spring security HttpsRedirectWebFilter 源码

spring security HttpsRedirectWebFilter 代码

文件路径：/web/src/main/java/org/springframework/security/web/server/transport/HttpsRedirectWebFilter.java

/*
 * Copyright 2002-2019 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.springframework.security.web.server.transport;

import java.net.URI;

import reactor.core.publisher.Mono;

import org.springframework.security.web.PortMapper;
import org.springframework.security.web.PortMapperImpl;
import org.springframework.security.web.server.DefaultServerRedirectStrategy;
import org.springframework.security.web.server.ServerRedirectStrategy;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;
import org.springframework.util.Assert;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import org.springframework.web.util.UriComponentsBuilder;

/**
 * Redirects any non-HTTPS request to its HTTPS equivalent.
 *
 * Can be configured to use a {@link ServerWebExchangeMatcher} to narrow which requests
 * get redirected.
 *
 * Can also be configured for custom ports using {@link PortMapper}.
 *
 * @author Josh Cummings
 * @since 5.1
 */
public final class HttpsRedirectWebFilter implements WebFilter {

	private PortMapper portMapper = new PortMapperImpl();

	private ServerWebExchangeMatcher requiresHttpsRedirectMatcher = ServerWebExchangeMatchers.anyExchange();

	private final ServerRedirectStrategy redirectStrategy = new DefaultServerRedirectStrategy();

	@Override
	public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
		return Mono.just(exchange).filter(this::isInsecure).flatMap(this.requiresHttpsRedirectMatcher::matches)
				.filter((matchResult) -> matchResult.isMatch()).switchIfEmpty(chain.filter(exchange).then(Mono.empty()))
				.map((matchResult) -> createRedirectUri(exchange))
				.flatMap((uri) -> this.redirectStrategy.sendRedirect(exchange, uri));
	}

	/**
	 * Use this {@link PortMapper} for mapping custom ports
	 * @param portMapper the {@link PortMapper} to use
	 */
	public void setPortMapper(PortMapper portMapper) {
		Assert.notNull(portMapper, "portMapper cannot be null");
		this.portMapper = portMapper;
	}

	/**
	 * Use this {@link ServerWebExchangeMatcher} to narrow which requests are redirected
	 * to HTTPS.
	 *
	 * The filter already first checks for HTTPS in the uri scheme, so it is not necessary
	 * to include that check in this matcher.
	 * @param requiresHttpsRedirectMatcher the {@link ServerWebExchangeMatcher} to use
	 */
	public void setRequiresHttpsRedirectMatcher(ServerWebExchangeMatcher requiresHttpsRedirectMatcher) {
		Assert.notNull(requiresHttpsRedirectMatcher, "requiresHttpsRedirectMatcher cannot be null");
		this.requiresHttpsRedirectMatcher = requiresHttpsRedirectMatcher;
	}

	private boolean isInsecure(ServerWebExchange exchange) {
		return !"https".equals(exchange.getRequest().getURI().getScheme());
	}

	private URI createRedirectUri(ServerWebExchange exchange) {
		int port = exchange.getRequest().getURI().getPort();
		UriComponentsBuilder builder = UriComponentsBuilder.fromUri(exchange.getRequest().getURI());
		if (port > 0) {
			Integer httpsPort = this.portMapper.lookupHttpsPort(port);
			Assert.state(httpsPort != null, () -> "HTTP Port '" + port + "' does not have a corresponding HTTPS Port");
			builder.port(httpsPort);
		}
		return builder.scheme("https").build().toUri();
	}

}

相关信息

spring security 源码目录

相关文章

spring security AclEntryVoter 源码

spring security AclPermissionCacheOptimizer 源码

spring security AclPermissionEvaluator 源码

spring security AbstractAclProvider 源码

spring security AclEntryAfterInvocationCollectionFilteringProvider 源码

spring security AclEntryAfterInvocationProvider 源码

spring security ArrayFilterer 源码

spring security CollectionFilterer 源码

spring security Filterer 源码

spring security package-info 源码