Search in sources :

Example 36 with ServerWebExchangeMatcher

use of org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher in project spring-security by spring-projects.

the class ServerWebExchangeDelegatingServerAccessDeniedHandlerTests method handleWhenFirstMatchesThenOnlyFirstInvoked.

@Test
public void handleWhenFirstMatchesThenOnlyFirstInvoked() {
    ServerAccessDeniedHandler firstHandler = mock(ServerAccessDeniedHandler.class);
    ServerWebExchangeMatcher firstMatcher = mock(ServerWebExchangeMatcher.class);
    ServerAccessDeniedHandler secondHandler = mock(ServerAccessDeniedHandler.class);
    ServerWebExchangeMatcher secondMatcher = mock(ServerWebExchangeMatcher.class);
    given(firstMatcher.matches(this.exchange)).willReturn(MatchResult.match());
    given(firstHandler.handle(this.exchange, null)).willReturn(Mono.empty());
    given(secondHandler.handle(this.exchange, null)).willReturn(Mono.empty());
    this.entries.add(new DelegateEntry(firstMatcher, firstHandler));
    this.entries.add(new DelegateEntry(secondMatcher, secondHandler));
    this.delegator = new ServerWebExchangeDelegatingServerAccessDeniedHandler(this.entries);
    this.delegator.setDefaultAccessDeniedHandler(this.accessDeniedHandler);
    this.delegator.handle(this.exchange, null).block();
    verify(firstHandler).handle(this.exchange, null);
    verify(secondHandler, never()).handle(this.exchange, null);
    verify(this.accessDeniedHandler, never()).handle(this.exchange, null);
    verify(secondMatcher, never()).matches(this.exchange);
}
Also used : ServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher) DelegateEntry(org.springframework.security.web.server.authorization.ServerWebExchangeDelegatingServerAccessDeniedHandler.DelegateEntry) Test(org.junit.jupiter.api.Test)

Example 37 with ServerWebExchangeMatcher

use of org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher in project spring-security by spring-projects.

the class WebSessionServerRequestCache method createDefaultRequestMacher.

private static ServerWebExchangeMatcher createDefaultRequestMacher() {
    ServerWebExchangeMatcher get = ServerWebExchangeMatchers.pathMatchers(HttpMethod.GET, "/**");
    ServerWebExchangeMatcher notFavicon = new NegatedServerWebExchangeMatcher(ServerWebExchangeMatchers.pathMatchers("/favicon.*"));
    MediaTypeServerWebExchangeMatcher html = new MediaTypeServerWebExchangeMatcher(MediaType.TEXT_HTML);
    html.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL));
    return new AndServerWebExchangeMatcher(get, notFavicon, html);
}
Also used : NegatedServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.NegatedServerWebExchangeMatcher) MediaTypeServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher) ServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher) AndServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.AndServerWebExchangeMatcher) MediaTypeServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher) NegatedServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.NegatedServerWebExchangeMatcher) AndServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.AndServerWebExchangeMatcher)

Example 38 with ServerWebExchangeMatcher

use of org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher in project spring-security by spring-projects.

the class WebFilterChainProxyTests method filterWhenNoMatchThenContinuesChainAnd404.

// gh-4668
@Test
public void filterWhenNoMatchThenContinuesChainAnd404() {
    List<WebFilter> filters = Arrays.asList(new Http200WebFilter());
    ServerWebExchangeMatcher notMatch = (exchange) -> MatchResult.notMatch();
    MatcherSecurityWebFilterChain chain = new MatcherSecurityWebFilterChain(notMatch, filters);
    WebFilterChainProxy filter = new WebFilterChainProxy(chain);
    WebTestClient.bindToController(new Object()).webFilter(filter).build().get().exchange().expectStatus().isNotFound();
}
Also used : Test(org.junit.jupiter.api.Test) WebTestClient(org.springframework.test.web.reactive.server.WebTestClient) HttpStatus(org.springframework.http.HttpStatus) Arrays(java.util.Arrays) List(java.util.List) ServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher) WebFilter(org.springframework.web.server.WebFilter) Mono(reactor.core.publisher.Mono) MatchResult(org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult) ServerWebExchange(org.springframework.web.server.ServerWebExchange) WebFilterChain(org.springframework.web.server.WebFilterChain) WebFilter(org.springframework.web.server.WebFilter) ServerWebExchangeMatcher(org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher) Test(org.junit.jupiter.api.Test)

Aggregations

ServerWebExchangeMatcher (org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher)38 Test (org.junit.jupiter.api.Test)35 MockServerWebExchange (org.springframework.mock.web.server.MockServerWebExchange)8 ServerWebExchange (org.springframework.web.server.ServerWebExchange)6 Collections (java.util.Collections)3 HashMap (java.util.HashMap)3 Map (java.util.Map)3 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)3 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)3 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)3 BDDMockito.given (org.mockito.BDDMockito.given)3 Mockito.mock (org.mockito.Mockito.mock)3 Mockito.spy (org.mockito.Mockito.spy)3 Mockito.verify (org.mockito.Mockito.verify)3 Answer (org.mockito.stubbing.Answer)3 WebDriver (org.openqa.selenium.WebDriver)3 Autowired (org.springframework.beans.factory.annotation.Autowired)3 ApplicationContext (org.springframework.context.ApplicationContext)3 Bean (org.springframework.context.annotation.Bean)3 Configuration (org.springframework.context.annotation.Configuration)3