Merge pull request #9479 from musibs/KTLN-131
KTLN-131 Kotlin Spring Security DSL Initial Commit
This commit is contained in:
rpvilao
GitHub
commit
7626e7f0ca
|
|
@ -40,6 +40,7 @@
|
|||
<module>spring-security-stormpath</module>
|
||||
<module>spring-security-thymeleaf</module>
|
||||
<module>spring-security-x509</module>
|
||||
<module>spring-security-kotlin-dsl</module>
|
||||
</modules>
|
||||
|
||||
</project>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,86 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<parent>
|
||||
<groupId>com.baeldung</groupId>
|
||||
<artifactId>parent-boot-2</artifactId>
|
||||
<version>0.0.1-SNAPSHOT</version>
|
||||
<relativePath>../../parent-boot-2</relativePath>
|
||||
</parent>
|
||||
|
||||
<groupId>com.baeldung.spring.security.dsl</groupId>
|
||||
<artifactId>spring-security-kotlin-dsl</artifactId>
|
||||
<version>1.0</version>
|
||||
<name>spring-security-kotlin-dsl</name>
|
||||
<description>Spring Security Kotlin DSL</description>
|
||||
|
||||
<properties>
|
||||
<java.version>11</java.version>
|
||||
<kotlin.version>1.3.72</kotlin.version>
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-security</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-web</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.module</groupId>
|
||||
<artifactId>jackson-module-kotlin</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jetbrains.kotlin</groupId>
|
||||
<artifactId>kotlin-reflect</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jetbrains.kotlin</groupId>
|
||||
<artifactId>kotlin-stdlib-jdk8</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.projectlombok</groupId>
|
||||
<artifactId>lombok</artifactId>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-test</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
<sourceDirectory>${project.basedir}/src/main/kotlin</sourceDirectory>
|
||||
<testSourceDirectory>${project.basedir}/src/test/kotlin</testSourceDirectory>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-maven-plugin</artifactId>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.jetbrains.kotlin</groupId>
|
||||
<artifactId>kotlin-maven-plugin</artifactId>
|
||||
<configuration>
|
||||
<args>
|
||||
<arg>-Xjsr305=strict</arg>
|
||||
</args>
|
||||
<compilerPlugins>
|
||||
<plugin>spring</plugin>
|
||||
</compilerPlugins>
|
||||
</configuration>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.jetbrains.kotlin</groupId>
|
||||
<artifactId>kotlin-maven-allopen</artifactId>
|
||||
<version>${kotlin.version}</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</project>
|
||||
|
|
@ -0,0 +1,71 @@
|
|||
package com.baeldung.security.kotlin.dsl
|
||||
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication
|
||||
import org.springframework.boot.runApplication
|
||||
import org.springframework.context.annotation.Configuration
|
||||
import org.springframework.context.support.beans
|
||||
import org.springframework.core.annotation.Order
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
|
||||
import org.springframework.security.config.web.servlet.invoke
|
||||
import org.springframework.security.core.userdetails.User
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager
|
||||
import org.springframework.web.servlet.function.ServerResponse
|
||||
import org.springframework.web.servlet.function.router
|
||||
|
||||
@EnableWebSecurity
|
||||
@SpringBootApplication
|
||||
class SpringSecurityKotlinApplication
|
||||
|
||||
@Order(1)
|
||||
@Configuration
|
||||
class AdminSecurityConfiguration : WebSecurityConfigurerAdapter() {
|
||||
override fun configure(http: HttpSecurity?) {
|
||||
http {
|
||||
authorizeRequests {
|
||||
authorize("/greetings/**", hasAuthority("ROLE_ADMIN"))
|
||||
}
|
||||
httpBasic {}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@Configuration
|
||||
class BasicSecurityConfiguration : WebSecurityConfigurerAdapter() {
|
||||
override fun configure(http: HttpSecurity?) {
|
||||
http {
|
||||
authorizeRequests {
|
||||
authorize("/**", permitAll)
|
||||
}
|
||||
httpBasic {}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
fun main(args: Array<String>) {
|
||||
runApplication<SpringSecurityKotlinApplication>(*args) {
|
||||
addInitializers( beans {
|
||||
bean {
|
||||
fun user(user: String, password: String, vararg roles: String) =
|
||||
User
|
||||
.withDefaultPasswordEncoder()
|
||||
.username(user)
|
||||
.password(password)
|
||||
.roles(*roles)
|
||||
.build()
|
||||
|
||||
InMemoryUserDetailsManager(user("user", "password", "USER")
|
||||
, user("admin", "password", "USER", "ADMIN"))
|
||||
}
|
||||
|
||||
bean {
|
||||
router {
|
||||
GET("/greetings") {
|
||||
request -> request.principal().map { it.name }.map { ServerResponse.ok().body(mapOf("greeting" to "Hello $it")) }.orElseGet { ServerResponse.badRequest().build() }
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,35 @@
|
|||
package com.spring.security.kotlin.dsl
|
||||
|
||||
import org.junit.jupiter.api.Test
|
||||
import org.junit.runner.RunWith
|
||||
import org.springframework.beans.factory.annotation.Autowired
|
||||
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc
|
||||
import org.springframework.boot.test.context.SpringBootTest
|
||||
import org.springframework.security.test.context.support.WithMockUser
|
||||
import org.springframework.test.context.junit4.SpringRunner
|
||||
import org.springframework.test.web.servlet.MockMvc
|
||||
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.*
|
||||
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user
|
||||
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic
|
||||
import org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated
|
||||
import org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated
|
||||
import org.springframework.test.web.servlet.get
|
||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*
|
||||
import org.springframework.test.web.servlet.result.MockMvcResultMatchers.status
|
||||
|
||||
@RunWith(SpringRunner::class)
|
||||
@SpringBootTest
|
||||
@AutoConfigureMockMvc
|
||||
class SpringSecurityKotlinApplicationTests {
|
||||
|
||||
@Autowired
|
||||
private lateinit var mockMvc: MockMvc
|
||||
|
||||
@Test
|
||||
fun `ordinary user not permitted to access the endpoint`() {
|
||||
this.mockMvc
|
||||
.perform(get("/greetings")
|
||||
.with(httpBasic("user", "password")))
|
||||
.andExpect(unauthenticated())
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue