6 anni fa · daf6b53e3a
--- a/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
@@ -104,6 +104,7 @@ import java.util.List;
 
				  * }
			
 
				  * </pre>
			
 
				  * @author Rob Winch
			
 
				+ * @author Jesús Ascama Arias
			
 
				  * @since 5.2
			
 
				  */
			
 
				 public class RSocketSecurity {
			
@@ -325,6 +326,11 @@ public class RSocketSecurity {
 
				 				AuthorizePayloadsSpec.this.authzBuilder.add(new PayloadExchangeMatcherEntry<>(this.matcher, authorization));
			
 
				 				return AuthorizePayloadsSpec.this;
			
 
				 			}
			
 
				+
			
 
				+			public AuthorizePayloadsSpec denyAll() {
			
 
				+				return access((a, ctx) -> Mono
			
 
				+						.just(new AuthorizationDecision(false)));
			
 
				+			}
			
 
				 		}
			
 
				 	}
			
 
				 
			
--- a/config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java
@@ -51,6 +51,7 @@ import static org.assertj.core.api.Assertions.assertThatCode;
 
				 
			
 
				 /**
			
 
				  * @author Rob Winch
			
 
				+ * @author Jesús Ascama Arias
			
 
				  */
			
 
				 @ContextConfiguration
			
 
				 @RunWith(SpringRunner.class)
			
@@ -167,6 +168,21 @@ public class RSocketMessageHandlerConnectionITests {
 
				 //			.isInstanceOf(RejectedSetupException.class);
			
 
				 	}
			
 
				 
			
 
				+	@Test
			
 
				+	public void connectionDenied() {
			
 
				+		UsernamePasswordMetadata credentials = new UsernamePasswordMetadata("user", "password");
			
 
				+		this.requester = requester()
			
 
				+				.setupMetadata(credentials, UsernamePasswordMetadata.BASIC_AUTHENTICATION_MIME_TYPE)
			
 
				+				.connectTcp(this.server.address().getHostName(), this.server.address().getPort())
			
 
				+				.block();
			
 
				+
			
 
				+		assertThatCode(() -> this.requester.route("prohibit")
			
 
				+				.data("data")
			
 
				+				.retrieveMono(String.class)
			
 
				+				.block())
			
 
				+				.isInstanceOf(ApplicationErrorException.class);
			
 
				+	}
			
 
				+
			
 
				 	private RSocketRequester.Builder requester() {
			
 
				 		return RSocketRequester.builder()
			
 
				 				.rsocketStrategies(this.handler.getRSocketStrategies());
			
@@ -225,6 +241,7 @@ public class RSocketMessageHandlerConnectionITests {
 
				 						.setup().hasRole("SETUP")
			
 
				 						.route("secure.admin.*").hasRole("ADMIN")
			
 
				 						.route("secure.**").hasRole("USER")
			
 
				+						.route("prohibit").denyAll()
			
 
				 						.anyRequest().permitAll()
			
 
				 				)
			
 
				 				.basicAuthentication(Customizer.withDefaults());