From ebb836524dfee18e3493f360a6c3fe17c36d3c7d Mon Sep 17 00:00:00 2001 From: azhwani <> Date: Mon, 3 Aug 2020 12:46:26 +0100 Subject: [PATCH] first commit --- .../logoutredirects/LogoutApplication.java | 13 +++++++ .../controller/RestApiController.java | 20 ++++++++++ .../securityconfig/SpringSecurityConfig.java | 27 +++++++++++++ .../src/main/resources/application.properties | 4 +- .../LogoutApplicationUnitTest.java | 38 +++++++++++++++++++ 5 files changed, 101 insertions(+), 1 deletion(-) create mode 100644 spring-5-security/src/main/java/com/baeldung/logoutredirects/LogoutApplication.java create mode 100644 spring-5-security/src/main/java/com/baeldung/logoutredirects/controller/RestApiController.java create mode 100644 spring-5-security/src/main/java/com/baeldung/logoutredirects/securityconfig/SpringSecurityConfig.java create mode 100644 spring-5-security/src/test/java/com/baeldung/authresolver/logoutredirects/LogoutApplicationUnitTest.java diff --git a/spring-5-security/src/main/java/com/baeldung/logoutredirects/LogoutApplication.java b/spring-5-security/src/main/java/com/baeldung/logoutredirects/LogoutApplication.java new file mode 100644 index 0000000000..ef8175ffb2 --- /dev/null +++ b/spring-5-security/src/main/java/com/baeldung/logoutredirects/LogoutApplication.java @@ -0,0 +1,13 @@ +package com.baeldung.logoutredirects; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; + +@SpringBootApplication +public class LogoutApplication { + + public static void main(String[] args) { + SpringApplication.run(LogoutApplication.class, args); + } + +} diff --git a/spring-5-security/src/main/java/com/baeldung/logoutredirects/controller/RestApiController.java b/spring-5-security/src/main/java/com/baeldung/logoutredirects/controller/RestApiController.java new file mode 100644 index 0000000000..7d5b3ebbaa --- /dev/null +++ b/spring-5-security/src/main/java/com/baeldung/logoutredirects/controller/RestApiController.java @@ -0,0 +1,20 @@ +package com.baeldung.logoutredirects.controller; + +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RestController; + +@RestController +public class RestApiController { + + @GetMapping("/login") + public String login() { + return "login"; + } + + @PostMapping("/logout") + public String logout() { + return "redirect:/login"; + } + +} diff --git a/spring-5-security/src/main/java/com/baeldung/logoutredirects/securityconfig/SpringSecurityConfig.java b/spring-5-security/src/main/java/com/baeldung/logoutredirects/securityconfig/SpringSecurityConfig.java new file mode 100644 index 0000000000..64141f63d8 --- /dev/null +++ b/spring-5-security/src/main/java/com/baeldung/logoutredirects/securityconfig/SpringSecurityConfig.java @@ -0,0 +1,27 @@ +package com.baeldung.logoutredirects.securityconfig; + +import javax.servlet.http.HttpServletResponse; + +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; + +@Configuration +@EnableWebSecurity +public class SpringSecurityConfig extends WebSecurityConfigurerAdapter { + + @Override + protected void configure(HttpSecurity http) throws Exception { + http.authorizeRequests(authz -> authz.mvcMatchers("/login") + .permitAll() + .anyRequest() + .authenticated()) + .logout(logout -> logout.permitAll() + .logoutSuccessHandler((request, response, authentication) -> { + response.setStatus(HttpServletResponse.SC_OK); + })); + + } + +} diff --git a/spring-5-security/src/main/resources/application.properties b/spring-5-security/src/main/resources/application.properties index 5912b0f755..8159ace060 100644 --- a/spring-5-security/src/main/resources/application.properties +++ b/spring-5-security/src/main/resources/application.properties @@ -2,4 +2,6 @@ server.port=8081 logging.level.root=INFO -logging.level.com.baeldung.dsl.ClientErrorLoggingFilter=DEBUG \ No newline at end of file +logging.level.com.baeldung.dsl.ClientErrorLoggingFilter=DEBUG + +logging.level.org.springframework.security=DEBUG \ No newline at end of file diff --git a/spring-5-security/src/test/java/com/baeldung/authresolver/logoutredirects/LogoutApplicationUnitTest.java b/spring-5-security/src/test/java/com/baeldung/authresolver/logoutredirects/LogoutApplicationUnitTest.java new file mode 100644 index 0000000000..22ec67dea1 --- /dev/null +++ b/spring-5-security/src/test/java/com/baeldung/authresolver/logoutredirects/LogoutApplicationUnitTest.java @@ -0,0 +1,38 @@ +package com.baeldung.authresolver.logoutredirects; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest; +import org.springframework.security.test.context.support.WithMockUser; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringRunner; +import org.springframework.test.web.servlet.MockMvc; + +import com.baeldung.logoutredirects.securityconfig.SpringSecurityConfig; + +import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; +import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated; +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*; + +@RunWith(SpringRunner.class) +@WebMvcTest() +@ContextConfiguration(classes = { SpringSecurityConfig.class }) +public class LogoutApplicationUnitTest { + + @Autowired + private MockMvc mockMvc; + + @WithMockUser(value = "spring") + @Test + public void whenLogout_thenDisableRedirect() throws Exception { + + this.mockMvc.perform(post("/logout").with(csrf())) + .andExpect(status().isOk()) + .andExpect(jsonPath("$").doesNotExist()) + .andExpect(unauthenticated()) + .andReturn(); + } + +} \ No newline at end of file