org.springframework.security.test.web.reactive.server

Class SecurityMockServerConfigurers

java.lang.Object

org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers

public class SecurityMockServerConfigurers
extends java.lang.Object

Test utilities for working with Spring Security and WebTestClient.Builder.apply(WebTestClientConfigurer).

Since:

5.0

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	SecurityMockServerConfigurers.CsrfMutator
static class	SecurityMockServerConfigurers.JwtMutator Updates the WebServerExchange using {@link SecurityMockServerConfigurers#mockAuthentication(Authentication)}.
static class	SecurityMockServerConfigurers.OAuth2ClientMutator
static class	SecurityMockServerConfigurers.OAuth2LoginMutator
static class	SecurityMockServerConfigurers.OidcLoginMutator
static class	SecurityMockServerConfigurers.OpaqueTokenMutator
static class	SecurityMockServerConfigurers.UserExchangeMutator Updates the WebServerExchange using {@link SecurityMockServerConfigurers#mockUser(UserDetails)}.

Constructor Summary

Constructors

Constructor and Description
SecurityMockServerConfigurers()

Method Summary

Modifier and Type	Method and Description
static SecurityMockServerConfigurers.CsrfMutator	csrf()
static <T extends org.springframework.test.web.reactive.server.WebTestClientConfigurer & org.springframework.test.web.reactive.server.MockServerConfigurer> T	mockAuthentication(Authentication authentication) Updates the ServerWebExchange to use the provided Authentication as the Principal
static SecurityMockServerConfigurers.JwtMutator	mockJwt() Updates the ServerWebExchange to establish a SecurityContext that has a JwtAuthenticationToken for the Authentication and a Jwt for the Authentication.getPrincipal().
static SecurityMockServerConfigurers.OAuth2ClientMutator	mockOAuth2Client() Updates the ServerWebExchange to establish a OAuth2AuthorizedClient in the session.
static SecurityMockServerConfigurers.OAuth2ClientMutator	mockOAuth2Client(java.lang.String registrationId) Updates the ServerWebExchange to establish a OAuth2AuthorizedClient in the session.
static SecurityMockServerConfigurers.OAuth2LoginMutator	mockOAuth2Login() Updates the ServerWebExchange to establish a SecurityContext that has a OAuth2AuthenticationToken for the Authentication.
static SecurityMockServerConfigurers.OidcLoginMutator	mockOidcLogin() Updates the ServerWebExchange to establish a SecurityContext that has a OAuth2AuthenticationToken for the Authentication.
static SecurityMockServerConfigurers.OpaqueTokenMutator	mockOpaqueToken() Updates the ServerWebExchange to establish a SecurityContext that has a BearerTokenAuthentication for the Authentication and an OAuth2AuthenticatedPrincipal for the Authentication.getPrincipal().
static SecurityMockServerConfigurers.UserExchangeMutator	mockUser() Updates the ServerWebExchange to use a UserDetails to create a UsernamePasswordAuthenticationToken as the Principal.
static SecurityMockServerConfigurers.UserExchangeMutator	mockUser(java.lang.String username) Updates the ServerWebExchange to use a UserDetails to create a UsernamePasswordAuthenticationToken as the Principal.
static <T extends org.springframework.test.web.reactive.server.WebTestClientConfigurer & org.springframework.test.web.reactive.server.MockServerConfigurer> T	mockUser(UserDetails userDetails) Updates the ServerWebExchange to use the provided UserDetails to create a UsernamePasswordAuthenticationToken as the Principal
static org.springframework.test.web.reactive.server.MockServerConfigurer	springSecurity() Sets up Spring Security's WebTestClient test support

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SecurityMockServerConfigurers

public SecurityMockServerConfigurers()

Method Detail

springSecurity

public static org.springframework.test.web.reactive.server.MockServerConfigurer springSecurity()

Sets up Spring Security's WebTestClient test support

Returns:

the MockServerConfigurer to use

mockAuthentication

public static <T extends org.springframework.test.web.reactive.server.WebTestClientConfigurer & org.springframework.test.web.reactive.server.MockServerConfigurer> T mockAuthentication(Authentication authentication)

Updates the ServerWebExchange to use the provided Authentication as the Principal

Parameters:

authentication - the Authentication to use.

Returns:

the configurer to use

mockUser

public static <T extends org.springframework.test.web.reactive.server.WebTestClientConfigurer & org.springframework.test.web.reactive.server.MockServerConfigurer> T mockUser(UserDetails userDetails)

Updates the ServerWebExchange to use the provided UserDetails to create a UsernamePasswordAuthenticationToken as the Principal

Parameters:

userDetails - the UserDetails to use.

Returns:

the configurer to use

mockUser

public static SecurityMockServerConfigurers.UserExchangeMutator mockUser()

Updates the ServerWebExchange to use a UserDetails to create a UsernamePasswordAuthenticationToken as the Principal. This uses a default username of "user", password of "password", and granted authorities of "ROLE_USER".

Returns:

the SecurityMockServerConfigurers.UserExchangeMutator to use

mockUser

public static SecurityMockServerConfigurers.UserExchangeMutator mockUser(java.lang.String username)

Updates the ServerWebExchange to use a UserDetails to create a UsernamePasswordAuthenticationToken as the Principal. This uses a default password of "password" and granted authorities of "ROLE_USER".

Returns:

the WebTestClientConfigurer to use

mockJwt

public static SecurityMockServerConfigurers.JwtMutator mockJwt()

Updates the ServerWebExchange to establish a SecurityContext that has a JwtAuthenticationToken for the Authentication and a Jwt for the Authentication.getPrincipal(). All details are declarative and do not require the JWT to be valid.

Returns:

the SecurityMockServerConfigurers.JwtMutator to further configure or use

Since:

5.2

mockOpaqueToken

public static SecurityMockServerConfigurers.OpaqueTokenMutator mockOpaqueToken()

Updates the ServerWebExchange to establish a SecurityContext that has a BearerTokenAuthentication for the Authentication and an OAuth2AuthenticatedPrincipal for the Authentication.getPrincipal(). All details are declarative and do not require the token to be valid.

Returns:

the SecurityMockServerConfigurers.OpaqueTokenMutator to further configure or use

Since:

5.3

mockOAuth2Login

public static SecurityMockServerConfigurers.OAuth2LoginMutator mockOAuth2Login()

Updates the ServerWebExchange to establish a SecurityContext that has a OAuth2AuthenticationToken for the Authentication. All details are declarative and do not require the corresponding OAuth 2.0 tokens to be valid.

Returns:

the SecurityMockServerConfigurers.OAuth2LoginMutator to further configure or use

Since:

5.3

mockOidcLogin

public static SecurityMockServerConfigurers.OidcLoginMutator mockOidcLogin()

Updates the ServerWebExchange to establish a SecurityContext that has a OAuth2AuthenticationToken for the Authentication. All details are declarative and do not require the corresponding OAuth 2.0 tokens to be valid.

Returns:

the SecurityMockServerConfigurers.OidcLoginMutator to further configure or use

Since:

5.3

mockOAuth2Client

public static SecurityMockServerConfigurers.OAuth2ClientMutator mockOAuth2Client()

Updates the ServerWebExchange to establish a OAuth2AuthorizedClient in the session. All details are declarative and do not require the corresponding OAuth 2.0 tokens to be valid.

The support works by associating the authorized client to the ServerWebExchange via the WebSessionServerOAuth2AuthorizedClientRepository

Returns:

the SecurityMockServerConfigurers.OAuth2ClientMutator to further configure or use

Since:

5.3

mockOAuth2Client

public static SecurityMockServerConfigurers.OAuth2ClientMutator mockOAuth2Client(java.lang.String registrationId)

Updates the ServerWebExchange to establish a OAuth2AuthorizedClient in the session. All details are declarative and do not require the corresponding OAuth 2.0 tokens to be valid.

The support works by associating the authorized client to the ServerWebExchange via the WebSessionServerOAuth2AuthorizedClientRepository

Parameters:

registrationId - The registration id associated with the OAuth2AuthorizedClient

Returns:

the SecurityMockServerConfigurers.OAuth2ClientMutator to further configure or use

Since:

5.3

csrf

public static SecurityMockServerConfigurers.CsrfMutator csrf()