diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java index e24b8d8f101..7299e3ebc8b 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -77,7 +77,7 @@ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.forwardedUrl; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header; -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrlPattern; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; /** @@ -167,7 +167,7 @@ public void configureWhenAuthenticationEntryPointSetAndRequestUnauthorizedThenRe // @formatter:off this.mockMvc.perform(get("/")) .andExpect(status().is3xxRedirection()) - .andExpect(redirectedUrlPattern("**/entry-point")); + .andExpect(redirectedUrl("/entry-point")); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.java index 3b44f86ed83..937b37be648 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2023 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -75,7 +75,7 @@ public class DefaultLoginPageConfigurerTests { @Test public void getWhenFormLoginEnabledThenRedirectsToLoginPage() throws Exception { this.spring.register(DefaultLoginPageConfig.class).autowire(); - this.mvc.perform(get("/")).andExpect(redirectedUrl("http://localhost/login")); + this.mvc.perform(get("/")).andExpect(redirectedUrl("/login")); } @Test diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerTests.java index 00b678c22e0..9c5eedd2d42 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -213,8 +213,7 @@ public void getWhenCustomSecurityContextHolderStrategyThenUsed() throws Exceptio @Test public void getWhenUsingDefaultsAndUnauthenticatedThenRedirectsToLogin() throws Exception { this.spring.register(DefaultHttpConfig.class).autowire(); - this.mvc.perform(get("/").header(HttpHeaders.ACCEPT, "bogus/type")) - .andExpect(redirectedUrl("http://localhost/login")); + this.mvc.perform(get("/").header(HttpHeaders.ACCEPT, "bogus/type")).andExpect(redirectedUrl("/login")); } @Test diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java index 48313a867b3..418eac6586f 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -162,7 +162,7 @@ public void requestProtectedWhenFormLoginConfiguredThenRedirectsToLogin() throws // @formatter:off this.mockMvc.perform(get("/private")) .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); // @formatter:on } @@ -217,7 +217,7 @@ public void requestProtectedWhenFormLoginDefaultsInLambdaThenRedirectsToLogin() // @formatter:off this.mockMvc.perform(get("/private")) .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); // @formatter:on } @@ -331,7 +331,7 @@ public void failureUrlWhenPermitAllAndFailureHandlerThenSecured() throws Excepti // @formatter:off this.mockMvc.perform(get("/login?error")) .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java index c1bd55dbdbd..2d46951de1b 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -65,7 +65,7 @@ public class NamespaceHttpFormLoginTests { @Test public void formLoginWhenDefaultConfigurationThenMatchesNamespace() throws Exception { this.spring.register(FormLoginConfig.class, UserDetailsServiceConfig.class).autowire(); - this.mvc.perform(get("/")).andExpect(redirectedUrl("http://localhost/login")); + this.mvc.perform(get("/")).andExpect(redirectedUrl("/login")); this.mvc.perform(post("/login").with(csrf())).andExpect(redirectedUrl("/login?error")); // @formatter:off MockHttpServletRequestBuilder loginRequest = post("/login") @@ -79,7 +79,7 @@ public void formLoginWhenDefaultConfigurationThenMatchesNamespace() throws Excep @Test public void formLoginWithCustomEndpointsThenBehaviorMatchesNamespace() throws Exception { this.spring.register(FormLoginCustomConfig.class, UserDetailsServiceConfig.class).autowire(); - this.mvc.perform(get("/")).andExpect(redirectedUrl("http://localhost/authentication/login")); + this.mvc.perform(get("/")).andExpect(redirectedUrl("/authentication/login")); this.mvc.perform(post("/authentication/login/process").with(csrf())) .andExpect(redirectedUrl("/authentication/login?failed")); // @formatter:off @@ -94,7 +94,7 @@ public void formLoginWithCustomEndpointsThenBehaviorMatchesNamespace() throws Ex @Test public void formLoginWithCustomHandlersThenBehaviorMatchesNamespace() throws Exception { this.spring.register(FormLoginCustomRefsConfig.class, UserDetailsServiceConfig.class).autowire(); - this.mvc.perform(get("/")).andExpect(redirectedUrl("http://localhost/login")); + this.mvc.perform(get("/")).andExpect(redirectedUrl("/login")); this.mvc.perform(post("/login").with(csrf())).andExpect(redirectedUrl("/custom/failure")); verifyBean(WebAuthenticationDetailsSource.class).buildDetails(any(HttpServletRequest.class)); // @formatter:off diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java index c55f865db8d..2c448484e50 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -104,7 +104,7 @@ public void rememberMeLoginWhenUsingDefaultsThenMatchesNamespace() throws Except .with(csrf()) .cookie(rememberMe); this.mvc.perform(authenticationClassRequest) - .andExpect(redirectedUrl("http://localhost/login")) + .andExpect(redirectedUrl("/login")) .andReturn(); // @formatter:on } @@ -150,7 +150,7 @@ public void rememberMeLoginWhenKeyDeclaredThenMatchesNamespace() throws Exceptio // @formatter:off this.mvc.perform(somewhereRequest) .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); MockHttpServletRequestBuilder loginWithRememberme = post("/login").with(rememberMeLogin()); Cookie withKey = this.mvc.perform(loginWithRememberme) .andReturn() diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurerTests.java index c6bab8cf229..e333d83cc8e 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurerTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2023 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -238,7 +238,7 @@ public void getWhenRememberMeCookieAndLoggedOutThenRedirectsToLogin() throws Exc .with(csrf()) .cookie(expiredRememberMeCookie); // @formatter:on - this.mvc.perform(expiredRequest).andExpect(redirectedUrl("http://localhost/login")); + this.mvc.perform(expiredRequest).andExpect(redirectedUrl("/login")); } @Test diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java index 1b14a87b335..4212d34602c 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -90,7 +90,7 @@ public void getWhenBookmarkedUrlIsFaviconIcoThenPostAuthenticationRedirectsToRoo this.spring.register(RequestCacheDefaultsConfig.class, DefaultSecurityConfig.class).autowire(); // @formatter:off MockHttpSession session = (MockHttpSession) this.mvc.perform(get("/favicon.ico")) - .andExpect(redirectedUrl("http://localhost/login")) + .andExpect(redirectedUrl("/login")) .andReturn() .getRequest() .getSession(); @@ -104,7 +104,7 @@ public void getWhenBookmarkedUrlIsFaviconPngThenPostAuthenticationRedirectsToRoo this.spring.register(RequestCacheDefaultsConfig.class, DefaultSecurityConfig.class).autowire(); // @formatter:off MockHttpSession session = (MockHttpSession) this.mvc.perform(get("/favicon.png")) - .andExpect(redirectedUrl("http://localhost/login")) + .andExpect(redirectedUrl("/login")) .andReturn() .getRequest() .getSession(); @@ -120,7 +120,7 @@ public void getWhenBookmarkedRequestIsApplicationJsonThenPostAuthenticationRedir MockHttpServletRequestBuilder request = get("/messages").header(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON); // @formatter:off MockHttpSession session = (MockHttpSession) this.mvc.perform(request) - .andExpect(redirectedUrl("http://localhost/login")) + .andExpect(redirectedUrl("/login")) .andReturn() .getRequest() .getSession(); @@ -140,7 +140,7 @@ public void getWhenBookmarkedRequestIsXRequestedWithThenPostAuthenticationRedire .header("X-Requested-With", "XMLHttpRequest"); MockHttpSession session = (MockHttpSession) this.mvc .perform(xRequestedWith) - .andExpect(redirectedUrl("http://localhost/login")) + .andExpect(redirectedUrl("/login")) .andReturn() .getRequest() .getSession(); @@ -157,7 +157,7 @@ public void getWhenBookmarkedRequestIsTextEventStreamThenPostAuthenticationRedir MediaType.TEXT_EVENT_STREAM); // @formatter:off MockHttpSession session = (MockHttpSession) this.mvc.perform(request) - .andExpect(redirectedUrl("http://localhost/login")) + .andExpect(redirectedUrl("/login")) .andReturn() .getRequest() .getSession(); @@ -174,7 +174,7 @@ public void getWhenBookmarkedRequestIsAllMediaTypeThenPostAuthenticationRemember MockHttpServletRequestBuilder request = get("/messages").header(HttpHeaders.ACCEPT, MediaType.ALL); // @formatter:off MockHttpSession session = (MockHttpSession) this.mvc.perform(request) - .andExpect(redirectedUrl("http://localhost/login")) + .andExpect(redirectedUrl("/login")) .andReturn() .getRequest() .getSession(); @@ -188,7 +188,7 @@ public void getWhenBookmarkedRequestIsTextHtmlThenPostAuthenticationRemembers() MockHttpServletRequestBuilder request = get("/messages").header(HttpHeaders.ACCEPT, MediaType.TEXT_HTML); // @formatter:off MockHttpSession session = (MockHttpSession) this.mvc.perform(request) - .andExpect(redirectedUrl("http://localhost/login")) + .andExpect(redirectedUrl("/login")) .andReturn() .getRequest() .getSession(); @@ -203,7 +203,7 @@ public void getWhenBookmarkedRequestIsChromeThenPostAuthenticationRemembers() th MockHttpServletRequestBuilder request = get("/messages") .header(HttpHeaders.ACCEPT, "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"); MockHttpSession session = (MockHttpSession) this.mvc.perform(request) - .andExpect(redirectedUrl("http://localhost/login")) + .andExpect(redirectedUrl("/login")) .andReturn() .getRequest() .getSession(); @@ -218,7 +218,7 @@ public void getWhenBookmarkedRequestIsRequestedWithAndroidThenPostAuthentication MockHttpServletRequestBuilder request = get("/messages") .header("X-Requested-With", "com.android"); MockHttpSession session = (MockHttpSession) this.mvc.perform(request) - .andExpect(redirectedUrl("http://localhost/login")) + .andExpect(redirectedUrl("/login")) .andReturn() .getRequest() .getSession(); diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java index d85637961db..e0135abfede 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java @@ -437,7 +437,7 @@ public void oauth2LoginWithOneClientConfiguredThenRedirectForAuthorization() thr this.request = new MockHttpServletRequest("GET", requestUri); this.request.setServletPath(requestUri); this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain); - assertThat(this.response.getRedirectedUrl()).matches("http://localhost/oauth2/authorization/google"); + assertThat(this.response.getRedirectedUrl()).matches("/oauth2/authorization/google"); } // gh-6802 @@ -448,7 +448,7 @@ public void oauth2LoginWithOneClientConfiguredAndFormLoginThenRedirectDefaultLog this.request = new MockHttpServletRequest("GET", requestUri); this.request.setServletPath(requestUri); this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain); - assertThat(this.response.getRedirectedUrl()).matches("http://localhost/login"); + assertThat(this.response.getRedirectedUrl()).matches("/login"); } // gh-5347 @@ -461,7 +461,7 @@ public void oauth2LoginWithOneClientConfiguredAndRequestFaviconNotAuthenticatedT this.request.setServletPath(requestUri); this.request.addHeader(HttpHeaders.ACCEPT, new MediaType("image", "*").toString()); this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain); - assertThat(this.response.getRedirectedUrl()).matches("http://localhost/login"); + assertThat(this.response.getRedirectedUrl()).matches("/login"); } // gh-5347 @@ -472,7 +472,7 @@ public void oauth2LoginWithMultipleClientsConfiguredThenRedirectDefaultLoginPage this.request = new MockHttpServletRequest("GET", requestUri); this.request.setServletPath(requestUri); this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain); - assertThat(this.response.getRedirectedUrl()).matches("http://localhost/login"); + assertThat(this.response.getRedirectedUrl()).matches("/login"); } // gh-6812 @@ -521,7 +521,7 @@ public void oauth2LoginWithOneAuthorizationCodeClientAndOtherClientsConfiguredTh this.request = new MockHttpServletRequest("GET", requestUri); this.request.setServletPath(requestUri); this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain); - assertThat(this.response.getRedirectedUrl()).matches("http://localhost/oauth2/authorization/google"); + assertThat(this.response.getRedirectedUrl()).matches("/oauth2/authorization/google"); } @Test @@ -531,7 +531,7 @@ public void oauth2LoginWithCustomLoginPageThenRedirectCustomLoginPage() throws E this.request = new MockHttpServletRequest("GET", requestUri); this.request.setServletPath(requestUri); this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain); - assertThat(this.response.getRedirectedUrl()).matches("http://localhost/custom-login"); + assertThat(this.response.getRedirectedUrl()).matches("/custom-login"); } @Test @@ -541,7 +541,7 @@ public void requestWhenOauth2LoginWithCustomLoginPageInLambdaThenRedirectCustomL this.request = new MockHttpServletRequest("GET", requestUri); this.request.setServletPath(requestUri); this.springSecurityFilterChain.doFilter(this.request, this.response, this.filterChain); - assertThat(this.response.getRedirectedUrl()).matches("http://localhost/custom-login"); + assertThat(this.response.getRedirectedUrl()).matches("/custom-login"); } @Test diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java index cb2ba0e137d..da7e24e75ae 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -1210,7 +1210,7 @@ public void requestWhenFormLoginAndResourceServerEntryPointsThenSessionCreatedBy MvcResult result = this.mvc.perform(get("/authenticated") .header("Accept", "text/html")) .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/login")) + .andExpect(redirectedUrl("/login")) .andReturn(); // @formatter:on assertThat(result.getRequest().getSession(false)).isNotNull(); diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java index 461f030e9f2..8d6ec7429e4 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -387,10 +387,10 @@ public void getFaviconWhenDefaultConfigurationThenDoesNotSaveAuthnRequest() thro this.spring.register(Saml2LoginConfig.class).autowire(); this.mvc.perform(get("/favicon.ico").accept(MediaType.TEXT_HTML)) .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); this.mvc.perform(get("/").accept(MediaType.TEXT_HTML)) .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/saml2/authenticate/registration-id")); + .andExpect(redirectedUrl("/saml2/authenticate/registration-id")); } @Test diff --git a/config/src/test/java/org/springframework/security/config/http/CsrfConfigTests.java b/config/src/test/java/org/springframework/security/config/http/CsrfConfigTests.java index 97bffee2f43..31e3d2da73b 100644 --- a/config/src/test/java/org/springframework/security/config/http/CsrfConfigTests.java +++ b/config/src/test/java/org/springframework/security/config/http/CsrfConfigTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -342,7 +342,7 @@ public void postWhenHasCsrfTokenButSessionExpiresThenRequestIsCancelledAfterSucc this.spring.configLocations(this.xml("CsrfEnabled")).autowire(); // simulates a request that has no authentication (e.g. session time-out) MvcResult result = this.mvc.perform(post("/authenticated").with(csrf())) - .andExpect(redirectedUrl("http://localhost/login")) + .andExpect(redirectedUrl("/login")) .andReturn(); MockHttpSession session = (MockHttpSession) result.getRequest().getSession(); // if the request cache is consulted, then it will redirect back to /some-url, @@ -363,9 +363,7 @@ public void getWhenHasCsrfTokenButSessionExpiresThenRequestIsRememeberedAfterSuc throws Exception { this.spring.configLocations(this.xml("CsrfEnabled")).autowire(); // simulates a request that has no authentication (e.g. session time-out) - MvcResult result = this.mvc.perform(get("/authenticated")) - .andExpect(redirectedUrl("http://localhost/login")) - .andReturn(); + MvcResult result = this.mvc.perform(get("/authenticated")).andExpect(redirectedUrl("/login")).andReturn(); MockHttpSession session = (MockHttpSession) result.getRequest().getSession(); // if the request cache is consulted, then it will redirect back to /some-url, // which we do want diff --git a/config/src/test/java/org/springframework/security/config/http/FormLoginConfigTests.java b/config/src/test/java/org/springframework/security/config/http/FormLoginConfigTests.java index 52237273df3..b054762aac3 100644 --- a/config/src/test/java/org/springframework/security/config/http/FormLoginConfigTests.java +++ b/config/src/test/java/org/springframework/security/config/http/FormLoginConfigTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2018 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -73,7 +73,7 @@ public void getProtectedPageWhenFormLoginConfiguredThenRedirectsToDefaultLoginPa this.spring.configLocations(this.xml("WithAntRequestMatcher")).autowire(); // @formatter:off this.mvc.perform(get("/")) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); // @formatter:on } @@ -107,7 +107,7 @@ public void authenticateWhenConfiguredWithSpelThenRedirectsAccordingly() throws this.mvc.perform(invalidPassword) .andExpect(redirectedUrl(WebConfigUtilsTests.URL + "/failure")); this.mvc.perform(get("/")) - .andExpect(redirectedUrl("http://localhost" + WebConfigUtilsTests.URL + "/login")); + .andExpect(redirectedUrl(WebConfigUtilsTests.URL + "/login")); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/http/HttpConfigTests.java b/config/src/test/java/org/springframework/security/config/http/HttpConfigTests.java index b8a86d2411c..2e5678bba52 100644 --- a/config/src/test/java/org/springframework/security/config/http/HttpConfigTests.java +++ b/config/src/test/java/org/springframework/security/config/http/HttpConfigTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -71,7 +71,7 @@ public void getWhenUsingMinimalConfigurationThenRedirectsToLogin() throws Except // @formatter:off this.mvc.perform(get("/")) .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); // @formatter:on } @@ -81,7 +81,7 @@ public void getWhenUsingMinimalAuthorizationManagerThenRedirectsToLogin() throws // @formatter:off this.mvc.perform(get("/")) .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); // @formatter:on } @@ -94,7 +94,7 @@ public void getWhenUsingAuthorizationManagerThenRedirectsToLogin() throws Except // @formatter:off this.mvc.perform(get("/")) .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); // @formatter:on verify(authorizationManager).check(any(), any()); } @@ -108,7 +108,7 @@ public void getWhenUsingMinimalConfigurationThenPreventsSessionAsUrlParameter() proxy.doFilter(request, new EncodeUrlDenyingHttpServletResponseWrapper(response), (req, resp) -> { }); assertThat(response.getStatus()).isEqualTo(HttpStatus.SC_MOVED_TEMPORARILY); - assertThat(response.getRedirectedUrl()).isEqualTo("http://localhost/login"); + assertThat(response.getRedirectedUrl()).isEqualTo("/login"); } @Test diff --git a/config/src/test/java/org/springframework/security/config/http/MiscHttpConfigTests.java b/config/src/test/java/org/springframework/security/config/http/MiscHttpConfigTests.java index 57741cea04e..c42e15d207f 100644 --- a/config/src/test/java/org/springframework/security/config/http/MiscHttpConfigTests.java +++ b/config/src/test/java/org/springframework/security/config/http/MiscHttpConfigTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -572,7 +572,7 @@ public void configureWhenUsingDisableUrlRewritingThenRedirectIsNotEncodedByRespo proxy.doFilter(request, new EncodeUrlDenyingHttpServletResponseWrapper(response), (req, resp) -> { }); assertThat(response.getStatus()).isEqualTo(HttpStatus.SC_MOVED_TEMPORARILY); - assertThat(response.getRedirectedUrl()).isEqualTo("http://localhost/login"); + assertThat(response.getRedirectedUrl()).isEqualTo("/login"); } @Test @@ -801,7 +801,7 @@ public void authenticateWhenUsingPortMapperThenRedirectsAppropriately() throws E this.spring.configLocations(xml("PortsMappedRequiresHttps")).autowire(); // @formatter:off MockHttpSession session = (MockHttpSession) this.mvc.perform(get("https://localhost:9080/protected")) - .andExpect(redirectedUrl("https://localhost:9443/login")) + .andExpect(redirectedUrl("/login")) .andReturn() .getRequest() .getSession(false); diff --git a/config/src/test/java/org/springframework/security/config/http/OAuth2LoginBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/http/OAuth2LoginBeanDefinitionParserTests.java index b632f834de2..6c1e24dcee9 100644 --- a/config/src/test/java/org/springframework/security/config/http/OAuth2LoginBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/http/OAuth2LoginBeanDefinitionParserTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -174,7 +174,7 @@ public void requestWhenSingleClientRegistrationThenAutoRedirect() throws Excepti // @formatter:off this.mvc.perform(get("/")) .andExpect(status().is3xxRedirection()) - .andExpect(redirectedUrl("http://localhost/oauth2/authorization/google-login")); + .andExpect(redirectedUrl("/oauth2/authorization/google-login")); // @formatter:on verify(this.requestCache).saveRequest(any(), any()); } @@ -187,7 +187,7 @@ public void requestWhenSingleClientRegistrationAndRequestFaviconNotAuthenticated // @formatter:off this.mvc.perform(get("/favicon.ico").accept(new MediaType("image", "*"))) .andExpect(status().is3xxRedirection()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); // @formatter:on } @@ -199,7 +199,7 @@ public void requestWhenSingleClientRegistrationAndRequestXHRNotAuthenticatedThen // @formatter:off this.mvc.perform(get("/").header("X-Requested-With", "XMLHttpRequest")) .andExpect(status().is3xxRedirection()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); // @formatter:on } @@ -411,7 +411,7 @@ public void requestWhenMultiClientRegistrationThenRedirectDefaultLoginPage() thr // @formatter:off this.mvc.perform(get("/")) .andExpect(status().is3xxRedirection()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); // @formatter:on } @@ -421,7 +421,7 @@ public void requestWhenCustomLoginPageThenRedirectCustomLoginPage() throws Excep // @formatter:off this.mvc.perform(get("/")) .andExpect(status().is3xxRedirection()) - .andExpect(redirectedUrl("http://localhost/custom-login")); + .andExpect(redirectedUrl("/custom-login")); // @formatter:on } @@ -433,7 +433,7 @@ public void requestWhenSingleClientRegistrationAndFormLoginConfiguredThenRedirec // @formatter:off this.mvc.perform(get("/")) .andExpect(status().is3xxRedirection()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/http/PlaceHolderAndELConfigTests.java b/config/src/test/java/org/springframework/security/config/http/PlaceHolderAndELConfigTests.java index ffe686efc16..0c1710f98b9 100644 --- a/config/src/test/java/org/springframework/security/config/http/PlaceHolderAndELConfigTests.java +++ b/config/src/test/java/org/springframework/security/config/http/PlaceHolderAndELConfigTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2018 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -73,7 +73,7 @@ public void loginWhenUsingPlaceholderThenInterceptUrlsAndFormLoginWorks() throws // login-page setting // @formatter:off this.mvc.perform(get("/secured")) - .andExpect(redirectedUrl("http://localhost/loginPage")); + .andExpect(redirectedUrl("/loginPage")); // login-processing-url setting // default-target-url setting this.mvc.perform(post("/loginPage").param("username", "user").param("password", "password")) @@ -98,7 +98,7 @@ public void loginWhenUsingSpELThenInterceptUrlsAndFormLoginWorks() throws Except // login-page setting // @formatter:off this.mvc.perform(get("/secured")) - .andExpect(redirectedUrl("http://localhost/loginPage")); + .andExpect(redirectedUrl("/loginPage")); // login-processing-url setting // default-target-url setting this.mvc.perform(post("/loginPage").param("username", "user").param("password", "password")) diff --git a/config/src/test/java/org/springframework/security/config/http/Saml2LoginBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/http/Saml2LoginBeanDefinitionParserTests.java index 9eb168233ab..fad02a9ae0c 100644 --- a/config/src/test/java/org/springframework/security/config/http/Saml2LoginBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/http/Saml2LoginBeanDefinitionParserTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -161,7 +161,7 @@ public void requestWhenSingleRelyingPartyRegistrationThenAutoRedirect() throws E // @formatter:off this.mvc.perform(get("/")) .andExpect(status().is3xxRedirection()) - .andExpect(redirectedUrl("http://localhost/saml2/authenticate/one")); + .andExpect(redirectedUrl("/saml2/authenticate/one")); // @formatter:on verify(this.requestCache).saveRequest(any(), any()); } @@ -172,7 +172,7 @@ public void requestWhenMultiRelyingPartyRegistrationThenRedirectToLoginWithRelyi // @formatter:off this.mvc.perform(get("/")) .andExpect(status().is3xxRedirection()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/http/SecurityContextHolderAwareRequestConfigTests.java b/config/src/test/java/org/springframework/security/config/http/SecurityContextHolderAwareRequestConfigTests.java index 713a03b846b..a45f92ad286 100644 --- a/config/src/test/java/org/springframework/security/config/http/SecurityContextHolderAwareRequestConfigTests.java +++ b/config/src/test/java/org/springframework/security/config/http/SecurityContextHolderAwareRequestConfigTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2018 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -78,7 +78,7 @@ public void servletAuthenticateWhenUsingDefaultConfigurationThenUsesSpringSecuri // @formatter:off this.mvc.perform(get("/authenticate")) .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); // @formatter:on } @@ -114,7 +114,7 @@ public void servletAuthenticateWhenUsingFormLoginThenUsesSpringSecurity() throws // @formatter:off this.mvc.perform(get("/authenticate")) .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); // @formatter:on } @@ -137,10 +137,10 @@ public void servletAuthenticateWhenUsingMultipleHttpConfigsThenUsesSpringSecurit // @formatter:off this.mvc.perform(get("/authenticate")) .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/login")); + .andExpect(redirectedUrl("/login")); this.mvc.perform(get("/v2/authenticate")) .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/login2")); + .andExpect(redirectedUrl("/login2")); // @formatter:on } @@ -177,9 +177,7 @@ public void servletLogoutWhenUsingMultipleHttpConfigsThenUsesSpringSecurity() th @Test public void servletLogoutWhenUsingCustomLogoutThenUsesSpringSecurity() throws Exception { this.spring.configLocations(this.xml("Logout")).autowire(); - this.mvc.perform(get("/authenticate")) - .andExpect(status().isFound()) - .andExpect(redirectedUrl("http://localhost/signin")); + this.mvc.perform(get("/authenticate")).andExpect(status().isFound()).andExpect(redirectedUrl("/signin")); // @formatter:off MvcResult result = this.mvc.perform(get("/good-login")) .andReturn(); diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/ExceptionHandlingDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/ExceptionHandlingDslTests.kt index ed3e409cfff..2aea44c6ffb 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/ExceptionHandlingDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/ExceptionHandlingDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -217,7 +217,7 @@ class ExceptionHandlingDslTests { this.mockMvc.get("/") .andExpect { status { isFound() } - redirectedUrl("http://localhost/custom-login") + redirectedUrl("/custom-login") } } @@ -246,13 +246,13 @@ class ExceptionHandlingDslTests { this.mockMvc.get("/secured1") .andExpect { status { isFound() } - redirectedUrl("http://localhost/custom-login1") + redirectedUrl("/custom-login1") } this.mockMvc.get("/secured2") .andExpect { status { isFound() } - redirectedUrl("http://localhost/custom-login2") + redirectedUrl("/custom-login2") } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt index 965c361b4a3..5b00105247c 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt @@ -143,7 +143,7 @@ class FormLoginDslTests { this.mockMvc.get("/") .andExpect { status { isFound() } - redirectedUrl("http://localhost/login") + redirectedUrl("/login") } } @@ -169,7 +169,7 @@ class FormLoginDslTests { this.mockMvc.get("/") .andExpect { status { isFound() } - redirectedUrl("http://localhost/log-in") + redirectedUrl("/log-in") } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt index b73b41f50de..a3a07cc0106 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -153,7 +153,7 @@ internal class RememberMeDslTests { cookie(expiredRememberMeCookie) }.andExpect { status { isFound() } - redirectedUrl("http://localhost/login") + redirectedUrl("/login") } } @@ -229,7 +229,7 @@ internal class RememberMeDslTests { cookie(withoutKeyRememberMeCookie) }.andExpect { status { isFound() } - redirectedUrl("http://localhost/login") + redirectedUrl("/login") } val keyMvcResult = mockMvc.post("/login") { loginRememberMeRequest() diff --git a/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java b/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java index 8915eac861b..6293aed0298 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java @@ -61,6 +61,7 @@ * @author colin sampaleanu * @author Omri Spector * @author Luke Taylor + * @author Michal Okosy * @since 3.0 */ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoint, InitializingBean { @@ -144,29 +145,22 @@ public void commence(HttpServletRequest request, HttpServletResponse response, protected String buildRedirectUrlToLoginPage(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) { String loginForm = determineUrlToUseForThisRequest(request, response, authException); - if (UrlUtils.isAbsoluteUrl(loginForm)) { + if (UrlUtils.isAbsoluteUrl(loginForm) || !this.forceHttps || "https".equals(request.getScheme())) { return loginForm; } int serverPort = this.portResolver.getServerPort(request); - String scheme = request.getScheme(); + Integer httpsPort = this.portMapper.lookupHttpsPort(serverPort); + if (httpsPort == null) { + logger.warn(LogMessage.format("Unable to redirect to HTTPS as no port mapping found for HTTP port %s", + serverPort)); + return loginForm; + } RedirectUrlBuilder urlBuilder = new RedirectUrlBuilder(); - urlBuilder.setScheme(scheme); + urlBuilder.setScheme("https"); urlBuilder.setServerName(request.getServerName()); - urlBuilder.setPort(serverPort); + urlBuilder.setPort(httpsPort); urlBuilder.setContextPath(request.getContextPath()); urlBuilder.setPathInfo(loginForm); - if (this.forceHttps && "http".equals(scheme)) { - Integer httpsPort = this.portMapper.lookupHttpsPort(serverPort); - if (httpsPort != null) { - // Overwrite scheme and port in the redirect URL - urlBuilder.setScheme("https"); - urlBuilder.setPort(httpsPort); - } - else { - logger.warn(LogMessage.format("Unable to redirect to HTTPS as no port mapping found for HTTP port %s", - serverPort)); - } - } return urlBuilder.getUrl(); } diff --git a/web/src/test/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPointTests.java b/web/src/test/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPointTests.java index 77b49be1a16..ad699da8ea9 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPointTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPointTests.java @@ -129,12 +129,18 @@ public void testHttpsOperationFromOriginalHttpsUrl() throws Exception { ep.setPortResolver(new MockPortResolver(80, 443)); ep.afterPropertiesSet(); ep.commence(request, response, null); - assertThat(response.getRedirectedUrl()).isEqualTo("https://www.example.com/bigWebApp/hello"); + assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello"); request.setServerPort(8443); response = new MockHttpServletResponse(); ep.setPortResolver(new MockPortResolver(8080, 8443)); ep.commence(request, response, null); - assertThat(response.getRedirectedUrl()).isEqualTo("https://www.example.com:8443/bigWebApp/hello"); + assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello"); + // access to https via http port + request.setServerPort(8080); + response = new MockHttpServletResponse(); + ep.setPortResolver(new MockPortResolver(8080, 8443)); + ep.commence(request, response, null); + assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello"); } @Test @@ -152,7 +158,7 @@ public void testNormalOperation() throws Exception { request.setServerPort(80); MockHttpServletResponse response = new MockHttpServletResponse(); ep.commence(request, response, null); - assertThat(response.getRedirectedUrl()).isEqualTo("http://localhost/bigWebApp/hello"); + assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello"); } @Test @@ -172,7 +178,7 @@ public void testOperationWhenHttpsRequestsButHttpsPortUnknown() throws Exception ep.commence(request, response, null); // Response doesn't switch to HTTPS, as we didn't know HTTP port 8888 to HTTP port // mapping - assertThat(response.getRedirectedUrl()).isEqualTo("http://localhost:8888/bigWebApp/hello"); + assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello"); } @Test