Examples with ServerWebExchangeMatcher org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher used on opensource projects

Search in sources :

Example 6 with ServerWebExchangeMatcher

use of org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher in project spring-security by spring-projects.

the class SwitchUserWebFilterTests method setExitUserMatcherWhenDefinedThenChangeDefaultValue.

@Test
public void setExitUserMatcherWhenDefinedThenChangeDefaultValue() {
    final MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.post("/logout/impersonate"));
    final ServerWebExchangeMatcher oldExitUserMatcher = (ServerWebExchangeMatcher) ReflectionTestUtils.getField(this.switchUserWebFilter, "exitUserMatcher");
    assertThat(oldExitUserMatcher.matches(exchange).block().isMatch()).isTrue();
    final ServerWebExchangeMatcher newExitUserMatcher = ServerWebExchangeMatchers.pathMatchers(HttpMethod.POST, "/exit-url");
    this.switchUserWebFilter.setExitUserMatcher(newExitUserMatcher);
    final ServerWebExchangeMatcher currentExitUserMatcher = (ServerWebExchangeMatcher) ReflectionTestUtils.getField(this.switchUserWebFilter, "exitUserMatcher");
    assertThat(currentExitUserMatcher).isSameAs(newExitUserMatcher);
}
Also used : ServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher) MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange) Test(org.junit.jupiter.api.Test)

Example 7 with ServerWebExchangeMatcher

use of org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher in project spring-security by spring-projects.

the class ServerWebExchangeDelegatingServerAccessDeniedHandlerTests method handleWhenNothingMatchesThenOnlyDefaultHandlerInvoked.

@Test
public void handleWhenNothingMatchesThenOnlyDefaultHandlerInvoked() {
    ServerAccessDeniedHandler handler = mock(ServerAccessDeniedHandler.class);
    ServerWebExchangeMatcher matcher = mock(ServerWebExchangeMatcher.class);
    given(matcher.matches(this.exchange)).willReturn(MatchResult.notMatch());
    given(handler.handle(this.exchange, null)).willReturn(Mono.empty());
    given(this.accessDeniedHandler.handle(this.exchange, null)).willReturn(Mono.empty());
    this.entries.add(new DelegateEntry(matcher, handler));
    this.delegator = new ServerWebExchangeDelegatingServerAccessDeniedHandler(this.entries);
    this.delegator.setDefaultAccessDeniedHandler(this.accessDeniedHandler);
    this.delegator.handle(this.exchange, null).block();
    verify(this.accessDeniedHandler).handle(this.exchange, null);
    verify(handler, never()).handle(this.exchange, null);
}
Also used : ServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher) DelegateEntry(org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler.DelegateEntry) Test(org.junit.jupiter.api.Test)

Example 8 with ServerWebExchangeMatcher

use of org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher in project spring-security by spring-projects.

the class CsrfWebFilterTests method matchesRequireCsrfProtectionWhenNonStandardHTTPMethodIsUsed.

@Test
public // gh-8452
void matchesRequireCsrfProtectionWhenNonStandardHTTPMethodIsUsed() {
    MockServerWebExchange nonStandardHttpExchange = MockServerWebExchange.from(MockServerHttpRequest.method("non-standard-http-method", "/"));
    ServerWebExchangeMatcher serverWebExchangeMatcher = CsrfWebFilter.DEFAULT_CSRF_MATCHER;
    assertThat(serverWebExchangeMatcher.matches(nonStandardHttpExchange).map(MatchResult::isMatch).block()).isTrue();
}
Also used : ServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher) MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange) Test(org.junit.jupiter.api.Test)

Example 9 with ServerWebExchangeMatcher

use of org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher in project spring-security by spring-projects.

the class CsrfWebFilterTests method doFilterWhenSkipExchangeInvokedThenSkips.

@Test
public void doFilterWhenSkipExchangeInvokedThenSkips() {
    PublisherProbe<Void> chainResult = PublisherProbe.empty();
    given(this.chain.filter(any())).willReturn(chainResult.mono());
    ServerWebExchangeMatcher matcher = mock(ServerWebExchangeMatcher.class);
    this.csrfFilter.setRequireCsrfProtectionMatcher(matcher);
    MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.post("/post").build());
    CsrfWebFilter.skipExchange(exchange);
    this.csrfFilter.filter(exchange, this.chain).block();
    verifyZeroInteractions(matcher);
}
Also used : ServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher) MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange) Test(org.junit.jupiter.api.Test)

Example 10 with ServerWebExchangeMatcher

use of org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher in project spring-security by spring-projects.

the class HttpsRedirectWebFilterTests method filterWhenExchangeMatchesAndRequestIsInsecureThenRedirects.

@Test
public void filterWhenExchangeMatchesAndRequestIsInsecureThenRedirects() {
    given(this.chain.filter(any(ServerWebExchange.class))).willReturn(Mono.empty());
    ServerWebExchangeMatcher matcher = mock(ServerWebExchangeMatcher.class);
    given(matcher.matches(any(ServerWebExchange.class))).willReturn(ServerWebExchangeMatcher.MatchResult.match());
    this.filter.setRequiresHttpsRedirectMatcher(matcher);
    ServerWebExchange exchange = get("http://localhost:8080");
    this.filter.filter(exchange, this.chain).block();
    assertThat(statusCode(exchange)).isEqualTo(302);
    assertThat(redirectedUrl(exchange)).isEqualTo("https://localhost:8443");
    verify(matcher).matches(any(ServerWebExchange.class));
}
Also used : ServerWebExchange(org.springframework.web.server.ServerWebExchange) MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange) ServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher) Test(org.junit.jupiter.api.Test)

Aggregations

ServerWebExchangeMatcher (org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher)38 Test (org.junit.jupiter.api.Test)35 MockServerWebExchange (org.springframework.mock.web.server.MockServerWebExchange)8 ServerWebExchange (org.springframework.web.server.ServerWebExchange)6 Collections (java.util.Collections)3 HashMap (java.util.HashMap)3 Map (java.util.Map)3 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)3 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)3 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)3 BDDMockito.given (org.mockito.BDDMockito.given)3 Mockito.mock (org.mockito.Mockito.mock)3 Mockito.spy (org.mockito.Mockito.spy)3 Mockito.verify (org.mockito.Mockito.verify)3 Answer (org.mockito.stubbing.Answer)3 WebDriver (org.openqa.selenium.WebDriver)3 Autowired (org.springframework.beans.factory.annotation.Autowired)3 ApplicationContext (org.springframework.context.ApplicationContext)3 Bean (org.springframework.context.annotation.Bean)3 Configuration (org.springframework.context.annotation.Configuration)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial