BAEL-3338: A Guide to AuthenticationManagerResolver in Spring Security

Fix indentation problems in code, do some renaming to sync article with code
2019-12-02 16:33:37 +02:00 · 2019-12-02 16:33:37 +02:00 · 41a8ea19d3
parent 07461f418a
commit 41a8ea19d3
5 changed files with 53 additions and 38 deletions
--- a/spring-5-reactive-security/src/main/java/com/baeldung/reactive/authresolver/AuthResolverSecurityConfig.java
+++ b/spring-5-reactive-security/src/main/java/com/baeldung/reactive/authresolver/AuthResolverSecurityConfig.java
@ -19,7 +19,7 @@ import reactor.core.publisher.Mono;

@EnableWebFluxSecurity
@EnableReactiveMethodSecurity
-public class AuthResolverSecurityConfig {
+public class CustomWebSecurityConfig {

    @Bean
    public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
@ -35,17 +35,17 @@ public class AuthResolverSecurityConfig {
    }

    public AuthenticationWebFilter authenticationWebFilter() {
-        AuthenticationWebFilter filter = new AuthenticationWebFilter(authenticationManagerResolver());
-        return filter;
+        return new AuthenticationWebFilter(resolver());
    }

-    public ReactiveAuthenticationManagerResolver<ServerHttpRequest> authenticationManagerResolver() {
+    public ReactiveAuthenticationManagerResolver<ServerHttpRequest> resolver() {
        return request -> {
            if (request
              .getPath()
              .subPath(0)
              .value()
-              .startsWith("/employee")) return Mono.just(employeesAuthenticationManager());
+              .startsWith("/employee"))
+                return Mono.just(employeesAuthenticationManager());
            return Mono.just(customersAuthenticationManager());
        };
    }
@ -55,7 +55,11 @@ public class AuthResolverSecurityConfig {
          .switchIfEmpty(Mono.error(new UsernameNotFoundException(authentication
            .getPrincipal()
            .toString())))
-          .map(b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))));
+          .map(b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(),
+              authentication.getCredentials(),
+              Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
+            )
+          );
    }

    public ReactiveAuthenticationManager employeesAuthenticationManager() {
@ -63,7 +67,12 @@ public class AuthResolverSecurityConfig {
          .switchIfEmpty(Mono.error(new UsernameNotFoundException(authentication
            .getPrincipal()
            .toString())))
-          .map(b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))));
+          .map(
+            b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(),
+              authentication.getCredentials(),
+              Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
+            )
+          );
    }

    public Mono<String> customer(Authentication authentication) {
--- a/spring-5-reactive-security/src/test/java/com/baeldung/reactive/authresolver/AuthResolverIntegrationTest.java
+++ b/spring-5-reactive-security/src/test/java/com/baeldung/reactive/authresolver/AuthResolverIntegrationTest.java
@ -14,7 +14,8 @@ import org.springframework.util.Base64Utils;
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, classes = AuthResolverApplication.class)
@FixMethodOrder(MethodSorters.NAME_ASCENDING)
 public class AuthResolverIntegrationTest {
-    @Autowired private WebTestClient testClient;
+    @Autowired
+    private WebTestClient testClient;

    @Test
    public void givenCustomerCredential_whenWelcomeCustomer_thenExpectOk() {
--- a/spring-5-security/src/main/java/com/baeldung/authresolver/AuthResolverWebSecurityConfigurer.java
+++ b/spring-5-security/src/main/java/com/baeldung/authresolver/AuthResolverWebSecurityConfigurer.java
@ -1,12 +1,11 @@
 package com.baeldung.authresolver;

-import java.util.Arrays;
+import java.util.Collections;
 import javax.servlet.http.HttpServletRequest;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.AuthenticationManagerResolver;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.Authentication;
@ -18,17 +17,18 @@ import org.springframework.security.web.authentication.www.BasicAuthenticationCo
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

@Configuration
-public class AuthResolverWebSecurityConfigurer extends WebSecurityConfigurerAdapter {
+public class CustomWebSecurityConfigurer extends WebSecurityConfigurerAdapter {

    public AuthenticationConverter authenticationConverter() {
        return new BasicAuthenticationConverter();
    }

-    public AuthenticationManagerResolver<HttpServletRequest> authenticationManagerResolver() {
+    public AuthenticationManagerResolver<HttpServletRequest> resolver() {
        return request -> {
            if (request
              .getPathInfo()
-              .startsWith("/employee")) return employeesAuthenticationManager();
+              .startsWith("/employee"))
+                return employeesAuthenticationManager();
            return customersAuthenticationManager();
        };
    }
@ -36,7 +36,11 @@ public class AuthResolverWebSecurityConfigurer extends WebSecurityConfigurerAdap
    public AuthenticationManager customersAuthenticationManager() {
        return authentication -> {
            if (isCustomer(authentication)) {
-                return new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), Arrays.asList(new SimpleGrantedAuthority("ROLE_USER")));
+                return new UsernamePasswordAuthenticationToken(
+                  authentication.getPrincipal(),
+                  authentication.getCredentials(),
+                  Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
+                );
            }
            throw new UsernameNotFoundException(authentication
              .getPrincipal()
@ -44,31 +48,35 @@ public class AuthResolverWebSecurityConfigurer extends WebSecurityConfigurerAdap
        };
    }

-    public boolean isCustomer(Authentication authentication) {
+    private boolean isCustomer(Authentication authentication) {
        return (authentication
          .getPrincipal()
          .toString()
          .startsWith("customer"));
    }

-    public boolean isEmployee(Authentication authentication) {
+    private boolean isEmployee(Authentication authentication) {
        return (authentication
          .getPrincipal()
          .toString()
          .startsWith("employee"));
    }

-    public AuthenticationFilter authenticationFilter(AuthenticationManagerResolver<HttpServletRequest> resolver, AuthenticationConverter converter) {
-        AuthenticationFilter ret = new AuthenticationFilter(resolver, converter);
-        ret.setSuccessHandler((httpServletRequest, httpServletResponse, authentication) -> {
-        });
+    private AuthenticationFilter authenticationFilter() {
+        AuthenticationFilter ret = new AuthenticationFilter(
+          resolver(), authenticationConverter());
+        ret.setSuccessHandler((request, response, auth) -> {});
        return ret;
    }

-    public AuthenticationManager employeesAuthenticationManager() {
+    private AuthenticationManager employeesAuthenticationManager() {
        return authentication -> {
            if (isEmployee(authentication)) {
-                return new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), Arrays.asList(new SimpleGrantedAuthority("ROLE_USER")));
+                return new UsernamePasswordAuthenticationToken(
+                  authentication.getPrincipal(),
+                  authentication.getCredentials(),
+                  Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
+                );
            }
            throw new UsernameNotFoundException(authentication
              .getPrincipal()
@ -77,16 +85,11 @@ public class AuthResolverWebSecurityConfigurer extends WebSecurityConfigurerAdap
    }

    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http
-          .addFilterBefore(
-          authenticationFilter(
-            authenticationManagerResolver(), authenticationConverter()),
-          BasicAuthenticationFilter.class);
+    protected void configure(HttpSecurity http) {
+        http.addFilterBefore(
+          authenticationFilter(),
+          BasicAuthenticationFilter.class
+        );
    }

-    @Override
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        super.configure(auth);
-    }
 }
--- a/spring-5-security/src/test/java/com/baeldung/authresolver/AuthResolverIntegrationTest.java
+++ b/spring-5-security/src/test/java/com/baeldung/authresolver/AuthResolverIntegrationTest.java
@ -23,9 +23,11 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
@FixMethodOrder(MethodSorters.NAME_ASCENDING)
 public class AuthResolverIntegrationTest {

-    @Autowired private FilterChainProxy springSecurityFilterChain;
+    @Autowired
+    private FilterChainProxy springSecurityFilterChain;

-    @Autowired private WebApplicationContext wac;
+    @Autowired
+    private WebApplicationContext wac;

    private MockMvc mockMvc;