@Test public void getJwtDecoderWhenTwoBeansWiredAndDslWiredThenDslTakesPrecedence() { GenericWebApplicationContext context = autowireWebServerGenericWebApplicationContext(); ServerHttpSecurity http = new ServerHttpSecurity(); http.setApplicationContext(context); ReactiveJwtDecoder beanWiredJwtDecoder = mock(ReactiveJwtDecoder.class); ReactiveJwtDecoder dslWiredJwtDecoder = mock(ReactiveJwtDecoder.class); context.registerBean("firstJwtDecoder", ReactiveJwtDecoder.class, () -> beanWiredJwtDecoder); context.registerBean("secondJwtDecoder", ReactiveJwtDecoder.class, () -> beanWiredJwtDecoder); ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec jwt = http.oauth2ResourceServer().jwt(); jwt.jwtDecoder(dslWiredJwtDecoder); assertThat(jwt.getJwtDecoder()).isEqualTo(dslWiredJwtDecoder); }
protected void configure(ServerHttpSecurity http) { ServerBearerTokenAuthenticationConverter bearerTokenConverter = new ServerBearerTokenAuthenticationConverter(); this.bearerTokenServerWebExchangeMatcher.setBearerTokenConverter(bearerTokenConverter); registerDefaultAccessDeniedHandler(http); registerDefaultAuthenticationEntryPoint(http); registerDefaultCsrfOverride(http); ReactiveAuthenticationManager authenticationManager = getAuthenticationManager(); AuthenticationWebFilter oauth2 = new AuthenticationWebFilter(authenticationManager); oauth2.setServerAuthenticationConverter(bearerTokenConverter); oauth2.setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint)); http .addFilterAt(oauth2, SecurityWebFiltersOrder.AUTHENTICATION); }
protected void configure(ServerHttpSecurity http) { if (this.jwt != null) { this.jwt.configure(http); } }
public JwtSpec jwt() { if (this.jwt == null) { this.jwt = new JwtSpec(); } return this.jwt; }
private ReactiveAuthenticationManager getAuthenticationManager() { if (this.authenticationManager != null) { return this.authenticationManager; } ReactiveJwtDecoder jwtDecoder = getJwtDecoder(); Converter<Jwt, ? extends Mono<? extends AbstractAuthenticationToken>> jwtAuthenticationConverter = getJwtAuthenticationConverter(); JwtReactiveAuthenticationManager authenticationManager = new JwtReactiveAuthenticationManager(jwtDecoder); authenticationManager.setJwtAuthenticationConverter(jwtAuthenticationConverter); return authenticationManager; }
protected void configure(ServerHttpSecurity http) { ServerBearerTokenAuthenticationConverter bearerTokenConverter = new ServerBearerTokenAuthenticationConverter(); this.bearerTokenServerWebExchangeMatcher.setBearerTokenConverter(bearerTokenConverter); registerDefaultAccessDeniedHandler(http); registerDefaultAuthenticationEntryPoint(http); registerDefaultCsrfOverride(http); ReactiveAuthenticationManager authenticationManager = getAuthenticationManager(); AuthenticationWebFilter oauth2 = new AuthenticationWebFilter(authenticationManager); oauth2.setServerAuthenticationConverter(bearerTokenConverter); oauth2.setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint)); http .addFilterAt(oauth2, SecurityWebFiltersOrder.AUTHENTICATION); }
protected void configure(ServerHttpSecurity http) { if (this.jwt != null) { this.jwt.configure(http); } }
private ReactiveAuthenticationManager getAuthenticationManager() { if (this.authenticationManager != null) { return this.authenticationManager; } ReactiveJwtDecoder jwtDecoder = getJwtDecoder(); Converter<Jwt, ? extends Mono<? extends AbstractAuthenticationToken>> jwtAuthenticationConverter = getJwtAuthenticationConverter(); JwtReactiveAuthenticationManager authenticationManager = new JwtReactiveAuthenticationManager(jwtDecoder); authenticationManager.setJwtAuthenticationConverter(jwtAuthenticationConverter); return authenticationManager; }
public JwtSpec jwt() { if (this.jwt == null) { this.jwt = new JwtSpec(); } return this.jwt; }
protected void configure(ServerHttpSecurity http) { if (this.jwt != null) { this.jwt.configure(http); } }
public JwtSpec jwt() { if (this.jwt == null) { this.jwt = new JwtSpec(); } return this.jwt; }
@Test public void getJwtDecoderWhenBeanWiredAndDslWiredThenDslTakesPrecedence() { GenericWebApplicationContext context = autowireWebServerGenericWebApplicationContext(); ServerHttpSecurity http = new ServerHttpSecurity(); http.setApplicationContext(context); ReactiveJwtDecoder beanWiredJwtDecoder = mock(ReactiveJwtDecoder.class); ReactiveJwtDecoder dslWiredJwtDecoder = mock(ReactiveJwtDecoder.class); context.registerBean(ReactiveJwtDecoder.class, () -> beanWiredJwtDecoder); ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec jwt = http.oauth2ResourceServer().jwt(); jwt.jwtDecoder(dslWiredJwtDecoder); assertThat(jwt.getJwtDecoder()).isEqualTo(dslWiredJwtDecoder); }
private ReactiveAuthenticationManager getAuthenticationManager() { if (this.authenticationManager != null) { return this.authenticationManager; } ReactiveJwtDecoder jwtDecoder = getJwtDecoder(); Converter<Jwt, ? extends Mono<? extends AbstractAuthenticationToken>> jwtAuthenticationConverter = getJwtAuthenticationConverter(); JwtReactiveAuthenticationManager authenticationManager = new JwtReactiveAuthenticationManager(jwtDecoder); authenticationManager.setJwtAuthenticationConverter(jwtAuthenticationConverter); return authenticationManager; }
protected void configure(ServerHttpSecurity http) { this.bearerTokenServerWebExchangeMatcher.setBearerTokenConverter(bearerTokenConverter); registerDefaultAccessDeniedHandler(http); registerDefaultAuthenticationEntryPoint(http); registerDefaultCsrfOverride(http); ReactiveAuthenticationManager authenticationManager = getAuthenticationManager(); AuthenticationWebFilter oauth2 = new AuthenticationWebFilter(authenticationManager); oauth2.setServerAuthenticationConverter(bearerTokenConverter); oauth2.setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint)); http .addFilterAt(oauth2, SecurityWebFiltersOrder.AUTHENTICATION); }
@Test public void getJwtDecoderWhenNoBeansAndNoDslWiredThenWiringException() { GenericWebApplicationContext context = autowireWebServerGenericWebApplicationContext(); ServerHttpSecurity http = new ServerHttpSecurity(); http.setApplicationContext(context); ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec jwt = http.oauth2ResourceServer().jwt(); assertThatCode(() -> jwt.getJwtDecoder()) .isInstanceOf(NoSuchBeanDefinitionException.class); }
@Test public void getJwtDecoderWhenTwoBeansWiredThenThrowsWiringException() { GenericWebApplicationContext context = autowireWebServerGenericWebApplicationContext(); ServerHttpSecurity http = new ServerHttpSecurity(); http.setApplicationContext(context); ReactiveJwtDecoder beanWiredJwtDecoder = mock(ReactiveJwtDecoder.class); context.registerBean("firstJwtDecoder", ReactiveJwtDecoder.class, () -> beanWiredJwtDecoder); context.registerBean("secondJwtDecoder", ReactiveJwtDecoder.class, () -> beanWiredJwtDecoder); ServerHttpSecurity.OAuth2ResourceServerSpec.JwtSpec jwt = http.oauth2ResourceServer().jwt(); assertThatCode(() -> jwt.getJwtDecoder()) .isInstanceOf(NoUniqueBeanDefinitionException.class); }