Update HttpSecurity Formatting

2021-11-10 09:42:09 -07:00 · 2021-11-10 09:42:09 -07:00 · 3a58daf55d
parent 3a4eec6eda
commit 3a58daf55d
27 changed files with 98 additions and 100 deletions
--- a/reactive/webflux/java/authentication/username-password/form/src/main/java/example/WebfluxFormSecurityConfiguration.java
+++ b/reactive/webflux/java/authentication/username-password/form/src/main/java/example/WebfluxFormSecurityConfiguration.java
@ -53,7 +53,7 @@ public class WebfluxFormSecurityConfiguration {
 	SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 		// @formatter:off
 		http
-			.authorizeExchange((exchanges) -> exchanges
+			.authorizeExchange((authorize) -> authorize
 				.pathMatchers("/login").permitAll()
 				.anyExchange().authenticated()
 			)
--- a/reactive/webflux/java/authentication/x509/src/main/java/example/WebfluxX509Application.java
+++ b/reactive/webflux/java/authentication/x509/src/main/java/example/WebfluxX509Application.java
@ -53,7 +53,7 @@ public class WebfluxX509Application {
 		// @formatter:off
 		http
 			.x509(withDefaults())
-			.authorizeExchange((exchanges) -> exchanges
+			.authorizeExchange((authorize) -> authorize
 				.anyExchange().authenticated()
 			);
 		// @formatter:on
--- a/reactive/webflux/java/hello-security-explicit/src/main/java/example/SecurityConfiguration.java
+++ b/reactive/webflux/java/hello-security-explicit/src/main/java/example/SecurityConfiguration.java
@ -39,7 +39,7 @@ public class SecurityConfiguration {
 	SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) {
 		// @formatter:off
 		http
-			.authorizeExchange((exchanges) -> exchanges
+			.authorizeExchange((authorize) -> authorize
 				.anyExchange().authenticated()
 			)
 			.formLogin(withDefaults());
--- a/reactive/webflux/java/method/src/main/java/example/SecurityConfiguration.java
+++ b/reactive/webflux/java/method/src/main/java/example/SecurityConfiguration.java
@ -45,7 +45,7 @@ public class SecurityConfiguration {
 		http
 			// Demonstrate that method security works
 			// Best practice to use both for defense in depth
-			.authorizeExchange((exchanges) -> exchanges
+			.authorizeExchange((authorize) -> authorize
 				.anyExchange().permitAll()
 			)
 			.httpBasic(withDefaults());
--- a/reactive/webflux/java/oauth2/resource-server/src/main/java/example/SecurityConfiguration.java
+++ b/reactive/webflux/java/oauth2/resource-server/src/main/java/example/SecurityConfiguration.java
@ -37,7 +37,7 @@ public class SecurityConfiguration {
 	SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 		// @formatter:off
 		http
-			.authorizeExchange((exchanges) -> exchanges
+			.authorizeExchange((authorize) -> authorize
 				.pathMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
 				.pathMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
 				.anyExchange().authenticated()
--- a/reactive/webflux/java/oauth2/webclient/src/main/java/example/SecurityConfiguration.java
+++ b/reactive/webflux/java/oauth2/webclient/src/main/java/example/SecurityConfiguration.java
@ -37,7 +37,7 @@ public class SecurityConfiguration {
 	SecurityWebFilterChain configure(ServerHttpSecurity http) {
 		// @formatter:off
 		http
-			.authorizeExchange((exchanges) -> exchanges
+			.authorizeExchange((authorize) -> authorize
 				.pathMatchers("/", "/public/**").permitAll()
 				.anyExchange().authenticated()
 			)
--- a/servlet/java-configuration/authentication/preauth/src/main/java/example/SecurityConfiguration.java
+++ b/servlet/java-configuration/authentication/preauth/src/main/java/example/SecurityConfiguration.java
@ -31,15 +31,11 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
 		http
-				.authorizeRequests((authorizeRequests) ->
+			.authorizeRequests((authorize) -> authorize
 						authorizeRequests
 				.antMatchers("/login", "/resources/**").permitAll()
 				.anyRequest().authenticated()
 			)
-				.jee((jee) ->
+			.jee((jee) -> jee.mappableRoles("USER", "ADMIN"));
 						jee
 								.mappableRoles("USER", "ADMIN")
 				);
 	}
 	// @formatter:on
--- a/servlet/java-configuration/authentication/remember-me/src/main/java/example/SecurityConfiguration.java
+++ b/servlet/java-configuration/authentication/remember-me/src/main/java/example/SecurityConfiguration.java
@ -33,7 +33,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 	// @formatter:off
 	protected void configure(HttpSecurity http) throws Exception {
 		http
-			.authorizeRequests((requests) -> requests
+			.authorizeRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
 			.formLogin((form) -> form
--- a/servlet/java-configuration/authentication/username-password/form/src/main/java/example/SecurityConfiguration.java
+++ b/servlet/java-configuration/authentication/username-password/form/src/main/java/example/SecurityConfiguration.java
@ -31,7 +31,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 	// @formatter:off
 	protected void configure(HttpSecurity http) throws Exception {
 		http
-			.authorizeRequests((requests) -> requests
+			.authorizeRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
 			.formLogin((form) -> form
--- a/servlet/java-configuration/authentication/x509/src/main/java/example/SecurityConfiguration.java
+++ b/servlet/java-configuration/authentication/x509/src/main/java/example/SecurityConfiguration.java
@ -33,8 +33,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 	// @formatter:off
 	protected void configure(HttpSecurity http) throws Exception {
 		http
-			.authorizeRequests((authorizeRequests) ->
+			.authorizeRequests((authorize) -> authorize
 					authorizeRequests
 				.anyRequest().authenticated()
 			)
 			.x509(withDefaults());
--- a/servlet/java-configuration/hello-mvc-security/src/main/java/example/SecurityConfiguration.java
+++ b/servlet/java-configuration/hello-mvc-security/src/main/java/example/SecurityConfiguration.java
@ -33,7 +33,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 	// @formatter:off
 	protected void configure(HttpSecurity http) throws Exception {
 		http
-				.authorizeRequests((requests) -> requests
+			.authorizeRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
 			.httpBasic(withDefaults())
--- a/servlet/java-configuration/hello-security-explicit/src/main/java/example/SecurityConfiguration.java
+++ b/servlet/java-configuration/hello-security-explicit/src/main/java/example/SecurityConfiguration.java
@ -33,7 +33,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 	// @formatter:off
 	protected void configure(HttpSecurity http) throws Exception {
 		http
-				.authorizeRequests((requests) -> requests
+			.authorizeRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
 			.httpBasic(withDefaults())
--- a/servlet/java-configuration/max-sessions/src/main/java/example/SecurityConfiguration.java
+++ b/servlet/java-configuration/max-sessions/src/main/java/example/SecurityConfiguration.java
@ -48,7 +48,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
 		http
-			.authorizeRequests((requests) -> requests
+			.authorizeRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
 			.formLogin(withDefaults())
--- a/servlet/spring-boot/java/authentication/username-password/mfa/src/main/java/example/SecurityConfig.java
+++ b/servlet/spring-boot/java/authentication/username-password/mfa/src/main/java/example/SecurityConfig.java
@ -44,10 +44,16 @@ public class SecurityConfig {
 	SecurityFilterChain web(HttpSecurity http,
 			AuthorizationManager<RequestAuthorizationContext> mfaAuthorizationManager) throws Exception {
 		MfaAuthenticationHandler mfaAuthenticationHandler = new MfaAuthenticationHandler("/second-factor");
-		http.authorizeHttpRequests((authz) -> authz.mvcMatchers("/second-factor", "/third-factor")
+		// @formatter:off
-				.access(mfaAuthorizationManager).anyRequest().authenticated())
+		http
-				.formLogin((form) -> form.successHandler(mfaAuthenticationHandler)
+			.authorizeHttpRequests((authorize) -> authorize
-						.failureHandler(mfaAuthenticationHandler))
+				.mvcMatchers("/second-factor", "/third-factor").access(mfaAuthorizationManager)
 				.anyRequest().authenticated()
 			)
 			.formLogin((form) -> form
 				.successHandler(mfaAuthenticationHandler)
 				.failureHandler(mfaAuthenticationHandler)
 			)
 			.exceptionHandling((exceptions) -> exceptions
 				.withObjectPostProcessor(new ObjectPostProcessor<ExceptionTranslationFilter>() {
 					@Override
@ -55,8 +61,9 @@ public class SecurityConfig {
 						filter.setAuthenticationTrustResolver(new MfaTrustResolver());
 						return filter;
 					}
-						}));
+				})
-
+			);
 		// @formatter:on
 		return http.build();
 	}
--- a/servlet/spring-boot/java/hello-security-explicit/src/main/java/example/SecurityConfiguration.java
+++ b/servlet/spring-boot/java/hello-security-explicit/src/main/java/example/SecurityConfiguration.java
@ -40,7 +40,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 	// @formatter:off
 	protected void configure(HttpSecurity http) throws Exception {
 		http
-			.authorizeRequests((requests) -> requests
+			.authorizeRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
 			.httpBasic(withDefaults())
--- a/servlet/spring-boot/java/jwt/login/src/main/java/example/RestConfig.java
+++ b/servlet/spring-boot/java/jwt/login/src/main/java/example/RestConfig.java
@ -61,7 +61,10 @@ public class RestConfig extends WebSecurityConfigurerAdapter {
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
 		// @formatter:off
-		http.authorizeRequests((authz) -> authz.anyRequest().authenticated())
+		http
 			.authorizeRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
 			.csrf((csrf) -> csrf.ignoringAntMatchers("/token"))
 			.httpBasic(Customizer.withDefaults())
 			.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt)
--- a/servlet/spring-boot/java/oauth2/authorization-server/src/main/java/example/OAuth2AuthorizationServerSecurityConfiguration.java
+++ b/servlet/spring-boot/java/oauth2/authorization-server/src/main/java/example/OAuth2AuthorizationServerSecurityConfiguration.java
@ -72,7 +72,9 @@ public class OAuth2AuthorizationServerSecurityConfiguration {
 	public SecurityFilterChain standardSecurityFilterChain(HttpSecurity http) throws Exception {
 		// @formatter:off
 		http
-			.authorizeRequests((requests) -> requests.anyRequest().authenticated())
+			.authorizeRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
 			.formLogin(Customizer.withDefaults());
 		// @formatter:on
--- a/servlet/spring-boot/java/oauth2/login/src/integTest/java/example/OAuth2LoginApplicationTests.java
+++ b/servlet/spring-boot/java/oauth2/login/src/integTest/java/example/OAuth2LoginApplicationTests.java
@ -334,16 +334,12 @@ public class OAuth2LoginApplicationTests {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
 			http
-				.authorizeRequests((requests) -> requests
+				.authorizeRequests((authorize) -> authorize
 					.anyRequest().authenticated()
 				)
 				.oauth2Login((oauth2) -> oauth2
-					.tokenEndpoint((tokens) -> tokens
+					.tokenEndpoint((token) -> token.accessTokenResponseClient(mockAccessTokenResponseClient()))
-						.accessTokenResponseClient(this.mockAccessTokenResponseClient())
+					.userInfoEndpoint((userInfo) -> userInfo.userService(mockUserService()))
 					)
 					.userInfoEndpoint((userInfo) -> userInfo
 						.userService(this.mockUserService())
 					)
 				);
 		}
 		// @formatter:on
--- a/servlet/spring-boot/java/oauth2/resource-server/hello-security/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
+++ b/servlet/spring-boot/java/oauth2/resource-server/hello-security/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
@ -40,8 +40,7 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
 	protected void configure(HttpSecurity http) throws Exception {
 		// @formatter:off
 		http
-			.authorizeRequests((requests) ->
+			.authorizeRequests((authorize) -> authorize
 				requests
 				.antMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
 				.antMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
 				.anyRequest().authenticated()
--- a/servlet/spring-boot/java/oauth2/resource-server/jwe/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
+++ b/servlet/spring-boot/java/oauth2/resource-server/jwe/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
@ -72,15 +72,11 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
 	protected void configure(HttpSecurity http) throws Exception {
 		// @formatter:off
 		http
-			.authorizeRequests((requests) ->
+			.authorizeRequests((authorize) -> authorize
 				requests
 				.antMatchers("/message/**").hasAuthority("SCOPE_message:read")
 				.anyRequest().authenticated()
 			)
-			.oauth2ResourceServer((resourceServer) ->
+			.oauth2ResourceServer((oauth2) -> oauth2.jwt(withDefaults()));
 				resourceServer
 					.jwt(withDefaults())
 			);
 		// @formatter:on
 	}
--- a/servlet/spring-boot/java/oauth2/resource-server/multi-tenancy/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
+++ b/servlet/spring-boot/java/oauth2/resource-server/multi-tenancy/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
@ -47,11 +47,11 @@ public class OAuth2ResourceServerSecurityConfiguration {
 			AuthenticationManagerResolver<HttpServletRequest> authenticationManagerResolver) throws Exception {
 		// @formatter:off
 		http
-			.authorizeRequests((requests) -> requests
+			.authorizeRequests((authorize) -> authorize
 				.mvcMatchers("/**/message/**").hasAuthority("SCOPE_message:read")
 				.anyRequest().authenticated()
 			)
-			.oauth2ResourceServer((resourceServer) -> resourceServer
+			.oauth2ResourceServer((oauth2) -> oauth2
 				.authenticationManagerResolver(authenticationManagerResolver)
 			);
 		// @formatter:on
--- a/servlet/spring-boot/java/oauth2/resource-server/opaque/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
+++ b/servlet/spring-boot/java/oauth2/resource-server/opaque/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
@ -42,13 +42,13 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
 	protected void configure(HttpSecurity http) throws Exception {
 		// @formatter:off
 		http
-			.authorizeRequests((requests) -> requests
+			.authorizeRequests((authorize) -> authorize
 				.mvcMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
 				.mvcMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
 				.anyRequest().authenticated()
 			)
-			.oauth2ResourceServer((resourceServer) -> resourceServer
+			.oauth2ResourceServer((oauth2) -> oauth2
-					.opaqueToken((opaqueToken) -> opaqueToken
+				.opaqueToken((opaque) -> opaque
 					.introspectionUri(this.introspectionUri)
 					.introspectionClientCredentials(this.clientId, this.clientSecret)
 				)
--- a/servlet/spring-boot/java/oauth2/resource-server/static/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
+++ b/servlet/spring-boot/java/oauth2/resource-server/static/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
@ -40,14 +40,12 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
 	protected void configure(HttpSecurity http) throws Exception {
 		// @formatter:off
 		http
-			.authorizeRequests((requests) -> requests
+			.authorizeRequests((authorize) -> authorize
 				.mvcMatchers("/message/**").hasAuthority("SCOPE_message:read")
 				.anyRequest().authenticated()
 			)
-			.oauth2ResourceServer((resourceServer) -> resourceServer
+			.oauth2ResourceServer((oauth2) -> oauth2
-					.jwt((jwt) -> jwt
+				.jwt((jwt) -> jwt.decoder(jwtDecoder()))
 							.decoder(jwtDecoder())
 					)
 			);
 		// @formatter:on
 	}
--- a/servlet/spring-boot/java/oauth2/webclient/src/main/java/example/SecurityConfiguration.java
+++ b/servlet/spring-boot/java/oauth2/webclient/src/main/java/example/SecurityConfiguration.java
@ -38,7 +38,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 	protected void configure(HttpSecurity http) throws Exception {
 		// @formatter:off
 		http
-			.authorizeRequests((requests) -> requests
+			.authorizeRequests((authorize) -> authorize
 				.mvcMatchers("/", "/public/**").permitAll()
 				.anyRequest().authenticated()
 			)
--- a/servlet/spring-boot/java/saml2/refreshable-metadata/src/main/java/example/SecurityConfiguration.java
+++ b/servlet/spring-boot/java/saml2/refreshable-metadata/src/main/java/example/SecurityConfiguration.java
@ -30,7 +30,9 @@ public class SecurityConfiguration {
 	SecurityFilterChain app(HttpSecurity http) throws Exception {
 		// @formatter:off
 		http
-			.authorizeRequests((authorize) -> authorize.anyRequest().authenticated())
+			.authorizeRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
 			.saml2Login(withDefaults())
 			.saml2Logout(withDefaults());
 		// @formatter:on