Update HttpSecurity Formatting

This commit is contained in:
Josh Cummings 2021-11-10 09:42:09 -07:00
parent 3a4eec6eda
commit 3a58daf55d
27 changed files with 98 additions and 100 deletions

View File

@ -53,7 +53,7 @@ public class WebfluxFormSecurityConfiguration {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
// @formatter:off // @formatter:off
http http
.authorizeExchange((exchanges) -> exchanges .authorizeExchange((authorize) -> authorize
.pathMatchers("/login").permitAll() .pathMatchers("/login").permitAll()
.anyExchange().authenticated() .anyExchange().authenticated()
) )

View File

@ -53,7 +53,7 @@ public class WebfluxX509Application {
// @formatter:off // @formatter:off
http http
.x509(withDefaults()) .x509(withDefaults())
.authorizeExchange((exchanges) -> exchanges .authorizeExchange((authorize) -> authorize
.anyExchange().authenticated() .anyExchange().authenticated()
); );
// @formatter:on // @formatter:on

View File

@ -39,7 +39,7 @@ public class SecurityConfiguration {
SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) { SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) {
// @formatter:off // @formatter:off
http http
.authorizeExchange((exchanges) -> exchanges .authorizeExchange((authorize) -> authorize
.anyExchange().authenticated() .anyExchange().authenticated()
) )
.formLogin(withDefaults()); .formLogin(withDefaults());

View File

@ -45,7 +45,7 @@ public class SecurityConfiguration {
http http
// Demonstrate that method security works // Demonstrate that method security works
// Best practice to use both for defense in depth // Best practice to use both for defense in depth
.authorizeExchange((exchanges) -> exchanges .authorizeExchange((authorize) -> authorize
.anyExchange().permitAll() .anyExchange().permitAll()
) )
.httpBasic(withDefaults()); .httpBasic(withDefaults());

View File

@ -37,7 +37,7 @@ public class SecurityConfiguration {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
// @formatter:off // @formatter:off
http http
.authorizeExchange((exchanges) -> exchanges .authorizeExchange((authorize) -> authorize
.pathMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read") .pathMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
.pathMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write") .pathMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
.anyExchange().authenticated() .anyExchange().authenticated()

View File

@ -37,7 +37,7 @@ public class SecurityConfiguration {
SecurityWebFilterChain configure(ServerHttpSecurity http) { SecurityWebFilterChain configure(ServerHttpSecurity http) {
// @formatter:off // @formatter:off
http http
.authorizeExchange((exchanges) -> exchanges .authorizeExchange((authorize) -> authorize
.pathMatchers("/", "/public/**").permitAll() .pathMatchers("/", "/public/**").permitAll()
.anyExchange().authenticated() .anyExchange().authenticated()
) )

View File

@ -31,15 +31,11 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeRequests((authorizeRequests) -> .authorizeRequests((authorize) -> authorize
authorizeRequests .antMatchers("/login", "/resources/**").permitAll()
.antMatchers("/login", "/resources/**").permitAll() .anyRequest().authenticated()
.anyRequest().authenticated() )
) .jee((jee) -> jee.mappableRoles("USER", "ADMIN"));
.jee((jee) ->
jee
.mappableRoles("USER", "ADMIN")
);
} }
// @formatter:on // @formatter:on

View File

@ -33,8 +33,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
// @formatter:off // @formatter:off
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeRequests((requests) -> requests .authorizeRequests((authorize) -> authorize
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.formLogin((form) -> form .formLogin((form) -> form
.loginPage("/login") .loginPage("/login")

View File

@ -31,7 +31,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
// @formatter:off // @formatter:off
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeRequests((requests) -> requests .authorizeRequests((authorize) -> authorize
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.formLogin((form) -> form .formLogin((form) -> form

View File

@ -33,9 +33,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
// @formatter:off // @formatter:off
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeRequests((authorizeRequests) -> .authorizeRequests((authorize) -> authorize
authorizeRequests .anyRequest().authenticated()
.anyRequest().authenticated()
) )
.x509(withDefaults()); .x509(withDefaults());
} }

View File

@ -33,11 +33,11 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
// @formatter:off // @formatter:off
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeRequests((requests) -> requests .authorizeRequests((authorize) -> authorize
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.httpBasic(withDefaults()) .httpBasic(withDefaults())
.formLogin(withDefaults()); .formLogin(withDefaults());
} }
// @formatter:on // @formatter:on

View File

@ -33,11 +33,11 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
// @formatter:off // @formatter:off
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeRequests((requests) -> requests .authorizeRequests((authorize) -> authorize
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.httpBasic(withDefaults()) .httpBasic(withDefaults())
.formLogin(withDefaults()); .formLogin(withDefaults());
} }
// @formatter:on // @formatter:on

View File

@ -48,7 +48,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeRequests((requests) -> requests .authorizeRequests((authorize) -> authorize
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.formLogin(withDefaults()) .formLogin(withDefaults())

View File

@ -44,19 +44,26 @@ public class SecurityConfig {
SecurityFilterChain web(HttpSecurity http, SecurityFilterChain web(HttpSecurity http,
AuthorizationManager<RequestAuthorizationContext> mfaAuthorizationManager) throws Exception { AuthorizationManager<RequestAuthorizationContext> mfaAuthorizationManager) throws Exception {
MfaAuthenticationHandler mfaAuthenticationHandler = new MfaAuthenticationHandler("/second-factor"); MfaAuthenticationHandler mfaAuthenticationHandler = new MfaAuthenticationHandler("/second-factor");
http.authorizeHttpRequests((authz) -> authz.mvcMatchers("/second-factor", "/third-factor") // @formatter:off
.access(mfaAuthorizationManager).anyRequest().authenticated()) http
.formLogin((form) -> form.successHandler(mfaAuthenticationHandler) .authorizeHttpRequests((authorize) -> authorize
.failureHandler(mfaAuthenticationHandler)) .mvcMatchers("/second-factor", "/third-factor").access(mfaAuthorizationManager)
.exceptionHandling((exceptions) -> exceptions .anyRequest().authenticated()
.withObjectPostProcessor(new ObjectPostProcessor<ExceptionTranslationFilter>() { )
@Override .formLogin((form) -> form
public <O extends ExceptionTranslationFilter> O postProcess(O filter) { .successHandler(mfaAuthenticationHandler)
filter.setAuthenticationTrustResolver(new MfaTrustResolver()); .failureHandler(mfaAuthenticationHandler)
return filter; )
} .exceptionHandling((exceptions) -> exceptions
})); .withObjectPostProcessor(new ObjectPostProcessor<ExceptionTranslationFilter>() {
@Override
public <O extends ExceptionTranslationFilter> O postProcess(O filter) {
filter.setAuthenticationTrustResolver(new MfaTrustResolver());
return filter;
}
})
);
// @formatter:on
return http.build(); return http.build();
} }

View File

@ -40,7 +40,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
// @formatter:off // @formatter:off
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeRequests((requests) -> requests .authorizeRequests((authorize) -> authorize
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.httpBasic(withDefaults()) .httpBasic(withDefaults())

View File

@ -61,7 +61,10 @@ public class RestConfig extends WebSecurityConfigurerAdapter {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
// @formatter:off // @formatter:off
http.authorizeRequests((authz) -> authz.anyRequest().authenticated()) http
.authorizeRequests((authorize) -> authorize
.anyRequest().authenticated()
)
.csrf((csrf) -> csrf.ignoringAntMatchers("/token")) .csrf((csrf) -> csrf.ignoringAntMatchers("/token"))
.httpBasic(Customizer.withDefaults()) .httpBasic(Customizer.withDefaults())
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt) .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt)

View File

@ -72,7 +72,9 @@ public class OAuth2AuthorizationServerSecurityConfiguration {
public SecurityFilterChain standardSecurityFilterChain(HttpSecurity http) throws Exception { public SecurityFilterChain standardSecurityFilterChain(HttpSecurity http) throws Exception {
// @formatter:off // @formatter:off
http http
.authorizeRequests((requests) -> requests.anyRequest().authenticated()) .authorizeRequests((authorize) -> authorize
.anyRequest().authenticated()
)
.formLogin(Customizer.withDefaults()); .formLogin(Customizer.withDefaults());
// @formatter:on // @formatter:on

View File

@ -334,16 +334,12 @@ public class OAuth2LoginApplicationTests {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeRequests((requests) -> requests .authorizeRequests((authorize) -> authorize
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.oauth2Login((oauth2) -> oauth2 .oauth2Login((oauth2) -> oauth2
.tokenEndpoint((tokens) -> tokens .tokenEndpoint((token) -> token.accessTokenResponseClient(mockAccessTokenResponseClient()))
.accessTokenResponseClient(this.mockAccessTokenResponseClient()) .userInfoEndpoint((userInfo) -> userInfo.userService(mockUserService()))
)
.userInfoEndpoint((userInfo) -> userInfo
.userService(this.mockUserService())
)
); );
} }
// @formatter:on // @formatter:on

View File

@ -40,11 +40,10 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
// @formatter:off // @formatter:off
http http
.authorizeRequests((requests) -> .authorizeRequests((authorize) -> authorize
requests .antMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
.antMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read") .antMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
.antMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write") .anyRequest().authenticated()
.anyRequest().authenticated()
) )
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt); .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
// @formatter:on // @formatter:on

View File

@ -72,15 +72,11 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
// @formatter:off // @formatter:off
http http
.authorizeRequests((requests) -> .authorizeRequests((authorize) -> authorize
requests .antMatchers("/message/**").hasAuthority("SCOPE_message:read")
.antMatchers("/message/**").hasAuthority("SCOPE_message:read") .anyRequest().authenticated()
.anyRequest().authenticated()
) )
.oauth2ResourceServer((resourceServer) -> .oauth2ResourceServer((oauth2) -> oauth2.jwt(withDefaults()));
resourceServer
.jwt(withDefaults())
);
// @formatter:on // @formatter:on
} }

View File

@ -47,11 +47,11 @@ public class OAuth2ResourceServerSecurityConfiguration {
AuthenticationManagerResolver<HttpServletRequest> authenticationManagerResolver) throws Exception { AuthenticationManagerResolver<HttpServletRequest> authenticationManagerResolver) throws Exception {
// @formatter:off // @formatter:off
http http
.authorizeRequests((requests) -> requests .authorizeRequests((authorize) -> authorize
.mvcMatchers("/**/message/**").hasAuthority("SCOPE_message:read") .mvcMatchers("/**/message/**").hasAuthority("SCOPE_message:read")
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.oauth2ResourceServer((resourceServer) -> resourceServer .oauth2ResourceServer((oauth2) -> oauth2
.authenticationManagerResolver(authenticationManagerResolver) .authenticationManagerResolver(authenticationManagerResolver)
); );
// @formatter:on // @formatter:on

View File

@ -42,16 +42,16 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
// @formatter:off // @formatter:off
http http
.authorizeRequests((requests) -> requests .authorizeRequests((authorize) -> authorize
.mvcMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read") .mvcMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
.mvcMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write") .mvcMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.oauth2ResourceServer((resourceServer) -> resourceServer .oauth2ResourceServer((oauth2) -> oauth2
.opaqueToken((opaqueToken) -> opaqueToken .opaqueToken((opaque) -> opaque
.introspectionUri(this.introspectionUri) .introspectionUri(this.introspectionUri)
.introspectionClientCredentials(this.clientId, this.clientSecret) .introspectionClientCredentials(this.clientId, this.clientSecret)
) )
); );
// @formatter:on // @formatter:on
} }

View File

@ -40,14 +40,12 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
// @formatter:off // @formatter:off
http http
.authorizeRequests((requests) -> requests .authorizeRequests((authorize) -> authorize
.mvcMatchers("/message/**").hasAuthority("SCOPE_message:read") .mvcMatchers("/message/**").hasAuthority("SCOPE_message:read")
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.oauth2ResourceServer((resourceServer) -> resourceServer .oauth2ResourceServer((oauth2) -> oauth2
.jwt((jwt) -> jwt .jwt((jwt) -> jwt.decoder(jwtDecoder()))
.decoder(jwtDecoder())
)
); );
// @formatter:on // @formatter:on
} }

View File

@ -38,9 +38,9 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
// @formatter:off // @formatter:off
http http
.authorizeRequests((requests) -> requests .authorizeRequests((authorize) -> authorize
.mvcMatchers("/", "/public/**").permitAll() .mvcMatchers("/", "/public/**").permitAll()
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.formLogin(withDefaults()) .formLogin(withDefaults())
.oauth2Login(withDefaults()) .oauth2Login(withDefaults())

View File

@ -36,11 +36,11 @@ public class SecurityConfiguration {
SecurityFilterChain app(HttpSecurity http) throws Exception { SecurityFilterChain app(HttpSecurity http) throws Exception {
// @formatter:off // @formatter:off
http http
.authorizeRequests((authorize) -> authorize .authorizeRequests((authorize) -> authorize
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.saml2Login((saml2) -> saml2.loginProcessingUrl("/login/saml2/sso")) .saml2Login((saml2) -> saml2.loginProcessingUrl("/login/saml2/sso"))
.saml2Logout(Customizer.withDefaults()); .saml2Logout(Customizer.withDefaults());
// @formatter:on // @formatter:on
return http.build(); return http.build();

View File

@ -35,11 +35,11 @@ public class SecurityConfiguration {
SecurityFilterChain app(HttpSecurity http) throws Exception { SecurityFilterChain app(HttpSecurity http) throws Exception {
// @formatter:off // @formatter:off
http http
.authorizeRequests((authorize) -> authorize .authorizeRequests((authorize) -> authorize
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.saml2Login(Customizer.withDefaults()) .saml2Login(Customizer.withDefaults())
.saml2Logout(Customizer.withDefaults()); .saml2Logout(Customizer.withDefaults());
// @formatter:on // @formatter:on
return http.build(); return http.build();

View File

@ -30,7 +30,9 @@ public class SecurityConfiguration {
SecurityFilterChain app(HttpSecurity http) throws Exception { SecurityFilterChain app(HttpSecurity http) throws Exception {
// @formatter:off // @formatter:off
http http
.authorizeRequests((authorize) -> authorize.anyRequest().authenticated()) .authorizeRequests((authorize) -> authorize
.anyRequest().authenticated()
)
.saml2Login(withDefaults()) .saml2Login(withDefaults())
.saml2Logout(withDefaults()); .saml2Logout(withDefaults());
// @formatter:on // @formatter:on