Skip to content

Commit 5e0eec8

Browse files
HyunSangHandsyer
HyunSangHan
authored and
dsyer
committed
Fix SecurityContext leakage in AuthenticationProcessInterceptor
Signed-off-by: Hyunsang Han <gustkd3@gmail.com>
1 parent 6db7b37 commit 5e0eec8

File tree

1 file changed

+59
-1
lines changed

1 file changed

+59
-1
lines changed

spring-grpc-core/src/main/java/org/springframework/grpc/server/security/AuthenticationProcessInterceptor.java

Lines changed: 59 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@
2626
import org.springframework.security.core.context.SecurityContext;
2727
import org.springframework.security.core.context.SecurityContextHolder;
2828

29+
import io.grpc.ForwardingServerCallListener.SimpleForwardingServerCallListener;
2930
import io.grpc.Metadata;
3031
import io.grpc.ServerCall;
3132
import io.grpc.ServerCall.Listener;
@@ -90,7 +91,64 @@ else if (user == null || !user.isAuthenticated()) {
9091
throw new BadCredentialsException("not authenticated");
9192
}
9293

93-
return next.startCall(call, headers);
94+
SecurityContext currentContext = SecurityContextHolder.getContext();
95+
return new SecurityContextClearingListener<>(next.startCall(call, headers), currentContext);
96+
}
97+
98+
static class SecurityContextClearingListener<ReqT> extends SimpleForwardingServerCallListener<ReqT> {
99+
100+
private final SecurityContext securityContext;
101+
102+
SecurityContextClearingListener(ServerCall.Listener<ReqT> delegate, SecurityContext securityContext) {
103+
super(delegate);
104+
this.securityContext = securityContext;
105+
}
106+
107+
@Override
108+
public void onMessage(ReqT message) {
109+
SecurityContextHolder.setContext(this.securityContext);
110+
try {
111+
super.onMessage(message);
112+
}
113+
finally {
114+
SecurityContextHolder.clearContext();
115+
}
116+
}
117+
118+
@Override
119+
public void onHalfClose() {
120+
SecurityContextHolder.setContext(this.securityContext);
121+
try {
122+
super.onHalfClose();
123+
}
124+
finally {
125+
SecurityContextHolder.clearContext();
126+
}
127+
}
128+
129+
@Override
130+
public void onReady() {
131+
SecurityContextHolder.setContext(this.securityContext);
132+
try {
133+
super.onReady();
134+
}
135+
finally {
136+
SecurityContextHolder.clearContext();
137+
}
138+
}
139+
140+
@Override
141+
public void onCancel() {
142+
super.onCancel();
143+
SecurityContextHolder.clearContext();
144+
}
145+
146+
@Override
147+
public void onComplete() {
148+
super.onComplete();
149+
SecurityContextHolder.clearContext();
150+
}
151+
94152
}
95153

96154
}

0 commit comments

Comments
 (0)