use of org.springframework.security.oauth2.client.web.reactive.function.client.MockExchangeFunction in project spring-security by spring-projects.
the class SecurityReactorContextConfigurationTests method createPublisherWhenLastOperatorAddedThenSecurityContextAttributesAvailable.
@Test
public void createPublisherWhenLastOperatorAddedThenSecurityContextAttributesAvailable() {
// Trigger the importing of SecurityReactorContextConfiguration via
// OAuth2ImportSelector
this.spring.register(SecurityConfig.class).autowire();
// Setup for SecurityReactorContextSubscriberRegistrar
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(this.servletRequest, this.servletResponse));
SecurityContextHolder.getContext().setAuthentication(this.authentication);
ClientResponse clientResponseOk = ClientResponse.create(HttpStatus.OK).build();
// @formatter:off
ExchangeFilterFunction filter = (req, next) -> Mono.subscriberContext().filter((ctx) -> ctx.hasKey(SecurityReactorContextSubscriber.SECURITY_CONTEXT_ATTRIBUTES)).map((ctx) -> ctx.get(SecurityReactorContextSubscriber.SECURITY_CONTEXT_ATTRIBUTES)).cast(Map.class).map((attributes) -> {
if (attributes.containsKey(HttpServletRequest.class) && attributes.containsKey(HttpServletResponse.class) && attributes.containsKey(Authentication.class)) {
return clientResponseOk;
} else {
return ClientResponse.create(HttpStatus.NOT_FOUND).build();
}
});
// @formatter:on
ClientRequest clientRequest = ClientRequest.create(HttpMethod.GET, URI.create("https://example.com")).build();
MockExchangeFunction exchange = new MockExchangeFunction();
Map<Object, Object> expectedContextAttributes = new HashMap<>();
expectedContextAttributes.put(HttpServletRequest.class, this.servletRequest);
expectedContextAttributes.put(HttpServletResponse.class, this.servletResponse);
expectedContextAttributes.put(Authentication.class, this.authentication);
Mono<ClientResponse> clientResponseMono = filter.filter(clientRequest, exchange).flatMap((response) -> filter.filter(clientRequest, exchange));
// @formatter:off
StepVerifier.create(clientResponseMono).expectAccessibleContext().contains(SecurityReactorContextSubscriber.SECURITY_CONTEXT_ATTRIBUTES, expectedContextAttributes).then().expectNext(clientResponseOk).verifyComplete();
// @formatter:on
}
Aggregations