|
|
@@ -1,5 +1,5 @@
|
|
|
/*
|
|
|
- * Copyright 2002-2013 the original author or authors.
|
|
|
+ * Copyright 2002-2018 the original author or authors.
|
|
|
*
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
@@ -13,61 +13,67 @@
|
|
|
* See the License for the specific language governing permissions and
|
|
|
* limitations under the License.
|
|
|
*/
|
|
|
-package org.springframework.security.config.annotation.authentication
|
|
|
|
|
|
-import static org.springframework.security.config.annotation.authentication.PasswordEncoderConfigurerConfigs.*
|
|
|
+package org.springframework.security.config.annotation.authentication;
|
|
|
|
|
|
-import javax.sql.DataSource
|
|
|
-
|
|
|
-import org.springframework.context.annotation.Bean
|
|
|
-import org.springframework.context.annotation.Configuration
|
|
|
-import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseBuilder
|
|
|
-import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseType
|
|
|
-import org.springframework.ldap.core.support.BaseLdapPathContextSource;
|
|
|
-import org.springframework.security.authentication.AuthenticationManager
|
|
|
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
|
|
|
-import org.springframework.security.config.annotation.BaseSpringSpec
|
|
|
-import org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer;
|
|
|
+import org.junit.Rule;
|
|
|
+import org.junit.Test;
|
|
|
+import org.springframework.beans.factory.annotation.Autowired;
|
|
|
+import org.springframework.context.annotation.Bean;
|
|
|
+import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseBuilder;
|
|
|
+import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseType;
|
|
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
|
-import org.springframework.security.core.authority.AuthorityUtils
|
|
|
-import org.springframework.security.core.userdetails.User
|
|
|
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
|
|
|
-import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
|
|
|
-import org.springframework.security.provisioning.InMemoryUserDetailsManager
|
|
|
+import org.springframework.security.config.test.SpringTestRule;
|
|
|
+import org.springframework.security.core.userdetails.User;
|
|
|
+import org.springframework.security.core.userdetails.UserDetails;
|
|
|
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
|
|
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
|
|
+import org.springframework.test.web.servlet.MockMvc;
|
|
|
+
|
|
|
+import javax.sql.DataSource;
|
|
|
+
|
|
|
+import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin;
|
|
|
+import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated;
|
|
|
|
|
|
/**
|
|
|
- *
|
|
|
* @author Rob Winch
|
|
|
- *
|
|
|
*/
|
|
|
-class NamespacePasswordEncoderTests extends BaseSpringSpec {
|
|
|
- def "password-encoder@ref with in memory"() {
|
|
|
- when:
|
|
|
- loadConfig(PasswordEncoderWithInMemoryConfig)
|
|
|
- then:
|
|
|
- authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("user", "password"))
|
|
|
+public class NamespacePasswordEncoderTests {
|
|
|
+
|
|
|
+ @Rule
|
|
|
+ public final SpringTestRule spring = new SpringTestRule();
|
|
|
+
|
|
|
+ @Autowired
|
|
|
+ private MockMvc mockMvc;
|
|
|
+
|
|
|
+ @Test
|
|
|
+ public void passwordEncoderRefWithInMemory() throws Exception {
|
|
|
+ this.spring.register(PasswordEncoderWithInMemoryConfig.class).autowire();
|
|
|
+
|
|
|
+ this.mockMvc.perform(formLogin())
|
|
|
+ .andExpect(authenticated());
|
|
|
}
|
|
|
|
|
|
@EnableWebSecurity
|
|
|
static class PasswordEncoderWithInMemoryConfig extends WebSecurityConfigurerAdapter {
|
|
|
@Override
|
|
|
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
|
|
-
|
|
|
- BCryptPasswordEncoder encoder = new BCryptPasswordEncoder()
|
|
|
+ BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
|
|
|
auth
|
|
|
.inMemoryAuthentication()
|
|
|
- .withUser("user").password(encoder.encode("password")).roles("USER").and()
|
|
|
- .passwordEncoder(encoder)
|
|
|
+ .withUser("user").password(encoder.encode("password")).roles("USER").and()
|
|
|
+ .passwordEncoder(encoder);
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- def "password-encoder@ref with jdbc"() {
|
|
|
- when:
|
|
|
- loadConfig(PasswordEncoderWithJdbcConfig)
|
|
|
- then:
|
|
|
- authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("user", "password"))
|
|
|
+ @Test
|
|
|
+ public void passwordEncoderRefWithJdbc() throws Exception {
|
|
|
+ this.spring.register(PasswordEncoderWithJdbcConfig.class).autowire();
|
|
|
+
|
|
|
+ this.mockMvc.perform(formLogin())
|
|
|
+ .andExpect(authenticated());
|
|
|
}
|
|
|
|
|
|
@EnableWebSecurity
|
|
|
@@ -75,45 +81,49 @@ class NamespacePasswordEncoderTests extends BaseSpringSpec {
|
|
|
@Override
|
|
|
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
|
|
|
|
|
- BCryptPasswordEncoder encoder = new BCryptPasswordEncoder()
|
|
|
+ BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
|
|
|
auth
|
|
|
.jdbcAuthentication()
|
|
|
- .withDefaultSchema()
|
|
|
- .dataSource(dataSource())
|
|
|
- .withUser("user").password(encoder.encode("password")).roles("USER").and()
|
|
|
- .passwordEncoder(encoder)
|
|
|
+ .withDefaultSchema()
|
|
|
+ .dataSource(dataSource())
|
|
|
+ .withUser("user").password(encoder.encode("password")).roles("USER").and()
|
|
|
+ .passwordEncoder(encoder);
|
|
|
}
|
|
|
|
|
|
@Bean
|
|
|
public DataSource dataSource() {
|
|
|
- EmbeddedDatabaseBuilder builder = new EmbeddedDatabaseBuilder()
|
|
|
+ EmbeddedDatabaseBuilder builder = new EmbeddedDatabaseBuilder();
|
|
|
return builder.setType(EmbeddedDatabaseType.HSQL).build();
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- def "password-encoder@ref with userdetailsservice"() {
|
|
|
- when:
|
|
|
- loadConfig(PasswordEncoderWithUserDetailsServiceConfig)
|
|
|
- then:
|
|
|
- authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("user", "password"))
|
|
|
+ @Test
|
|
|
+ public void passwordEncoderRefWithUserDetailsService() throws Exception {
|
|
|
+ this.spring.register(PasswordEncoderWithUserDetailsServiceConfig.class).autowire();
|
|
|
+
|
|
|
+ this.mockMvc.perform(formLogin())
|
|
|
+ .andExpect(authenticated());
|
|
|
}
|
|
|
|
|
|
@EnableWebSecurity
|
|
|
static class PasswordEncoderWithUserDetailsServiceConfig extends WebSecurityConfigurerAdapter {
|
|
|
@Override
|
|
|
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
|
|
-
|
|
|
- BCryptPasswordEncoder encoder = new BCryptPasswordEncoder()
|
|
|
- User user = new User("user",encoder.encode("password"), AuthorityUtils.createAuthorityList("ROLE_USER"))
|
|
|
- InMemoryUserDetailsManager uds = new InMemoryUserDetailsManager([user])
|
|
|
+ BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
|
|
|
+ UserDetails user = User.withUsername("user")
|
|
|
+ .passwordEncoder(encoder::encode)
|
|
|
+ .password("password")
|
|
|
+ .roles("USER")
|
|
|
+ .build();
|
|
|
+ InMemoryUserDetailsManager uds = new InMemoryUserDetailsManager(user);
|
|
|
auth
|
|
|
.userDetailsService(uds)
|
|
|
- .passwordEncoder(encoder)
|
|
|
+ .passwordEncoder(encoder);
|
|
|
}
|
|
|
|
|
|
@Bean
|
|
|
public DataSource dataSource() {
|
|
|
- EmbeddedDatabaseBuilder builder = new EmbeddedDatabaseBuilder()
|
|
|
+ EmbeddedDatabaseBuilder builder = new EmbeddedDatabaseBuilder();
|
|
|
return builder.setType(EmbeddedDatabaseType.HSQL).build();
|
|
|
}
|
|
|
}
|
Rob Winch