iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #12265 from hkhan/JAVA-8154-webflux-security 

[JAVA-8154] Code clean up for reactive security
This commit is contained in:
kwoyke 2022-05-27 10:05:14 +02:00 committed by GitHub
parent bacfc3e283 2a854383ca
commit 4abe624ea6
5 changed files with 70 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
spring-reactive/src/main/java/com/baeldung/reactive/security/GreetController.java
View File

@ -1,37 +0,0 @@
package com.baeldung.reactive.security;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import reactor.core.publisher.Mono;
import java.security.Principal;
@RestController
public class GreetController {
private GreetService greetService;
public GreetController(GreetService greetService) {
this.greetService = greetService;
}
@GetMapping("/")
public Mono<String> greet(Mono<Principal> principal) {
return principal
.map(Principal::getName)
.map(name -> String.format("Hello, %s", name));
}
@GetMapping("/admin")
public Mono<String> greetAdmin(Mono<Principal> principal) {
return principal
.map(Principal::getName)
.map(name -> String.format("Admin access: %s", name));
}
@GetMapping("/greetService")
public Mono<String> greetService() {
return greetService.greet();
}
}

37
spring-reactive/src/main/java/com/baeldung/reactive/security/GreetingController.java Normal file
View File

@ -0,0 +1,37 @@
package com.baeldung.reactive.security;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import reactor.core.publisher.Mono;
import java.security.Principal;
@RestController
public class GreetingController {
private final GreetingService greetingService;
public GreetingController(GreetingService greetingService) {
this.greetingService = greetingService;
}
@GetMapping("/")
public Mono<String> greet(Mono<Principal> principal) {
return principal
.map(Principal::getName)
.map(name -> String.format("Hello, %s", name));
}
@GetMapping("/admin")
public Mono<String> greetAdmin(Mono<Principal> principal) {
return principal
.map(Principal::getName)
.map(name -> String.format("Admin access: %s", name));
}
@GetMapping("/greetingService")
public Mono<String> greetingService() {
return greetingService.greet();
}
}

2
spring-reactive/src/main/java/com/baeldung/reactive/security/GreetService.java → spring-reactive/src/main/java/com/baeldung/reactive/security/GreetingService.java
View File

@ -5,7 +5,7 @@ import org.springframework.stereotype.Service;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
@Service @Service
public class GreetService { public class GreetingService {
@PreAuthorize("hasRole('ADMIN')") @PreAuthorize("hasRole('ADMIN')")
public Mono<String> greet() { public Mono<String> greet() {

39
spring-reactive/src/main/java/com/baeldung/reactive/security/SecurityConfig.java
View File

@ -16,40 +16,37 @@ import org.springframework.security.web.server.SecurityWebFilterChain;
public class SecurityConfig { public class SecurityConfig {
@Bean @Bean
public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) { public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
return http.authorizeExchange() return http.authorizeExchange()
.pathMatchers("/admin") .pathMatchers("/admin").hasAuthority("ROLE_ADMIN")
.hasAuthority("ROLE_ADMIN") .anyExchange().authenticated()
.anyExchange() .and()
.authenticated() .formLogin()
.and() .and()
.formLogin() .csrf().disable()
.and() .build();
.csrf()
.disable()
.build();
} }
@Bean @Bean
public MapReactiveUserDetailsService userDetailsService() { public MapReactiveUserDetailsService userDetailsService() {
UserDetails user = User UserDetails user = User
.withUsername("user") .withUsername("user")
.password(passwordEncoder().encode("password")) .password(passwordEncoder().encode("password"))
.roles("USER") .roles("USER")
.build(); .build();
UserDetails admin = User UserDetails admin = User
.withUsername("admin") .withUsername("admin")
.password(passwordEncoder().encode("password")) .password(passwordEncoder().encode("password"))
.roles("ADMIN") .roles("ADMIN")
.build(); .build();
return new MapReactiveUserDetailsService(user, admin); return new MapReactiveUserDetailsService(user, admin);
} }
@Bean @Bean
public PasswordEncoder passwordEncoder() { public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(); return new BCryptPasswordEncoder();
} }
} }

19
spring-reactive/src/test/java/com/baeldung/reactive/security/SecurityIntegrationTest.java
View File

@ -15,23 +15,32 @@ import org.springframework.test.web.reactive.server.WebTestClient;
public class SecurityIntegrationTest { public class SecurityIntegrationTest {
@Autowired @Autowired
ApplicationContext context; private ApplicationContext context;
private WebTestClient rest; private WebTestClient webTestClient;
@BeforeEach @BeforeEach
public void setup() { public void setup() {
this.rest = WebTestClient.bindToApplicationContext(this.context).configureClient().build(); webTestClient = WebTestClient.bindToApplicationContext(context)
.configureClient()
.build();
} }
@Test @Test
public void whenNoCredentials_thenRedirectToLogin() { public void whenNoCredentials_thenRedirectToLogin() {
this.rest.get().uri("/").exchange().expectStatus().is3xxRedirection(); webTestClient.get()
.uri("/")
.exchange()
.expectStatus().is3xxRedirection();
} }
@Test @Test
@WithMockUser @WithMockUser
public void whenHasCredentials_thenSeesGreeting() { public void whenHasCredentials_thenSeesGreeting() {
this.rest.get().uri("/").exchange().expectStatus().isOk().expectBody(String.class).isEqualTo("Hello, user"); webTestClient.get()
.uri("/")
.exchange()
.expectStatus().isOk()
.expectBody(String.class).isEqualTo("Hello, user");
} }
} }