first commit

2020-08-03 12:46:26 +01:00 · 2020-08-03 12:46:26 +01:00 · ebb836524d
parent 80091e154a
commit ebb836524d
5 changed files with 101 additions and 1 deletions
--- a/spring-5-security/src/main/java/com/baeldung/logoutredirects/LogoutApplication.java
+++ b/spring-5-security/src/main/java/com/baeldung/logoutredirects/LogoutApplication.java
@ -0,0 +1,13 @@
+package com.baeldung.logoutredirects;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class LogoutApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(LogoutApplication.class, args);
+    }
+
+}
--- a/spring-5-security/src/main/java/com/baeldung/logoutredirects/controller/RestApiController.java
+++ b/spring-5-security/src/main/java/com/baeldung/logoutredirects/controller/RestApiController.java
@ -0,0 +1,20 @@
+package com.baeldung.logoutredirects.controller;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class RestApiController {
+
+    @GetMapping("/login")
+    public String login() {
+        return "login";
+    }
+
+    @PostMapping("/logout")
+    public String logout() {
+        return "redirect:/login";
+    }
+
+}
--- a/spring-5-security/src/main/java/com/baeldung/logoutredirects/securityconfig/SpringSecurityConfig.java
+++ b/spring-5-security/src/main/java/com/baeldung/logoutredirects/securityconfig/SpringSecurityConfig.java
@ -0,0 +1,27 @@
+package com.baeldung.logoutredirects.securityconfig;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests(authz -> authz.mvcMatchers("/login")
+            .permitAll()
+            .anyRequest()
+            .authenticated())
+            .logout(logout -> logout.permitAll()
+                .logoutSuccessHandler((request, response, authentication) -> {
+                    response.setStatus(HttpServletResponse.SC_OK);
+                }));
+
+    }
+
+}
--- a/spring-5-security/src/main/resources/application.properties
+++ b/spring-5-security/src/main/resources/application.properties
@ -3,3 +3,5 @@ server.port=8081
 logging.level.root=INFO

 logging.level.com.baeldung.dsl.ClientErrorLoggingFilter=DEBUG
+
+logging.level.org.springframework.security=DEBUG
--- a/spring-5-security/src/test/java/com/baeldung/authresolver/logoutredirects/LogoutApplicationUnitTest.java
+++ b/spring-5-security/src/test/java/com/baeldung/authresolver/logoutredirects/LogoutApplicationUnitTest.java
@ -0,0 +1,38 @@
+package com.baeldung.authresolver.logoutredirects;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.web.servlet.MockMvc;
+
+import com.baeldung.logoutredirects.securityconfig.SpringSecurityConfig;
+
+import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
+import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
+
+@RunWith(SpringRunner.class)
+@WebMvcTest()
+@ContextConfiguration(classes = { SpringSecurityConfig.class })
+public class LogoutApplicationUnitTest {
+
+    @Autowired
+    private MockMvc mockMvc;
+
+    @WithMockUser(value = "spring")
+    @Test
+    public void whenLogout_thenDisableRedirect() throws Exception {
+
+        this.mockMvc.perform(post("/logout").with(csrf()))
+            .andExpect(status().isOk())
+            .andExpect(jsonPath("$").doesNotExist())
+            .andExpect(unauthenticated())
+            .andReturn();
+    }
+
+}