Improve javadocs with references to spring-security-web references

ST-DDT · ST-DDT · commit 89471ddc841c · 2021-11-17T23:53:20.000+01:00
diff --git a/grpc-server-spring-boot-autoconfigure/src/main/java/net/devh/boot/grpc/server/security/authentication/GrpcAuthenticationReader.java b/grpc-server-spring-boot-autoconfigure/src/main/java/net/devh/boot/grpc/server/security/authentication/GrpcAuthenticationReader.java
@@ -26,12 +26,17 @@
 
 import io.grpc.Metadata;
 import io.grpc.ServerCall;
+import io.grpc.Status;
 
 /**
  * Reads the authentication data from the given {@link ServerCall} and {@link Metadata}. The returned
  * {@link Authentication} is not yet validated and needs to be passed to an {@link AuthenticationManager}.
  *
  * <p>
+ * This is similar to the {@code org.springframework.security.web.authentication.AuthenticationConverter}.
+ * </p>
+ *
+ * <p>
  * <b>Note:</b> The authentication manager needs a corresponding {@link AuthenticationProvider} to actually verify the
  * {@link Authentication}.
  * </p>
@@ -47,7 +52,9 @@ public interface GrpcAuthenticationReader {
      * <p>
      * <b>Note:</b> Implementations are free to throw an {@link AuthenticationException} if no credentials could be
      * found in the call. If an exception is thrown by an implementation then the authentication attempt should be
-     * considered as failed and no subsequent {@link GrpcAuthenticationReader}s should be called.
+     * considered as failed and no subsequent {@link GrpcAuthenticationReader}s should be called. Additionally, the call
+     * will fail as {@link Status#UNAUTHENTICATED}. If the call instead returns {@code null}, then the call processing
+     * will proceed unauthenticated.
      * </p>
      *
      * @param call The call to get that send the request.
diff --git a/grpc-server-spring-boot-autoconfigure/src/main/java/net/devh/boot/grpc/server/security/interceptors/DefaultAuthenticatingServerInterceptor.java b/grpc-server-spring-boot-autoconfigure/src/main/java/net/devh/boot/grpc/server/security/interceptors/DefaultAuthenticatingServerInterceptor.java
@@ -47,6 +47,10 @@
  * authentication to both grpc's {@link Context} and {@link SecurityContextHolder}.
  *
  * <p>
+ * This works similar to the {@code org.springframework.security.web.authentication.AuthenticationFilter}.
+ * </p>
+ *
+ * <p>
  * <b>Note:</b> This interceptor works similar to
  * {@link Contexts#interceptCall(Context, ServerCall, Metadata, ServerCallHandler)}.
  * </p>
diff --git a/tests/src/test/java/net/devh/boot/grpc/test/interceptor/DefaultServerInterceptorTest.java b/tests/src/test/java/net/devh/boot/grpc/test/interceptor/DefaultServerInterceptorTest.java
@@ -48,7 +48,7 @@
         ManualSecurityConfiguration.class})
 @EnableAutoConfiguration
 @DirtiesContext
-public class DefaultServerInterceptorTest {
+class DefaultServerInterceptorTest {
 
     @Autowired
     private ApplicationContext applicationContext;
