preauth - http header names are case insensitive (#125)

Tests: runtime, IT added.

gateway/src/main/java/org/georchestra/gateway/security/preauth/PreauthAuthenticationManager.java

@@ -56,21 +56,22 @@ public class PreauthAuthenticationManager implements ReactiveAuthenticationManag
     @Override
     public Mono<Authentication> convert(ServerWebExchange exchange) {
         if (isPreAuthenticated(exchange)) {
-            Map<String, String> credentials = extract(exchange.getRequest().getHeaders());
-            String username = credentials.get(PREAUTH_USERNAME);
+            HttpHeaders headers = exchange.getRequest().getHeaders();
+            String username = headers.getFirst(PREAUTH_USERNAME);
             if (!StringUtils.hasText(username)) {
                 throw new IllegalStateException("Pre-authenticated user headers not provided");
             }
             PreAuthenticatedAuthenticationToken authentication = new PreAuthenticatedAuthenticationToken(username,
-                    credentials, List.of());
+                    extract(headers), List.of());
             return Mono.just(authentication);
         }
         return Mono.empty();
     }
 
     private Map<String, String> extract(HttpHeaders headers) {
-        return headers.toSingleValueMap().entrySet().stream().filter(e -> e.getKey().startsWith("preauth-"))
-                .collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue));
+        return headers.toSingleValueMap().entrySet().stream()
+                .filter(e -> e.getKey().toLowerCase().startsWith("preauth-"))
+                .collect(Collectors.toMap(e -> e.getKey().toLowerCase(), Map.Entry::getValue));
     }
 
     @Override

gateway/src/test/java/org/georchestra/gateway/security/preauth/HeaderPreAuthenticationConfigurationIT.java

@@ -35,6 +35,14 @@ public class HeaderPreAuthenticationConfigurationIT {
             "preauth-lastname", "Martin", //
             "preauth-org", "C2C", //
             "Accept", "application/json");
+    private static final Map<String, String> ADMIN_HEADERS_CASE_INSENSITIVE = Map.of(//
+            "Sec-Georchestra-PreAuthenticated", "true", //
+            "Preauth-Username", "pmartin", //
+            "Preauth-Email", "pierre.martin@example.org", //
+            "Preauth-Firstname", "Pierre", //
+            "Preauth-Lastname", "Martin", //
+            "Preauth-Org", "C2C", //
+            "Accept", "application/json");
 
     private WebTestClient.RequestHeadersUriSpec<?> prepareWebTestClientHeaders(
             WebTestClient.RequestHeadersUriSpec<?> spec, Map<String, String> headers) {
@@ -54,6 +62,19 @@ private WebTestClient.RequestHeadersUriSpec<?> prepareWebTestClientHeaders(
                 .isNotEmpty();
     }
 
+    public @Test void test_preauthenticatedHeadersAccess_case_insensitive() {
+        assertNotNull(context.getBean(PreauthGatewaySecurityCustomizer.class));
+        assertNotNull(context.getBean(PreauthenticatedUserMapperExtension.class));
+
+        ResponseSpec exchange = prepareWebTestClientHeaders(testClient.get(), ADMIN_HEADERS_CASE_INSENSITIVE)
+                .uri("/whoami").exchange();
+        BodyContentSpec body = exchange.expectStatus().is2xxSuccessful().expectBody();
+        body.jsonPath("$.['GeorchestraUser']").isNotEmpty();
+        body.jsonPath(
+                "$.['org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken']")
+                .isNotEmpty();
+    }
+
     public @Test void test_preauthenticatedHeadersAccess_isAuthenticated() {
         assertNotNull(context.getBean(PreauthGatewaySecurityCustomizer.class));
         assertNotNull(context.getBean(PreauthenticatedUserMapperExtension.class));