/*
* Copyright 2002-2016 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.config.web.server;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.web.server.context.SecurityContextRepositoryWebFilter;
import org.springframework.security.web.server.WebFilterChainFilter;
import org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter;
import org.springframework.security.web.server.context.SecurityContextRepository;
import org.springframework.util.Assert;
import org.springframework.web.server.WebFilter;
/**
* @author Rob Winch
* @since 5.0
*/
public class HttpSecurity {
private AuthorizeExchangeBuilder authorizeExchangeBuilder;
private HeaderBuilder headers = new HeaderBuilder();
private HttpBasicBuilder httpBasic;
private ReactiveAuthenticationManager authenticationManager;
private Optional<SecurityContextRepository> securityContextRepository = Optional.empty();
public HttpSecurity securityContextRepository(SecurityContextRepository securityContextRepository) {
Assert.notNull(securityContextRepository, "securityContextRepository cannot be null");
this.securityContextRepository = Optional.of(securityContextRepository);
return this;
}
public HttpBasicBuilder httpBasic() {
if(httpBasic == null) {
httpBasic = new HttpBasicBuilder();
}
return httpBasic;
}
public HeaderBuilder headers() {
return headers;
}
public AuthorizeExchangeBuilder authorizeExchange() {
if(authorizeExchangeBuilder == null) {
authorizeExchangeBuilder = new AuthorizeExchangeBuilder();
}
return authorizeExchangeBuilder;
}
public HttpSecurity authenticationManager(ReactiveAuthenticationManager manager) {
this.authenticationManager = manager;
return this;
}
public WebFilter build() {
List<WebFilter> filters = new ArrayList<>();
if(headers != null) {
filters.add(headers.build());
}
securityContextRepositoryWebFilter().ifPresent( f-> filters.add(f));
if(httpBasic != null) {
httpBasic.authenticationManager(authenticationManager);
securityContextRepository.ifPresent( scr -> httpBasic.securityContextRepository(scr)) ;
filters.add(httpBasic.build());
}
if(authorizeExchangeBuilder != null) {
filters.add(new ExceptionTranslationWebFilter());
filters.add(authorizeExchangeBuilder.build());
}
return new WebFilterChainFilter(filters);
}
public static HttpSecurity http() {
return new HttpSecurity();
}
private Optional<SecurityContextRepositoryWebFilter> securityContextRepositoryWebFilter() {
return securityContextRepository
.flatMap( r -> Optional.of(new SecurityContextRepositoryWebFilter(r)));
}
public class HttpBasicSpec extends HttpBasicBuilder {
public HttpSecurity disable() {
httpBasic = null;
return HttpSecurity.this;
}
}
private HttpSecurity() {}
}