@Bean public SecurityWebFilterChain httpSecurity(ServerHttpSecurity http) { return http.build(); } }
@Bean SecurityWebFilterChain springSecurity(ServerHttpSecurity http) { // @formatter:off http .redirectToHttps(); // @formatter:on return http.build(); } }
@Bean SecurityWebFilterChain springSecurity(ServerHttpSecurity http) { http .oauth2Client(); return http.build(); }
@Bean SecurityWebFilterChain springSecurity(ServerHttpSecurity http) { // @formatter:off http .oauth2ResourceServer() .jwt(); // @formatter:on return http.build(); }
private WebTestClient buildClient() { return WebTestClientBuilder .bindToWebFilters(this.http.build()) .build(); } }
@Bean SecurityWebFilterChain springSecurity(ServerHttpSecurity http) { // @formatter:off http .redirectToHttps() .portMapper(portMapper()); // @formatter:on return http.build(); }
@Bean SecurityWebFilterChain springSecurity(ServerHttpSecurity http) { // @formatter:off http .redirectToHttps() .httpsRedirectWhen(new PathPatternParserServerWebExchangeMatcher("/secure")); // @formatter:on return http.build(); } }
@Bean public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) { http .oauth2Client() .authenticationConverter(this.authenticationConverter) .authenticationManager(this.manager); return http.build(); } }
@Order(Ordered.HIGHEST_PRECEDENCE) @Bean public SecurityWebFilterChain apiHttpSecurity( ServerHttpSecurity http) { http.securityMatcher(new PathPatternParserServerWebExchangeMatcher("/api/**")) .authorizeExchange().anyExchange().denyAll(); return http.build(); }
@Bean SecurityWebFilterChain springSecurity(ServerHttpSecurity http) { String jwkSetUri = mockWebServer().url("/.well-known/jwks.json").toString(); // @formatter:off http .oauth2ResourceServer() .jwt() .jwkSetUri(jwkSetUri); // @formatter:on return http.build(); }
@Bean SecurityWebFilterChain springSecurity(ServerHttpSecurity http) { // @formatter:off http .oauth2ResourceServer() .jwt() .authenticationManager(authenticationManager()); // @formatter:on return http.build(); }
private WebTestClient buildClient() { WebFilterChainProxy springSecurityFilterChain = new WebFilterChainProxy( this.http.build()); return WebTestClientBuilder.bindToWebFilters(springSecurityFilterChain).build(); }
@Test(expected = IllegalStateException.class) public void buildWhenMatcherDefinedWithNoAccessThenThrowsException() { this.http .authorizeExchange() .pathMatchers("/incomplete"); this.http.build(); }
@Test @SuppressWarnings("unchecked") public void addFilterAfterIsApplied(){ SecurityWebFilterChain securityWebFilterChain = this.http.addFilterAfter(new TestWebFilter(), SecurityWebFiltersOrder.SECURITY_CONTEXT_SERVER_WEB_EXCHANGE).build(); List filters = securityWebFilterChain.getWebFilters().map(WebFilter::getClass).collectList().block(); assertThat(filters).isNotNull() .isNotEmpty() .containsSequence(SecurityContextServerWebExchangeWebFilter.class, TestWebFilter.class); }
@Test @SuppressWarnings("unchecked") public void addFilterBeforeIsApplied(){ SecurityWebFilterChain securityWebFilterChain = this.http.addFilterBefore(new TestWebFilter(), SecurityWebFiltersOrder.SECURITY_CONTEXT_SERVER_WEB_EXCHANGE).build(); List filters = securityWebFilterChain.getWebFilters().map(WebFilter::getClass).collectList().block(); assertThat(filters).isNotNull() .isNotEmpty() .containsSequence(TestWebFilter.class, SecurityContextServerWebExchangeWebFilter.class); }
@Test public void csrfServerLogoutHandlerNotAppliedIfCsrfIsntEnabled() { SecurityWebFilterChain securityWebFilterChain = this.http.csrf().disable().build(); assertThat(getWebFilter(securityWebFilterChain, CsrfWebFilter.class)) .isNotPresent(); Optional<ServerLogoutHandler> logoutHandler = getWebFilter(securityWebFilterChain, LogoutWebFilter.class) .map(logoutWebFilter -> (ServerLogoutHandler) ReflectionTestUtils.getField(logoutWebFilter, LogoutWebFilter.class, "logoutHandler")); assertThat(logoutHandler) .get() .isExactlyInstanceOf(SecurityContextServerLogoutHandler.class); }
@Bean public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) { // @formatter:off http .authorizeExchange() .anyExchange().authenticated() .and() .oauth2Login() .authenticationConverter(authenticationConverter) .authenticationManager(authenticationManager()); return http.build(); // @formatter:on }
@Bean SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception { // @formatter:off http .authorizeExchange() .anyExchange().hasAuthority("SCOPE_message:read") .and() .oauth2ResourceServer() .bearerTokenConverter(bearerTokenAuthenticationConverter()) .jwt() .publicKey(publicKey()); // @formatter:on return http.build(); }
@Test public void buildWhenServerWebExchangeFromContextThenFound() { SecurityWebFilterChain filter = this.http.build(); WebTestClient client = WebTestClient.bindToController(new SubscriberContextController()) .webFilter(new WebFilterChainProxy(filter)) .build(); client.get().uri("/foo/bar") .exchange() .expectBody(String.class).isEqualTo("/foo/bar"); }
@Test public void anonymous(){ SecurityWebFilterChain securityFilterChain = this.http.anonymous().and().build(); WebTestClient client = WebTestClientBuilder.bindToControllerAndWebFilters(AnonymousAuthenticationWebFilterTests.HttpMeController.class, securityFilterChain).build(); client.get() .uri("/me") .exchange() .expectStatus().isOk() .expectBody(String.class).isEqualTo("anonymousUser"); }