Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Add HttpStatusServerEntryPoint

An HttpStatusServerEntryPoint is missing on the
reactive side - essentially the reactive equivalent of
HttpStatusEntryPoint.

Fixes gh-5082
Eric Deandrea 7 years ago
parent
53850978b2
commit
bc9f8ec430
2 changed files with 106 additions and 0 deletions
Split View Show Diff Stats
  1. 47 0
      web/src/main/java/org/springframework/security/web/server/authentication/HttpStatusServerEntryPoint.java
  2. 59 0
      web/src/test/java/org/springframework/security/web/server/authentication/HttpStatusServerEntryPointTests.java

+ 47 - 0
web/src/main/java/org/springframework/security/web/server/authentication/HttpStatusServerEntryPoint.java
View File 

@@ -0,0 +1,47 @@
 
+/*
 
+ * Copyright 2002-2018 the original author or authors.
 
+ *
 
+ * Licensed under the Apache License, Version 2.0 (the "License");
 
+ * you may not use this file except in compliance with the License.
 
+ * You may obtain a copy of the License at
 
+ *
 
+ *      http://www.apache.org/licenses/LICENSE-2.0
 
+ *
 
+ * Unless required by applicable law or agreed to in writing, software
 
+ * distributed under the License is distributed on an "AS IS" BASIS,
 
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
+ * See the License for the specific language governing permissions and
 
+ * limitations under the License.
 
+ */
 
+
 
+package org.springframework.security.web.server.authentication;
 
+
 
+import org.springframework.http.HttpStatus;
 
+import org.springframework.security.core.AuthenticationException;
 
+import org.springframework.security.web.server.ServerAuthenticationEntryPoint;
 
+import org.springframework.util.Assert;
 
+import org.springframework.web.server.ServerWebExchange;
 
+
 
+import reactor.core.publisher.Mono;
 
+
 
+/**
 
+ * A {@link ServerAuthenticationEntryPoint} that sends a generic {@link HttpStatus} as a
 
+ * response. Useful for JavaScript clients which cannot use Basic authentication since the
 
+ * browser intercepts the response.
 
+ *
 
+ * @author Eric Deandrea
 
+ * @since 5.1
 
+ */
 
+public class HttpStatusServerEntryPoint implements ServerAuthenticationEntryPoint {
 
+	private final HttpStatus httpStatus;
 
+
 
+	public HttpStatusServerEntryPoint(HttpStatus httpStatus) {
 
+		Assert.notNull(httpStatus, "httpStatus cannot be null");
 
+		this.httpStatus = httpStatus;
 
+	}
 
+
 
+	@Override
 
+	public Mono<Void> commence(ServerWebExchange exchange, AuthenticationException authException) {
 
+		return Mono.fromRunnable(() -> exchange.getResponse().setStatusCode(this.httpStatus));
 
+	}
 
+}

+ 59 - 0
web/src/test/java/org/springframework/security/web/server/authentication/HttpStatusServerEntryPointTests.java
View File 

@@ -0,0 +1,59 @@
 
+/*
 
+ * Copyright 2002-2018 the original author or authors.
 
+ *
 
+ * Licensed under the Apache License, Version 2.0 (the "License");
 
+ * you may not use this file except in compliance with the License.
 
+ * You may obtain a copy of the License at
 
+ *
 
+ *      http://www.apache.org/licenses/LICENSE-2.0
 
+ *
 
+ * Unless required by applicable law or agreed to in writing, software
 
+ * distributed under the License is distributed on an "AS IS" BASIS,
 
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
+ * See the License for the specific language governing permissions and
 
+ * limitations under the License.
 
+ */
 
+
 
+package org.springframework.security.web.server.authentication;
 
+
 
+import static org.assertj.core.api.Assertions.*;
 
+
 
+import org.junit.Before;
 
+import org.junit.Test;
 
+
 
+import org.springframework.http.HttpStatus;
 
+import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
 
+import org.springframework.mock.web.server.MockServerWebExchange;
 
+import org.springframework.security.core.AuthenticationException;
 
+
 
+/**
 
+ * @author Eric Deandrea
 
+ * @since 5.1
 
+ */
 
+public class HttpStatusServerEntryPointTests {
 
+	private MockServerHttpRequest request;
 
+	private MockServerWebExchange exchange;
 
+	private AuthenticationException authException;
 
+	private HttpStatusServerEntryPoint entryPoint;
 
+
 
+	@Before
 
+	public void setup() {
 
+		this.request = MockServerHttpRequest.get("/").build();
 
+		this.exchange = MockServerWebExchange.from(this.request);
 
+		this.authException = new AuthenticationException("") { };
 
+		this.entryPoint = new HttpStatusServerEntryPoint(HttpStatus.UNAUTHORIZED);
 
+	}
 
+
 
+	@Test
 
+	public void constructorNullStatus() {
 
+		assertThatExceptionOfType(IllegalArgumentException.class)
 
+				.isThrownBy(() -> new HttpStatusServerEntryPoint(null))
 
+				.withMessage("httpStatus cannot be null");
 
+	}
 
+
 
+	@Test
 
+	public void unauthorized() {
 
+		this.entryPoint.commence(this.exchange, this.authException).block();
 
+		assertThat(this.exchange.getResponse().getStatusCode()).isEqualTo(HttpStatus.UNAUTHORIZED);
 
+	}
 
+}