首页 发现 帮助
注册 登录
github
/
spring-security
镜像自地址 https://github.com/spring-projects/spring-security
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

BearerTokenServerAuthenticationEntryPoint waits for subscriber

Fixes: gh-5742
Rob Winch 7 年之前
父节点
362c2ef1f2
当前提交
713e1e3356
共有 2 个文件被更改,包括 18 次插入8 次删除
分列视图 显示文件统计
  1. 10 8
      oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/server/BearerTokenServerAuthenticationEntryPoint.java
  2. 8 0
      oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/web/server/BearerTokenServerAuthenticationEntryPointTests.java

+ 10 - 8
oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/server/BearerTokenServerAuthenticationEntryPoint.java
查看文件 

@@ -58,14 +58,16 @@ public final class BearerTokenServerAuthenticationEntryPoint implements
 
 
 	@Override
 
 	public Mono<Void> commence(ServerWebExchange exchange, AuthenticationException authException) {
 
-		HttpStatus status = getStatus(authException);
 
-
 
-		Map<String, String> parameters = createParameters(authException);
 
-		String wwwAuthenticate = computeWWWAuthenticateHeaderValue(parameters);
 
-		ServerHttpResponse response = exchange.getResponse();
 
-		response.getHeaders().set(HttpHeaders.WWW_AUTHENTICATE, wwwAuthenticate);
 
-		response.setStatusCode(status);
 
-		return response.setComplete();
 
+		return Mono.defer(() -> {
 
+			HttpStatus status = getStatus(authException);
 
+
 
+			Map<String, String> parameters = createParameters(authException);
 
+			String wwwAuthenticate = computeWWWAuthenticateHeaderValue(parameters);
 
+			ServerHttpResponse response = exchange.getResponse();
 
+			response.getHeaders().set(HttpHeaders.WWW_AUTHENTICATE, wwwAuthenticate);
 
+			response.setStatusCode(status);
 
+			return response.setComplete();
 
+		});
 
 	}
 
 
 	private Map<String, String> createParameters(AuthenticationException authException) {

+ 8 - 0
oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/web/server/BearerTokenServerAuthenticationEntryPointTests.java
查看文件 

@@ -91,6 +91,14 @@ public class BearerTokenServerAuthenticationEntryPointTests {
 
 		assertThat(getResponse().getStatusCode()).isEqualTo(HttpStatus.BAD_REQUEST);
 
 	}
 
 
+	@Test
 
+	public void commenceWhenNoSubscriberThenNothingHappens() {
 
+		this.entryPoint.commence(this.exchange, new BadCredentialsException(""));
 
+
 
+		assertThat(getResponse().getHeaders()).isEmpty();
 
+		assertThat(getResponse().getStatusCode()).isNull();
 
+	}
 
+
 
 	private MockServerHttpResponse getResponse() {
 
 		return this.exchange.getResponse();
 
 	}