Java Code Examples for org.springframework.security.authentication.ReactiveAuthenticationManager

The following examples show how to use org.springframework.security.authentication.ReactiveAuthenticationManager. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
    //认证处理器
    ReactiveAuthenticationManager customAuthenticationManager = new CustomAuthenticationManager(tokenStore);
    JsonAuthenticationEntryPoint entryPoint = new JsonAuthenticationEntryPoint();
    //token转换器
    ServerBearerTokenAuthenticationConverter tokenAuthenticationConverter = new ServerBearerTokenAuthenticationConverter();
    tokenAuthenticationConverter.setAllowUriQueryParameter(true);
    //oauth2认证过滤器
    AuthenticationWebFilter oauth2Filter = new AuthenticationWebFilter(customAuthenticationManager);
    oauth2Filter.setServerAuthenticationConverter(tokenAuthenticationConverter);
    oauth2Filter.setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint));
    oauth2Filter.setAuthenticationSuccessHandler(new Oauth2AuthSuccessHandler());
    http.addFilterAt(oauth2Filter, SecurityWebFiltersOrder.AUTHENTICATION);

    ServerHttpSecurity.AuthorizeExchangeSpec authorizeExchange = http.authorizeExchange();
    if (securityProperties.getAuth().getHttpUrls().length > 0) {
        authorizeExchange.pathMatchers(securityProperties.getAuth().getHttpUrls()).authenticated();
    }
    if (securityProperties.getIgnore().getUrls().length > 0) {
        authorizeExchange.pathMatchers(securityProperties.getIgnore().getUrls()).permitAll();
    }
    authorizeExchange
            .pathMatchers(HttpMethod.OPTIONS).permitAll()
            .anyExchange()
                .access(permissionAuthManager)
            .and()
                .exceptionHandling()
                    .accessDeniedHandler(new JsonAccessDeniedHandler())
                    .authenticationEntryPoint(entryPoint)
            .and()
                .headers()
                    .frameOptions()
                    .disable()
            .and()
                .httpBasic().disable()
                .csrf().disable();
    return http.build();
}
 
Example 2
Source Project: webFluxTemplate   Source File: JwtAuthenticationWebFilter.java    License: MIT License 5 votes vote down vote up
public JwtAuthenticationWebFilter(final ReactiveAuthenticationManager authenticationManager,
                                  final JwtAuthenticationConverter converter,
                                  final UnauthorizedAuthenticationEntryPoint entryPoint) {

    super(authenticationManager);

    Assert.notNull(authenticationManager, "authenticationManager cannot be null");
    Assert.notNull(converter, "converter cannot be null");
    Assert.notNull(entryPoint, "entryPoint cannot be null");

    setAuthenticationConverter(converter);
    setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint));
    setRequiresAuthenticationMatcher(new JWTHeadersExchangeMatcher());
}
 
Example 3
Source Project: spring-5-examples   Source File: SecurityConfig.java    License: MIT License 5 votes vote down vote up
WebFilter securityFilterChainJustRoleWay(final ReactiveAuthenticationManager reactiveAuthenticationManager) {

    return HttpSecurity.http()
                       .authorizeExchange()
                         .pathMatchers("/**")
                         .hasRole("ADMIN")
                       .and()
                       .httpBasic()
                       .authenticationManager(reactiveAuthenticationManager)
                       .build();
  }
 
Example 4
Source Project: spring-security-reactive   Source File: Application.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
WebFilter springSecurityFilterChain(ReactiveAuthenticationManager manager) throws Exception {
	HttpSecurity http = http();
	// FIXME use BeanPostProcessor to set the manager
	http.authenticationManager(manager);
	http.httpBasic();

	AuthorizeRequestBuilder authorize = http.authorizeRequests();
	authorize.antMatchers("/admin/**").hasRole("ADMIN");
	authorize.anyExchange().authenticated();
	return http.build();
}
 
Example 5
@Bean
protected ReactiveAuthenticationManager reactiveAuthenticationManager() {
    return authentication -> {
        try {
            UserDetails userDetails = userDetailsService
                    .loadUserByUsername((String) authentication.getPrincipal());
            if (userDetails.getPassword().equals(authentication.getCredentials())) {
                authentication.setAuthenticated(true);
            }
            return Mono.just(authentication);
        } catch (UsernameNotFoundException e) {
            return Mono.error(e);
        }
    };
}
 
Example 6
Source Project: tutorials   Source File: CustomWebSecurityConfig.java    License: MIT License 5 votes vote down vote up
public ReactiveAuthenticationManager customersAuthenticationManager() {
    return authentication -> customer(authentication)
      .switchIfEmpty(Mono.error(new UsernameNotFoundException(authentication
        .getPrincipal()
        .toString())))
      .map(b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(),
          authentication.getCredentials(),
          Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
        )
      );
}
 
Example 7
Source Project: tutorials   Source File: CustomWebSecurityConfig.java    License: MIT License 5 votes vote down vote up
public ReactiveAuthenticationManager employeesAuthenticationManager() {
    return authentication -> employee(authentication)
      .switchIfEmpty(Mono.error(new UsernameNotFoundException(authentication
        .getPrincipal()
        .toString())))
      .map(
        b -> new UsernamePasswordAuthenticationToken(authentication.getPrincipal(),
          authentication.getCredentials(),
          Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
        )
      );
}
 
Example 8
@Bean
public ReactiveAuthenticationManager authenticationManager(ReactiveUserDetailsService userDetailsService, PasswordEncoder passwordEncoder) {
	UserDetailsRepositoryReactiveAuthenticationManager manager = new UserDetailsRepositoryReactiveAuthenticationManager(userDetailsService);
	manager.setPasswordEncoder(passwordEncoder);
	return manager;
}
 
Example 9
@Bean
public ReactiveAuthenticationManager authenticationManager(ReactiveUserDetailsService userDetailsService, PasswordEncoder passwordEncoder) {
	UserDetailsRepositoryReactiveAuthenticationManager manager = new UserDetailsRepositoryReactiveAuthenticationManager(userDetailsService);
	manager.setPasswordEncoder(passwordEncoder);
	return manager;
}
 
Example 10
Source Project: spring-5-examples   Source File: SecurityConfig.java    License: MIT License 4 votes vote down vote up
/**
 * Authentication
 */

@Bean
ReactiveAuthenticationManager reactiveAuthenticationManager(final UserDetailsRepository userDetailsRepository) {
  return new UserDetailsRepositoryAuthenticationManager(userDetailsRepository);
}
 
Example 11
public void setAuthenticationManager(ReactiveAuthenticationManager authenticationManager) {
	this.authenticationManager = authenticationManager;
}
 
Example 12
Source Project: spring-security-reactive   Source File: HttpSecurity.java    License: Apache License 2.0 4 votes vote down vote up
public HttpSecurity authenticationManager(ReactiveAuthenticationManager manager) {
	this.authenticationManager = manager;
	return this;
}
 
Example 13
Source Project: spring-security-reactive   Source File: Application.java    License: Apache License 2.0 4 votes vote down vote up
@Bean
public ReactiveAuthenticationManager authenticationManager(UserRepositoryUserDetailsRepository udr) {
	return new UserDetailsAuthenticationManager(udr);
}