use of org.springframework.test.web.reactive.server.WebTestClient in project spring-security by spring-projects.
the class AuthorizeExchangeSpecTests method antMatchersWhenMethodAndPatternsThenDiscriminatesByMethod.
@Test
public void antMatchersWhenMethodAndPatternsThenDiscriminatesByMethod() {
this.http.csrf().disable().authorizeExchange().pathMatchers(HttpMethod.POST, "/a", "/b").denyAll().anyExchange().permitAll();
WebTestClient client = buildClient();
// @formatter:off
client.get().uri("/a").exchange().expectStatus().isOk();
client.get().uri("/b").exchange().expectStatus().isOk();
client.post().uri("/a").exchange().expectStatus().isUnauthorized();
client.post().uri("/b").exchange().expectStatus().isUnauthorized();
// @formatter:on
}
use of org.springframework.test.web.reactive.server.WebTestClient in project spring-security by spring-projects.
the class AuthorizeExchangeSpecTests method antMatchersWhenPatternsThenAnyMethod.
@Test
public void antMatchersWhenPatternsThenAnyMethod() {
this.http.csrf().disable().authorizeExchange().pathMatchers("/a", "/b").denyAll().anyExchange().permitAll();
WebTestClient client = buildClient();
// @formatter:off
client.get().uri("/a").exchange().expectStatus().isUnauthorized();
client.get().uri("/b").exchange().expectStatus().isUnauthorized();
client.post().uri("/a").exchange().expectStatus().isUnauthorized();
client.post().uri("/b").exchange().expectStatus().isUnauthorized();
// @formatter:on
}
use of org.springframework.test.web.reactive.server.WebTestClient in project spring-security by spring-projects.
the class AuthorizeExchangeSpecTests method antMatchersWhenPatternsInLambdaThenAnyMethod.
@Test
public void antMatchersWhenPatternsInLambdaThenAnyMethod() {
this.http.csrf(ServerHttpSecurity.CsrfSpec::disable).authorizeExchange((exchanges) -> exchanges.pathMatchers("/a", "/b").denyAll().anyExchange().permitAll());
WebTestClient client = buildClient();
// @formatter:off
client.get().uri("/a").exchange().expectStatus().isUnauthorized();
client.get().uri("/b").exchange().expectStatus().isUnauthorized();
client.post().uri("/a").exchange().expectStatus().isUnauthorized();
client.post().uri("/b").exchange().expectStatus().isUnauthorized();
// @formatter:on
}
use of org.springframework.test.web.reactive.server.WebTestClient in project spring-security by spring-projects.
the class ExceptionHandlingSpecTests method customAuthenticationEntryPoint.
@Test
public void customAuthenticationEntryPoint() {
// @formatter:off
SecurityWebFilterChain securityWebFilter = this.http.csrf().disable().authorizeExchange().anyExchange().authenticated().and().exceptionHandling().authenticationEntryPoint(redirectServerAuthenticationEntryPoint("/auth")).and().build();
WebTestClient client = WebTestClientBuilder.bindToWebFilters(securityWebFilter).build();
client.get().uri("/test").exchange().expectStatus().isFound().expectHeader().valueMatches("Location", ".*");
// @formatter:on
}
use of org.springframework.test.web.reactive.server.WebTestClient in project spring-security by spring-projects.
the class ExceptionHandlingSpecTests method requestWhenCustomAuthenticationEntryPointInLambdaThenCustomAuthenticationEntryPointUsed.
@Test
public void requestWhenCustomAuthenticationEntryPointInLambdaThenCustomAuthenticationEntryPointUsed() {
// @formatter:off
SecurityWebFilterChain securityWebFilter = this.http.authorizeExchange((exchanges) -> exchanges.anyExchange().authenticated()).exceptionHandling((exceptionHandling) -> exceptionHandling.authenticationEntryPoint(redirectServerAuthenticationEntryPoint("/auth"))).build();
WebTestClient client = WebTestClientBuilder.bindToWebFilters(securityWebFilter).build();
client.get().uri("/test").exchange().expectStatus().isFound().expectHeader().valueMatches("Location", ".*");
// @formatter:on
}
Aggregations