7 tahun lalu · afa2d9cbc7
--- a/config/src/test/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurityTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurityTests.java
@@ -68,8 +68,6 @@ import java.security.Principal;
 
				 
			
 
				 import static org.assertj.core.api.Assertions.assertThat;
			
 
				 import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.csrf;
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.Credentials.basicAuthenticationCredentials;
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.basicAuthentication;
			
 
				 
			
 
				 /**
			
 
				  * @author Rob Winch
			
@@ -122,11 +120,10 @@ public class EnableWebFluxSecurityTests {
 
				 
			
 
				 		WebTestClient client = WebTestClientBuilder
			
 
				 			.bindToWebFilters(this.springSecurityFilterChain)
			
 
				-			.filter(basicAuthentication())
			
 
				 			.build();
			
 
				 
			
 
				 		FluxExchangeResult<String> result = client.get()
			
 
				-			.attributes(basicAuthenticationCredentials("user", "password"))
			
 
				+			.headers(headers -> headers.setBasicAuth("user", "password"))
			
 
				 			.exchange()
			
 
				 			.expectStatus()
			
 
				 			.isOk()
			
@@ -171,13 +168,12 @@ public class EnableWebFluxSecurityTests {
 
				 					.flatMap( principal -> exchange.getResponse()
			
 
				 						.writeWith(Mono.just(toDataBuffer(principal.getName()))))
			
 
				 		)
			
 
				-		.filter(basicAuthentication())
			
 
				 		.build();
			
 
				 
			
 
				 		client
			
 
				 			.get()
			
 
				 			.uri("/")
			
 
				-			.attributes(basicAuthenticationCredentials("user", "password"))
			
 
				+			.headers(headers -> headers.setBasicAuth("user", "password"))
			
 
				 			.exchange()
			
 
				 			.expectStatus().isOk()
			
 
				 			.expectBody(String.class).consumeWith( result -> assertThat(result.getResponseBody()).isEqualTo("user"));
			
@@ -208,13 +204,12 @@ public class EnableWebFluxSecurityTests {
 
				 					.flatMap( principal -> exchange.getResponse()
			
 
				 						.writeWith(Mono.just(toDataBuffer(principal.getName()))))
			
 
				 		)
			
 
				-		.filter(basicAuthentication())
			
 
				 		.build();
			
 
				 
			
 
				 		client
			
 
				 			.get()
			
 
				 			.uri("/")
			
 
				-			.attributes(basicAuthenticationCredentials("user", "password"))
			
 
				+			.headers(headers -> headers.setBasicAuth("user", "password"))
			
 
				 			.exchange()
			
 
				 			.expectStatus().isOk()
			
 
				 			.expectBody(String.class).consumeWith( result -> assertThat(result.getResponseBody()).isEqualTo("user"));
			
--- a/config/src/test/java/org/springframework/security/config/web/server/ExceptionHandlingSpecTests.java
+++ b/config/src/test/java/org/springframework/security/config/web/server/ExceptionHandlingSpecTests.java
@@ -25,8 +25,6 @@ import org.springframework.security.web.server.authentication.RedirectServerAuth
 
				 import org.springframework.security.web.server.authorization.HttpStatusServerAccessDeniedHandler;
			
 
				 import org.springframework.security.web.server.authorization.ServerAccessDeniedHandler;
			
 
				 import org.springframework.test.web.reactive.server.WebTestClient;
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.Credentials.basicAuthenticationCredentials;
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.basicAuthentication;
			
 
				 
			
 
				 /**
			
 
				  * @author Denys Ivano
			
@@ -96,13 +94,12 @@ public class ExceptionHandlingSpecTests {
 
				 
			
 
				 		WebTestClient client = WebTestClientBuilder
			
 
				 			.bindToWebFilters(securityWebFilter)
			
 
				-			.filter(basicAuthentication())
			
 
				 			.build();
			
 
				 
			
 
				 		client
			
 
				 			.get()
			
 
				 			.uri("/admin")
			
 
				-			.attributes(basicAuthenticationCredentials("user", "password"))
			
 
				+			.headers(headers -> headers.setBasicAuth("user", "password"))
			
 
				 			.exchange()
			
 
				 			.expectStatus().isForbidden();
			
 
				 	}
			
@@ -122,13 +119,12 @@ public class ExceptionHandlingSpecTests {
 
				 
			
 
				 		WebTestClient client = WebTestClientBuilder
			
 
				 			.bindToWebFilters(securityWebFilter)
			
 
				-			.filter(basicAuthentication())
			
 
				 			.build();
			
 
				 
			
 
				 		client
			
 
				 			.get()
			
 
				 			.uri("/admin")
			
 
				-			.attributes(basicAuthenticationCredentials("user", "password"))
			
 
				+			.headers(headers -> headers.setBasicAuth("user", "password"))
			
 
				 			.exchange()
			
 
				 			.expectStatus().isBadRequest();
			
 
				 	}
			
--- a/config/src/test/java/org/springframework/security/config/web/server/ServerHttpSecurityTests.java
+++ b/config/src/test/java/org/springframework/security/config/web/server/ServerHttpSecurityTests.java
@@ -40,7 +40,6 @@ import static org.assertj.core.api.Assertions.assertThat;
 
				 import static org.mockito.BDDMockito.given;
			
 
				 import static org.mockito.Matchers.any;
			
 
				 import static org.mockito.Mockito.when;
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.basicAuthentication;
			
 
				 
			
 
				 /**
			
 
				  * @author Rob Winch
			
@@ -92,12 +91,9 @@ public class ServerHttpSecurityTests {
 
				 
			
 
				 		WebTestClient client = buildClient();
			
 
				 
			
 
				-		EntityExchangeResult<String> result = client
			
 
				-			.mutate()
			
 
				-			.filter(basicAuthentication("rob", "rob"))
			
 
				-			.build()
			
 
				-			.get()
			
 
				+		EntityExchangeResult<String> result = client.get()
			
 
				 			.uri("/")
			
 
				+			.headers(headers -> headers.setBasicAuth("rob", "rob"))
			
 
				 			.exchange()
			
 
				 			.expectStatus().isOk()
			
 
				 			.expectHeader().valueMatches(HttpHeaders.CACHE_CONTROL, ".+")
			
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveAuthorizationCodeTokenResponseClient.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveAuthorizationCodeTokenResponseClient.java
@@ -23,12 +23,10 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenRespon
 
				 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange;
			
 
				 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse;
			
 
				 import org.springframework.web.reactive.function.BodyInserters;
			
 
				-import org.springframework.web.reactive.function.client.ExchangeFilterFunctions;
			
 
				 import org.springframework.web.reactive.function.client.WebClient;
			
 
				 import reactor.core.publisher.Mono;
			
 
				 
			
 
				 import static org.springframework.security.oauth2.core.web.reactive.function.OAuth2BodyExtractors.oauth2AccessTokenResponse;
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.Credentials.basicAuthenticationCredentials;
			
 
				 
			
 
				 /**
			
 
				  * An implementation of an {@link ReactiveOAuth2AccessTokenResponseClient} that &quot;exchanges&quot;
			
@@ -49,7 +47,6 @@ import static org.springframework.web.reactive.function.client.ExchangeFilterFun
 
				  */
			
 
				 public class WebClientReactiveAuthorizationCodeTokenResponseClient implements ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> {
			
 
				 	private WebClient webClient = WebClient.builder()
			
 
				-			.filter(ExchangeFilterFunctions.basicAuthentication())
			
 
				 			.build();
			
 
				 
			
 
				 	@Override
			
@@ -66,7 +63,7 @@ public class WebClientReactiveAuthorizationCodeTokenResponseClient implements Re
 
				 			return this.webClient.post()
			
 
				 					.uri(tokenUri)
			
 
				 					.accept(MediaType.APPLICATION_JSON)
			
 
				-					.attributes(basicAuthenticationCredentials(clientRegistration.getClientId(), clientRegistration.getClientSecret()))
			
 
				+					.headers(headers -> headers.setBasicAuth(clientRegistration.getClientId(), clientRegistration.getClientSecret()))
			
 
				 					.body(body)
			
 
				 					.exchange()
			
 
				 					.flatMap(response -> response.body(oauth2AccessTokenResponse()))
			
--- a/samples/boot/hellowebflux-method/src/integration-test/java/sample/HelloWebfluxMethodApplicationITests.java
+++ b/samples/boot/hellowebflux-method/src/integration-test/java/sample/HelloWebfluxMethodApplicationITests.java
@@ -15,19 +15,16 @@
 
				  */
			
 
				 package sample;
			
 
				 
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.Credentials.basicAuthenticationCredentials;
			
 
				-
			
 
				-import java.util.Map;
			
 
				 import java.util.function.Consumer;
			
 
				 
			
 
				 import org.junit.Test;
			
 
				 import org.junit.runner.RunWith;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				 import org.springframework.boot.test.context.SpringBootTest;
			
 
				+import org.springframework.http.HttpHeaders;
			
 
				 import org.springframework.http.HttpStatus;
			
 
				 import org.springframework.test.context.junit4.SpringRunner;
			
 
				 import org.springframework.test.web.reactive.server.WebTestClient;
			
 
				-import org.springframework.web.reactive.function.client.ExchangeFilterFunctions;
			
 
				 
			
 
				 /**
			
 
				  * @author Rob Winch
			
@@ -37,13 +34,8 @@ import org.springframework.web.reactive.function.client.ExchangeFilterFunctions;
 
				 @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
			
 
				 public class HelloWebfluxMethodApplicationITests {
			
 
				 
			
 
				-	WebTestClient rest;
			
 
				-
			
 
				 	@Autowired
			
 
				-	public void setRest(WebTestClient rest) {
			
 
				-		this.rest = rest
			
 
				-				.mutateWith((b, h, c) -> b.filter(ExchangeFilterFunctions.basicAuthentication()));
			
 
				-	}
			
 
				+	WebTestClient rest;
			
 
				 
			
 
				 
			
 
				 	@Test
			
@@ -60,7 +52,7 @@ public class HelloWebfluxMethodApplicationITests {
 
				 		this.rest
			
 
				 				.get()
			
 
				 				.uri("/message")
			
 
				-				.attributes(robsCredentials())
			
 
				+				.headers(robsCredentials())
			
 
				 				.exchange()
			
 
				 				.expectStatus().isEqualTo(HttpStatus.FORBIDDEN);
			
 
				 	}
			
@@ -70,18 +62,18 @@ public class HelloWebfluxMethodApplicationITests {
 
				 		this.rest
			
 
				 				.get()
			
 
				 				.uri("/message")
			
 
				-				.attributes(adminCredentials())
			
 
				+				.headers(adminCredentials())
			
 
				 				.exchange()
			
 
				 				.expectStatus().isOk()
			
 
				 				.expectBody(String.class).isEqualTo("Hello World!");
			
 
				 	}
			
 
				 
			
 
				-	private Consumer<Map<String, Object>> robsCredentials() {
			
 
				-		return basicAuthenticationCredentials("rob", "rob");
			
 
				+	private Consumer<HttpHeaders> robsCredentials() {
			
 
				+		return httpHeaders -> httpHeaders.setBasicAuth("rob", "rob");
			
 
				 	}
			
 
				 
			
 
				-	private Consumer<Map<String, Object>> adminCredentials() {
			
 
				-		return basicAuthenticationCredentials("admin", "admin");
			
 
				+	private Consumer<HttpHeaders> adminCredentials() {
			
 
				+		return httpHeaders -> httpHeaders.setBasicAuth("admin", "admin");
			
 
				 	}
			
 
				 }
			
 
				 
			
--- a/samples/boot/hellowebflux-method/src/test/java/sample/HelloWebfluxMethodApplicationTests.java
+++ b/samples/boot/hellowebflux-method/src/test/java/sample/HelloWebfluxMethodApplicationTests.java
@@ -17,10 +17,7 @@ package sample;
 
				 
			
 
				 import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockUser;
			
 
				 import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.springSecurity;
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.basicAuthentication;
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.Credentials.basicAuthenticationCredentials;
			
 
				 
			
 
				-import java.util.Map;
			
 
				 import java.util.function.Consumer;
			
 
				 
			
 
				 import org.junit.Test;
			
@@ -28,6 +25,7 @@ import org.junit.runner.RunWith;
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				 import org.springframework.boot.test.context.SpringBootTest;
			
 
				 import org.springframework.context.ApplicationContext;
			
 
				+import org.springframework.http.HttpHeaders;
			
 
				 import org.springframework.http.HttpStatus;
			
 
				 import org.springframework.security.test.context.support.WithMockUser;
			
 
				 import org.springframework.test.context.junit4.SpringRunner;
			
@@ -48,7 +46,6 @@ public class HelloWebfluxMethodApplicationTests {
 
				 				.bindToApplicationContext(context)
			
 
				 				.apply(springSecurity())
			
 
				 				.configureClient()
			
 
				-				.filter(basicAuthentication())
			
 
				 				.build();
			
 
				 	}
			
 
				 
			
@@ -68,7 +65,7 @@ public class HelloWebfluxMethodApplicationTests {
 
				 		this.rest
			
 
				 			.get()
			
 
				 			.uri("/message")
			
 
				-			.attributes(robsCredentials())
			
 
				+			.headers(robsCredentials())
			
 
				 			.exchange()
			
 
				 			.expectStatus().isEqualTo(HttpStatus.FORBIDDEN);
			
 
				 	}
			
@@ -78,7 +75,7 @@ public class HelloWebfluxMethodApplicationTests {
 
				 		this.rest
			
 
				 			.get()
			
 
				 			.uri("/message")
			
 
				-			.attributes(adminCredentials())
			
 
				+			.headers(adminCredentials())
			
 
				 			.exchange()
			
 
				 			.expectStatus().isOk()
			
 
				 			.expectBody(String.class).isEqualTo("Hello World!");
			
@@ -130,11 +127,11 @@ public class HelloWebfluxMethodApplicationTests {
 
				 			.expectBody(String.class).isEqualTo("Hello World!");
			
 
				 	}
			
 
				 
			
 
				-	private Consumer<Map<String, Object>> robsCredentials() {
			
 
				-		return basicAuthenticationCredentials("rob", "rob");
			
 
				+	private Consumer<HttpHeaders> robsCredentials() {
			
 
				+		return httpHeaders -> httpHeaders.setBasicAuth("rob", "rob");
			
 
				 	}
			
 
				 
			
 
				-	private Consumer<Map<String, Object>> adminCredentials() {
			
 
				-		return basicAuthenticationCredentials("admin", "admin");
			
 
				+	private Consumer<HttpHeaders> adminCredentials() {
			
 
				+		return httpHeaders -> httpHeaders.setBasicAuth("admin", "admin");
			
 
				 	}
			
 
				 }
			
--- a/samples/boot/hellowebflux/src/integration-test/java/sample/HelloWebfluxApplicationITests.java
+++ b/samples/boot/hellowebflux/src/integration-test/java/sample/HelloWebfluxApplicationITests.java
@@ -15,18 +15,15 @@
 
				  */
			
 
				 package sample;
			
 
				 
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.Credentials.basicAuthenticationCredentials;
			
 
				-
			
 
				-import java.util.Map;
			
 
				 import java.util.function.Consumer;
			
 
				 
			
 
				 import org.junit.Test;
			
 
				 import org.junit.runner.RunWith;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				 import org.springframework.boot.test.context.SpringBootTest;
			
 
				+import org.springframework.http.HttpHeaders;
			
 
				 import org.springframework.test.context.junit4.SpringRunner;
			
 
				 import org.springframework.test.web.reactive.server.WebTestClient;
			
 
				-import org.springframework.web.reactive.function.client.ExchangeFilterFunctions;
			
 
				 
			
 
				 /**
			
 
				  * @author Rob Winch
			
@@ -36,13 +33,8 @@ import org.springframework.web.reactive.function.client.ExchangeFilterFunctions;
 
				 @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
			
 
				 public class HelloWebfluxApplicationITests {
			
 
				 
			
 
				-	WebTestClient rest;
			
 
				-
			
 
				 	@Autowired
			
 
				-	public void setRest(WebTestClient rest) {
			
 
				-		this.rest = rest
			
 
				-				.mutateWith((b, h, c) -> b.filter(ExchangeFilterFunctions.basicAuthentication()));
			
 
				-	}
			
 
				+	WebTestClient rest;
			
 
				 
			
 
				 	@Test
			
 
				 	public void basicWhenNoCredentialsThenUnauthorized() throws Exception {
			
@@ -58,7 +50,7 @@ public class HelloWebfluxApplicationITests {
 
				 		this.rest
			
 
				 			.get()
			
 
				 			.uri("/")
			
 
				-			.attributes(userCredentials())
			
 
				+			.headers(userCredentials())
			
 
				 			.exchange()
			
 
				 			.expectStatus().isOk()
			
 
				 			.expectBody().json("{\"message\":\"Hello user!\"}");
			
@@ -69,17 +61,17 @@ public class HelloWebfluxApplicationITests {
 
				 		this.rest
			
 
				 			.get()
			
 
				 			.uri("/")
			
 
				-			.attributes(invalidCredentials())
			
 
				+			.headers(invalidCredentials())
			
 
				 			.exchange()
			
 
				 			.expectStatus().isUnauthorized()
			
 
				 			.expectBody().isEmpty();
			
 
				 	}
			
 
				 
			
 
				-	private Consumer<Map<String, Object>> userCredentials() {
			
 
				-		return basicAuthenticationCredentials("user", "user");
			
 
				+	private Consumer<HttpHeaders> userCredentials() {
			
 
				+		return httpHeaders -> httpHeaders.setBasicAuth("user", "user");
			
 
				 	}
			
 
				 
			
 
				-	private Consumer<Map<String, Object>> invalidCredentials() {
			
 
				-		return basicAuthenticationCredentials("user", "INVALID");
			
 
				+	private Consumer<HttpHeaders> invalidCredentials() {
			
 
				+		return httpHeaders -> httpHeaders.setBasicAuth("user", "INVALID");
			
 
				 	}
			
 
				 }
			
--- a/samples/boot/hellowebflux/src/test/java/sample/HelloWebfluxApplicationTests.java
+++ b/samples/boot/hellowebflux/src/test/java/sample/HelloWebfluxApplicationTests.java
@@ -17,10 +17,7 @@ package sample;
 
				 
			
 
				 import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockUser;
			
 
				 import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.springSecurity;
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.basicAuthentication;
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.Credentials.basicAuthenticationCredentials;
			
 
				 
			
 
				-import java.util.Map;
			
 
				 import java.util.function.Consumer;
			
 
				 
			
 
				 import org.junit.Test;
			
@@ -29,6 +26,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 
				 import org.springframework.boot.test.autoconfigure.web.reactive.AutoConfigureWebTestClient;
			
 
				 import org.springframework.boot.test.context.SpringBootTest;
			
 
				 import org.springframework.context.ApplicationContext;
			
 
				+import org.springframework.http.HttpHeaders;
			
 
				 import org.springframework.security.test.context.support.WithMockUser;
			
 
				 import org.springframework.test.context.junit4.SpringRunner;
			
 
				 import org.springframework.test.web.reactive.server.WebTestClient;
			
@@ -49,7 +47,6 @@ public class HelloWebfluxApplicationTests {
 
				 				.bindToApplicationContext(context)
			
 
				 				.apply(springSecurity())
			
 
				 				.configureClient()
			
 
				-				.filter(basicAuthentication())
			
 
				 				.build();
			
 
				 	}
			
 
				 
			
@@ -67,7 +64,7 @@ public class HelloWebfluxApplicationTests {
 
				 		this.rest
			
 
				 			.get()
			
 
				 			.uri("/")
			
 
				-			.attributes(userCredentials())
			
 
				+			.headers(userCredentials())
			
 
				 			.exchange()
			
 
				 			.expectStatus().isOk()
			
 
				 			.expectBody().json("{\"message\":\"Hello user!\"}");
			
@@ -78,7 +75,7 @@ public class HelloWebfluxApplicationTests {
 
				 		this.rest
			
 
				 			.get()
			
 
				 			.uri("/")
			
 
				-			.attributes(invalidCredentials())
			
 
				+			.headers(invalidCredentials())
			
 
				 			.exchange()
			
 
				 			.expectStatus().isUnauthorized()
			
 
				 			.expectBody().isEmpty();
			
@@ -106,11 +103,11 @@ public class HelloWebfluxApplicationTests {
 
				 			.expectBody().json("{\"message\":\"Hello user!\"}");
			
 
				 	}
			
 
				 
			
 
				-	private Consumer<Map<String, Object>> userCredentials() {
			
 
				-		return basicAuthenticationCredentials("user", "user");
			
 
				+	private Consumer<HttpHeaders> userCredentials() {
			
 
				+		return httpHeaders -> httpHeaders.setBasicAuth("user", "user");
			
 
				 	}
			
 
				 
			
 
				-	private Consumer<Map<String, Object>> invalidCredentials() {
			
 
				-		return basicAuthenticationCredentials("user", "INVALID");
			
 
				+	private Consumer<HttpHeaders> invalidCredentials() {
			
 
				+		return httpHeaders -> httpHeaders.setBasicAuth("user", "INVALID");
			
 
				 	}
			
 
				 }
			
--- a/samples/boot/hellowebfluxfn/src/integration-test/java/sample/HelloWebfluxFnApplicationITests.java
+++ b/samples/boot/hellowebfluxfn/src/integration-test/java/sample/HelloWebfluxFnApplicationITests.java
@@ -15,15 +15,13 @@
 
				  */
			
 
				 package sample;
			
 
				 
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.Credentials.basicAuthenticationCredentials;
			
 
				-
			
 
				-import java.util.Map;
			
 
				 import java.util.function.Consumer;
			
 
				 
			
 
				 import org.junit.Test;
			
 
				 import org.junit.runner.RunWith;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				 import org.springframework.boot.test.context.SpringBootTest;
			
 
				+import org.springframework.http.HttpHeaders;
			
 
				 import org.springframework.test.context.junit4.SpringRunner;
			
 
				 import org.springframework.test.web.reactive.server.WebTestClient;
			
 
				 import org.springframework.web.reactive.function.client.ExchangeFilterFunctions;
			
@@ -58,7 +56,7 @@ public class HelloWebfluxFnApplicationITests {
 
				 		this.rest
			
 
				 			.get()
			
 
				 			.uri("/")
			
 
				-			.attributes(userCredentials())
			
 
				+			.headers(userCredentials())
			
 
				 			.exchange()
			
 
				 			.expectStatus().isOk()
			
 
				 			.expectBody().json("{\"message\":\"Hello user!\"}");
			
@@ -69,17 +67,17 @@ public class HelloWebfluxFnApplicationITests {
 
				 		this.rest
			
 
				 			.get()
			
 
				 			.uri("/")
			
 
				-			.attributes(invalidCredentials())
			
 
				+			.headers(invalidCredentials())
			
 
				 			.exchange()
			
 
				 			.expectStatus().isUnauthorized()
			
 
				 			.expectBody().isEmpty();
			
 
				 	}
			
 
				 
			
 
				-	private Consumer<Map<String, Object>> userCredentials() {
			
 
				-		return basicAuthenticationCredentials("user", "user");
			
 
				+	private Consumer<HttpHeaders> userCredentials() {
			
 
				+		return httpHeaders -> httpHeaders.setBasicAuth("user", "user");
			
 
				 	}
			
 
				 
			
 
				-	private Consumer<Map<String, Object>> invalidCredentials() {
			
 
				-		return basicAuthenticationCredentials("user", "INVALID");
			
 
				+	private Consumer<HttpHeaders> invalidCredentials() {
			
 
				+		return httpHeaders -> httpHeaders.setBasicAuth("user", "INVALID");
			
 
				 	}
			
 
				 }
			
--- a/samples/boot/hellowebfluxfn/src/test/java/sample/HelloWebfluxFnApplicationTests.java
+++ b/samples/boot/hellowebfluxfn/src/test/java/sample/HelloWebfluxFnApplicationTests.java
@@ -17,10 +17,7 @@ package sample;
 
				 
			
 
				 import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockUser;
			
 
				 import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.springSecurity;
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.basicAuthentication;
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.Credentials.basicAuthenticationCredentials;
			
 
				 
			
 
				-import java.util.Map;
			
 
				 import java.util.function.Consumer;
			
 
				 
			
 
				 import org.junit.Test;
			
@@ -29,6 +26,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 
				 import org.springframework.boot.test.autoconfigure.web.reactive.AutoConfigureWebTestClient;
			
 
				 import org.springframework.boot.test.context.SpringBootTest;
			
 
				 import org.springframework.context.ApplicationContext;
			
 
				+import org.springframework.http.HttpHeaders;
			
 
				 import org.springframework.security.test.context.support.WithMockUser;
			
 
				 import org.springframework.test.context.junit4.SpringRunner;
			
 
				 import org.springframework.test.web.reactive.server.WebTestClient;
			
@@ -50,7 +48,6 @@ public class HelloWebfluxFnApplicationTests {
 
				 				.bindToApplicationContext(context)
			
 
				 				.apply(springSecurity())
			
 
				 				.configureClient()
			
 
				-				.filter(basicAuthentication())
			
 
				 				.build();
			
 
				 	}
			
 
				 
			
@@ -68,7 +65,7 @@ public class HelloWebfluxFnApplicationTests {
 
				 		this.rest
			
 
				 			.get()
			
 
				 			.uri("/")
			
 
				-			.attributes(userCredentials())
			
 
				+			.headers(userCredentials())
			
 
				 			.exchange()
			
 
				 			.expectStatus().isOk()
			
 
				 			.expectBody().json("{\"message\":\"Hello user!\"}");
			
@@ -79,7 +76,7 @@ public class HelloWebfluxFnApplicationTests {
 
				 		this.rest
			
 
				 			.get()
			
 
				 			.uri("/")
			
 
				-			.attributes(invalidCredentials())
			
 
				+			.headers(invalidCredentials())
			
 
				 			.exchange()
			
 
				 			.expectStatus().isUnauthorized()
			
 
				 			.expectBody().isEmpty();
			
@@ -107,11 +104,11 @@ public class HelloWebfluxFnApplicationTests {
 
				 			.expectBody().json("{\"message\":\"Hello user!\"}");
			
 
				 	}
			
 
				 
			
 
				-	private Consumer<Map<String, Object>> userCredentials() {
			
 
				-		return basicAuthenticationCredentials("user", "user");
			
 
				+	private Consumer<HttpHeaders> userCredentials() {
			
 
				+		return httpHeaders -> httpHeaders.setBasicAuth("user", "user");
			
 
				 	}
			
 
				 
			
 
				-	private Consumer<Map<String, Object>> invalidCredentials() {
			
 
				-		return basicAuthenticationCredentials("user", "INVALID");
			
 
				+	private Consumer<HttpHeaders> invalidCredentials() {
			
 
				+		return httpHeaders -> httpHeaders.setBasicAuth("user", "INVALID");
			
 
				 	}
			
 
				 }
			
--- a/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java
+++ b/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java
@@ -43,8 +43,6 @@ import static org.mockito.Mockito.never;
 
				 import static org.mockito.Mockito.verify;
			
 
				 import static org.mockito.Mockito.verifyZeroInteractions;
			
 
				 import static org.mockito.Mockito.when;
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.basicAuthentication;
			
 
				-import static org.springframework.web.reactive.function.client.ExchangeFilterFunctions.Credentials.basicAuthenticationCredentials;
			
 
				 
			
 
				 
			
 
				 /**
			
@@ -101,13 +99,12 @@ public class AuthenticationWebFilterTests {
 
				 
			
 
				 		WebTestClient client = WebTestClientBuilder
			
 
				 			.bindToWebFilters(this.filter)
			
 
				-			.filter(basicAuthentication())
			
 
				 			.build();
			
 
				 
			
 
				 		EntityExchangeResult<String> result = client
			
 
				 			.get()
			
 
				 			.uri("/")
			
 
				-			.attributes(basicAuthenticationCredentials("test", "this"))
			
 
				+			.headers(headers -> headers.setBasicAuth("test", "this"))
			
 
				 			.exchange()
			
 
				 			.expectStatus().isOk()
			
 
				 			.expectBody(String.class).consumeWith(b -> assertThat(b.getResponseBody()).isEqualTo("ok"))
			
@@ -123,13 +120,12 @@ public class AuthenticationWebFilterTests {
 
				 
			
 
				 		WebTestClient client = WebTestClientBuilder
			
 
				 			.bindToWebFilters(this.filter)
			
 
				-			.filter(basicAuthentication())
			
 
				 			.build();
			
 
				 
			
 
				 		EntityExchangeResult<Void> result = client
			
 
				 			.get()
			
 
				 			.uri("/")
			
 
				-			.attributes(basicAuthenticationCredentials("test", "this"))
			
 
				+			.headers(headers -> headers.setBasicAuth("test", "this"))
			
 
				 			.exchange()
			
 
				 			.expectStatus().isUnauthorized()
			
 
				 			.expectHeader().valueMatches("WWW-Authenticate", "Basic realm=\"Realm\"")
			
@@ -231,13 +227,12 @@ public class AuthenticationWebFilterTests {
 
				 
			
 
				 		WebTestClient client = WebTestClientBuilder
			
 
				 			.bindToWebFilters(this.filter)
			
 
				-			.filter(basicAuthentication())
			
 
				 			.build();
			
 
				 
			
 
				 		EntityExchangeResult<String> result = client
			
 
				 			.get()
			
 
				 			.uri("/")
			
 
				-			.attributes(basicAuthenticationCredentials("test", "this"))
			
 
				+			.headers(headers -> headers.setBasicAuth("test", "this"))
			
 
				 			.exchange()
			
 
				 			.expectStatus().isOk()
			
 
				 			.expectBody(String.class).consumeWith(b -> assertThat(b.getResponseBody()).isEqualTo("ok"))