|
|
@@ -1,5 +1,5 @@
|
|
|
/*
|
|
|
- * Copyright 2002-2021 the original author or authors.
|
|
|
+ * Copyright 2002-2022 the original author or authors.
|
|
|
*
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
@@ -20,7 +20,6 @@ import reactor.core.publisher.Mono;
|
|
|
|
|
|
import org.springframework.context.MessageSource;
|
|
|
import org.springframework.context.MessageSourceAware;
|
|
|
-import org.springframework.context.support.MessageSourceAccessor;
|
|
|
import org.springframework.http.HttpStatus;
|
|
|
import org.springframework.security.access.AccessDeniedException;
|
|
|
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
|
|
|
@@ -29,7 +28,6 @@ import org.springframework.security.authentication.AuthenticationTrustResolverIm
|
|
|
import org.springframework.security.authentication.InsufficientAuthenticationException;
|
|
|
import org.springframework.security.core.Authentication;
|
|
|
import org.springframework.security.core.AuthenticationException;
|
|
|
-import org.springframework.security.core.SpringSecurityMessageSource;
|
|
|
import org.springframework.security.web.server.ServerAuthenticationEntryPoint;
|
|
|
import org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint;
|
|
|
import org.springframework.util.Assert;
|
|
|
@@ -51,8 +49,6 @@ public class ExceptionTranslationWebFilter implements WebFilter, MessageSourceAw
|
|
|
|
|
|
private AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl();
|
|
|
|
|
|
- protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
|
|
|
-
|
|
|
@Override
|
|
|
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
|
|
|
return chain.filter(exchange).onErrorResume(AccessDeniedException.class, (denied) -> exchange.getPrincipal()
|
|
|
@@ -60,8 +56,7 @@ public class ExceptionTranslationWebFilter implements WebFilter, MessageSourceAw
|
|
|
&& !(this.authenticationTrustResolver.isAnonymous((Authentication) principal)))))
|
|
|
.switchIfEmpty(commenceAuthentication(exchange,
|
|
|
new InsufficientAuthenticationException(
|
|
|
- this.messages.getMessage("ExceptionTranslationWebFilter.insufficientAuthentication",
|
|
|
- "Full authentication is required to access this resource"))))
|
|
|
+ "Full authentication is required to access this resource")))
|
|
|
.flatMap((principal) -> this.accessDeniedHandler.handle(exchange, denied)).then());
|
|
|
}
|
|
|
|
|
|
@@ -99,11 +94,10 @@ public class ExceptionTranslationWebFilter implements WebFilter, MessageSourceAw
|
|
|
|
|
|
/**
|
|
|
* @since 5.5
|
|
|
+ * @deprecated This class no longer retrieves error messages from a MessageSource
|
|
|
*/
|
|
|
- @Override
|
|
|
+ @Deprecated
|
|
|
public void setMessageSource(MessageSource messageSource) {
|
|
|
- Assert.notNull(messageSource, "messageSource cannot be null");
|
|
|
- this.messages = new MessageSourceAccessor(messageSource);
|
|
|
}
|
|
|
|
|
|
private <T> Mono<T> commenceAuthentication(ServerWebExchange exchange, AuthenticationException denied) {
|
Eleftheria Stein