spring security ServerX509AuthenticationConverter 源码
spring security ServerX509AuthenticationConverter 代码
文件路径:/web/src/main/java/org/springframework/security/web/server/authentication/ServerX509AuthenticationConverter.java
/*
* Copyright 2002-2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.web.server.authentication;
import java.security.cert.X509Certificate;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import reactor.core.publisher.Mono;
import org.springframework.http.server.reactive.SslInfo;
import org.springframework.lang.NonNull;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.security.web.authentication.preauth.x509.X509PrincipalExtractor;
import org.springframework.web.server.ServerWebExchange;
/**
* Converts from a {@link SslInfo} provided by a request to an
* {@link PreAuthenticatedAuthenticationToken} that can be authenticated.
*
* @author Alexey Nesterov
* @since 5.2
*/
public class ServerX509AuthenticationConverter implements ServerAuthenticationConverter {
protected final Log logger = LogFactory.getLog(getClass());
private final X509PrincipalExtractor principalExtractor;
public ServerX509AuthenticationConverter(@NonNull X509PrincipalExtractor principalExtractor) {
this.principalExtractor = principalExtractor;
}
@Override
public Mono<Authentication> convert(ServerWebExchange exchange) {
SslInfo sslInfo = exchange.getRequest().getSslInfo();
if (sslInfo == null) {
this.logger.debug("No SslInfo provided with a request, skipping x509 authentication");
return Mono.empty();
}
if (sslInfo.getPeerCertificates() == null || sslInfo.getPeerCertificates().length == 0) {
this.logger.debug("No peer certificates found in SslInfo, skipping x509 authentication");
return Mono.empty();
}
X509Certificate clientCertificate = sslInfo.getPeerCertificates()[0];
Object principal = this.principalExtractor.extractPrincipal(clientCertificate);
return Mono.just(new PreAuthenticatedAuthenticationToken(principal, clientCertificate));
}
}
相关信息
相关文章
spring security AnonymousAuthenticationWebFilter 源码
spring security AuthenticationConverterServerWebExchangeMatcher 源码
spring security AuthenticationWebFilter 源码
spring security DelegatingServerAuthenticationSuccessHandler 源码
spring security HttpBasicServerAuthenticationEntryPoint 源码
spring security HttpStatusServerEntryPoint 源码
spring security ReactivePreAuthenticatedAuthenticationManager 源码
spring security RedirectServerAuthenticationEntryPoint 源码
spring security RedirectServerAuthenticationFailureHandler 源码
spring security RedirectServerAuthenticationSuccessHandler 源码
0
赞
热门推荐
-
2、 - 优质文章
-
3、 gate.io
-
7、 golang
-
9、 openharmony
-
10、 Vue中input框自动聚焦