Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove exceptions from lambda security configuration 

Fixes: gh-7128
This commit is contained in:
Eleftheria Stein 2019-07-24 12:15:32 -04:00 committed by Rob Winch
parent b55322b2cb
commit 0b4502b2c5
23 changed files with 115 additions and 168 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
config/src/main/java/org/springframework/security/config/Customizer.java
View File

@ -17,8 +17,7 @@
package org.springframework.security.config;
/**
* Callback interface that accepts a single input argument and returns no result,
* with the ability to throw a (checked) exception.
* Callback interface that accepts a single input argument and returns no result.
*
* @author Eleftheria Stein
* @param <T> the type of the input to the operation
@ -31,9 +30,8 @@ public interface Customizer<T> {
* Performs the customizations on the input argument.
*
* @param t the input argument
* @throws Exception if any error occurs
*/
void customize(T t) throws Exception;
void customize(T t);
/**
* Returns a {@link Customizer} that does not alter the input argument.

27
config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java
View File

@ -136,10 +136,8 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>> extends
* @param contentTypeOptionsCustomizer the {@link Customizer} to provide more options for
* the {@link ContentTypeOptionsConfig}
* @return the {@link HeadersConfigurer} for additional customizations
* @throws Exception
*/
public HeadersConfigurer<H> contentTypeOptions(Customizer<ContentTypeOptionsConfig> contentTypeOptionsCustomizer)
throws Exception {
public HeadersConfigurer<H> contentTypeOptions(Customizer<ContentTypeOptionsConfig> contentTypeOptionsCustomizer) {
contentTypeOptionsCustomizer.customize(contentTypeOptions.enable());
return HeadersConfigurer.this;
}
@ -209,9 +207,8 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>> extends
* @param xssCustomizer the {@link Customizer} to provide more options for
* the {@link XXssConfig}
* @return the {@link HeadersConfigurer} for additional customizations
* @throws Exception
*/
public HeadersConfigurer<H> xssProtection(Customizer<XXssConfig> xssCustomizer) throws Exception {
public HeadersConfigurer<H> xssProtection(Customizer<XXssConfig> xssCustomizer) {
xssCustomizer.customize(xssProtection.enable());
return HeadersConfigurer.this;
}
@ -322,14 +319,12 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>> extends
* @param cacheControlCustomizer the {@link Customizer} to provide more options for
* the {@link CacheControlConfig}
* @return the {@link HeadersConfigurer} for additional customizations
* @throws Exception
*/
public HeadersConfigurer<H> cacheControl(Customizer<CacheControlConfig> cacheControlCustomizer) throws Exception {
public HeadersConfigurer<H> cacheControl(Customizer<CacheControlConfig> cacheControlCustomizer) {
cacheControlCustomizer.customize(cacheControl.enable());
return HeadersConfigurer.this;
}
public final class CacheControlConfig {
private CacheControlHeadersWriter writer;
@ -389,9 +384,8 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>> extends
* @param hstsCustomizer the {@link Customizer} to provide more options for
* the {@link HstsConfig}
* @return the {@link HeadersConfigurer} for additional customizations
* @throws Exception
*/
public HeadersConfigurer<H> httpStrictTransportSecurity(Customizer<HstsConfig> hstsCustomizer) throws Exception {
public HeadersConfigurer<H> httpStrictTransportSecurity(Customizer<HstsConfig> hstsCustomizer) {
hstsCustomizer.customize(hsts.enable());
return HeadersConfigurer.this;
}
@ -523,9 +517,8 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>> extends
* @param frameOptionsCustomizer the {@link Customizer} to provide more options for
* the {@link FrameOptionsConfig}
* @return the {@link HeadersConfigurer} for additional customizations
* @throws Exception
*/
public HeadersConfigurer<H> frameOptions(Customizer<FrameOptionsConfig> frameOptionsCustomizer) throws Exception {
public HeadersConfigurer<H> frameOptions(Customizer<FrameOptionsConfig> frameOptionsCustomizer) {
frameOptionsCustomizer.customize(frameOptions.enable());
return HeadersConfigurer.this;
}
@ -613,9 +606,8 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>> extends
* @param hpkpCustomizer the {@link Customizer} to provide more options for
* the {@link HpkpConfig}
* @return the {@link HeadersConfigurer} for additional customizations
* @throws Exception
*/
public HeadersConfigurer<H> httpPublicKeyPinning(Customizer<HpkpConfig> hpkpCustomizer) throws Exception {
public HeadersConfigurer<H> httpPublicKeyPinning(Customizer<HpkpConfig> hpkpCustomizer) {
hpkpCustomizer.customize(hpkp.enable());
return HeadersConfigurer.this;
}
@ -840,10 +832,8 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>> extends
* @param contentSecurityCustomizer the {@link Customizer} to provide more options for
* the {@link ContentSecurityPolicyConfig}
* @return the {@link HeadersConfigurer} for additional customizations
* @throws Exception
*/
public HeadersConfigurer<H> contentSecurityPolicy(Customizer<ContentSecurityPolicyConfig> contentSecurityCustomizer)
throws Exception {
public HeadersConfigurer<H> contentSecurityPolicy(Customizer<ContentSecurityPolicyConfig> contentSecurityCustomizer) {
this.contentSecurityPolicy.writer = new ContentSecurityPolicyHeaderWriter();
contentSecurityCustomizer.customize(this.contentSecurityPolicy);
@ -1026,9 +1016,8 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>> extends
* @param referrerPolicyCustomizer the {@link Customizer} to provide more options for
* the {@link ReferrerPolicyConfig}
* @return the {@link HeadersConfigurer} for additional customizations
* @throws Exception
*/
public HeadersConfigurer<H> referrerPolicy(Customizer<ReferrerPolicyConfig> referrerPolicyCustomizer) throws Exception {
public HeadersConfigurer<H> referrerPolicy(Customizer<ReferrerPolicyConfig> referrerPolicyCustomizer) {
this.referrerPolicy.writer = new ReferrerPolicyHeaderWriter();
referrerPolicyCustomizer.customize(this.referrerPolicy);
return HeadersConfigurer.this;

5
config/src/main/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurer.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2018 the original author or authors.
* Copyright 2002-2019 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -113,9 +113,8 @@ public final class HttpBasicConfigurer<B extends HttpSecurityBuilder<B>> extends
*
* @param realmName the HTTP Basic realm to use
* @return {@link HttpBasicConfigurer} for additional customization
* @throws Exception
*/
public HttpBasicConfigurer<B> realmName(String realmName) throws Exception {
public HttpBasicConfigurer<B> realmName(String realmName) {
this.basicAuthEntryPoint.setRealmName(realmName);
this.basicAuthEntryPoint.afterPropertiesSet();
return this;

6
config/src/main/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.java
View File

@ -257,8 +257,7 @@ public final class SessionManagementConfigurer<H extends HttpSecurityBuilder<H>>
* the {@link SessionFixationConfigurer}
* @return the {@link SessionManagementConfigurer} for further customizations
*/
public SessionManagementConfigurer<H> sessionFixation(Customizer<SessionFixationConfigurer> sessionFixationCustomizer)
throws Exception {
public SessionManagementConfigurer<H> sessionFixation(Customizer<SessionFixationConfigurer> sessionFixationCustomizer) {
sessionFixationCustomizer.customize(new SessionFixationConfigurer());
return this;
}
@ -282,8 +281,7 @@ public final class SessionManagementConfigurer<H extends HttpSecurityBuilder<H>>
* the {@link ConcurrencyControlConfigurer}
* @return the {@link SessionManagementConfigurer} for further customizations
*/
public SessionManagementConfigurer<H> sessionConcurrency(Customizer<ConcurrencyControlConfigurer> sessionConcurrencyCustomizer)
throws Exception {
public SessionManagementConfigurer<H> sessionConcurrency(Customizer<ConcurrencyControlConfigurer> sessionConcurrencyCustomizer) {
sessionConcurrencyCustomizer.customize(new ConcurrencyControlConfigurer());
return this;
}

15
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
View File

@ -208,10 +208,8 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
* @param authorizationEndpointCustomizer the {@link Customizer} to provide more options for
* the {@link AuthorizationEndpointConfig}
* @return the {@link OAuth2LoginConfigurer} for further customizations
* @throws Exception
*/
public OAuth2LoginConfigurer<B> authorizationEndpoint(Customizer<AuthorizationEndpointConfig> authorizationEndpointCustomizer)
throws Exception {
public OAuth2LoginConfigurer<B> authorizationEndpoint(Customizer<AuthorizationEndpointConfig> authorizationEndpointCustomizer) {
authorizationEndpointCustomizer.customize(this.authorizationEndpointConfig);
return this;
}
@ -291,8 +289,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
* @return the {@link OAuth2LoginConfigurer} for further customizations
* @throws Exception
*/
public OAuth2LoginConfigurer<B> tokenEndpoint(Customizer<TokenEndpointConfig> tokenEndpointCustomizer)
throws Exception {
public OAuth2LoginConfigurer<B> tokenEndpoint(Customizer<TokenEndpointConfig> tokenEndpointCustomizer) {
tokenEndpointCustomizer.customize(this.tokenEndpointConfig);
return this;
}
@ -345,10 +342,8 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
* @param redirectionEndpointCustomizer the {@link Customizer} to provide more options for
* the {@link RedirectionEndpointConfig}
* @return the {@link OAuth2LoginConfigurer} for further customizations
* @throws Exception
*/
public OAuth2LoginConfigurer<B> redirectionEndpoint(Customizer<RedirectionEndpointConfig> redirectionEndpointCustomizer)
throws Exception {
public OAuth2LoginConfigurer<B> redirectionEndpoint(Customizer<RedirectionEndpointConfig> redirectionEndpointCustomizer) {
redirectionEndpointCustomizer.customize(this.redirectionEndpointConfig);
return this;
}
@ -399,10 +394,8 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
* @param userInfoEndpointCustomizer the {@link Customizer} to provide more options for
* the {@link UserInfoEndpointConfig}
* @return the {@link OAuth2LoginConfigurer} for further customizations
* @throws Exception
*/
public OAuth2LoginConfigurer<B> userInfoEndpoint(Customizer<UserInfoEndpointConfig> userInfoEndpointCustomizer)
throws Exception {
public OAuth2LoginConfigurer<B> userInfoEndpoint(Customizer<UserInfoEndpointConfig> userInfoEndpointCustomizer) {
userInfoEndpointCustomizer.customize(this.userInfoEndpointConfig);
return this;
}

7
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java
View File

@ -188,9 +188,8 @@ public final class OAuth2ResourceServerConfigurer<H extends HttpSecurityBuilder<
* @param jwtCustomizer the {@link Customizer} to provide more options for
* the {@link JwtConfigurer}
* @return the {@link OAuth2ResourceServerConfigurer} for further customizations
* @throws Exception
*/
public OAuth2ResourceServerConfigurer<H> jwt(Customizer<JwtConfigurer> jwtCustomizer) throws Exception {
public OAuth2ResourceServerConfigurer<H> jwt(Customizer<JwtConfigurer> jwtCustomizer) {
if ( this.jwtConfigurer == null ) {
this.jwtConfigurer = new JwtConfigurer(this.context);
}
@ -212,10 +211,8 @@ public final class OAuth2ResourceServerConfigurer<H extends HttpSecurityBuilder<
* @param opaqueTokenCustomizer the {@link Customizer} to provide more options for
* the {@link OpaqueTokenConfigurer}
* @return the {@link OAuth2ResourceServerConfigurer} for further customizations
* @throws Exception
*/
public OAuth2ResourceServerConfigurer<H> opaqueToken(Customizer<OpaqueTokenConfigurer> opaqueTokenCustomizer)
throws Exception {
public OAuth2ResourceServerConfigurer<H> opaqueToken(Customizer<OpaqueTokenConfigurer> opaqueTokenCustomizer) {
if (this.opaqueTokenConfigurer == null) {
this.opaqueTokenConfigurer = new OpaqueTokenConfigurer(this.context);
}

7
config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java
View File

@ -157,10 +157,8 @@ public final class OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>> exten
* @param attributeExchangeCustomizer the {@link Customizer} to provide more options for
* the {@link AttributeExchangeConfigurer}
* @return a {@link OpenIDLoginConfigurer} for further customizations
* @throws Exception
*/
public OpenIDLoginConfigurer<H> attributeExchange(Customizer<AttributeExchangeConfigurer> attributeExchangeCustomizer)
throws Exception {
public OpenIDLoginConfigurer<H> attributeExchange(Customizer<AttributeExchangeConfigurer> attributeExchangeCustomizer) {
AttributeExchangeConfigurer attributeExchangeConfigurer = new AttributeExchangeConfigurer(".*");
attributeExchangeCustomizer.customize(attributeExchangeConfigurer);
this.attributeExchangeConfigurers.add(attributeExchangeConfigurer);
@ -458,9 +456,8 @@ public final class OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>> exten
* @param attributeCustomizer the {@link Customizer} to provide more options for
* the {@link AttributeConfigurer}
* @return a {@link AttributeExchangeConfigurer} for further customizations
* @throws Exception
*/
public AttributeExchangeConfigurer attribute(Customizer<AttributeConfigurer> attributeCustomizer) throws Exception {
public AttributeExchangeConfigurer attribute(Customizer<AttributeConfigurer> attributeCustomizer) {
AttributeConfigurer attributeConfigurer = new AttributeConfigurer();
attributeCustomizer.customize(attributeConfigurer);
this.attributeConfigurers.add(attributeConfigurer);

108
config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
View File

@ -414,7 +414,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .redirectToHttps(redirectToHttps ->
@ -429,9 +429,8 @@ public class ServerHttpSecurity {
* @param httpsRedirectCustomizer the {@link Customizer} to provide more options for
* the {@link HttpsRedirectSpec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity redirectToHttps(Customizer<HttpsRedirectSpec> httpsRedirectCustomizer) throws Exception {
public ServerHttpSecurity redirectToHttps(Customizer<HttpsRedirectSpec> httpsRedirectCustomizer) {
this.httpsRedirectSpec = new HttpsRedirectSpec();
httpsRedirectCustomizer.customize(this.httpsRedirectSpec);
return this;
@ -485,7 +484,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .csrf(csrf ->
@ -500,7 +499,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .csrf(csrf ->
@ -519,9 +518,8 @@ public class ServerHttpSecurity {
* @param csrfCustomizer the {@link Customizer} to provide more options for
* the {@link CsrfSpec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity csrf(Customizer<CsrfSpec> csrfCustomizer) throws Exception {
public ServerHttpSecurity csrf(Customizer<CsrfSpec> csrfCustomizer) {
if (this.csrf == null) {
this.csrf = new CsrfSpec();
}
@ -550,9 +548,8 @@ public class ServerHttpSecurity {
* @param corsCustomizer the {@link Customizer} to provide more options for
* the {@link CorsSpec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity cors(Customizer<CorsSpec> corsCustomizer) throws Exception {
public ServerHttpSecurity cors(Customizer<CorsSpec> corsCustomizer) {
if (this.cors == null) {
this.cors = new CorsSpec();
}
@ -589,7 +586,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .anonymous(anonymous ->
@ -604,9 +601,8 @@ public class ServerHttpSecurity {
* @param anonymousCustomizer the {@link Customizer} to provide more options for
* the {@link AnonymousSpec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity anonymous(Customizer<AnonymousSpec> anonymousCustomizer) throws Exception {
public ServerHttpSecurity anonymous(Customizer<AnonymousSpec> anonymousCustomizer) {
if (this.anonymous == null) {
this.anonymous = new AnonymousSpec();
}
@ -706,7 +702,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .httpBasic(httpBasic ->
@ -723,9 +719,8 @@ public class ServerHttpSecurity {
* @param httpBasicCustomizer the {@link Customizer} to provide more options for
* the {@link HttpBasicSpec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity httpBasic(Customizer<HttpBasicSpec> httpBasicCustomizer) throws Exception {
public ServerHttpSecurity httpBasic(Customizer<HttpBasicSpec> httpBasicCustomizer) {
if (this.httpBasic == null) {
this.httpBasic = new HttpBasicSpec();
}
@ -768,7 +763,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .formLogin(formLogin ->
@ -789,9 +784,8 @@ public class ServerHttpSecurity {
* @param formLoginCustomizer the {@link Customizer} to provide more options for
* the {@link FormLoginSpec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity formLogin(Customizer<FormLoginSpec> formLoginCustomizer) throws Exception {
public ServerHttpSecurity formLogin(Customizer<FormLoginSpec> formLoginCustomizer) {
if (this.formLogin == null) {
this.formLogin = new FormLoginSpec();
}
@ -833,7 +827,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* .x509(x509 ->
* x509
@ -851,9 +845,8 @@ public class ServerHttpSecurity {
* @param x509Customizer the {@link Customizer} to provide more options for
* the {@link X509Spec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity x509(Customizer<X509Spec> x509Customizer) throws Exception {
public ServerHttpSecurity x509(Customizer<X509Spec> x509Customizer) {
if (this.x509 == null) {
this.x509 = new X509Spec();
}
@ -949,7 +942,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .oauth2Login(oauth2Login ->
@ -964,9 +957,8 @@ public class ServerHttpSecurity {
* @param oauth2LoginCustomizer the {@link Customizer} to provide more options for
* the {@link OAuth2LoginSpec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity oauth2Login(Customizer<OAuth2LoginSpec> oauth2LoginCustomizer) throws Exception {
public ServerHttpSecurity oauth2Login(Customizer<OAuth2LoginSpec> oauth2LoginCustomizer) {
if (this.oauth2Login == null) {
this.oauth2Login = new OAuth2LoginSpec();
}
@ -1272,7 +1264,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .oauth2Client(oauth2Client ->
@ -1287,9 +1279,8 @@ public class ServerHttpSecurity {
* @param oauth2ClientCustomizer the {@link Customizer} to provide more options for
* the {@link OAuth2ClientSpec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity oauth2Client(Customizer<OAuth2ClientSpec> oauth2ClientCustomizer) throws Exception {
public ServerHttpSecurity oauth2Client(Customizer<OAuth2ClientSpec> oauth2ClientCustomizer) {
if (this.client == null) {
this.client = new OAuth2ClientSpec();
}
@ -1452,7 +1443,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .oauth2ResourceServer(oauth2ResourceServer ->
@ -1469,10 +1460,8 @@ public class ServerHttpSecurity {
* @param oauth2ResourceServerCustomizer the {@link Customizer} to provide more options for
* the {@link OAuth2ResourceServerSpec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity oauth2ResourceServer(Customizer<OAuth2ResourceServerSpec> oauth2ResourceServerCustomizer)
throws Exception {
public ServerHttpSecurity oauth2ResourceServer(Customizer<OAuth2ResourceServerSpec> oauth2ResourceServerCustomizer) {
if (this.resourceServer == null) {
this.resourceServer = new OAuth2ResourceServerSpec();
}
@ -1569,9 +1558,8 @@ public class ServerHttpSecurity {
* @param jwtCustomizer the {@link Customizer} to provide more options for
* the {@link JwtSpec}
* @return the {@link OAuth2ResourceServerSpec} to customize
* @throws Exception
*/
public OAuth2ResourceServerSpec jwt(Customizer<JwtSpec> jwtCustomizer) throws Exception {
public OAuth2ResourceServerSpec jwt(Customizer<JwtSpec> jwtCustomizer) {
if (this.jwt == null) {
this.jwt = new JwtSpec();
}
@ -1597,9 +1585,8 @@ public class ServerHttpSecurity {
* @param opaqueTokenCustomizer the {@link Customizer} to provide more options for
* the {@link OpaqueTokenSpec}
* @return the {@link OAuth2ResourceServerSpec} to customize
* @throws Exception
*/
public OAuth2ResourceServerSpec opaqueToken(Customizer<OpaqueTokenSpec> opaqueTokenCustomizer) throws Exception {
public OAuth2ResourceServerSpec opaqueToken(Customizer<OpaqueTokenSpec> opaqueTokenCustomizer) {
if (this.opaqueToken == null) {
this.opaqueToken = new OpaqueTokenSpec();
}
@ -1947,7 +1934,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .headers(headers ->
@ -1970,9 +1957,8 @@ public class ServerHttpSecurity {
* @param headerCustomizer the {@link Customizer} to provide more options for
* the {@link HeaderSpec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity headers(Customizer<HeaderSpec> headerCustomizer) throws Exception {
public ServerHttpSecurity headers(Customizer<HeaderSpec> headerCustomizer) {
if (this.headers == null) {
this.headers = new HeaderSpec();
}
@ -2011,7 +1997,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .exceptionHandling(exceptionHandling ->
@ -2026,10 +2012,8 @@ public class ServerHttpSecurity {
* @param exceptionHandlingCustomizer the {@link Customizer} to provide more options for
* the {@link ExceptionHandlingSpec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity exceptionHandling(Customizer<ExceptionHandlingSpec> exceptionHandlingCustomizer)
throws Exception {
public ServerHttpSecurity exceptionHandling(Customizer<ExceptionHandlingSpec> exceptionHandlingCustomizer) {
if (this.exceptionHandling == null) {
this.exceptionHandling = new ExceptionHandlingSpec();
}
@ -2080,7 +2064,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .authorizeExchange(exchanges ->
@ -2109,10 +2093,8 @@ public class ServerHttpSecurity {
* @param authorizeExchangeCustomizer the {@link Customizer} to provide more options for
* the {@link AuthorizeExchangeSpec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity authorizeExchange(Customizer<AuthorizeExchangeSpec> authorizeExchangeCustomizer)
throws Exception {
public ServerHttpSecurity authorizeExchange(Customizer<AuthorizeExchangeSpec> authorizeExchangeCustomizer) {
if (this.authorizeExchange == null) {
this.authorizeExchange = new AuthorizeExchangeSpec();
}
@ -2152,7 +2134,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .logout(logout ->
@ -2171,9 +2153,8 @@ public class ServerHttpSecurity {
* @param logoutCustomizer the {@link Customizer} to provide more options for
* the {@link LogoutSpec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity logout(Customizer<LogoutSpec> logoutCustomizer) throws Exception {
public ServerHttpSecurity logout(Customizer<LogoutSpec> logoutCustomizer) {
if (this.logout == null) {
this.logout = new LogoutSpec();
}
@ -2209,7 +2190,7 @@ public class ServerHttpSecurity {
*
* <pre class="code">
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .requestCache(requestCache ->
@ -2224,9 +2205,8 @@ public class ServerHttpSecurity {
* @param requestCacheCustomizer the {@link Customizer} to provide more options for
* the {@link RequestCacheSpec}
* @return the {@link ServerHttpSecurity} to customize
* @throws Exception
*/
public ServerHttpSecurity requestCache(Customizer<RequestCacheSpec> requestCacheCustomizer) throws Exception {
public ServerHttpSecurity requestCache(Customizer<RequestCacheSpec> requestCacheCustomizer) {
requestCacheCustomizer.customize(this.requestCache);
return this;
}
@ -3113,9 +3093,8 @@ public class ServerHttpSecurity {
* @param cacheCustomizer the {@link Customizer} to provide more options for
* the {@link CacheSpec}
* @return the {@link HeaderSpec} to customize
* @throws Exception
*/
public HeaderSpec cache(Customizer<CacheSpec> cacheCustomizer) throws Exception {
public HeaderSpec cache(Customizer<CacheSpec> cacheCustomizer) {
cacheCustomizer.customize(new CacheSpec());
return this;
}
@ -3134,10 +3113,8 @@ public class ServerHttpSecurity {
* @param contentTypeOptionsCustomizer the {@link Customizer} to provide more options for
* the {@link ContentTypeOptionsSpec}
* @return the {@link HeaderSpec} to customize
* @throws Exception
*/
public HeaderSpec contentTypeOptions(Customizer<ContentTypeOptionsSpec> contentTypeOptionsCustomizer)
throws Exception {
public HeaderSpec contentTypeOptions(Customizer<ContentTypeOptionsSpec> contentTypeOptionsCustomizer) {
contentTypeOptionsCustomizer.customize(new ContentTypeOptionsSpec());
return this;
}
@ -3156,9 +3133,8 @@ public class ServerHttpSecurity {
* @param frameOptionsCustomizer the {@link Customizer} to provide more options for
* the {@link FrameOptionsSpec}
* @return the {@link HeaderSpec} to customize
* @throws Exception
*/
public HeaderSpec frameOptions(Customizer<FrameOptionsSpec> frameOptionsCustomizer) throws Exception {
public HeaderSpec frameOptions(Customizer<FrameOptionsSpec> frameOptionsCustomizer) {
frameOptionsCustomizer.customize(new FrameOptionsSpec());
return this;
}
@ -3177,9 +3153,8 @@ public class ServerHttpSecurity {
* @param hstsCustomizer the {@link Customizer} to provide more options for
* the {@link HstsSpec}
* @return the {@link HeaderSpec} to customize
* @throws Exception
*/
public HeaderSpec hsts(Customizer<HstsSpec> hstsCustomizer) throws Exception {
public HeaderSpec hsts(Customizer<HstsSpec> hstsCustomizer) {
hstsCustomizer.customize(new HstsSpec());
return this;
}
@ -3204,9 +3179,8 @@ public class ServerHttpSecurity {
* @param xssProtectionCustomizer the {@link Customizer} to provide more options for
* the {@link XssProtectionSpec}
* @return the {@link HeaderSpec} to customize
* @throws Exception
*/
public HeaderSpec xssProtection(Customizer<XssProtectionSpec> xssProtectionCustomizer) throws Exception {
public HeaderSpec xssProtection(Customizer<XssProtectionSpec> xssProtectionCustomizer) {
xssProtectionCustomizer.customize(new XssProtectionSpec());
return this;
}
@ -3226,10 +3200,8 @@ public class ServerHttpSecurity {
* @param contentSecurityPolicyCustomizer the {@link Customizer} to provide more options for
* the {@link ContentSecurityPolicySpec}
* @return the {@link HeaderSpec} to customize
* @throws Exception
*/
public HeaderSpec contentSecurityPolicy(Customizer<ContentSecurityPolicySpec> contentSecurityPolicyCustomizer)
throws Exception {
public HeaderSpec contentSecurityPolicy(Customizer<ContentSecurityPolicySpec> contentSecurityPolicyCustomizer) {
contentSecurityPolicyCustomizer.customize(new ContentSecurityPolicySpec());
return this;
}
@ -3266,10 +3238,8 @@ public class ServerHttpSecurity {
* @param referrerPolicyCustomizer the {@link Customizer} to provide more options for
* the {@link ReferrerPolicySpec}
* @return the {@link HeaderSpec} to customize
* @throws Exception
*/
public HeaderSpec referrerPolicy(Customizer<ReferrerPolicySpec> referrerPolicyCustomizer)
throws Exception {
public HeaderSpec referrerPolicy(Customizer<ReferrerPolicySpec> referrerPolicyCustomizer) {
referrerPolicyCustomizer.customize(new ReferrerPolicySpec());
return this;
}

6
config/src/test/java/org/springframework/security/config/web/server/HttpsRedirectSpecTests.java
View File

@ -162,7 +162,7 @@ public class HttpsRedirectSpecTests {
@EnableWebFluxSecurity
static class RedirectToHttpsInLambdaConfig {
@Bean
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
// @formatter:off
http
.redirectToHttps(withDefaults());
@ -192,7 +192,7 @@ public class HttpsRedirectSpecTests {
@EnableWebFluxSecurity
static class SometimesRedirectToHttpsInLambdaConfig {
@Bean
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
// @formatter:off
http
.redirectToHttps(redirectToHttps ->
@ -229,7 +229,7 @@ public class HttpsRedirectSpecTests {
@EnableWebFluxSecurity
static class RedirectToHttpsViaCustomPortsInLambdaConfig {
@Bean
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
// @formatter:off
http
.redirectToHttps(redirectToHttps ->

4
config/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2018 the original author or authors.
* Copyright 2002-2019 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -219,7 +219,7 @@ public class OAuth2ClientSpecTests {
ServerAuthenticationConverter authenticationConverter = mock(ServerAuthenticationConverter.class);
@Bean
public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) throws Exception {
public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) {
http
.oauth2Client(oauth2Client ->
oauth2Client

2
config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java
View File

@ -324,7 +324,7 @@ public class OAuth2LoginTests {
ServerAuthenticationSuccessHandler successHandler = mock(ServerAuthenticationSuccessHandler.class);
@Bean
public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) throws Exception {
public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) {
http
.authorizeExchange(exchanges ->
exchanges

32
config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java
View File

@ -461,7 +461,7 @@ public class OAuth2ResourceServerSpecTests {
@EnableWebFluxSecurity
static class PublicKeyConfig {
@Bean
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
// @formatter:off
http
.authorizeExchange()
@ -481,7 +481,7 @@ public class OAuth2ResourceServerSpecTests {
@EnableWebFluxSecurity
static class PublicKeyInLambdaConfig {
@Bean
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
// @formatter:off
http
.authorizeExchange(exchanges ->
@ -508,7 +508,7 @@ public class OAuth2ResourceServerSpecTests {
RSAPublicKey key;
@Bean
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
// @formatter:off
http
.authorizeExchange()
@ -560,7 +560,7 @@ public class OAuth2ResourceServerSpecTests {
private MockWebServer mockWebServer = new MockWebServer();
@Bean
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
String jwkSetUri = mockWebServer().url("/.well-known/jwks.json").toString();
// @formatter:off
@ -614,7 +614,7 @@ public class OAuth2ResourceServerSpecTests {
@EnableWebFluxSecurity
static class DenyAllConfig {
@Bean
SecurityWebFilterChain authorization(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain authorization(ServerHttpSecurity http) {
// @formatter:off
http
.authorizeExchange()
@ -654,7 +654,7 @@ public class OAuth2ResourceServerSpecTests {
@EnableWebFluxSecurity
static class CustomAuthenticationManagerInLambdaConfig {
@Bean
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
// @formatter:off
http
.oauth2ResourceServer(oauth2ResourceServer ->
@ -707,7 +707,7 @@ public class OAuth2ResourceServerSpecTests {
@EnableWebFluxSecurity
static class CustomBearerTokenServerAuthenticationConverter {
@Bean
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
// @formatter:off
http
.authorizeExchange()
@ -733,7 +733,7 @@ public class OAuth2ResourceServerSpecTests {
@EnableWebFluxSecurity
static class CustomJwtAuthenticationConverterConfig {
@Bean
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
// @formatter:off
http
.authorizeExchange()
@ -765,7 +765,7 @@ public class OAuth2ResourceServerSpecTests {
@EnableWebFluxSecurity
static class CustomErrorHandlingConfig {
@Bean
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
// @formatter:off
http
.authorizeExchange()
@ -820,7 +820,7 @@ public class OAuth2ResourceServerSpecTests {
private MockWebServer mockWebServer = new MockWebServer();
@Bean
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
String introspectionUri = mockWebServer().url("/introspect").toString();
// @formatter:off
@ -889,13 +889,19 @@ public class OAuth2ResourceServerSpecTests {
return new MockResponse().setResponseCode(401);
}
private static RSAPublicKey publicKey() throws NoSuchAlgorithmException, InvalidKeySpecException {
private static RSAPublicKey publicKey() {
String modulus = "26323220897278656456354815752829448539647589990395639665273015355787577386000316054335559633864476469390247312823732994485311378484154955583861993455004584140858982659817218753831620205191028763754231454775026027780771426040997832758235764611119743390612035457533732596799927628476322029280486807310749948064176545712270582940917249337311592011920620009965129181413510845780806191965771671528886508636605814099711121026468495328702234901200169245493126030184941412539949521815665744267183140084667383643755535107759061065656273783542590997725982989978433493861515415520051342321336460543070448417126615154138673620797";
String exponent = "65537";
RSAPublicKeySpec spec = new RSAPublicKeySpec(new BigInteger(modulus), new BigInteger(exponent));
KeyFactory factory = KeyFactory.getInstance("RSA");
return (RSAPublicKey) factory.generatePublic(spec);
RSAPublicKey rsaPublicKey = null;
try {
KeyFactory factory = KeyFactory.getInstance("RSA");
rsaPublicKey = (RSAPublicKey) factory.generatePublic(spec);
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
e.printStackTrace();
}
return rsaPublicKey;
}
private GenericWebApplicationContext autowireWebServerGenericWebApplicationContext() {

2
docs/manual/src/docs/asciidoc/_includes/reactive/cors.adoc
View File

@ -28,7 +28,7 @@ The following will disable the CORS integration within Spring Security:
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.cors(cors -> cors.disable());

22
docs/manual/src/docs/asciidoc/_includes/reactive/headers.adoc
View File

@ -53,7 +53,7 @@ You can easily do this with the following Java Configuration:
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.headers(headers ->
@ -80,7 +80,7 @@ If necessary, you can disable all of the HTTP Security response headers with the
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.headers(headers ->
@ -114,7 +114,7 @@ You can also disable cache control using the following Java Configuration:
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.headers(headers ->
@ -155,7 +155,7 @@ However, if need to disable the header, the following may be used:
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.headers(headers ->
@ -202,7 +202,7 @@ You can customize HSTS headers with Java Configuration:
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.headers(headers ->
@ -250,7 +250,7 @@ You can customize X-Frame-Options with Java Configuration using the following:
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.headers(headers ->
@ -286,7 +286,7 @@ However, we can customize with Java Configuration with the following:
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.headers(headers ->
@ -368,7 +368,7 @@ You can enable the CSP header using Java configuration as shown below:
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.headers(headers ->
@ -387,7 +387,7 @@ To enable the CSP _'report-only'_ header, provide the following Java configurati
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.headers(headers ->
@ -438,7 +438,7 @@ You can enable the Referrer-Policy header using Java configuration as shown belo
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.headers(headers ->
@ -476,7 +476,7 @@ You can enable the Feature-Policy header using Java configuration as shown below
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.headers(headers ->

4
docs/manual/src/docs/asciidoc/_includes/reactive/oauth2/login.adoc
View File

@ -128,7 +128,7 @@ ReactiveClientRegistrationRepository clientRegistrations() {
}
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.oauth2Login(withDefaults());
@ -141,7 +141,7 @@ Additional configuration options can be seen below:
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.oauth2Login(oauth2Login ->

12
docs/manual/src/docs/asciidoc/_includes/reactive/oauth2/resource-server.adoc
View File

@ -121,7 +121,7 @@ The first is a `SecurityWebFilterChain` that configures the app as a resource se
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange(exchanges ->
exchanges
@ -142,7 +142,7 @@ Replacing this is as simple as exposing the bean within the application:
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange(exchanges ->
exchanges
@ -183,7 +183,7 @@ An authorization server's JWK Set Uri can be configured <<webflux-oauth2-resourc
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange(exchanges ->
exchanges
@ -210,7 +210,7 @@ More powerful than `jwkSetUri()` is `decoder()`, which will completely replace a
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange(exchanges ->
exchanges
@ -256,7 +256,7 @@ This means that to protect an endpoint or method with a scope derived from a JWT
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange(exchanges ->
exchanges
@ -292,7 +292,7 @@ To this end, the DSL exposes `jwtAuthenticationConverter()`:
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange(exchanges ->
exchanges

4
docs/manual/src/docs/asciidoc/_includes/reactive/redirect-https.adoc
View File

@ -7,7 +7,7 @@ Spring Security can be configured to perform a redirect to https using the follo
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.redirectToHttps(withDefaults());
@ -22,7 +22,7 @@ For example, if the production environment adds a header named `X-Forwarded-Prot
[source,java]
----
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
// ...
.redirectToHttps(redirectToHttps ->

2
docs/manual/src/docs/asciidoc/_includes/reactive/webflux.adoc
View File

@ -52,7 +52,7 @@ public class HelloWebfluxSecurityConfig {
}
@Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange(exchanges ->
exchanges

4
docs/manual/src/docs/asciidoc/_includes/reactive/x509.adoc
View File

@ -7,7 +7,7 @@ Below is an example of a reactive x509 security configuration:
[source,java]
----
@Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) throws Exception {
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
http
.x509(withDefaults())
.authorizeExchange(exchanges ->
@ -25,7 +25,7 @@ The next example demonstrates how these defaults can be overridden.
[source,java]
----
@Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) throws Exception {
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
SubjectDnX509PrincipalExtractor principalExtractor =
new SubjectDnX509PrincipalExtractor();

2
samples/boot/oauth2resourceserver-static/src/main/java/sample/OAuth2ResourceServerSecurityConfiguration.java
View File

@ -53,7 +53,7 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
}
@Bean
JwtDecoder jwtDecoder() throws Exception {
JwtDecoder jwtDecoder() {
return NimbusJwtDecoder.withPublicKey(this.key).build();
}
}

2
samples/boot/webflux-form/src/main/java/sample/WebfluxFormSecurityConfig.java
View File

@ -44,7 +44,7 @@ public class WebfluxFormSecurityConfig {
}
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange(exchanges ->
exchanges

2
samples/boot/webflux-x509/src/main/java/sample/WebfluxX509Application.java
View File

@ -42,7 +42,7 @@ public class WebfluxX509Application {
}
@Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) throws Exception {
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
// @formatter:off
http
.x509(withDefaults())

2
web/src/main/java/org/springframework/security/web/authentication/www/BasicAuthenticationEntryPoint.java
View File

@ -51,7 +51,7 @@ public class BasicAuthenticationEntryPoint implements AuthenticationEntryPoint,
// ~ Methods
// ========================================================================================================
public void afterPropertiesSet() throws Exception {
public void afterPropertiesSet() {
Assert.hasText(realmName, "realmName must be specified");
}