Merge pull request #87 from georchestra/fix-preauth-user-authenticate…

…d-set-to-false

preauth - making sure the authenticated flag on the token is set to true

gateway/src/main/java/org/georchestra/gateway/security/preauth/PreauthAuthenticationManager.java

@@ -59,7 +59,7 @@ public Mono<Authentication> convert(ServerWebExchange exchange) {
                 throw new IllegalStateException("Pre-authenticated user headers not provided");
             }
             PreAuthenticatedAuthenticationToken authentication = new PreAuthenticatedAuthenticationToken(username,
-                    credentials);
+                    credentials, List.of());
             return Mono.just(authentication);
         }
         return Mono.empty();

gateway/src/test/java/org/georchestra/gateway/security/preauth/HeaderPreAuthenticationConfigurationIT.java

@@ -54,4 +54,16 @@ private WebTestClient.RequestHeadersUriSpec<?> prepareWebTestClientHeaders(
                 .isNotEmpty();
     }
 
+    public @Test void test_preauthenticatedHeadersAccess_isAuthenticated() {
+        assertNotNull(context.getBean(PreauthGatewaySecurityCustomizer.class));
+        assertNotNull(context.getBean(PreauthenticatedUserMapperExtension.class));
+
+        ResponseSpec exchange = prepareWebTestClientHeaders(testClient.get(), ADMIN_HEADERS).uri("/whoami").exchange();
+        BodyContentSpec body = exchange.expectStatus().is2xxSuccessful().expectBody();
+        body.jsonPath("$.['GeorchestraUser']").isNotEmpty();
+        body.jsonPath(
+                "$.['org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken'].authenticated")
+                .isEqualTo(true);
+    }
+
 }