/** * Allows adding a user to the {@link UserDetailsManager} that is being created. This * method can be invoked multiple times to add multiple users. * * @param userBuilder the user to add. Cannot be null. * @return the {@link UserDetailsBuilder} for further customizations */ @SuppressWarnings("unchecked") public final C withUser(User.UserBuilder userBuilder) { this.users.add(userBuilder.build()); return (C) this; }
@Override public Mono<UserDetails> findByUsername(String username) { String key = getKey(username); UserDetails result = users.get(key); return result == null ? Mono.empty() : Mono.just(User.withUserDetails(result).build()); }
@Test public void authenticateWhenSuccessThenSuccess() { UserDetails user = PasswordEncodedUser.withUsername(this.username) .password(this.password) .roles("USER") .build(); when(repository.findByUsername(user.getUsername())).thenReturn(Mono.just(user)); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password); Authentication authentication = manager.authenticate(token).block(); assertThat(authentication).isEqualTo(authentication); }
@Test public void getAuthenticationWhenUserDetailsServiceAndPasswordEncoderBeanThenEncoderUsed() throws Exception { UserDetails user = new User("user", "$2a$10$FBAKClV1zBIOOC9XMXf3AO8RoGXYVYsfvUdoLxGkd/BnXEn4tqT3u", AuthorityUtils.createAuthorityList("ROLE_USER")); this.spring.register(UserDetailsServiceBeanWithPasswordEncoderConfig.class).autowire(); UserDetailsService uds = this.spring.getContext().getBean(UserDetailsService.class); AuthenticationManager am = this.spring.getContext().getBean(AuthenticationConfiguration.class).getAuthenticationManager(); when(uds.loadUserByUsername("user")).thenReturn(User.withUserDetails(user).build(), User.withUserDetails(user).build()); am.authenticate(new UsernamePasswordAuthenticationToken("user", "password")); assertThatThrownBy(() -> am.authenticate(new UsernamePasswordAuthenticationToken("user", "invalid"))) .isInstanceOf(AuthenticationException.class); }
@Test public void withUserDetailsWhenAllEnabled() throws Exception { User expected = new User("rob", "pass", true, true, true, true, ROLE_12); UserDetails actual = User.withUserDetails(expected).build(); assertThat(actual.getUsername()).isEqualTo(expected.getUsername()); assertThat(actual.getPassword()).isEqualTo(expected.getPassword()); assertThat(actual.getAuthorities()).isEqualTo(expected.getAuthorities()); assertThat(actual.isAccountNonExpired()).isEqualTo(expected.isAccountNonExpired()); assertThat(actual.isAccountNonLocked()).isEqualTo(expected.isAccountNonLocked()); assertThat(actual.isCredentialsNonExpired()).isEqualTo(expected.isCredentialsNonExpired()); assertThat(actual.isEnabled()).isEqualTo(expected.isEnabled()); }
@Bean public ReactiveUserDetailsService userDetailsService(PasswordEncoder encoder) { return new MapReactiveUserDetailsService(User.withUsername("user") .password(encoder.encode("password")) .roles("USER") .build() ); }
@Bean public InMemoryUserDetailsManager userDetailsManager() { return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder() .username("user") .password("password") .roles("USER") .build() ); } }
@Bean public InMemoryUserDetailsManager userDetailsManager() { return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder() .username("user") .password("password") .roles("USER") .build() ); } }
@Bean public UserDetailsService userDetailsService() { return new InMemoryUserDetailsManager( org.springframework.security.core.userdetails.User.withDefaultPasswordEncoder() .username("basic-user") .password("basic-password") .roles("USER") .build()); } }
@Test public void withUsernameWhenPasswordAndPasswordEncoderThenEncodes() { UserDetails withEncodedPassword = User.withUsername("user") .passwordEncoder(p -> p + "encoded") .password("password") .roles("USER") .build(); assertThat(withEncodedPassword.getPassword()).isEqualTo("passwordencoded"); }
@Test public void changePasswordWhenUsernameIsNotInLowercase() { UserDetails userNotLowerCase = User.withUserDetails(PasswordEncodedUser.user()) .username("User") .build(); String newPassword = "newPassword"; this.manager.updatePassword(userNotLowerCase, newPassword); assertThat(this.manager.loadUserByUsername(userNotLowerCase.getUsername()).getPassword()).isEqualTo(newPassword); } }
@Test public void withUserDetailsWhenAllDisabled() throws Exception { User expected = new User("rob", "pass", false, false, false, false, ROLE_12); UserDetails actual = User.withUserDetails(expected).build(); assertThat(actual.getUsername()).isEqualTo(expected.getUsername()); assertThat(actual.getPassword()).isEqualTo(expected.getPassword()); assertThat(actual.getAuthorities()).isEqualTo(expected.getAuthorities()); assertThat(actual.isAccountNonExpired()).isEqualTo(expected.isAccountNonExpired()); assertThat(actual.isAccountNonLocked()).isEqualTo(expected.isAccountNonLocked()); assertThat(actual.isCredentialsNonExpired()).isEqualTo(expected.isCredentialsNonExpired()); assertThat(actual.isEnabled()).isEqualTo(expected.isEnabled()); }
@Bean public MapReactiveUserDetailsService userDetailsService() { return new MapReactiveUserDetailsService(User.withUsername("user") .password("{noop}password") .roles("USER") .build() ); } }
@Test public void getAuthenticationWhenUserDetailsServiceAndPasswordManagerThenManagerUsed() throws Exception { UserDetails user = new User("user", "{noop}password", AuthorityUtils.createAuthorityList("ROLE_USER")); this.spring.register(UserDetailsPasswordManagerBeanConfig.class).autowire(); UserDetailsPasswordManagerBeanConfig.Manager manager = this.spring.getContext().getBean(UserDetailsPasswordManagerBeanConfig.Manager.class); AuthenticationManager am = this.spring.getContext().getBean(AuthenticationConfiguration.class).getAuthenticationManager(); when(manager.loadUserByUsername("user")).thenReturn(User.withUserDetails(user).build(), User.withUserDetails(user).build()); when(manager.updatePassword(any(), any())).thenReturn(user); am.authenticate(new UsernamePasswordAuthenticationToken("user", "password")); verify(manager).updatePassword(eq(user), startsWith("{bcrypt}")); }
private void assertLoaded() throws Exception { Collection<UserDetails> users = factory.getObject(); UserDetails expectedUser = User.withUsername("user") .password("password") .authorities("ROLE_USER") .build(); assertThat(users).containsExactly(expectedUser); } }
@Test public void withUsernameWhenPasswordAndPasswordEncoderTwiceThenEncodesOnce() { Function<String, String> encoder = p -> p + "encoded"; UserDetails withEncodedPassword = User.withUsername("user") .passwordEncoder(encoder) .password("password") .passwordEncoder(encoder) .roles("USER") .build(); assertThat(withEncodedPassword.getPassword()).isEqualTo("passwordencoded"); } }
@Test public void withUsernameWhenPasswordEncoderAndPasswordThenEncodes() { UserDetails withEncodedPassword = User.withUsername("user") .password("password") .passwordEncoder(p -> p + "encoded") .roles("USER") .build(); assertThat(withEncodedPassword.getPassword()).isEqualTo("passwordencoded"); }
@Bean public UserDetailsService userDetailsService() { return new InMemoryUserDetailsManager( User.withDefaultPasswordEncoder() .username("user") .password("password") .roles("USER") .build() ); } }
@Bean public UserDetailsService userDetailsService() { return new InMemoryUserDetailsManager( org.springframework.security.core.userdetails.User.withDefaultPasswordEncoder() .username("basic-user") .password("basic-password") .roles("USER") .build()); } }
@Test public void withUserWhenDetailsPasswordEncoderThenEncodes() { UserDetails userDetails = User.withUsername("user").password("password").roles("USER").build(); UserDetails withEncodedPassword = User.withUserDetails(userDetails) .passwordEncoder(p -> p + "encoded") .build(); assertThat(withEncodedPassword.getPassword()).isEqualTo("passwordencoded"); }