Merge pull request #12321 from hkhan/revert-12277-revert-12265-JAVA-8154-webflux-security

Revert "Revert "[JAVA-8154] Code clean up for reactive security""
This commit is contained in:
kwoyke 2022-06-07 11:24:21 +02:00 committed by GitHub
commit ddb8102cc6
5 changed files with 70 additions and 64 deletions

View File

@ -1,37 +0,0 @@
package com.baeldung.reactive.security;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import reactor.core.publisher.Mono;
import java.security.Principal;
@RestController
public class GreetController {
private GreetService greetService;
public GreetController(GreetService greetService) {
this.greetService = greetService;
}
@GetMapping("/")
public Mono<String> greet(Mono<Principal> principal) {
return principal
.map(Principal::getName)
.map(name -> String.format("Hello, %s", name));
}
@GetMapping("/admin")
public Mono<String> greetAdmin(Mono<Principal> principal) {
return principal
.map(Principal::getName)
.map(name -> String.format("Admin access: %s", name));
}
@GetMapping("/greetService")
public Mono<String> greetService() {
return greetService.greet();
}
}

View File

@ -0,0 +1,37 @@
package com.baeldung.reactive.security;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import reactor.core.publisher.Mono;
import java.security.Principal;
@RestController
public class GreetingController {
private final GreetingService greetingService;
public GreetingController(GreetingService greetingService) {
this.greetingService = greetingService;
}
@GetMapping("/")
public Mono<String> greet(Mono<Principal> principal) {
return principal
.map(Principal::getName)
.map(name -> String.format("Hello, %s", name));
}
@GetMapping("/admin")
public Mono<String> greetAdmin(Mono<Principal> principal) {
return principal
.map(Principal::getName)
.map(name -> String.format("Admin access: %s", name));
}
@GetMapping("/greetingService")
public Mono<String> greetingService() {
return greetingService.greet();
}
}

View File

@ -5,7 +5,7 @@ import org.springframework.stereotype.Service;
import reactor.core.publisher.Mono;
@Service
public class GreetService {
public class GreetingService {
@PreAuthorize("hasRole('ADMIN')")
public Mono<String> greet() {

View File

@ -16,40 +16,37 @@ import org.springframework.security.web.server.SecurityWebFilterChain;
public class SecurityConfig {
@Bean
public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
return http.authorizeExchange()
.pathMatchers("/admin")
.hasAuthority("ROLE_ADMIN")
.anyExchange()
.authenticated()
.and()
.formLogin()
.and()
.csrf()
.disable()
.build();
.pathMatchers("/admin").hasAuthority("ROLE_ADMIN")
.anyExchange().authenticated()
.and()
.formLogin()
.and()
.csrf().disable()
.build();
}
@Bean
public MapReactiveUserDetailsService userDetailsService() {
UserDetails user = User
.withUsername("user")
.password(passwordEncoder().encode("password"))
.roles("USER")
.build();
.withUsername("user")
.password(passwordEncoder().encode("password"))
.roles("USER")
.build();
UserDetails admin = User
.withUsername("admin")
.password(passwordEncoder().encode("password"))
.roles("ADMIN")
.build();
.withUsername("admin")
.password(passwordEncoder().encode("password"))
.roles("ADMIN")
.build();
return new MapReactiveUserDetailsService(user, admin);
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
return new BCryptPasswordEncoder();
}
}

View File

@ -15,23 +15,32 @@ import org.springframework.test.web.reactive.server.WebTestClient;
public class SecurityIntegrationTest {
@Autowired
ApplicationContext context;
private ApplicationContext context;
private WebTestClient rest;
private WebTestClient webTestClient;
@BeforeEach
public void setup() {
this.rest = WebTestClient.bindToApplicationContext(this.context).configureClient().build();
webTestClient = WebTestClient.bindToApplicationContext(context)
.configureClient()
.build();
}
@Test
public void whenNoCredentials_thenRedirectToLogin() {
this.rest.get().uri("/").exchange().expectStatus().is3xxRedirection();
webTestClient.get()
.uri("/")
.exchange()
.expectStatus().is3xxRedirection();
}
@Test
@WithMockUser
public void whenHasCredentials_thenSeesGreeting() {
this.rest.get().uri("/").exchange().expectStatus().isOk().expectBody(String.class).isEqualTo("Hello, user");
webTestClient.get()
.uri("/")
.exchange()
.expectStatus().isOk()
.expectBody(String.class).isEqualTo("Hello, user");
}
}