Search in sources :

Example 1 with MockExchangeFunction

use of org.springframework.security.oauth2.client.web.reactive.function.client.MockExchangeFunction in project spring-security by spring-projects.

the class SecurityReactorContextConfigurationTests method createPublisherWhenLastOperatorAddedThenSecurityContextAttributesAvailable.

@Test
public void createPublisherWhenLastOperatorAddedThenSecurityContextAttributesAvailable() {
    // Trigger the importing of SecurityReactorContextConfiguration via
    // OAuth2ImportSelector
    this.spring.register(SecurityConfig.class).autowire();
    // Setup for SecurityReactorContextSubscriberRegistrar
    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(this.servletRequest, this.servletResponse));
    SecurityContextHolder.getContext().setAuthentication(this.authentication);
    ClientResponse clientResponseOk = ClientResponse.create(HttpStatus.OK).build();
    // @formatter:off
    ExchangeFilterFunction filter = (req, next) -> Mono.subscriberContext().filter((ctx) -> ctx.hasKey(SecurityReactorContextSubscriber.SECURITY_CONTEXT_ATTRIBUTES)).map((ctx) -> ctx.get(SecurityReactorContextSubscriber.SECURITY_CONTEXT_ATTRIBUTES)).cast(Map.class).map((attributes) -> {
        if (attributes.containsKey(HttpServletRequest.class) && attributes.containsKey(HttpServletResponse.class) && attributes.containsKey(Authentication.class)) {
            return clientResponseOk;
        } else {
            return ClientResponse.create(HttpStatus.NOT_FOUND).build();
        }
    });
    // @formatter:on
    ClientRequest clientRequest = ClientRequest.create(HttpMethod.GET, URI.create("https://example.com")).build();
    MockExchangeFunction exchange = new MockExchangeFunction();
    Map<Object, Object> expectedContextAttributes = new HashMap<>();
    expectedContextAttributes.put(HttpServletRequest.class, this.servletRequest);
    expectedContextAttributes.put(HttpServletResponse.class, this.servletResponse);
    expectedContextAttributes.put(Authentication.class, this.authentication);
    Mono<ClientResponse> clientResponseMono = filter.filter(clientRequest, exchange).flatMap((response) -> filter.filter(clientRequest, exchange));
    // @formatter:off
    StepVerifier.create(clientResponseMono).expectAccessibleContext().contains(SecurityReactorContextSubscriber.SECURITY_CONTEXT_ATTRIBUTES, expectedContextAttributes).then().expectNext(clientResponseOk).verifyComplete();
// @formatter:on
}
Also used : ClientResponse(org.springframework.web.reactive.function.client.ClientResponse) BeforeEach(org.junit.jupiter.api.BeforeEach) StepVerifier(reactor.test.StepVerifier) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) HashMap(java.util.HashMap) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) RequestContextHolder(org.springframework.web.context.request.RequestContextHolder) ClientRequest(org.springframework.web.reactive.function.client.ClientRequest) CoreSubscriber(reactor.core.CoreSubscriber) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) Map(java.util.Map) RequestAttributes(org.springframework.web.context.request.RequestAttributes) SecurityReactorContextSubscriber(org.springframework.security.config.annotation.web.configuration.SecurityReactorContextConfiguration.SecurityReactorContextSubscriber) URI(java.net.URI) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) ClientResponse(org.springframework.web.reactive.function.client.ClientResponse) Operators(reactor.core.publisher.Operators) Context(reactor.util.context.Context) HttpMethod(org.springframework.http.HttpMethod) Mono(reactor.core.publisher.Mono) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ServletRequestAttributes(org.springframework.web.context.request.ServletRequestAttributes) MockExchangeFunction(org.springframework.security.oauth2.client.web.reactive.function.client.MockExchangeFunction) Assertions.entry(org.assertj.core.api.Assertions.entry) BaseSubscriber(reactor.core.publisher.BaseSubscriber) Test(org.junit.jupiter.api.Test) HttpStatus(org.springframework.http.HttpStatus) AfterEach(org.junit.jupiter.api.AfterEach) ExchangeFilterFunction(org.springframework.web.reactive.function.client.ExchangeFilterFunction) SpringTestContext(org.springframework.security.config.test.SpringTestContext) SpringTestContextExtension(org.springframework.security.config.test.SpringTestContextExtension) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) Authentication(org.springframework.security.core.Authentication) HashMap(java.util.HashMap) ServletRequestAttributes(org.springframework.web.context.request.ServletRequestAttributes) MockExchangeFunction(org.springframework.security.oauth2.client.web.reactive.function.client.MockExchangeFunction) ExchangeFilterFunction(org.springframework.web.reactive.function.client.ExchangeFilterFunction) Authentication(org.springframework.security.core.Authentication) HashMap(java.util.HashMap) Map(java.util.Map) ClientRequest(org.springframework.web.reactive.function.client.ClientRequest) Test(org.junit.jupiter.api.Test)

Aggregations

HttpServletRequest (jakarta.servlet.http.HttpServletRequest)1 HttpServletResponse (jakarta.servlet.http.HttpServletResponse)1 URI (java.net.URI)1 HashMap (java.util.HashMap)1 Map (java.util.Map)1 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)1 Assertions.entry (org.assertj.core.api.Assertions.entry)1 AfterEach (org.junit.jupiter.api.AfterEach)1 BeforeEach (org.junit.jupiter.api.BeforeEach)1 Test (org.junit.jupiter.api.Test)1 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)1 HttpMethod (org.springframework.http.HttpMethod)1 HttpStatus (org.springframework.http.HttpStatus)1 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)1 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)1 HttpSecurity (org.springframework.security.config.annotation.web.builders.HttpSecurity)1 SecurityReactorContextSubscriber (org.springframework.security.config.annotation.web.configuration.SecurityReactorContextConfiguration.SecurityReactorContextSubscriber)1 SpringTestContext (org.springframework.security.config.test.SpringTestContext)1 SpringTestContextExtension (org.springframework.security.config.test.SpringTestContextExtension)1