8 år sedan · be0081290b
--- a/config/src/main/java/org/springframework/security/config/annotation/web/reactive/HttpSecurityConfiguration.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/reactive/HttpSecurityConfiguration.java
@@ -26,6 +26,7 @@ import org.springframework.security.authentication.ReactiveAuthenticationManager
 
				 import org.springframework.security.authentication.UserDetailsRepositoryAuthenticationManager;
			
 
				 import org.springframework.security.config.web.server.HttpSecurity;
			
 
				 import org.springframework.security.core.userdetails.UserDetailsRepository;
			
 
				+import org.springframework.security.crypto.password.PasswordEncoder;
			
 
				 import org.springframework.security.web.reactive.result.method.annotation.AuthenticationPrincipalArgumentResolver;
			
 
				 import org.springframework.security.web.server.context.WebSessionSecurityContextRepository;
			
 
				 import org.springframework.web.reactive.config.WebFluxConfigurer;
			
@@ -50,6 +51,9 @@ public class HttpSecurityConfiguration implements WebFluxConfigurer {
 
				 	@Autowired(required = false)
			
 
				 	private UserDetailsRepository userDetailsRepository;
			
 
				 
			
 
				+	@Autowired(required = false)
			
 
				+	private PasswordEncoder passwordEncoder;
			
 
				+
			
 
				 	@Override
			
 
				 	public void configureArgumentResolvers(ArgumentResolverConfigurer configurer) {
			
 
				 		configurer.addCustomResolver(authenticationPrincipalArgumentResolver());
			
@@ -57,7 +61,7 @@ public class HttpSecurityConfiguration implements WebFluxConfigurer {
 
				 
			
 
				 	@Bean
			
 
				 	public AuthenticationPrincipalArgumentResolver authenticationPrincipalArgumentResolver() {
			
 
				-		return new AuthenticationPrincipalArgumentResolver(adapterRegistry);
			
 
				+		return new AuthenticationPrincipalArgumentResolver(this.adapterRegistry);
			
 
				 	}
			
 
				 
			
 
				 	@Bean(HTTPSECURITY_BEAN_NAME)
			
@@ -71,11 +75,16 @@ public class HttpSecurityConfiguration implements WebFluxConfigurer {
 
				 	}
			
 
				 
			
 
				 	private ReactiveAuthenticationManager authenticationManager() {
			
 
				-		if(authenticationManager != null) {
			
 
				-			return authenticationManager;
			
 
				+		if(this.authenticationManager != null) {
			
 
				+			return this.authenticationManager;
			
 
				 		}
			
 
				-		if(userDetailsRepository != null) {
			
 
				-			return new UserDetailsRepositoryAuthenticationManager(userDetailsRepository);
			
 
				+		if(this.userDetailsRepository != null) {
			
 
				+			UserDetailsRepositoryAuthenticationManager manager =
			
 
				+				new UserDetailsRepositoryAuthenticationManager(this.userDetailsRepository);
			
 
				+			if(this.passwordEncoder != null) {
			
 
				+				manager.setPasswordEncoder(this.passwordEncoder);
			
 
				+			}
			
 
				+			return manager;
			
 
				 		}
			
 
				 		return null;
			
 
				 	}
			
--- a/config/src/test/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurityTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurityTests.java
@@ -33,6 +33,8 @@ import org.springframework.security.core.Authentication;
 
				 import org.springframework.security.core.userdetails.MapUserDetailsRepository;
			
 
				 import org.springframework.security.core.userdetails.User;
			
 
				 import org.springframework.security.core.userdetails.UserDetailsRepository;
			
 
				+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
			
 
				+import org.springframework.security.crypto.password.PasswordEncoder;
			
 
				 import org.springframework.security.test.web.reactive.server.WebTestClientBuilder;
			
 
				 import org.springframework.security.web.server.SecurityWebFilterChain;
			
 
				 import org.springframework.security.web.server.WebFilterChainFilter;
			
@@ -127,6 +129,51 @@ public class EnableWebFluxSecurityTests {
 
				 		}
			
 
				 	}
			
 
				 
			
 
				+	@RunWith(SpringRunner.class)
			
 
				+	public static class CustomPasswordEncoder {
			
 
				+		@Autowired
			
 
				+		WebFilterChainFilter springSecurityFilterChain;
			
 
				+
			
 
				+		@Test
			
 
				+		public void passwordEncoderBeanIsUsed() {
			
 
				+			WebTestClient client = WebTestClientBuilder.bindToWebFilters(
			
 
				+				springSecurityFilterChain,
			
 
				+				(exchange,chain) ->
			
 
				+					Mono.currentContext()
			
 
				+						.flatMap( c -> c.<Mono<Principal>>get(Authentication.class))
			
 
				+						.flatMap( principal -> exchange.getResponse()
			
 
				+							.writeWith(Mono.just(toDataBuffer(principal.getName()))))
			
 
				+			)
			
 
				+				.filter(basicAuthentication())
			
 
				+				.build();
			
 
				+
			
 
				+			client
			
 
				+				.get()
			
 
				+				.uri("/")
			
 
				+				.attributes(basicAuthenticationCredentials("user","password"))
			
 
				+				.exchange()
			
 
				+				.expectStatus().isOk()
			
 
				+				.expectBody(String.class).consumeWith( result -> assertThat(result.getResponseBody()).isEqualTo("user"));
			
 
				+		}
			
 
				+
			
 
				+		@EnableWebFluxSecurity
			
 
				+		static class Config {
			
 
				+			@Bean
			
 
				+			public UserDetailsRepository userDetailsRepository(PasswordEncoder encoder) {
			
 
				+				return new MapUserDetailsRepository(User.withUsername("user")
			
 
				+					.password(encoder.encode("password"))
			
 
				+					.roles("USER")
			
 
				+					.build()
			
 
				+				);
			
 
				+			}
			
 
				+
			
 
				+			@Bean
			
 
				+			public PasswordEncoder passwordEncoder() {
			
 
				+				return new BCryptPasswordEncoder();
			
 
				+			}
			
 
				+		}
			
 
				+	}
			
 
				+
			
 
				 	@RunWith(SpringRunner.class)
			
 
				 	public static class MultiHttpSecurity {
			
 
				 		@Autowired