Skip to content

Commit

Permalink
Add support fullyAuthenticated to Kotlin DSL
Browse files Browse the repository at this point in the history
Closes gh-16162
  • Loading branch information
franticticktick committed Nov 29, 2024
1 parent ff7dbb4 commit 70e67e5
Show file tree
Hide file tree
Showing 2 changed files with 49 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -275,6 +275,12 @@ class AuthorizeHttpRequestsDsl : AbstractRequestMatcherDsl {
val authenticated: AuthorizationManager<RequestAuthorizationContext> =
AuthenticatedAuthorizationManager.authenticated()

/**
* Specify that URLs are allowed by users who have authenticated and were not "remembered".
*/
val fullyAuthenticated: AuthorizationManager<RequestAuthorizationContext> =
AuthenticatedAuthorizationManager.fullyAuthenticated()

internal fun get(): (AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry) -> Unit {
return { requests ->
authorizationRules.forEach { rule ->
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ import org.springframework.context.annotation.Configuration
import org.springframework.http.HttpMethod
import org.springframework.security.access.hierarchicalroles.RoleHierarchy
import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl
import org.springframework.security.authentication.TestAuthentication
import org.springframework.security.authorization.AuthorizationDecision
import org.springframework.security.authorization.AuthorizationManager
import org.springframework.security.config.annotation.web.builders.HttpSecurity
Expand All @@ -38,6 +39,7 @@ import org.springframework.security.core.Authentication
import org.springframework.security.core.userdetails.User
import org.springframework.security.core.userdetails.UserDetailsService
import org.springframework.security.provisioning.InMemoryUserDetailsManager
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic
import org.springframework.security.web.SecurityFilterChain
Expand Down Expand Up @@ -961,4 +963,45 @@ class AuthorizeHttpRequestsDslTests {
}

}

@Test
fun `request when fully authenticated configured then responds ok`() {
this.spring.register(FullyAuthenticatedConfig::class.java).autowire()

this.mockMvc.post("/path") {
with(SecurityMockMvcRequestPostProcessors.user("user").roles("USER"))
with(csrf())
}
.andExpect {
status { isOk() }
}
}

@Configuration
@EnableWebSecurity
@EnableWebMvc
open class FullyAuthenticatedConfig {
@Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http {
authorizeHttpRequests {
authorize("/path", fullyAuthenticated)
}
httpBasic { }
rememberMe { }
}
return http.build()
}

@Bean
open fun userDetailsService(): UserDetailsService = InMemoryUserDetailsManager(TestAuthentication.user())

@RestController
internal class PathController {
@RequestMapping("/path")
fun path(): String {
return "ok"
}
}
}
}

0 comments on commit 70e67e5

Please sign in to comment.