filters); FilterSecurityInterceptor authorizationInterceptor = getFilter(FilterSecurityInterceptor.class, filters);
FilterInvocationSecurityMetadataSource fids = fsi.getSecurityMetadataSource(); FilterInvocationSecurityMetadataSource fids = authorizationInterceptor.getSecurityMetadataSource();
Collection<ConfigAttribute> attributes = fids.getAttributes(loginRequest); Collection<ConfigAttribute> attributes = fids.getAttributes(loginRequest);
if (attributes == null) { if (attributes == null) {
this.logger.debug("No access attributes defined for login page URL"); this.logger.debug("No access attributes defined for login page URL");
if (fsi.isRejectPublicInvocations()) { if (authorizationInterceptor.isRejectPublicInvocations()) {
this.logger.warn("FilterSecurityInterceptor is configured to reject public invocations." this.logger.warn("FilterSecurityInterceptor is configured to reject public invocations."
+ " Your login page may not be accessible."); + " Your login page may not be accessible.");
} }
return; return;
} }
AnonymousAuthenticationFilter anonPF = getFilter(AnonymousAuthenticationFilter.class, filters); AnonymousAuthenticationFilter anonymous = getFilter(AnonymousAuthenticationFilter.class, filters);
if (anonPF == null) { if (anonymous == null) {
this.logger.warn("The login page is being protected by the filter chain, but you don't appear to have" this.logger.warn("The login page is being protected by the filter chain, but you don't appear to have"
+ " anonymous authentication enabled. This is almost certainly an error."); + " anonymous authentication enabled. This is almost certainly an error.");
return; return;
} }
// Simulate an anonymous access with the supplied attributes. // Simulate an anonymous access with the supplied attributes.
AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("key", anonPF.getPrincipal(), AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("key", anonymous.getPrincipal(),
anonPF.getAuthorities()); anonymous.getAuthorities());
try { try {
fsi.getAccessDecisionManager().decide(token, loginRequest, attributes); authorizationInterceptor.getAccessDecisionManager().decide(token, loginRequest, attributes);
} }
catch (AccessDeniedException ex) { catch (AccessDeniedException ex) {
this.logger.warn("Anonymous access to the login page doesn't appear to be enabled. " this.logger.warn("Anonymous access to the login page doesn't appear to be enabled. "

20
config/src/test/java/org/springframework/security/config/http/DefaultFilterChainValidatorTests.java
View File

@ -53,7 +53,7 @@ public class DefaultFilterChainValidatorTests {
private DefaultFilterChainValidator validator; private DefaultFilterChainValidator validator;
private FilterChainProxy fcp; private FilterChainProxy chain;
@Mock @Mock
private Log logger; private Log logger;
@ -64,19 +64,19 @@ public class DefaultFilterChainValidatorTests {
@Mock @Mock
private AccessDecisionManager accessDecisionManager; private AccessDecisionManager accessDecisionManager;
private FilterSecurityInterceptor fsi; private FilterSecurityInterceptor authorizationInterceptor;
@BeforeEach @BeforeEach
public void setUp() { public void setUp() {
AnonymousAuthenticationFilter aaf = new AnonymousAuthenticationFilter("anonymous"); AnonymousAuthenticationFilter aaf = new AnonymousAuthenticationFilter("anonymous");
this.fsi = new FilterSecurityInterceptor(); this.authorizationInterceptor = new FilterSecurityInterceptor();
this.fsi.setAccessDecisionManager(this.accessDecisionManager); this.authorizationInterceptor.setAccessDecisionManager(this.accessDecisionManager);
this.fsi.setSecurityMetadataSource(this.metadataSource); this.authorizationInterceptor.setSecurityMetadataSource(this.metadataSource);
AuthenticationEntryPoint authenticationEntryPoint = new LoginUrlAuthenticationEntryPoint("/login"); AuthenticationEntryPoint authenticationEntryPoint = new LoginUrlAuthenticationEntryPoint("/login");
ExceptionTranslationFilter etf = new ExceptionTranslationFilter(authenticationEntryPoint); ExceptionTranslationFilter etf = new ExceptionTranslationFilter(authenticationEntryPoint);
DefaultSecurityFilterChain securityChain = new DefaultSecurityFilterChain(AnyRequestMatcher.INSTANCE, aaf, etf, DefaultSecurityFilterChain securityChain = new DefaultSecurityFilterChain(AnyRequestMatcher.INSTANCE, aaf, etf,
this.fsi); this.authorizationInterceptor);
this.fcp = new FilterChainProxy(securityChain); this.chain = new FilterChainProxy(securityChain);
this.validator = new DefaultFilterChainValidator(); this.validator = new DefaultFilterChainValidator();
ReflectionTestUtils.setField(this.validator, "logger", this.logger); ReflectionTestUtils.setField(this.validator, "logger", this.logger);
} }
@ -88,7 +88,7 @@ public class DefaultFilterChainValidatorTests {
IllegalArgumentException toBeThrown = new IllegalArgumentException("failed to eval expression"); IllegalArgumentException toBeThrown = new IllegalArgumentException("failed to eval expression");
willThrow(toBeThrown).given(this.accessDecisionManager).decide(any(Authentication.class), anyObject(), willThrow(toBeThrown).given(this.accessDecisionManager).decide(any(Authentication.class), anyObject(),
any(Collection.class)); any(Collection.class));
this.validator.validate(this.fcp); this.validator.validate(this.chain);
verify(this.logger).info( verify(this.logger).info(
"Unable to check access to the login page to determine if anonymous access is allowed. This might be an error, but can happen under normal circumstances.", "Unable to check access to the login page to determine if anonymous access is allowed. This might be an error, but can happen under normal circumstances.",
toBeThrown); toBeThrown);
@ -99,8 +99,8 @@ public class DefaultFilterChainValidatorTests {
public void validateCustomMetadataSource() { public void validateCustomMetadataSource() {
FilterInvocationSecurityMetadataSource customMetaDataSource = mock( FilterInvocationSecurityMetadataSource customMetaDataSource = mock(
FilterInvocationSecurityMetadataSource.class); FilterInvocationSecurityMetadataSource.class);
this.fsi.setSecurityMetadataSource(customMetaDataSource); this.authorizationInterceptor.setSecurityMetadataSource(customMetaDataSource);
this.validator.validate(this.fcp); this.validator.validate(this.chain);
verify(customMetaDataSource).getAttributes(any()); verify(customMetaDataSource).getAttributes(any());
} }