Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Provide default reactive HttpSecurity 

Fixes gh-4396
This commit is contained in:
Rob Winch 2017-06-15 11:27:52 -05:00
parent 9141a8a7c0
commit fda0220fad
2 changed files with 51 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
config/src/main/java/org/springframework/security/config/annotation/web/reactive/WebFluxSecurityConfiguration.java
View File

@ -19,11 +19,15 @@
package org.springframework.security.config.annotation.web.reactive; package org.springframework.security.config.annotation.web.reactive;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.web.server.HttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain; import org.springframework.security.web.server.SecurityWebFilterChain;
import org.springframework.security.web.server.WebFilterChainFilter; import org.springframework.security.web.server.WebFilterChainFilter;
import org.springframework.util.ObjectUtils;
import java.util.Arrays;
import java.util.List; import java.util.List;
/** /**
@ -36,8 +40,27 @@ public class WebFluxSecurityConfiguration {
@Autowired(required = false) @Autowired(required = false)
private List<SecurityWebFilterChain> securityWebFilterChains; private List<SecurityWebFilterChain> securityWebFilterChains;
@Autowired
ApplicationContext context;
@Bean @Bean
public WebFilterChainFilter springSecurityFilterChain() { public WebFilterChainFilter springSecurityFilterChain() {
return WebFilterChainFilter.fromSecurityWebFilterChainsList(securityWebFilterChains); return WebFilterChainFilter.fromSecurityWebFilterChainsList(getSecurityWebFilterChains());
}
private List<SecurityWebFilterChain> getSecurityWebFilterChains() {
List<SecurityWebFilterChain> result = securityWebFilterChains;
if(ObjectUtils.isEmpty(result)) {
return defaultSecurityWebFilterChains();
}
return result;
}
private List<SecurityWebFilterChain> defaultSecurityWebFilterChains() {
HttpSecurity http = context.getBean(HttpSecurity.class);
http
.authorizeExchange()
.anyExchange().authenticated();
return Arrays.asList(http.build());
} }
} }

27
config/src/test/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurityTests.java
View File

@ -45,7 +45,34 @@ import static org.mockito.Mockito.mock;
*/ */
@RunWith(Enclosed.class) @RunWith(Enclosed.class)
public class EnableWebFluxSecurityTests { public class EnableWebFluxSecurityTests {
@RunWith(SpringRunner.class)
public static class Defaults {
@Autowired
WebFilterChainFilter springSecurityFilterChain;
@Test
public void defaultRequiresAuthentication() {
WebTestClient client = WebTestClientBuilder.bindToWebFilters(springSecurityFilterChain).build();
client.get()
.uri("/")
.exchange()
.expectStatus().isUnauthorized()
.expectBody().isEmpty();
}
@EnableWebFluxSecurity
static class Config {
@Bean
public UserDetailsRepository userDetailsRepository() {
return new MapUserDetailsRepository(User.withUsername("user")
.password("password")
.roles("USER")
.build()
);
}
}
}
@RunWith(SpringRunner.class) @RunWith(SpringRunner.class)
public static class MultiHttpSecurity { public static class MultiHttpSecurity {