Examples with HttpServletRequest jakarta.servlet.http.HttpServletRequest used on opensource projects

Search in sources :

Example 16 with HttpServletRequest

use of jakarta.servlet.http.HttpServletRequest in project spring-security by spring-projects.

the class OAuth2AuthorizedClientArgumentResolver method resolveArgument.

@NonNull
@Override
public Object resolveArgument(MethodParameter parameter, @Nullable ModelAndViewContainer mavContainer, NativeWebRequest webRequest, @Nullable WebDataBinderFactory binderFactory) {
    String clientRegistrationId = this.resolveClientRegistrationId(parameter);
    if (StringUtils.isEmpty(clientRegistrationId)) {
        throw new IllegalArgumentException("Unable to resolve the Client Registration Identifier. " + "It must be provided via @RegisteredOAuth2AuthorizedClient(\"client1\") or " + "@RegisteredOAuth2AuthorizedClient(registrationId = \"client1\").");
    }
    Authentication principal = SecurityContextHolder.getContext().getAuthentication();
    if (principal == null) {
        principal = ANONYMOUS_AUTHENTICATION;
    }
    HttpServletRequest servletRequest = webRequest.getNativeRequest(HttpServletRequest.class);
    HttpServletResponse servletResponse = webRequest.getNativeResponse(HttpServletResponse.class);
    // @formatter:off
    OAuth2AuthorizeRequest authorizeRequest = OAuth2AuthorizeRequest.withClientRegistrationId(clientRegistrationId).principal(principal).attribute(HttpServletRequest.class.getName(), servletRequest).attribute(HttpServletResponse.class.getName(), servletResponse).build();
    // @formatter:on
    return this.authorizedClientManager.authorize(authorizeRequest);
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) Authentication(org.springframework.security.core.Authentication) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) OAuth2AuthorizeRequest(org.springframework.security.oauth2.client.OAuth2AuthorizeRequest) NonNull(org.springframework.lang.NonNull)

Example 17 with HttpServletRequest

use of jakarta.servlet.http.HttpServletRequest in project spring-security by spring-projects.

the class ServletOAuth2AuthorizedClientExchangeFilterFunction method authorizeClient.

private Mono<OAuth2AuthorizedClient> authorizeClient(String clientRegistrationId, ClientRequest request) {
    if (this.authorizedClientManager == null) {
        return Mono.empty();
    }
    Map<String, Object> attrs = request.attributes();
    Authentication authentication = getAuthentication(attrs);
    if (authentication == null) {
        authentication = ANONYMOUS_AUTHENTICATION;
    }
    HttpServletRequest servletRequest = getRequest(attrs);
    HttpServletResponse servletResponse = getResponse(attrs);
    OAuth2AuthorizeRequest.Builder builder = OAuth2AuthorizeRequest.withClientRegistrationId(clientRegistrationId).principal(authentication);
    builder.attributes((attributes) -> addToAttributes(attributes, servletRequest, servletResponse));
    OAuth2AuthorizeRequest authorizeRequest = builder.build();
    // blocking I/O operation using RestTemplate internally
    return Mono.fromSupplier(() -> this.authorizedClientManager.authorize(authorizeRequest)).subscribeOn(Schedulers.boundedElastic());
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) Authentication(org.springframework.security.core.Authentication) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) OAuth2AuthorizeRequest(org.springframework.security.oauth2.client.OAuth2AuthorizeRequest)

Example 18 with HttpServletRequest

use of jakarta.servlet.http.HttpServletRequest in project spring-security by spring-projects.

the class ServletOAuth2AuthorizedClientExchangeFilterFunction method removeAuthorizedClient.

private void removeAuthorizedClient(OAuth2AuthorizedClientRepository authorizedClientRepository, String clientRegistrationId, Authentication principal, Map<String, Object> attributes) {
    HttpServletRequest request = getRequest(attributes);
    HttpServletResponse response = getResponse(attributes);
    authorizedClientRepository.removeAuthorizedClient(clientRegistrationId, principal, request, response);
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) HttpServletResponse(jakarta.servlet.http.HttpServletResponse)

Example 19 with HttpServletRequest

use of jakarta.servlet.http.HttpServletRequest in project spring-security by spring-projects.

the class DebugFilterTests method doFilterProcessesForwardedRequests.

// SEC-1901
@Test
public void doFilterProcessesForwardedRequests() throws Exception {
    setupMocks();
    given(this.request.getAttribute(this.requestAttr)).willReturn(Boolean.TRUE);
    HttpServletRequest request = new DebugRequestWrapper(this.request);
    this.filter.doFilter(request, this.response, this.filterChain);
    verify(this.logger).info(anyString());
    verify(this.fcp).doFilter(request, this.response, this.filterChain);
    verify(this.request, never()).removeAttribute(this.requestAttr);
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) DebugRequestWrapper(org.springframework.security.web.debug.DebugFilter.DebugRequestWrapper) Test(org.junit.jupiter.api.Test)

Example 20 with HttpServletRequest

use of jakarta.servlet.http.HttpServletRequest in project spring-security by spring-projects.

the class StrictHttpFirewallTests method getFirewalledRequestGetHeadersWhenControlCharacterInHeaderValueThenException.

@Test
public void getFirewalledRequestGetHeadersWhenControlCharacterInHeaderValueThenException() {
    this.request.addHeader("Something", "bad\0value");
    HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
    assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeaders("Something").nextElement());
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) Test(org.junit.jupiter.api.Test)

Aggregations

HttpServletRequest (jakarta.servlet.http.HttpServletRequest)334 Test (org.junit.jupiter.api.Test)200 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)93 HttpServletResponse (jakarta.servlet.http.HttpServletResponse)91 MockHttpServletRequest (org.springframework.web.testfixture.servlet.MockHttpServletRequest)67 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)44 Authentication (org.springframework.security.core.Authentication)31 MockHttpServletResponse (org.springframework.web.testfixture.servlet.MockHttpServletResponse)31 Test (org.junit.Test)28 TomcatBaseTest (org.apache.catalina.startup.TomcatBaseTest)26 IOException (java.io.IOException)22 ServletException (jakarta.servlet.ServletException)21 HashMap (java.util.HashMap)20 HttpServlet (jakarta.servlet.http.HttpServlet)19 FilterChain (jakarta.servlet.FilterChain)17 FilterDef (org.apache.tomcat.util.descriptor.web.FilterDef)16 HttpSession (jakarta.servlet.http.HttpSession)14 MockFilterChain (org.springframework.mock.web.MockFilterChain)14 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)14 ServletRequest (jakarta.servlet.ServletRequest)13
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial