Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

AuthenticationWebFilter wraps the ServerWebExchange

Fixes gh-45-25
Rob Winch 8 years ago
parent
8d997fd079
commit
8ce3b08136
2 changed files with 11 additions and 5 deletions
Split View Show Diff Stats
  1. 10 4
      webflux/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java
  2. 1 1
      webflux/src/main/java/org/springframework/security/web/server/context/SecurityContextRepositoryServerWebExchange.java

+ 10 - 4
webflux/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java
View File 

@@ -25,6 +25,7 @@ import org.springframework.security.web.server.AuthenticationEntryPoint;
 
 import org.springframework.security.web.server.HttpBasicAuthenticationConverter;
 
 import org.springframework.security.web.server.authentication.www.HttpBasicAuthenticationEntryPoint;
 
 import org.springframework.security.web.server.context.SecurityContextRepository;
 
+import org.springframework.security.web.server.context.SecurityContextRepositoryServerWebExchange;
 
 import org.springframework.security.web.server.context.ServerWebExchangeAttributeSecurityContextRepository;
 
 import org.springframework.util.Assert;
 
 import org.springframework.web.server.ServerWebExchange;
 
@@ -58,14 +59,19 @@ public class AuthenticationWebFilter implements WebFilter {
 
 
 	@Override
 
 	public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
 
-		return this.authenticationConverter.apply(exchange)
 
-			.switchIfEmpty(Mono.defer(() -> chain.filter(exchange).cast(Authentication.class)))
 
+		ServerWebExchange wrappedExchange = wrap(exchange);
 
+		return this.authenticationConverter.apply(wrappedExchange)
 
+			.switchIfEmpty(Mono.defer(() -> chain.filter(wrappedExchange).cast(Authentication.class)))
 
 			.flatMap( token -> this.authenticationManager.authenticate(token)
 
-				.flatMap(authentication -> onAuthenticationSuccess(authentication, exchange, chain))
 
-				.onErrorResume( AuthenticationException.class, t -> this.entryPoint.commence(exchange, t))
 
+				.flatMap(authentication -> onAuthenticationSuccess(authentication, wrappedExchange, chain))
 
+				.onErrorResume( AuthenticationException.class, t -> this.entryPoint.commence(wrappedExchange, t))
 
 			);
 
 	}
 
 
+	private ServerWebExchange wrap(ServerWebExchange exchange) {
 
+		return new SecurityContextRepositoryServerWebExchange(exchange, this.securityContextRepository);
 
+	}
 
+
 
 	private Mono<Void> onAuthenticationSuccess(Authentication authentication, ServerWebExchange exchange, WebFilterChain chain) {
 
 		SecurityContextImpl securityContext = new SecurityContextImpl();
 
 		securityContext.setAuthentication(authentication);

+ 1 - 1
webflux/src/main/java/org/springframework/security/web/server/context/SecurityContextRepositoryServerWebExchange.java
View File 

@@ -28,7 +28,7 @@ import reactor.core.publisher.Mono;
 
  * @author Rob Winch
 
  * @since 5.0
 
  */
 
-final class SecurityContextRepositoryServerWebExchange extends ServerWebExchangeDecorator {
 
+public class SecurityContextRepositoryServerWebExchange extends ServerWebExchangeDecorator {
 
 	private final SecurityContextRepository repository;
 
 
 	public SecurityContextRepositoryServerWebExchange(ServerWebExchange delegate, SecurityContextRepository repository) {