protected void configure(ServerHttpSecurity http) { ServerRequestCacheWebFilter filter = new ServerRequestCacheWebFilter(); filter.setRequestCache(this.requestCache); http.addFilterAt(filter, SecurityWebFiltersOrder.SERVER_REQUEST_CACHE); }
/** * Disables the {@link RequestCacheSpec} * @return the {@link ServerHttpSecurity} to continue configuring */ public ServerHttpSecurity disable() { this.requestCache = NoOpServerRequestCache.getInstance(); return and(); }
@Override public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) { return this.authorizationRequestResolver.resolve(exchange) .switchIfEmpty(chain.filter(exchange).then(Mono.empty())) .onErrorResume(ClientAuthorizationRequiredException.class, e -> { return this.requestCache.saveRequest(exchange) .then(this.authorizationRequestResolver.resolve(exchange, e.getClientRegistrationId())); }) .flatMap(clientRegistration -> sendRedirectForAuthorization(exchange, clientRegistration)); }
@Override public Mono<ServerHttpRequest> removeMatchingRequest( ServerWebExchange exchange) { return exchange.getSession() .map(WebSession::getAttributes) .filter(attributes -> attributes.remove(this.sessionAttrName, pathInApplication(exchange.getRequest()))) .map(attributes -> exchange.getRequest()); }
public static NoOpServerRequestCache getInstance() { return new NoOpServerRequestCache(); }
@Override public Mono<Void> onAuthenticationSuccess(WebFilterExchange webFilterExchange, Authentication authentication) { ServerWebExchange exchange = webFilterExchange.getExchange(); return this.requestCache.getRedirectUri(exchange) .defaultIfEmpty(this.location) .flatMap(location -> this.redirectStrategy.sendRedirect(exchange, location)); }
@Override public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) { return this.requestCache.removeMatchingRequest(exchange) .map(r -> exchange.mutate().request(r).build()) .defaultIfEmpty(exchange) .flatMap(e -> chain.filter(e)); }
protected void configure(ServerHttpSecurity http) { ServerRequestCacheWebFilter filter = new ServerRequestCacheWebFilter(); filter.setRequestCache(this.requestCache); http.addFilterAt(filter, SecurityWebFiltersOrder.SERVER_REQUEST_CACHE); }
/** * Disables the {@link RequestCacheSpec} * @return the {@link ServerHttpSecurity} to continue configuring */ public ServerHttpSecurity disable() { this.requestCache = NoOpServerRequestCache.getInstance(); return and(); }
@Test public void filterWhenExceptionThenSaveRequestSessionAttribute() { this.filter.setRequestCache(this.requestCache); when(this.requestCache.saveRequest(any())).thenReturn(Mono.empty()); FilteringWebHandler webHandler = new FilteringWebHandler( e -> Mono.error(new ClientAuthorizationRequiredException(this.registration.getRegistrationId())), Arrays.asList(this.filter)); this.client = WebTestClient.bindToWebHandler(webHandler).build(); this.client.get() .uri("https://example.com/foo") .exchange() .expectStatus() .is3xxRedirection() .returnResult(String.class); verify(this.requestCache).saveRequest(any()); }
@Override public Mono<Void> saveRequest(ServerWebExchange exchange) { return this.saveRequestMatcher.matches(exchange) .filter(m -> m.isMatch()) .flatMap(m -> exchange.getSession()) .map(WebSession::getAttributes) .doOnNext(attrs -> attrs.put(this.sessionAttrName, pathInApplication(exchange.getRequest()))) .then(); }
protected void configure(ServerHttpSecurity http) { ServerRequestCacheWebFilter filter = new ServerRequestCacheWebFilter(); filter.setRequestCache(this.requestCache); http.addFilterAt(filter, SecurityWebFiltersOrder.SERVER_REQUEST_CACHE); }
@Test public void requestCacheNoOp() { SecurityWebFilterChain securityWebFilter = this.http .authorizeExchange() .anyExchange().authenticated() .and() .formLogin().and() .requestCache() .requestCache(NoOpServerRequestCache.getInstance()) .and() .build(); WebTestClient webTestClient = WebTestClient .bindToController(new SecuredPageController(), new WebTestClientBuilder.Http200RestController()) .webFilter(new WebFilterChainProxy(securityWebFilter)) .build(); WebDriver driver = WebTestClientHtmlUnitDriverBuilder .webTestClientSetup(webTestClient) .build(); DefaultLoginPage loginPage = SecuredPage.to(driver, DefaultLoginPage.class) .assertAt(); HomePage securedPage = loginPage.loginForm() .username("user") .password("password") .submit(HomePage.class); securedPage.assertAt(); }
@Override public Mono<Void> commence(ServerWebExchange exchange, AuthenticationException e) { return this.requestCache.saveRequest(exchange) .then(this.redirectStrategy.sendRedirect(exchange, this.location)); }
/** * Disables the {@link RequestCacheSpec} * @return the {@link ServerHttpSecurity} to continue configuring */ public ServerHttpSecurity disable() { this.requestCache = NoOpServerRequestCache.getInstance(); return and(); }