Remove remaining usage of WebSecurityConfigurerAdapter
This commit is contained in:
parent
48e4401507
commit
0e4e7c7373
|
@ -20,10 +20,10 @@ import org.springframework.context.annotation.Bean;
|
|||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
import static org.springframework.security.config.Customizer.withDefaults;
|
||||
|
||||
|
@ -34,19 +34,20 @@ import static org.springframework.security.config.Customizer.withDefaults;
|
|||
*/
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
public class SecurityConfiguration {
|
||||
|
||||
@Override
|
||||
// @formatter:off
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.httpBasic(withDefaults())
|
||||
.formLogin(withDefaults());
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.httpBasic(withDefaults())
|
||||
.formLogin(withDefaults());
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
// @formatter:off
|
||||
@Bean
|
||||
|
|
|
@ -31,7 +31,6 @@ import org.springframework.context.annotation.Bean;
|
|||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.Customizer;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
|
@ -43,6 +42,7 @@ import org.springframework.security.oauth2.jwt.NimbusJwtEncoder;
|
|||
import org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationEntryPoint;
|
||||
import org.springframework.security.oauth2.server.resource.web.access.BearerTokenAccessDeniedHandler;
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
/**
|
||||
* Security configuration for the main application.
|
||||
|
@ -50,7 +50,7 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
|||
* @author Josh Cummings
|
||||
*/
|
||||
@Configuration
|
||||
public class RestConfig extends WebSecurityConfigurerAdapter {
|
||||
public class RestConfig {
|
||||
|
||||
@Value("${jwt.public.key}")
|
||||
RSAPublicKey key;
|
||||
|
@ -58,22 +58,23 @@ public class RestConfig extends WebSecurityConfigurerAdapter {
|
|||
@Value("${jwt.private.key}")
|
||||
RSAPrivateKey priv;
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.csrf((csrf) -> csrf.ignoringAntMatchers("/token"))
|
||||
.httpBasic(Customizer.withDefaults())
|
||||
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt)
|
||||
.sessionManagement((session) -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
||||
.exceptionHandling((exceptions) -> exceptions
|
||||
.authenticationEntryPoint(new BearerTokenAuthenticationEntryPoint())
|
||||
.accessDeniedHandler(new BearerTokenAccessDeniedHandler())
|
||||
);
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.csrf((csrf) -> csrf.ignoringAntMatchers("/token"))
|
||||
.httpBasic(Customizer.withDefaults())
|
||||
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt)
|
||||
.sessionManagement((session) -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
||||
.exceptionHandling((exceptions) -> exceptions
|
||||
.authenticationEntryPoint(new BearerTokenAuthenticationEntryPoint())
|
||||
.accessDeniedHandler(new BearerTokenAccessDeniedHandler())
|
||||
);
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -16,10 +16,12 @@
|
|||
|
||||
package example.web;
|
||||
|
||||
import example.RestConfig;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.MvcResult;
|
||||
|
||||
|
@ -35,6 +37,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
|||
* @author Josh Cummings
|
||||
*/
|
||||
@WebMvcTest({ HelloController.class, TokenController.class })
|
||||
@Import(RestConfig.class)
|
||||
public class HelloControllerTests {
|
||||
|
||||
@Autowired
|
||||
|
|
|
@ -44,7 +44,6 @@ import org.springframework.context.annotation.Bean;
|
|||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient;
|
||||
import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest;
|
||||
|
@ -63,6 +62,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
|||
import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
|
||||
import org.springframework.security.oauth2.core.user.OAuth2User;
|
||||
import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.web.util.UriComponents;
|
||||
import org.springframework.web.util.UriComponentsBuilder;
|
||||
|
@ -328,21 +328,22 @@ public class OAuth2LoginApplicationTests {
|
|||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
public static class SecurityTestConfig extends WebSecurityConfigurerAdapter {
|
||||
public static class SecurityTestConfig {
|
||||
|
||||
// @formatter:off
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2Login((oauth2) -> oauth2
|
||||
.tokenEndpoint((token) -> token.accessTokenResponseClient(mockAccessTokenResponseClient()))
|
||||
.userInfoEndpoint((userInfo) -> userInfo.userService(mockUserService()))
|
||||
);
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2Login((oauth2) -> oauth2
|
||||
.tokenEndpoint((token) -> token.accessTokenResponseClient(mockAccessTokenResponseClient()))
|
||||
.userInfoEndpoint((userInfo) -> userInfo.userService(mockUserService()))
|
||||
);
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
private OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> mockAccessTokenResponseClient() {
|
||||
OAuth2AccessTokenResponse accessTokenResponse = OAuth2AccessTokenResponse.withToken("access-token-1234")
|
||||
|
|
|
@ -20,10 +20,10 @@ import org.springframework.context.annotation.Bean;
|
|||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
|
||||
import org.springframework.security.oauth2.jwt.JwtDecoder;
|
||||
import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
/**
|
||||
* OAuth resource configuration.
|
||||
|
@ -31,22 +31,23 @@ import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
|
|||
* @author Josh Cummings
|
||||
*/
|
||||
@EnableWebSecurity
|
||||
public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
public class OAuth2ResourceServerSecurityConfiguration {
|
||||
|
||||
@Value("${spring.security.oauth2.resourceserver.jwt.jwk-set-uri}")
|
||||
String jwkSetUri;
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.antMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
|
||||
.antMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.antMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
|
||||
.antMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -19,6 +19,7 @@ import org.junit.jupiter.api.Test;
|
|||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
|
||||
|
@ -36,6 +37,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
|||
*
|
||||
*/
|
||||
@WebMvcTest(OAuth2ResourceServerController.class)
|
||||
@Import(OAuth2ResourceServerSecurityConfiguration.class)
|
||||
public class OAuth2ResourceServerControllerTests {
|
||||
|
||||
@Autowired
|
||||
|
|
|
@ -42,9 +42,9 @@ import org.springframework.beans.factory.annotation.Value;
|
|||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.oauth2.jwt.JwtDecoder;
|
||||
import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
import static org.springframework.security.config.Customizer.withDefaults;
|
||||
|
||||
|
@ -54,7 +54,7 @@ import static org.springframework.security.config.Customizer.withDefaults;
|
|||
* @author Josh Cummings
|
||||
*/
|
||||
@EnableWebSecurity
|
||||
public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
public class OAuth2ResourceServerSecurityConfiguration {
|
||||
|
||||
private final JWSAlgorithm jwsAlgorithm = JWSAlgorithm.RS256;
|
||||
|
||||
|
@ -68,16 +68,17 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
|
|||
@Value("${sample.jwe-key-value}")
|
||||
RSAPrivateKey key;
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.antMatchers("/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer((oauth2) -> oauth2.jwt(withDefaults()));
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.antMatchers("/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer((oauth2) -> oauth2.jwt(withDefaults()));
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -16,10 +16,11 @@
|
|||
package example;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
/**
|
||||
* OAuth2 Security Configuration.
|
||||
|
@ -27,7 +28,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
|
|||
* @author Josh Cummings
|
||||
*/
|
||||
@EnableWebSecurity
|
||||
public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
public class OAuth2ResourceServerSecurityConfiguration {
|
||||
|
||||
@Value("${spring.security.oauth2.resourceserver.opaque.introspection-uri}")
|
||||
String introspectionUri;
|
||||
|
@ -38,22 +39,23 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
|
|||
@Value("${spring.security.oauth2.resourceserver.opaque.introspection-client-secret}")
|
||||
String clientSecret;
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.mvcMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
|
||||
.mvcMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer((oauth2) -> oauth2
|
||||
.opaqueToken((opaque) -> opaque
|
||||
.introspectionUri(this.introspectionUri)
|
||||
.introspectionClientCredentials(this.clientId, this.clientSecret)
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.mvcMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
|
||||
.mvcMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
);
|
||||
.oauth2ResourceServer((oauth2) -> oauth2
|
||||
.opaqueToken((opaque) -> opaque
|
||||
.introspectionUri(this.introspectionUri)
|
||||
.introspectionClientCredentials(this.clientId, this.clientSecret)
|
||||
)
|
||||
);
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -19,6 +19,7 @@ import org.junit.jupiter.api.Test;
|
|||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
|
||||
import org.springframework.context.annotation.Import;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
|
@ -36,6 +37,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
|||
* @since 5.3
|
||||
*/
|
||||
@WebMvcTest(OAuth2ResourceServerController.class)
|
||||
@Import(OAuth2ResourceServerSecurityConfiguration.class)
|
||||
public class OAuth2ResourceServerControllerTests {
|
||||
|
||||
@Autowired
|
||||
|
|
|
@ -18,11 +18,11 @@ package example;
|
|||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
import static org.springframework.security.config.Customizer.withDefaults;
|
||||
|
||||
|
@ -32,20 +32,21 @@ import static org.springframework.security.config.Customizer.withDefaults;
|
|||
* @author Joe Grandja
|
||||
*/
|
||||
@EnableWebSecurity
|
||||
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
public class SecurityConfiguration {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.mvcMatchers("/", "/public/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.formLogin(withDefaults())
|
||||
.oauth2Login(withDefaults())
|
||||
.oauth2Client(withDefaults());
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.mvcMatchers("/", "/public/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.formLogin(withDefaults())
|
||||
.oauth2Login(withDefaults())
|
||||
.oauth2Client(withDefaults());
|
||||
// @formatter:on
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
@ -19,32 +19,34 @@ package org.springframework.security.samples.config
|
|||
import org.springframework.context.annotation.Bean
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
|
||||
import org.springframework.security.config.web.servlet.invoke
|
||||
import org.springframework.security.core.userdetails.User
|
||||
import org.springframework.security.core.userdetails.UserDetailsService
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager
|
||||
import org.springframework.security.web.SecurityFilterChain
|
||||
|
||||
/**
|
||||
* @author Eleftheria Stein
|
||||
*/
|
||||
@EnableWebSecurity
|
||||
class SecurityConfig : WebSecurityConfigurerAdapter() {
|
||||
class SecurityConfig {
|
||||
|
||||
override fun configure(http: HttpSecurity) {
|
||||
http {
|
||||
@Bean
|
||||
fun filterChain(http: HttpSecurity): SecurityFilterChain {
|
||||
http {
|
||||
authorizeRequests {
|
||||
authorize("/css/**", permitAll)
|
||||
authorize("/user/**", hasAuthority("ROLE_USER"))
|
||||
}
|
||||
formLogin {
|
||||
loginPage = "/log-in"
|
||||
}
|
||||
formLogin {
|
||||
loginPage = "/log-in"
|
||||
}
|
||||
}
|
||||
return http.build()
|
||||
}
|
||||
|
||||
@Bean
|
||||
public override fun userDetailsService(): UserDetailsService {
|
||||
fun userDetailsService(): UserDetailsService {
|
||||
val userDetails = User.withDefaultPasswordEncoder()
|
||||
.username("user")
|
||||
.password("password")
|
||||
|
|
Loading…
Reference in New Issue