|
36 | 36 | import org.springframework.security.provisioning.InMemoryUserDetailsManager; |
37 | 37 | import org.springframework.security.web.authentication.RememberMeServices; |
38 | 38 | import org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter; |
| 39 | +import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices; |
39 | 40 | import org.springframework.test.web.servlet.MockMvc; |
40 | 41 | import org.springframework.test.web.servlet.MvcResult; |
41 | 42 |
|
@@ -453,4 +454,35 @@ public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception |
453 | 454 | // @formatter:on |
454 | 455 | } |
455 | 456 | } |
| 457 | + |
| 458 | + @Test |
| 459 | + public void getWhenRememberMeCookieThenAuthenticationIsRememberMeAuthenticationTokenWithFallbackKeyConfiguration() |
| 460 | + throws Exception { |
| 461 | + this.spring.register(FallbackRememberMeKeyConfig.class).autowire(); |
| 462 | + |
| 463 | + MvcResult mvcResult = this.mvc.perform(post("/login") |
| 464 | + .with(csrf()) |
| 465 | + .param("username", "user") |
| 466 | + .param("password", "password") |
| 467 | + .param("remember-me", "true")) |
| 468 | + .andReturn(); |
| 469 | + Cookie rememberMeCookie = mvcResult.getResponse().getCookie("remember-me"); |
| 470 | + |
| 471 | + this.mvc.perform(get("/abc") |
| 472 | + .cookie(rememberMeCookie)) |
| 473 | + .andExpect(authenticated().withAuthentication(auth -> |
| 474 | + assertThat(auth).isInstanceOf(RememberMeAuthenticationToken.class))); |
| 475 | + } |
| 476 | + |
| 477 | + @EnableWebSecurity |
| 478 | + static class FallbackRememberMeKeyConfig extends RememberMeConfig { |
| 479 | + |
| 480 | + @Override |
| 481 | + protected void configure(HttpSecurity http) throws Exception { |
| 482 | + // @formatter:off |
| 483 | + http.rememberMe() |
| 484 | + .rememberMeServices(new TokenBasedRememberMeServices("key", userDetailsService())); |
| 485 | + // @formatter:on |
| 486 | + } |
| 487 | + } |
456 | 488 | } |
0 commit comments