Examples with ReactiveAuthenticationManager org.springframework.security.authentication.ReactiveAuthenticationManager used on opensource projects

Search in sources :

Example 16 with ReactiveAuthenticationManager

use of org.springframework.security.authentication.ReactiveAuthenticationManager in project spring-security by spring-projects.

the class ServerHttpSecurityTests method x509WhenCustomizedThenAddsX509Filter.

@Test
public void x509WhenCustomizedThenAddsX509Filter() {
    X509PrincipalExtractor mockExtractor = mock(X509PrincipalExtractor.class);
    ReactiveAuthenticationManager mockAuthenticationManager = mock(ReactiveAuthenticationManager.class);
    this.http.x509((x509) -> x509.principalExtractor(mockExtractor).authenticationManager(mockAuthenticationManager));
    SecurityWebFilterChain securityWebFilterChain = this.http.build();
    WebFilter x509WebFilter = securityWebFilterChain.getWebFilters().filter(this::isX509Filter).blockFirst();
    assertThat(x509WebFilter).isNotNull();
}
Also used : ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager) LogoutWebFilter(org.springframework.security.web.server.authentication.logout.LogoutWebFilter) WebFilter(org.springframework.web.server.WebFilter) SecurityContextServerWebExchangeWebFilter(org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter) OAuth2LoginAuthenticationWebFilter(org.springframework.security.oauth2.client.web.server.authentication.OAuth2LoginAuthenticationWebFilter) CsrfWebFilter(org.springframework.security.web.server.csrf.CsrfWebFilter) X509PrincipalExtractor(org.springframework.security.web.authentication.preauth.x509.X509PrincipalExtractor) SecurityWebFilterChain(org.springframework.security.web.server.SecurityWebFilterChain) Test(org.junit.jupiter.api.Test)

Example 17 with ReactiveAuthenticationManager

use of org.springframework.security.authentication.ReactiveAuthenticationManager in project spring-security by spring-projects.

the class ServerHttpSecurityTests method requestWhenBasicWithAuthenticationManagerInLambdaThenAuthenticationManagerUsed.

@Test
public void requestWhenBasicWithAuthenticationManagerInLambdaThenAuthenticationManagerUsed() {
    ReactiveAuthenticationManager customAuthenticationManager = mock(ReactiveAuthenticationManager.class);
    given(customAuthenticationManager.authenticate(any())).willReturn(Mono.just(new TestingAuthenticationToken("rob", "rob", "ROLE_USER", "ROLE_ADMIN")));
    // @formatter:off
    SecurityWebFilterChain securityFilterChain = this.http.httpBasic((httpBasic) -> httpBasic.authenticationManager(customAuthenticationManager)).build();
    // @formatter:on
    WebFilterChainProxy springSecurityFilterChain = new WebFilterChainProxy(securityFilterChain);
    // @formatter:off
    WebTestClient client = WebTestClientBuilder.bindToWebFilters(springSecurityFilterChain).build();
    client.get().uri("/").headers((headers) -> headers.setBasicAuth("rob", "rob")).exchange().expectStatus().isOk().expectBody(String.class).consumeWith((b) -> assertThat(b.getResponseBody()).isEqualTo("ok"));
    // @formatter:on
    verifyZeroInteractions(this.authenticationManager);
    verify(customAuthenticationManager).authenticate(any(Authentication.class));
}
Also used : ServerAuthorizationRequestRepository(org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository) BeforeEach(org.junit.jupiter.api.BeforeEach) Arrays(java.util.Arrays) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) ServerLogoutHandler(org.springframework.security.web.server.authentication.logout.ServerLogoutHandler) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) LogoutWebFilter(org.springframework.security.web.server.authentication.logout.LogoutWebFilter) WebFilter(org.springframework.web.server.WebFilter) BDDMockito.given(org.mockito.BDDMockito.given) HttpBasicServerAuthenticationEntryPoint(org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint) ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager) SecurityContextServerWebExchangeWebFilter(org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter) WebSessionServerSecurityContextRepository(org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository) HttpHeaders(org.apache.http.HttpHeaders) OAuth2LoginAuthenticationWebFilter(org.springframework.security.oauth2.client.web.server.authentication.OAuth2LoginAuthenticationWebFilter) WebFilterChain(org.springframework.web.server.WebFilterChain) MockitoExtension(org.mockito.junit.jupiter.MockitoExtension) ServerHttpSecurityConfigurationBuilder(org.springframework.security.config.annotation.web.reactive.ServerHttpSecurityConfigurationBuilder) ServerAuthenticationEntryPoint(org.springframework.security.web.server.ServerAuthenticationEntryPoint) Collectors(java.util.stream.Collectors) RestController(org.springframework.web.bind.annotation.RestController) EntityExchangeResult(org.springframework.test.web.reactive.server.EntityExchangeResult) Objects(java.util.Objects) Test(org.junit.jupiter.api.Test) List(java.util.List) SecurityContext(org.springframework.security.core.context.SecurityContext) Optional(java.util.Optional) CsrfWebFilter(org.springframework.security.web.server.csrf.CsrfWebFilter) Authentication(org.springframework.security.core.Authentication) Mockito.mock(org.mockito.Mockito.mock) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) TestPublisher(reactor.test.publisher.TestPublisher) Mock(org.mockito.Mock) TestOAuth2AuthorizationRequests(org.springframework.security.oauth2.core.endpoint.TestOAuth2AuthorizationRequests) Mockito.spy(org.mockito.Mockito.spy) ServerWebExchange(org.springframework.web.server.ServerWebExchange) Mockito.verifyZeroInteractions(org.mockito.Mockito.verifyZeroInteractions) WebTestClient(org.springframework.test.web.reactive.server.WebTestClient) SecurityContextServerLogoutHandler(org.springframework.security.web.server.authentication.logout.SecurityContextServerLogoutHandler) ArgumentCaptor(org.mockito.ArgumentCaptor) WebSessionServerRequestCache(org.springframework.security.web.server.savedrequest.WebSessionServerRequestCache) GetMapping(org.springframework.web.bind.annotation.GetMapping) AnonymousAuthenticationWebFilterTests(org.springframework.security.web.server.authentication.AnonymousAuthenticationWebFilterTests) WebTestClientBuilder(org.springframework.security.test.web.reactive.server.WebTestClientBuilder) ServerSecurityContextRepository(org.springframework.security.web.server.context.ServerSecurityContextRepository) ReactiveClientRegistrationRepository(org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository) ServerRequestCache(org.springframework.security.web.server.savedrequest.ServerRequestCache) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) X509PrincipalExtractor(org.springframework.security.web.authentication.preauth.x509.X509PrincipalExtractor) ReflectionTestUtils(org.springframework.test.util.ReflectionTestUtils) Mono(reactor.core.publisher.Mono) WebFilterChainProxy(org.springframework.security.web.server.WebFilterChainProxy) CsrfServerLogoutHandler(org.springframework.security.web.server.csrf.CsrfServerLogoutHandler) Mockito.verify(org.mockito.Mockito.verify) HttpStatus(org.springframework.http.HttpStatus) FluxExchangeResult(org.springframework.test.web.reactive.server.FluxExchangeResult) SecurityWebFilterChain(org.springframework.security.web.server.SecurityWebFilterChain) HttpStatusServerEntryPoint(org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint) ServerCsrfTokenRepository(org.springframework.security.web.server.csrf.ServerCsrfTokenRepository) ServerX509AuthenticationConverter(org.springframework.security.web.server.authentication.ServerX509AuthenticationConverter) DelegatingServerLogoutHandler(org.springframework.security.web.server.authentication.logout.DelegatingServerLogoutHandler) Customizer.withDefaults(org.springframework.security.config.Customizer.withDefaults) ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager) WebTestClient(org.springframework.test.web.reactive.server.WebTestClient) Authentication(org.springframework.security.core.Authentication) WebFilterChainProxy(org.springframework.security.web.server.WebFilterChainProxy) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) SecurityWebFilterChain(org.springframework.security.web.server.SecurityWebFilterChain) Test(org.junit.jupiter.api.Test)

Example 18 with ReactiveAuthenticationManager

use of org.springframework.security.authentication.ReactiveAuthenticationManager in project spring-security by spring-projects.

the class JwtIssuerReactiveAuthenticationManagerResolverTests method resolveWhenUsingExternalSourceThenRespondsToChanges.

@Test
public void resolveWhenUsingExternalSourceThenRespondsToChanges() {
    Authentication token = withBearerToken(this.jwt);
    Map<String, ReactiveAuthenticationManager> authenticationManagers = new HashMap<>();
    JwtIssuerReactiveAuthenticationManagerResolver authenticationManagerResolver = new JwtIssuerReactiveAuthenticationManagerResolver((issuer) -> Mono.justOrEmpty(authenticationManagers.get(issuer)));
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> authenticationManagerResolver.resolve(null).flatMap((manager) -> manager.authenticate(token)).block()).withMessageContaining("Invalid issuer");
    ReactiveAuthenticationManager authenticationManager = mock(ReactiveAuthenticationManager.class);
    given(authenticationManager.authenticate(token)).willReturn(Mono.empty());
    authenticationManagers.put("trusted", authenticationManager);
    authenticationManagerResolver.resolve(null).flatMap((manager) -> manager.authenticate(token)).block();
    verify(authenticationManager).authenticate(token);
    authenticationManagers.clear();
    // @formatter:off
    assertThatExceptionOfType(OAuth2AuthenticationException.class).isThrownBy(() -> authenticationManagerResolver.resolve(null).flatMap((manager) -> manager.authenticate(token)).block()).withMessageContaining("Invalid issuer");
// @formatter:on
}
Also used : Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) HashMap(java.util.HashMap) JWSObject(com.nimbusds.jose.JWSObject) BDDMockito.any(org.mockito.BDDMockito.any) PlainJWT(com.nimbusds.jwt.PlainJWT) BDDMockito.verify(org.mockito.BDDMockito.verify) BDDMockito.given(org.mockito.BDDMockito.given) Map(java.util.Map) MockWebServer(okhttp3.mockwebserver.MockWebServer) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager) ReactiveAuthenticationManagerResolver(org.springframework.security.authentication.ReactiveAuthenticationManagerResolver) TrustedIssuerJwtAuthenticationManagerResolver(org.springframework.security.oauth2.server.resource.authentication.JwtIssuerReactiveAuthenticationManagerResolver.TrustedIssuerJwtAuthenticationManagerResolver) TestKeys(org.springframework.security.oauth2.jose.TestKeys) Collection(java.util.Collection) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm) Mono(reactor.core.publisher.Mono) JWSHeader(com.nimbusds.jose.JWSHeader) JwtClaimNames(org.springframework.security.oauth2.jwt.JwtClaimNames) Test(org.junit.jupiter.api.Test) Payload(com.nimbusds.jose.Payload) RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner) JSONObject(net.minidev.json.JSONObject) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken) BDDMockito.mock(org.mockito.BDDMockito.mock) MockResponse(okhttp3.mockwebserver.MockResponse) Authentication(org.springframework.security.core.Authentication) Collections(java.util.Collections) ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager) HashMap(java.util.HashMap) Authentication(org.springframework.security.core.Authentication) Test(org.junit.jupiter.api.Test)

Example 19 with ReactiveAuthenticationManager

use of org.springframework.security.authentication.ReactiveAuthenticationManager in project spring-security by spring-projects.

the class JwtIssuerReactiveAuthenticationManagerResolverTests method resolveWhenUsingCustomIssuerAuthenticationManagerResolverThenUses.

@Test
public void resolveWhenUsingCustomIssuerAuthenticationManagerResolverThenUses() {
    Authentication token = withBearerToken(this.jwt);
    ReactiveAuthenticationManager authenticationManager = mock(ReactiveAuthenticationManager.class);
    given(authenticationManager.authenticate(token)).willReturn(Mono.empty());
    JwtIssuerReactiveAuthenticationManagerResolver authenticationManagerResolver = new JwtIssuerReactiveAuthenticationManagerResolver((issuer) -> Mono.just(authenticationManager));
    authenticationManagerResolver.resolve(null).flatMap((manager) -> manager.authenticate(token)).block();
    verify(authenticationManager).authenticate(any());
}
Also used : Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet) HashMap(java.util.HashMap) JWSObject(com.nimbusds.jose.JWSObject) BDDMockito.any(org.mockito.BDDMockito.any) PlainJWT(com.nimbusds.jwt.PlainJWT) BDDMockito.verify(org.mockito.BDDMockito.verify) BDDMockito.given(org.mockito.BDDMockito.given) Map(java.util.Map) MockWebServer(okhttp3.mockwebserver.MockWebServer) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager) ReactiveAuthenticationManagerResolver(org.springframework.security.authentication.ReactiveAuthenticationManagerResolver) TrustedIssuerJwtAuthenticationManagerResolver(org.springframework.security.oauth2.server.resource.authentication.JwtIssuerReactiveAuthenticationManagerResolver.TrustedIssuerJwtAuthenticationManagerResolver) TestKeys(org.springframework.security.oauth2.jose.TestKeys) Collection(java.util.Collection) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm) Mono(reactor.core.publisher.Mono) JWSHeader(com.nimbusds.jose.JWSHeader) JwtClaimNames(org.springframework.security.oauth2.jwt.JwtClaimNames) Test(org.junit.jupiter.api.Test) Payload(com.nimbusds.jose.Payload) RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner) JSONObject(net.minidev.json.JSONObject) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken) BDDMockito.mock(org.mockito.BDDMockito.mock) MockResponse(okhttp3.mockwebserver.MockResponse) Authentication(org.springframework.security.core.Authentication) Collections(java.util.Collections) ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager) Authentication(org.springframework.security.core.Authentication) Test(org.junit.jupiter.api.Test)

Example 20 with ReactiveAuthenticationManager

use of org.springframework.security.authentication.ReactiveAuthenticationManager in project spring-security by spring-projects.

the class JwtIssuerReactiveAuthenticationManagerResolverTests method resolveWhenUsingTrustedIssuerThenReturnsAuthenticationManager.

@Test
public void resolveWhenUsingTrustedIssuerThenReturnsAuthenticationManager() throws Exception {
    try (MockWebServer server = new MockWebServer()) {
        String issuer = server.url("").toString();
        server.enqueue(new MockResponse().setResponseCode(200).setHeader("Content-Type", "application/json").setBody(String.format(DEFAULT_RESPONSE_TEMPLATE, issuer, issuer)));
        server.enqueue(new MockResponse().setResponseCode(200).setHeader("Content-Type", "application/json").setBody(JWK_SET));
        server.enqueue(new MockResponse().setResponseCode(200).setHeader("Content-Type", "application/json").setBody(JWK_SET));
        JWSObject jws = new JWSObject(new JWSHeader(JWSAlgorithm.RS256), new Payload(new JSONObject(Collections.singletonMap(JwtClaimNames.ISS, issuer))));
        jws.sign(new RSASSASigner(TestKeys.DEFAULT_PRIVATE_KEY));
        JwtIssuerReactiveAuthenticationManagerResolver authenticationManagerResolver = new JwtIssuerReactiveAuthenticationManagerResolver(issuer);
        ReactiveAuthenticationManager authenticationManager = authenticationManagerResolver.resolve(null).block();
        assertThat(authenticationManager).isNotNull();
        BearerTokenAuthenticationToken token = withBearerToken(jws.serialize());
        Authentication authentication = authenticationManager.authenticate(token).block();
        assertThat(authentication).isNotNull();
        assertThat(authentication.isAuthenticated()).isTrue();
    }
}
Also used : MockResponse(okhttp3.mockwebserver.MockResponse) ReactiveAuthenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager) JSONObject(net.minidev.json.JSONObject) Authentication(org.springframework.security.core.Authentication) MockWebServer(okhttp3.mockwebserver.MockWebServer) RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner) Payload(com.nimbusds.jose.Payload) JWSObject(com.nimbusds.jose.JWSObject) BearerTokenAuthenticationToken(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken) JWSHeader(com.nimbusds.jose.JWSHeader) Test(org.junit.jupiter.api.Test)

Aggregations

ReactiveAuthenticationManager (org.springframework.security.authentication.ReactiveAuthenticationManager)20 Test (org.junit.jupiter.api.Test)19 Authentication (org.springframework.security.core.Authentication)13 SecurityWebFilterChain (org.springframework.security.web.server.SecurityWebFilterChain)13 BDDMockito.given (org.mockito.BDDMockito.given)12 Mono (reactor.core.publisher.Mono)12 WebTestClient (org.springframework.test.web.reactive.server.WebTestClient)11 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)10 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)10 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)10 Mockito.mock (org.mockito.Mockito.mock)10 Mockito.verify (org.mockito.Mockito.verify)10 GetMapping (org.springframework.web.bind.annotation.GetMapping)10 RestController (org.springframework.web.bind.annotation.RestController)10 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)9 MockResponse (okhttp3.mockwebserver.MockResponse)8 MockWebServer (okhttp3.mockwebserver.MockWebServer)8 Autowired (org.springframework.beans.factory.annotation.Autowired)8 ApplicationContext (org.springframework.context.ApplicationContext)8 Bean (org.springframework.context.annotation.Bean)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial