micronaut-projects · sdelamo · Aug 18, 2022 · Aug 18, 2022 · Aug 18, 2022 · Aug 18, 2022
diff --git a/security/src/main/java/io/micronaut/security/endpoints/LoginController.java b/security/src/main/java/io/micronaut/security/endpoints/LoginController.java
@@ -40,6 +40,7 @@
 import javax.validation.Valid;
 import org.reactivestreams.Publisher;
 import reactor.core.publisher.Flux;
+import reactor.core.publisher.Mono;
 
 /**
  * Handles login requests.
@@ -93,6 +94,6 @@ public Publisher<MutableHttpResponse<?>> login(@Valid @Body UsernamePasswordCred
                         eventPublisher.publishEvent(new LoginFailedEvent(authenticationResponse));
                         return loginHandler.loginFailed(authenticationResponse, request);
                     }
-                }).defaultIfEmpty(HttpResponse.status(HttpStatus.UNAUTHORIZED));
+                }).switchIfEmpty(Mono.defer(() -> Mono.just(HttpResponse.status(HttpStatus.UNAUTHORIZED))));
     }
 }
diff --git a/settings.gradle b/settings.gradle
@@ -21,6 +21,8 @@ include "security-oauth2"
 
 include "test-suite-groovy"
 include "test-suite"
+include "test-suite-tomcat"
+include "test-suite-tomcat-groovy"
 include "test-suite-utils"
 include "test-suite-utils-security"
 include "test-suite-kotlin"

diff --git a/test-suite-tomcat-groovy/build.gradle b/test-suite-tomcat-groovy/build.gradle
@@ -0,0 +1,32 @@
+plugins {
+    id 'groovy'
+    id 'java-library'
+}
+repositories {
+    mavenCentral()
+}
+dependencies {
+    implementation(platform(mn.micronaut.bom))
+    testCompileOnly(mn.micronaut.inject.groovy)
+    testImplementation(libs.spock.core) {
+        exclude module:'groovy-all'
+    }
+    testImplementation(mn.micronaut.test.spock)
+    runtimeOnly(libs.logback.classic)
+    testImplementation("io.micronaut.servlet:micronaut-http-server-tomcat")
+    testImplementation(mn.micronaut.http.client)
+    testImplementation project(":security-jwt")
+    testImplementation project(":test-suite-utils-security")
+    testImplementation(libs.reactor.core)
+}
+
+tasks.named('test') {
+    useJUnitPlatform()
+}
+
+apply from: "${rootProject.projectDir}/gradle/testVerbose.gradle"
+
+java {
+    sourceCompatibility = JavaVersion.toVersion("1.8")
+    targetCompatibility = JavaVersion.toVersion("1.8")
+}
diff --git a/test-suite-tomcat-groovy/src/test/groovy/tomcat/JwtLoginSpec.groovy b/test-suite-tomcat-groovy/src/test/groovy/tomcat/JwtLoginSpec.groovy
@@ -0,0 +1,55 @@
+package tomcat
+
+import io.micronaut.context.annotation.Property
+import io.micronaut.context.annotation.Requires
+import io.micronaut.core.util.CollectionUtils
+import io.micronaut.http.HttpRequest
+import io.micronaut.http.HttpResponse
+import io.micronaut.http.client.BlockingHttpClient
+import io.micronaut.http.client.HttpClient
+import io.micronaut.http.client.annotation.Client
+import io.micronaut.security.testutils.authprovider.MockAuthenticationProvider
+import io.micronaut.security.testutils.authprovider.SuccessAuthenticationScenario
+import io.micronaut.test.extensions.spock.annotation.MicronautTest
+import jakarta.inject.Inject
+import jakarta.inject.Singleton
+import spock.lang.PendingFeature
+import spock.lang.Specification
+
+@Property(name = "micronaut.security.token.jwt.signatures.secret.generator.secret", value = "pleaseChangeThisSecretForANewOne")
+@Property(name = "micronaut.security.authentication", value = "bearer")
+@Property(name = "spec.name", value = "JwtLoginTest")
+@MicronautTest
+class JwtLoginSpec extends Specification {
+
+    @Inject
+    @Client("/")
+    HttpClient httpClient
+
+    @PendingFeature(reason = "until 3.3.1 of Micronaut-servlet is in Micronaut Core BOM")
+    void "Login is possible in tomcat and body is present"() {
+        given:
+        BlockingHttpClient client = httpClient.toBlocking()
+
+        when:
+        HttpResponse<Map> response = client.exchange(loginRequest(), Map)
+
+        then:
+        noExceptionThrown()
+        response.getBody().isPresent()
+        response.getBody().get().containsKey("access_token")
+    }
+
+    private static HttpRequest<?> loginRequest() {
+        return HttpRequest.POST("/login",
+            CollectionUtils.mapOf("username", "john", "password", "bogus"))
+    }
+
+    @Requires(property = "spec.name", value = "JwtLoginTest")
+    @Singleton
+    static class CustomAuthenticationProvider extends MockAuthenticationProvider {
+        CustomAuthenticationProvider() {
+            super(Collections.singletonList(new SuccessAuthenticationScenario("john")))
+        }
+    }
+}
diff --git a/test-suite-tomcat-groovy/src/test/resources/logback.xml b/test-suite-tomcat-groovy/src/test/resources/logback.xml
@@ -0,0 +1,15 @@
+<configuration>
+
+    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+        <!-- encoders are assigned the type
+             ch.qos.logback.classic.encoder.PatternLayoutEncoder by default -->
+        <encoder>
+            <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
+        </encoder>
+    </appender>
+
+    <root level="info">
+        <appender-ref ref="STDOUT" />
+    </root>
+    <logger name="io.micronaut.http" level="trace"/>
+</configuration>
diff --git a/test-suite-tomcat/build.gradle b/test-suite-tomcat/build.gradle
@@ -0,0 +1,34 @@
+plugins {
+    id 'java-library'
+}
+repositories {
+    mavenCentral()
+}
+dependencies {
+    testAnnotationProcessor(platform(mn.micronaut.bom))
+    testAnnotationProcessor(mn.micronaut.inject.java)
+
+    testImplementation(platform(mn.micronaut.bom))
+    testImplementation(libs.junit.jupiter.api)
+    testImplementation(mn.micronaut.test.junit5)
+    testRuntimeOnly(libs.junit.jupiter.engine)
+
+    testRuntimeOnly(libs.logback.classic)
+    testImplementation(mn.micronaut.management)
+    testImplementation("io.micronaut.servlet:micronaut-http-server-tomcat")
+    testImplementation(mn.micronaut.http.client)
+    testImplementation project(":security-jwt")
+    testImplementation project(":test-suite-utils-security")
+    testImplementation(libs.reactor.core)
+}
+
+tasks.named('test') {
+    useJUnitPlatform()
+}
+
+apply from: "${rootProject.projectDir}/gradle/testVerbose.gradle"
+
+java {
+    sourceCompatibility = JavaVersion.toVersion("1.8")
+    targetCompatibility = JavaVersion.toVersion("1.8")
+}
diff --git a/test-suite-tomcat/src/test/java/io/micronaut/security/test/tomcat/JwtLoginTest.java b/test-suite-tomcat/src/test/java/io/micronaut/security/test/tomcat/JwtLoginTest.java
@@ -0,0 +1,55 @@
+package io.micronaut.security.test.tomcat;
+
+import io.micronaut.context.annotation.Property;
+import io.micronaut.context.annotation.Requires;
+import io.micronaut.core.util.CollectionUtils;
+import io.micronaut.http.HttpRequest;
+import io.micronaut.http.HttpResponse;
+import io.micronaut.http.client.BlockingHttpClient;
+import io.micronaut.http.client.HttpClient;
+import io.micronaut.http.client.annotation.Client;
+import io.micronaut.security.authentication.AuthenticationProvider;
+import io.micronaut.security.authentication.AuthenticationRequest;
+import io.micronaut.security.authentication.AuthenticationResponse;
+import io.micronaut.security.testutils.authprovider.MockAuthenticationProvider;
+import io.micronaut.security.testutils.authprovider.SuccessAuthenticationScenario;
+import io.micronaut.test.extensions.junit5.annotation.MicronautTest;
+import jakarta.inject.Inject;
+import jakarta.inject.Singleton;
+import org.junit.jupiter.api.Test;
+
+import java.util.Collections;
+import java.util.Map;
+
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+@Property(name = "micronaut.security.token.jwt.signatures.secret.generator.secret", value = "pleaseChangeThisSecretForANewOne")
+@Property(name = "micronaut.security.authentication", value = "bearer")
+@Property(name = "spec.name", value = "JwtLoginTest")
+@MicronautTest
+class JwtLoginTest {
+
+    @Inject
+    @Client("/")
+    HttpClient httpClient;
+
+    @Test
+    void loginIsPossibleInTomcatRuntime() {
+        BlockingHttpClient client = httpClient.toBlocking();
+        assertDoesNotThrow(() -> client.exchange(loginRequest()));
+    }
+
+    private static HttpRequest<?> loginRequest() {
+        return HttpRequest.POST("/login",
+            CollectionUtils.mapOf("username", "john", "password", "bogus"));
+    }
+
+    @Requires(property = "spec.name", value = "JwtLoginTest")
+    @Singleton
+    static class CustomAuthenticationProvider extends MockAuthenticationProvider {
+        public CustomAuthenticationProvider() {
+            super(Collections.singletonList(new SuccessAuthenticationScenario("john")));
+        }
+    }
+}
diff --git a/test-suite-tomcat/src/test/resources/logback.xml b/test-suite-tomcat/src/test/resources/logback.xml
@@ -0,0 +1,15 @@
+<configuration>
+
+    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+        <!-- encoders are assigned the type
+             ch.qos.logback.classic.encoder.PatternLayoutEncoder by default -->
+        <encoder>
+            <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
+        </encoder>
+    </appender>
+
+    <root level="info">
+        <appender-ref ref="STDOUT" />
+    </root>
+    <logger name="io.micronaut.http" level="trace"/>
+</configuration>