All geek questions in one place

Null returned by ServerRequest in the webflux request handler

I installed authentication in a Spring WebFlux application. The authentication mechanism is working fine. For example, the following code is used to configure a chain of web security filters:

@Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {

    return http.authorizeExchange()
            .pathMatchers("/path/to/resource").hasAuthority("A_ROLE")
            .anyExchange().authenticated()
            .and().httpBasic()
            .and().build();
}

This works as expected in combination with the UserDetailsRepositoryReactiveAuthenticationManager and MapReactiveUserDetailsService. If the user does not have the required permissions, the forbidden error code is returned, and otherwise the request is passed to the handler.

I have a requirement to apply fine-grained permission checks in the handler itself and understand that I should receive a request from the authorities from the request as follows:

public Mono<ServerResponse> getMyResource(ServerRequest serverRequest) {

      Authentication authentication = (Authentication)serverRequest.principal().block();
      ...   
}

, , . -, , , - ?

+4
1

, . , .

public Mono<ServerResponse> getMyResource(ServerRequest serverRequest) {
    return serverRequest.principal().flatMap((principal) -> ServerResponse.ok()
            .body(fromObject("Hello " + principal.getName())));
}

UPDATE: , .

public Mono<ServerResponse> getMyResource(ServerRequest serverRequest) {
    return Mono.zip(
            serverRequest.principal(),
            serverRequest.bodyToMono(String.class)
    ).flatMap(tuple -> {
        Principal principal = tuple.getT1();
        String body = tuple.getT2();
        return ServerResponse.ok().build();
    });
}
+1

Source: https://habr.com/ru/post/1691889/

More articles:


All Articles