test: Run reverse proxy security test automatically

Uses a modified Jetty proxy servlet to deal with path rewriting
vaadin · Sep 28, 2022 · 32247f3 · 32247f3
1 parent 3bf1753
commit 32247f3
Show file tree

Hide file tree

Showing 5 changed files with 61 additions and 3 deletions.
diff --git a/flow-tests/vaadin-spring-tests/pom.xml b/flow-tests/vaadin-spring-tests/pom.xml
@@ -317,8 +317,7 @@
                 <module>test-spring-security-flow</module>
                 <module>test-spring-security-flow-contextpath</module>
                 <module>test-spring-security-flow-urlmapping</module>
-<!-- This can be included if it is set up to automatically start a reverse proxy as part of the build -->
-<!--                <module>test-spring-security-flow-reverseproxy</module> -->
+                <module>test-spring-security-flow-reverseproxy</module>
 
                 <module>test-spring-boot-only-prepare</module>
                 <module>test-spring-white-list</module>

diff --git a/...t-spring-helpers/src/main/java/com/vaadin/flow/spring/test/PathRewritingProxyServlet.java b/...t-spring-helpers/src/main/java/com/vaadin/flow/spring/test/PathRewritingProxyServlet.java
@@ -0,0 +1,54 @@
+package com.vaadin.flow.spring.test;
+
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.Locale;
+
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+
+import org.eclipse.jetty.client.api.Response;
+import org.eclipse.jetty.proxy.ProxyServlet.Transparent;
+
+public class PathRewritingProxyServlet extends Transparent {
+
+    private String prefix;
+    private String proxyTo;
+
+    @Override
+    public void init(ServletConfig config) throws ServletException {
+        proxyTo = config.getInitParameter("proxyTo");
+        prefix = config.getInitParameter("prefix");
+        super.init(config);
+    }
+
+    @Override
+    protected String filterServerResponseHeader(
+            HttpServletRequest clientRequest, Response serverResponse,
+            String headerName, String headerValue) {
+        if (headerName.toLowerCase(Locale.ENGLISH).equals("set-cookie")) {
+            // Set-Cookie: JSESSIONID=07E35F87D336463E597B5B0D32744660; Path=/;
+            // HttpOnly
+            return headerValue.replace("Path=/", "Path=" + prefix);
+        } else if (headerName.equals("Location")) {
+            // Location: http://localhost:8888/my/login/page
+            URL publicURL;
+            try {
+                publicURL = new java.net.URL(
+                        clientRequest.getRequestURL().toString());
+            } catch (MalformedURLException e) {
+                e.printStackTrace();
+                return headerValue;
+            }
+            String hostAndBasePath = publicURL.getProtocol() + "://"
+                    + publicURL.getHost() + ":" + publicURL.getPort() + prefix
+                    + "/";
+
+            return headerValue.replace(proxyTo, hostAndBasePath);
+        }
+        return super.filterServerResponseHeader(clientRequest, serverResponse,
+                headerName, headerValue);
+    }
+}
diff --git a/...din-spring-tests/test-spring-helpers/src/main/java/com/vaadin/flow/spring/test/Proxy.java b/...din-spring-tests/test-spring-helpers/src/main/java/com/vaadin/flow/spring/test/Proxy.java
@@ -34,7 +34,7 @@ public void start() throws Exception {
         ServletContextHandler context = new ServletContextHandler(proxy, "/",
                 ServletContextHandler.SESSIONS);
         ServletHolder proxyServlet = new ServletHolder(
-                ProxyServlet.Transparent.class);
+                PathRewritingProxyServlet.class);
         proxyServlet.setInitParameter("proxyTo", "http://localhost:8888/");
         proxyServlet.setInitParameter("prefix", proxyPath);
         context.addServlet(proxyServlet, "/*");

diff --git a/...verseproxy/src/main/java/com/vaadin/flow/spring/flowsecurityreverseproxy/Application.java b/...verseproxy/src/main/java/com/vaadin/flow/spring/flowsecurityreverseproxy/Application.java
@@ -2,8 +2,12 @@
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.ComponentScan;
+
+import com.vaadin.flow.spring.test.Proxy;
 
 @SpringBootApplication
+@ComponentScan(basePackageClasses = Proxy.class)
 public class Application
         extends com.vaadin.flow.spring.flowsecurity.Application {
 

diff --git a/scripts/computeMatrix.js b/scripts/computeMatrix.js
@@ -69,6 +69,7 @@ const moduleWeights = {
   'flow-tests/vaadin-spring-tests/test-spring-security-flow': { pos: 5, weight: 5 },
   'flow-tests/vaadin-spring-tests/test-spring-security-flow-contextpath': { pos: 5, weight: 4 },
   'flow-tests/vaadin-spring-tests/test-spring-security-flow-urlmapping': { pos: 5, weight: 4 },
+  'flow-tests/vaadin-spring-tests/test-spring-security-flow-reverseproxy': { pos: 5, weight: 4 },
   'flow-tests/vaadin-spring-tests/test-spring': { pos: 5, weight: 3 },
   'flow-tests/vaadin-spring-tests/test-mvc-without-endpoints': { pos: 5, weight: 2 },
   'flow-tests/test-router-custom-context': { weight: 6 },