Skip to content

Commit 7215cd1

Browse files
ruabtmhruabtmh
ruabtmh
authored and
ruabtmh
committed
Add DelegatingAuthenticationConverter
Closes gh-14644
1 parent e771267 commit 7215cd1

File tree

2 files changed

+180
-0
lines changed

2 files changed

+180
-0
lines changed

web/src/main/java/org/springframework/security/web/authentication/DelegatingAuthenticationConverter.java

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
/*
2+
* Copyright 2002-2024 the original author or authors.
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
*
8+
* https://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
17+
package org.springframework.security.web.authentication;
18+
19+
import java.util.ArrayList;
20+
import java.util.List;
21+
22+
import jakarta.servlet.http.HttpServletRequest;
23+
24+
import org.springframework.security.core.Authentication;
25+
import org.springframework.util.Assert;
26+
27+
/**
28+
* A {@link AuthenticationConverter}, that iterates over multiple
29+
* {@link AuthenticationConverter}. The first non-null {@link Authentication} will be used
30+
* as a result.
31+
*
32+
* @author Max Batischev
33+
* @since 6.3
34+
*/
35+
public final class DelegatingAuthenticationConverter implements AuthenticationConverter {
36+
37+
private final List<AuthenticationConverter> delegates;
38+
39+
public DelegatingAuthenticationConverter(List<AuthenticationConverter> delegates) {
40+
Assert.notEmpty(delegates, "delegates cannot be null");
41+
this.delegates = new ArrayList<>(delegates);
42+
}
43+
44+
public DelegatingAuthenticationConverter(AuthenticationConverter... delegates) {
45+
Assert.notEmpty(delegates, "delegates cannot be null");
46+
this.delegates = List.of(delegates);
47+
}
48+
49+
@Override
50+
public Authentication convert(HttpServletRequest request) {
51+
for (AuthenticationConverter delegate : this.delegates) {
52+
Authentication authentication = delegate.convert(request);
53+
if (authentication != null) {
54+
return authentication;
55+
}
56+
}
57+
return null;
58+
}
59+
60+
}

web/src/test/java/org/springframework/security/web/authentication/DelegatingAuthenticationConverterTests.java

Lines changed: 120 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,120 @@
1+
/*
2+
* Copyright 2002-2024 the original author or authors.
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
*
8+
* https://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
17+
package org.springframework.security.web.authentication;
18+
19+
import jakarta.servlet.http.HttpServletRequest;
20+
import org.junit.jupiter.api.Test;
21+
import org.junit.jupiter.api.extension.ExtendWith;
22+
import org.mockito.Mock;
23+
import org.mockito.junit.jupiter.MockitoExtension;
24+
25+
import org.springframework.http.HttpHeaders;
26+
import org.springframework.mock.web.MockHttpServletRequest;
27+
import org.springframework.security.authentication.AuthenticationDetailsSource;
28+
import org.springframework.security.authentication.TestingAuthenticationToken;
29+
import org.springframework.security.core.Authentication;
30+
import org.springframework.security.test.web.CodecTestUtils;
31+
import org.springframework.security.web.authentication.www.BasicAuthenticationConverter;
32+
33+
import static org.assertj.core.api.Assertions.assertThat;
34+
35+
/**
36+
* Tests for {@link DelegatingAuthenticationConverter}.
37+
*
38+
* @author Max Batischev
39+
*/
40+
@ExtendWith(MockitoExtension.class)
41+
public class DelegatingAuthenticationConverterTests {
42+
43+
private static final String X_AUTH_TOKEN_HEADER = "X-Auth-Token";
44+
45+
private static final String TEST_X_AUTH_TOKEN = "test-x-auth-token";
46+
47+
private static final String TEST_CUSTOM_PRINCIPAL = "test_custom_principal";
48+
49+
private static final String TEST_CUSTOM_CREDENTIALS = "test_custom_credentials";
50+
51+
private static final String TEST_BASIC_CREDENTIALS = "username:password";
52+
53+
private DelegatingAuthenticationConverter converter;
54+
55+
@Mock
56+
private AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource;
57+
58+
@Test
59+
public void requestWhenBasicAuthorizationHeaderIsPresentThenAuthenticates() {
60+
MockHttpServletRequest request = new MockHttpServletRequest();
61+
request.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + CodecTestUtils.encodeBase64(TEST_BASIC_CREDENTIALS));
62+
this.converter = new DelegatingAuthenticationConverter(
63+
new BasicAuthenticationConverter(this.authenticationDetailsSource),
64+
new TestNullableAuthenticationConverter());
65+
66+
Authentication authentication = this.converter.convert(request);
67+
68+
assertThat(authentication).isNotNull();
69+
assertThat(authentication.getName()).isEqualTo("username");
70+
}
71+
72+
@Test
73+
public void requestWhenXAuthHeaderIsPresentThenAuthenticates() {
74+
MockHttpServletRequest request = new MockHttpServletRequest();
75+
request.addHeader(X_AUTH_TOKEN_HEADER, TEST_X_AUTH_TOKEN);
76+
this.converter = new DelegatingAuthenticationConverter(new TestAuthenticationConverter(),
77+
new TestNullableAuthenticationConverter());
78+
79+
Authentication authentication = this.converter.convert(request);
80+
81+
assertThat(authentication).isNotNull();
82+
assertThat(authentication.getName()).isEqualTo(TEST_CUSTOM_PRINCIPAL);
83+
}
84+
85+
@Test
86+
public void requestWhenXAuthHeaderIsPresentThenDoesntAuthenticates() {
87+
MockHttpServletRequest request = new MockHttpServletRequest();
88+
request.addHeader(X_AUTH_TOKEN_HEADER, TEST_X_AUTH_TOKEN);
89+
this.converter = new DelegatingAuthenticationConverter(new TestNullableAuthenticationConverter());
90+
91+
Authentication authentication = this.converter.convert(request);
92+
93+
assertThat(authentication).isNull();
94+
}
95+
96+
private static class TestAuthenticationConverter implements AuthenticationConverter {
97+
98+
@Override
99+
public Authentication convert(HttpServletRequest request) {
100+
String header = request.getHeader(X_AUTH_TOKEN_HEADER);
101+
if (header != null) {
102+
return new TestingAuthenticationToken(TEST_CUSTOM_PRINCIPAL, TEST_CUSTOM_CREDENTIALS);
103+
}
104+
else {
105+
return null;
106+
}
107+
}
108+
109+
}
110+
111+
private static class TestNullableAuthenticationConverter implements AuthenticationConverter {
112+
113+
@Override
114+
public Authentication convert(HttpServletRequest request) {
115+
return null;
116+
}
117+
118+
}
119+
120+
}

0 commit comments

Comments
 (0)