diff --git a/botalka/src/main/kotlin/ru/vityaman/lms/botalka/app/spring/api/http/error/DomainExceptionMarshalling.kt b/botalka/src/main/kotlin/ru/vityaman/lms/botalka/app/spring/api/http/error/DomainExceptionMarshalling.kt index 995ad6b..61349a0 100644 --- a/botalka/src/main/kotlin/ru/vityaman/lms/botalka/app/spring/api/http/error/DomainExceptionMarshalling.kt +++ b/botalka/src/main/kotlin/ru/vityaman/lms/botalka/app/spring/api/http/error/DomainExceptionMarshalling.kt @@ -2,7 +2,6 @@ package ru.vityaman.lms.botalka.app.spring.api.http.error import com.fasterxml.jackson.databind.ObjectMapper import kotlinx.coroutines.reactor.awaitSingle -import org.springframework.http.HttpStatus import org.springframework.http.server.reactive.ServerHttpResponse import org.springframework.stereotype.Component import reactor.core.publisher.Mono @@ -19,8 +18,7 @@ class DomainExceptionMarshalling( val entity = exception.toResponseEntity() val message = jackson.writeValueAsBytes(entity.body) val buffer = response.bufferFactory().wrap(message) - response.statusCode = HttpStatus.UNAUTHORIZED - response.writeAndFlushWith(Mono.just(Mono.just(buffer))) - .awaitSingle() + response.statusCode = exception.httpCode + response.writeWith(Mono.just(buffer)).awaitSingle() } } diff --git a/botalka/src/main/kotlin/ru/vityaman/lms/botalka/app/spring/security/SpringJwtContextRepository.kt b/botalka/src/main/kotlin/ru/vityaman/lms/botalka/app/spring/security/SpringJwtContextRepository.kt index 08d1dc1..095bdb7 100644 --- a/botalka/src/main/kotlin/ru/vityaman/lms/botalka/app/spring/security/SpringJwtContextRepository.kt +++ b/botalka/src/main/kotlin/ru/vityaman/lms/botalka/app/spring/security/SpringJwtContextRepository.kt @@ -2,7 +2,6 @@ package ru.vityaman.lms.botalka.app.spring.security import kotlinx.coroutines.reactor.awaitSingle import kotlinx.coroutines.reactor.mono -import org.slf4j.LoggerFactory import org.springframework.http.HttpHeaders import org.springframework.security.authentication.UsernamePasswordAuthenticationToken import org.springframework.security.core.context.SecurityContext @@ -23,14 +22,10 @@ class SpringJwtContextRepository( private val headerName = HttpHeaders.AUTHORIZATION private val bearerPrefix = "Bearer " - private val log = LoggerFactory.getLogger(this.javaClass) - override fun save( exchange: ServerWebExchange, context: SecurityContext, - ): Mono { - TODO("Not yet implemented") - } + ): Mono = TODO("Not yet implemented") override fun load(exchange: ServerWebExchange): Mono = mono { @@ -40,9 +35,10 @@ class SpringJwtContextRepository( .let { authManager.authenticate(it).awaitSingle() } .let { SecurityContextImpl(it) } } catch (exception: DomainException) { - log.warn("Failed to load a security context", exception) - marshalling.write(exchange.response, exception) - null + AuthenticationException(exception.message!!, exception).let { + marshalling.write(exchange.response, it) + } + SecurityContextImpl() } } diff --git a/botalka/src/test/kotlin/ru/vityaman/lms/botalka/app/spring/api/http/middleware/AuthMiddlewareTest.kt b/botalka/src/test/kotlin/ru/vityaman/lms/botalka/app/spring/api/http/middleware/AuthMiddlewareTest.kt new file mode 100644 index 0000000..f98148f --- /dev/null +++ b/botalka/src/test/kotlin/ru/vityaman/lms/botalka/app/spring/api/http/middleware/AuthMiddlewareTest.kt @@ -0,0 +1,22 @@ +package ru.vityaman.lms.botalka.app.spring.api.http.middleware + +import io.kotest.common.runBlocking +import kotlinx.coroutines.reactor.awaitSingle +import org.junit.jupiter.api.Test +import org.junit.jupiter.api.assertThrows +import org.springframework.web.reactive.function.client.WebClientResponseException +import ru.vityaman.lms.botalka.app.spring.BotalkaTestSuite +import ru.vityaman.lms.botalka.app.spring.api.http.client.Api + +class AuthMiddlewareTest : BotalkaTestSuite() { + @Test + fun requestWithoutBearer(): Unit = runBlocking { + val api = Api.ofNewbie() + assertThrows { + api.callGuardedMethod() + } + } + + private suspend fun Api.callGuardedMethod() = + this.user.getUserById(1).awaitSingle() +}