Inicio Explorar Axuda
Rexistro Iniciar sesión
github
/
spring-security
réplica de https://github.com/spring-projects/spring-security
2
0
Fork 0
Ficheiros Incidencias 0 Wiki
Explorar o código

Lazily Create Throwables

Fixes: gh-5040
Rob Winch %!s(int64=7) %!d(string=hai) anos
pai
bb59733736
achega
8d75554b6b
Modificáronse 4 ficheiros con 5 adicións e 5 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 1 1
      core/src/main/java/org/springframework/security/access/prepost/PrePostAdviceReactiveMethodInterceptor.java
  2. 1 1
      core/src/main/java/org/springframework/security/authentication/UserDetailsRepositoryReactiveAuthenticationManager.java
  3. 1 1
      core/src/main/java/org/springframework/security/authorization/ReactiveAuthorizationManager.java
  4. 2 2
      web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java

+ 1 - 1
core/src/main/java/org/springframework/security/access/prepost/PrePostAdviceReactiveMethodInterceptor.java
Ver ficheiro 

@@ -76,7 +76,7 @@ public class PrePostAdviceReactiveMethodInterceptor implements MethodInterceptor
 
 			.map(SecurityContext::getAuthentication)
 
 			.defaultIfEmpty(this.anonymous)
 
 			.filter( auth -> this.preInvocationAdvice.before(auth, invocation, preAttr))
 
-			.switchIfEmpty(Mono.error(new AccessDeniedException("Denied")));
 
+			.switchIfEmpty(Mono.defer(() -> Mono.error(new AccessDeniedException("Denied"))));
 
 
 
 		PostInvocationAttribute attr = findPostInvocationAttribute(attributes);

+ 1 - 1
core/src/main/java/org/springframework/security/authentication/UserDetailsRepositoryReactiveAuthenticationManager.java
Ver ficheiro 

@@ -45,7 +45,7 @@ public class UserDetailsRepositoryReactiveAuthenticationManager implements React
 
 		return this.userDetailsService.findByUsername(username)
 
 				.publishOn(Schedulers.parallel())
 
 				.filter( u -> this.passwordEncoder.matches((String) authentication.getCredentials(), u.getPassword()))
 
-				.switchIfEmpty(  Mono.error(new BadCredentialsException("Invalid Credentials")) )
 
+				.switchIfEmpty(Mono.defer(() -> Mono.error(new BadCredentialsException("Invalid Credentials"))))
 
 				.map( u -> new UsernamePasswordAuthenticationToken(u, u.getPassword(), u.getAuthorities()) );
 
 	}

+ 1 - 1
core/src/main/java/org/springframework/security/authorization/ReactiveAuthorizationManager.java
Ver ficheiro 

@@ -50,7 +50,7 @@ public interface ReactiveAuthorizationManager<T> {
 
 	default Mono<Void> verify(Mono<Authentication> authentication, T object) {
 
 		return check(authentication, object)
 
 			.filter( d -> d.isGranted())
 
-			.switchIfEmpty( Mono.error(new AccessDeniedException("Access Denied")) )
 
+			.switchIfEmpty(Mono.defer(() -> Mono.error(new AccessDeniedException("Access Denied"))))
 
 			.flatMap( d -> Mono.empty() );
 
 	}
 
 }

+ 2 - 2
web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java
Ver ficheiro 

@@ -95,9 +95,9 @@ public class CsrfWebFilter implements WebFilter {
 
 
 	private Mono<Void> validateToken(ServerWebExchange exchange) {
 
 		return this.csrfTokenRepository.loadToken(exchange)
 
-			.switchIfEmpty(Mono.error(new CsrfException("CSRF Token has been associated to this client")))
 
+			.switchIfEmpty(Mono.defer(() -> Mono.error(new CsrfException("CSRF Token has been associated to this client"))))
 
 			.filterWhen(expected -> containsValidCsrfToken(exchange, expected))
 
-			.switchIfEmpty(Mono.error(new CsrfException("Invalid CSRF Token")))
 
+			.switchIfEmpty(Mono.defer(() -> Mono.error(new CsrfException("Invalid CSRF Token"))))
 
 			.then();
 
 	}