From 103d822e46e7df613e37d2ee619df2dc348153b6 Mon Sep 17 00:00:00 2001 From: Phillip Webb Date: Thu, 23 Jul 2020 12:40:37 -0700 Subject: [PATCH] Add noformat blocks around http config Find `http` config using a regex search of `^\s*https*$` and protect them against formatting. Issue gh-8945 --- .../WebSecurityConfigurerAdapter.java | 4 +-- .../web/configurers/X509Configurer.java | 4 +-- .../WebFluxSecurityConfiguration.java | 6 ++++ .../config/web/server/ServerHttpSecurity.java | 4 +++ .../annotation/issue50/SecurityConfig.java | 8 ++--- .../annotation/sec2758/Sec2758Tests.java | 2 ++ ...RequestMatcherRegistryAnyMatcherTests.java | 10 ++++++ ...mpleWebSecurityConfigurerAdapterTests.java | 6 ++++ .../web/builders/HttpConfigurationTests.java | 6 ++++ .../web/builders/NamespaceHttpTests.java | 36 +++++++++++++++++++ .../configuration/EnableWebSecurityTests.java | 2 ++ .../WebSecurityConfigurationTests.java | 24 +++++++++++++ .../configurers/AnonymousConfigurerTests.java | 2 ++ .../configurers/FormLoginConfigurerTests.java | 2 ++ .../HttpSecurityAntMatchersTests.java | 4 +++ .../configurers/HttpSecurityLogoutTests.java | 2 ++ .../LogoutConfigurerClearSiteDataTests.java | 2 ++ .../configurers/NamespaceHttpBasicTests.java | 8 +++++ .../NamespaceHttpCustomFilterTests.java | 10 ++++++ .../NamespaceHttpExpressionHandlerTests.java | 3 +- .../NamespaceHttpFormLoginTests.java | 7 +++- .../NamespaceHttpHeadersTests.java | 20 +++++++++++ .../NamespaceHttpInterceptUrlTests.java | 2 ++ .../configurers/NamespaceHttpJeeTests.java | 4 +++ .../configurers/NamespaceHttpLogoutTests.java | 5 ++- .../NamespaceHttpOpenIDLoginTests.java | 10 ++++-- .../NamespaceHttpPortMappingsTests.java | 2 ++ .../NamespaceHttpRequestCacheTests.java | 4 +++ ...aceHttpServerAccessDeniedHandlerTests.java | 4 +++ .../configurers/NamespaceHttpX509Tests.java | 12 +++++++ .../NamespaceSessionManagementTests.java | 14 ++++++++ .../configurers/PermitAllSupportTests.java | 4 +++ .../PortMapperConfigurerTests.java | 2 ++ .../RequestCacheConfigurerTests.java | 2 ++ ...ionManagementConfigurerServlet31Tests.java | 4 +-- ...rerSessionAuthenticationStrategyTests.java | 4 +-- ...tConfigurerSessionCreationPolicyTests.java | 2 ++ ...onfigurerTransientAuthenticationTests.java | 5 ++- .../client/OAuth2ClientConfigurerTests.java | 2 ++ .../client/OAuth2LoginConfigurerTests.java | 22 ++++++++++++ .../OAuth2ResourceServerConfigurerTests.java | 6 ++-- .../saml2/Saml2LoginConfigurerTests.java | 4 +++ .../core/GrantedAuthorityDefaultsJcTests.java | 2 ++ .../customconfigurer/CustomConfigurer.java | 6 ++-- .../CustomHttpSecurityConfigurerTests.java | 4 +++ .../web/server/OAuth2ClientSpecTests.java | 6 ++++ .../config/web/server/OAuth2LoginTests.java | 10 ++++-- .../server/OAuth2ResourceServerSpecTests.java | 6 +--- .../web/servlet/request/Sec2935Tests.java | 2 ++ ...rocessorsAuthenticationStatelessTests.java | 5 ++- ...equestPostProcessorsOAuth2ClientTests.java | 2 ++ ...RequestPostProcessorsOAuth2LoginTests.java | 2 ++ ...vcRequestPostProcessorsOidcLoginTests.java | 2 ++ ...RequestPostProcessorsOpaqueTokenTests.java | 2 ++ ...sorsTestSecurityContextStatelessTests.java | 5 ++- .../csrf/CustomCsrfShowcaseTests.java | 4 +-- .../CustomConfigAuthenticationTests.java | 4 +-- ...oginRequestBuilderAuthenticationTests.java | 4 +-- .../DefaultfSecurityRequestsTests.java | 4 +-- .../secured/SecurityRequestsTests.java | 4 +-- .../secured/WithUserAuthenticationTests.java | 4 +-- ...WithUserClassLevelAuthenticationTests.java | 4 +-- .../WithUserDetailsAuthenticationTests.java | 4 +-- ...rDetailsClassLevelAuthenticationTests.java | 4 +-- .../test/web/support/WebTestUtilsTests.java | 8 ++--- 65 files changed, 325 insertions(+), 59 deletions(-) diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java index 4667967f99..6f3819549f 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java @@ -357,18 +357,18 @@ public abstract class WebSecurityConfigurerAdapter implements * @param http the {@link HttpSecurity} to modify * @throws Exception if an error occurs */ - // @formatter:off protected void configure(HttpSecurity http) throws Exception { logger.debug("Using default configure(HttpSecurity). If subclassed this will potentially override subclass configure(HttpSecurity)."); + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() .and() .formLogin().and() .httpBasic(); + // @formatter:on } - // @formatter:on /** * Gets the ApplicationContext diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java index 7b35c367ad..55d56086ed 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java @@ -169,17 +169,17 @@ public final class X509Configurer> extends return this; } - // @formatter:off @Override public void init(H http) { PreAuthenticatedAuthenticationProvider authenticationProvider = new PreAuthenticatedAuthenticationProvider(); authenticationProvider.setPreAuthenticatedUserDetailsService(getAuthenticationUserDetailsService(http)); + // @formatter:off http .authenticationProvider(authenticationProvider) .setSharedObject(AuthenticationEntryPoint.class, new Http403ForbiddenEntryPoint()); + // @formatter:on } - // @formatter:on @Override public void configure(H http) { diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/reactive/WebFluxSecurityConfiguration.java b/config/src/main/java/org/springframework/security/config/annotation/web/reactive/WebFluxSecurityConfiguration.java index 7fa4b1c6dd..368d99c015 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/reactive/WebFluxSecurityConfiguration.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/reactive/WebFluxSecurityConfiguration.java @@ -96,16 +96,20 @@ class WebFluxSecurityConfiguration { * @return */ private SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { + // @formatter:off http .authorizeExchange() .anyExchange().authenticated(); + // @formatter:on if (isOAuth2Present && OAuth2ClasspathGuard.shouldConfigure(this.context)) { OAuth2ClasspathGuard.configure(this.context, http); } else { + // @formatter:off http .httpBasic().and() .formLogin(); + // @formatter:on } SecurityWebFilterChain result = http.build(); @@ -114,9 +118,11 @@ class WebFluxSecurityConfiguration { private static class OAuth2ClasspathGuard { static void configure(ApplicationContext context, ServerHttpSecurity http) { + // @formatter:off http .oauth2Login().and() .oauth2Client(); + // @formatter:on } static boolean shouldConfigure(ApplicationContext context) { diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java index 8334fce3eb..63fc32a93c 100644 --- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java +++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java @@ -1812,6 +1812,7 @@ public class ServerHttpSecurity { private void registerDefaultCsrfOverride(ServerHttpSecurity http) { if ( http.csrf != null && !http.csrf.specifiedRequireCsrfProtectionMatcher ) { + // @formatter:off http .csrf() .requireCsrfProtectionMatcher( @@ -1819,6 +1820,7 @@ public class ServerHttpSecurity { CsrfWebFilter.DEFAULT_CSRF_MATCHER, new NegatedServerWebExchangeMatcher( this.authenticationConverterServerWebExchangeMatcher))); + // @formatter:on } } @@ -1920,8 +1922,10 @@ public class ServerHttpSecurity { AuthenticationWebFilter oauth2 = new BearerTokenAuthenticationWebFilter(authenticationManager); oauth2.setServerAuthenticationConverter(bearerTokenConverter); oauth2.setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint)); + // @formatter:off http .addFilterAt(oauth2, SecurityWebFiltersOrder.AUTHENTICATION); + // @formatter:on } protected ReactiveJwtDecoder getJwtDecoder() { diff --git a/config/src/test/java/org/springframework/security/config/annotation/issue50/SecurityConfig.java b/config/src/test/java/org/springframework/security/config/annotation/issue50/SecurityConfig.java index 6c9e56e5c6..b7051ebe51 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/issue50/SecurityConfig.java +++ b/config/src/test/java/org/springframework/security/config/annotation/issue50/SecurityConfig.java @@ -45,22 +45,22 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private UserRepository myUserRepository; - // @formatter:off @Override protected void configure(AuthenticationManagerBuilder auth) { + // @formatter:off auth .authenticationProvider(authenticationProvider()); + // @formatter:on } - // @formatter:on - // @formatter:off @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .antMatchers("/*").permitAll(); + // @formatter:on } - // @formatter:on @Bean @Override diff --git a/config/src/test/java/org/springframework/security/config/annotation/sec2758/Sec2758Tests.java b/config/src/test/java/org/springframework/security/config/annotation/sec2758/Sec2758Tests.java index 9cf8126e3e..53441757f8 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/sec2758/Sec2758Tests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/sec2758/Sec2758Tests.java @@ -96,9 +96,11 @@ public class Sec2758Tests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().access("hasAnyRole('CUSTOM')"); + // @formatter:on } @Bean diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryAnyMatcherTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryAnyMatcherTests.java index e0124a570f..b2694200b0 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryAnyMatcherTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryAnyMatcherTests.java @@ -35,10 +35,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{ @EnableWebSecurity static class AntMatchersAfterAnyRequestConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() .antMatchers("/demo/**").permitAll(); + // @formatter:on } } @@ -51,10 +53,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{ @EnableWebSecurity static class MvcMatchersAfterAnyRequestConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() .mvcMatchers("/demo/**").permitAll(); + // @formatter:on } } @@ -67,10 +71,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{ @EnableWebSecurity static class RegexMatchersAfterAnyRequestConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() .regexMatchers(".*").permitAll(); + // @formatter:on } } @@ -83,10 +89,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{ @EnableWebSecurity static class AnyRequestAfterItselfConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() .anyRequest().permitAll(); + // @formatter:on } } @@ -99,10 +107,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{ @EnableWebSecurity static class RequestMatchersAfterAnyRequestConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() .requestMatchers(new AntPathRequestMatcher("/**")).permitAll(); + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/SampleWebSecurityConfigurerAdapterTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/SampleWebSecurityConfigurerAdapterTests.java index b8304f9e13..218f261433 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/SampleWebSecurityConfigurerAdapterTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/SampleWebSecurityConfigurerAdapterTests.java @@ -218,6 +218,7 @@ public class SampleWebSecurityConfigurerAdapterTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .antMatchers("/signup", "/about").permitAll() @@ -227,6 +228,7 @@ public class SampleWebSecurityConfigurerAdapterTests { .loginPage("/login") // set permitAll for all URLs associated with Form Login .permitAll(); + // @formatter:on } @Override @@ -354,6 +356,7 @@ public class SampleWebSecurityConfigurerAdapterTests { @Order(1) public static class ApiWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .antMatcher("/api/**") .authorizeRequests() @@ -361,6 +364,7 @@ public class SampleWebSecurityConfigurerAdapterTests { .antMatchers("/api/**").hasRole("USER") .and() .httpBasic(); + // @formatter:on } } @@ -375,6 +379,7 @@ public class SampleWebSecurityConfigurerAdapterTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .antMatchers("/signup", "/about").permitAll() @@ -383,6 +388,7 @@ public class SampleWebSecurityConfigurerAdapterTests { .formLogin() .loginPage("/login") .permitAll(); + // @formatter:on } } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/builders/HttpConfigurationTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/builders/HttpConfigurationTests.java index dbeda6bdd2..00fa2b4e96 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/builders/HttpConfigurationTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/builders/HttpConfigurationTests.java @@ -68,8 +68,10 @@ public class HttpConfigurationTests { static class UnregisteredFilterConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) { + // @formatter:off http .addFilter(new UnregisteredFilter()); + // @formatter:on } protected void configure(AuthenticationManagerBuilder auth) throws Exception { @@ -105,8 +107,10 @@ public class HttpConfigurationTests { static CasAuthenticationFilter CAS_AUTHENTICATION_FILTER; protected void configure(HttpSecurity http) { + // @formatter:off http .addFilter(CAS_AUTHENTICATION_FILTER); + // @formatter:on } } @@ -124,6 +128,7 @@ public class HttpConfigurationTests { static class RequestMatcherRegistryConfigs extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .requestMatchers() .antMatchers("/api/**") @@ -133,6 +138,7 @@ public class HttpConfigurationTests { .antMatchers("/**").hasRole("USER") .and() .httpBasic(); + // @formatter:on } } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java index d219a50dbe..d94e54403e 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java @@ -94,10 +94,12 @@ public class NamespaceHttpTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().permitAll() .accessDecisionManager(ACCESS_DECISION_MANAGER); + // @formatter:on } } @@ -114,6 +116,7 @@ public class NamespaceHttpTests { static class AccessDeniedPageConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .antMatchers("/admin").hasRole("ADMIN") @@ -121,6 +124,7 @@ public class NamespaceHttpTests { .and() .exceptionHandling() .accessDeniedPage("/AccessDeniedPage"); + // @formatter:on } } @@ -145,11 +149,13 @@ public class NamespaceHttpTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() .and() .formLogin(); + // @formatter:on } } @@ -168,12 +174,14 @@ public class NamespaceHttpTests { static class CreateSessionAlwaysConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().permitAll() .and() .sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.ALWAYS); + // @formatter:on } } @@ -191,12 +199,14 @@ public class NamespaceHttpTests { static class CreateSessionStatelessConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().permitAll() .and() .sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS); + // @formatter:on } } @@ -220,6 +230,7 @@ public class NamespaceHttpTests { static class IfRequiredConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .antMatchers("/unsecure").permitAll() @@ -229,6 +240,7 @@ public class NamespaceHttpTests { .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED) .and() .formLogin(); + // @formatter:on } } @@ -246,12 +258,14 @@ public class NamespaceHttpTests { static class CreateSessionNeverConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().anonymous() .and() .sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.NEVER); + // @formatter:on } } @@ -268,6 +282,7 @@ public class NamespaceHttpTests { static class EntryPointRefConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() @@ -276,6 +291,7 @@ public class NamespaceHttpTests { .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/entry-point")) .and() .formLogin(); + // @formatter:on } } @@ -299,8 +315,10 @@ public class NamespaceHttpTests { static class JaasApiProvisionConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) { + // @formatter:off http .addFilter(new JaasApiIntegrationFilter()); + // @formatter:on } } @@ -317,12 +335,14 @@ public class NamespaceHttpTests { static class RealmConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() .and() .httpBasic() .realmName("RealmConfig"); + // @formatter:on } } @@ -341,8 +361,10 @@ public class NamespaceHttpTests { static class RequestMatcherAntConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) { + // @formatter:off http .antMatcher("/api/**"); + // @formatter:on } } @@ -361,8 +383,10 @@ public class NamespaceHttpTests { static class RequestMatcherRegexConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) { + // @formatter:off http .regexMatcher("/regex/.*"); + // @formatter:on } } @@ -381,8 +405,10 @@ public class NamespaceHttpTests { static class RequestMatcherRefConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) { + // @formatter:off http .requestMatcher(new MyRequestMatcher()); + // @formatter:on } static class MyRequestMatcher implements RequestMatcher { @@ -439,6 +465,7 @@ public class NamespaceHttpTests { static class SecurityContextRepoConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() @@ -447,6 +474,7 @@ public class NamespaceHttpTests { .securityContextRepository(new NullSecurityContextRepository()) .and() .formLogin(); + // @formatter:on } @Override @@ -470,12 +498,14 @@ public class NamespaceHttpTests { static class ServletApiProvisionConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().permitAll() .and() .servletApi() .disable(); + // @formatter:on } } @@ -492,9 +522,11 @@ public class NamespaceHttpTests { static class ServletApiProvisionDefaultsConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().permitAll(); + // @formatter:on } } @@ -525,11 +557,13 @@ public class NamespaceHttpTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .antMatchers("/users**", "/sessions/**").hasRole("USER") .antMatchers("/signup").permitAll() .anyRequest().hasRole("USER"); + // @formatter:on } @Override @@ -560,11 +594,13 @@ public class NamespaceHttpTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .apply(new UrlAuthorizationConfigurer<>(getApplicationContext())).getRegistry() .antMatchers("/users**", "/sessions/**").hasRole("USER") .antMatchers("/signup").hasRole("ANONYMOUS") .anyRequest().hasRole("USER"); + // @formatter:on } @Override diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/EnableWebSecurityTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/EnableWebSecurityTests.java index 180dcac62b..fd77bea5d5 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/EnableWebSecurityTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/EnableWebSecurityTests.java @@ -77,11 +77,13 @@ public class EnableWebSecurityTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .antMatchers("/*").hasRole("USER") .and() .formLogin(); + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java index 29dab5ac05..6f27f16b18 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java @@ -127,10 +127,12 @@ public class WebSecurityConfigurationTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .antMatcher("/role1/**") .authorizeRequests() .anyRequest().hasRole("1"); + // @formatter:on } } @@ -139,10 +141,12 @@ public class WebSecurityConfigurationTests { static class WebConfigurer2 extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .antMatcher("/role2/**") .authorizeRequests() .anyRequest().hasRole("2"); + // @formatter:on } } @@ -151,10 +155,12 @@ public class WebSecurityConfigurationTests { static class WebConfigurer3 extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .antMatcher("/role3/**") .authorizeRequests() .anyRequest().hasRole("3"); + // @formatter:on } } @@ -163,9 +169,11 @@ public class WebSecurityConfigurationTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("4"); + // @formatter:on } } } @@ -258,10 +266,12 @@ public class WebSecurityConfigurationTests { static class WebConfigurer1 extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .antMatcher("/role1/**") .authorizeRequests() .anyRequest().hasRole("1"); + // @formatter:on } } @@ -269,10 +279,12 @@ public class WebSecurityConfigurationTests { static class WebConfigurer2 extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .antMatcher("/role2/**") .authorizeRequests() .anyRequest().hasRole("2"); + // @formatter:on } } } @@ -319,10 +331,12 @@ public class WebSecurityConfigurationTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() .expressionHandler(EXPRESSION_HANDLER); + // @formatter:on } } @@ -357,9 +371,11 @@ public class WebSecurityConfigurationTests { static class WebSecurityExpressionHandlerDefaultsConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated(); + // @formatter:on } } @@ -436,9 +452,11 @@ public class WebSecurityConfigurationTests { static class WebInvocationPrivilegeEvaluatorDefaultsConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated(); + // @formatter:on } } @@ -475,9 +493,11 @@ public class WebSecurityConfigurationTests { static class DefaultExpressionHandlerSetsBeanResolverConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().access("request.method == 'GET' ? @b.grant() : @b.deny()"); + // @formatter:on } @RestController @@ -571,10 +591,12 @@ public class WebSecurityConfigurationTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .antMatcher("/anonymous/**") .authorizeRequests() .anyRequest().anonymous(); + // @formatter:on } } @@ -583,9 +605,11 @@ public class WebSecurityConfigurationTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated(); + // @formatter:on } } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AnonymousConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AnonymousConfigurerTests.java index 11d80e02d8..fca1d0ab8e 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AnonymousConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AnonymousConfigurerTests.java @@ -60,12 +60,14 @@ public class AnonymousConfigurerTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .anonymous() .key("key") .principal("principal") .and() .anonymous(); + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java index 991e598581..736cc130a6 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java @@ -83,10 +83,12 @@ public class FormLoginConfigurerTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .formLogin().and() .requestCache() .requestCache(this.requestCache); + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityAntMatchersTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityAntMatchersTests.java index 1fc9ec3dbf..29184b43ec 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityAntMatchersTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityAntMatchersTests.java @@ -78,12 +78,14 @@ public class HttpSecurityAntMatchersTests { @Configuration static class AntMatchersNoPatternsConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .requestMatchers() .antMatchers(HttpMethod.POST) .and() .authorizeRequests() .anyRequest().denyAll(); + // @formatter:on } @Override @@ -108,6 +110,7 @@ public class HttpSecurityAntMatchersTests { @Configuration static class AntMatchersEmptyPatternsConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .requestMatchers() .antMatchers("/never/") @@ -115,6 +118,7 @@ public class HttpSecurityAntMatchersTests { .and() .authorizeRequests() .anyRequest().denyAll(); + // @formatter:on } @Override diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityLogoutTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityLogoutTests.java index 315a85a74b..673705ef3a 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityLogoutTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityLogoutTests.java @@ -85,10 +85,12 @@ public class HttpSecurityLogoutTests { @Configuration static class ClearAuthenticationFalseConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .csrf().disable() .logout() .clearAuthentication(false); + // @formatter:on } @Override diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurerClearSiteDataTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurerClearSiteDataTests.java index a46fdaba66..79d32b7467 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurerClearSiteDataTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurerClearSiteDataTests.java @@ -97,9 +97,11 @@ public class LogoutConfigurerClearSiteDataTests { static class HttpLogoutConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .logout() .addLogoutHandler(new HeaderWriterLogoutHandler(new ClearSiteDataHeaderWriter(SOURCE))); + // @formatter:on } } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.java index 9a66e356fd..967b12d8ea 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.java @@ -95,11 +95,13 @@ public class NamespaceHttpBasicTests { @EnableWebSecurity static class HttpBasicConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") .and() .httpBasic(); + // @formatter:on } } @@ -151,11 +153,13 @@ public class NamespaceHttpBasicTests { static class CustomHttpBasicConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") .and() .httpBasic().realmName("Custom Realm"); + // @formatter:on } } @@ -207,9 +211,11 @@ public class NamespaceHttpBasicTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .httpBasic() .authenticationDetailsSource(this.authenticationDetailsSource); + // @formatter:on } @Bean @@ -278,12 +284,14 @@ public class NamespaceHttpBasicTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") .and() .httpBasic() .authenticationEntryPoint(this.authenticationEntryPoint); + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.java index b4d07cc1ab..8e23245742 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.java @@ -67,9 +67,11 @@ public class NamespaceHttpCustomFilterTests { @EnableWebSecurity static class CustomFilterBeforeConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .addFilterBefore(new CustomFilter(), UsernamePasswordAuthenticationFilter.class) .formLogin(); + // @formatter:on } } @@ -82,9 +84,11 @@ public class NamespaceHttpCustomFilterTests { @EnableWebSecurity static class CustomFilterAfterConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .addFilterAfter(new CustomFilter(), UsernamePasswordAuthenticationFilter.class) .formLogin(); + // @formatter:on } } @@ -102,10 +106,12 @@ public class NamespaceHttpCustomFilterTests { } protected void configure(HttpSecurity http) { + // @formatter:off http // this works so long as the CustomFilter extends one of the standard filters // if not, use addFilterBefore or addFilterAfter .addFilter(new CustomFilter()); + // @formatter:on } } @@ -124,8 +130,10 @@ public class NamespaceHttpCustomFilterTests { } protected void configure(HttpSecurity http) { + // @formatter:off http .addFilterAt(new OtherCustomFilter(), UsernamePasswordAuthenticationFilter.class); + // @formatter:on } } @@ -147,11 +155,13 @@ public class NamespaceHttpCustomFilterTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") .and() .addFilterBefore(new CustomFilter(), UsernamePasswordAuthenticationFilter.class); + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.java index c031809554..3c5af7d6e9 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.java @@ -86,11 +86,12 @@ public class NamespaceHttpExpressionHandlerTests { protected void configure(HttpSecurity http) throws Exception { DefaultWebSecurityExpressionHandler handler = new DefaultWebSecurityExpressionHandler(); handler.setExpressionParser(expressionParser()); - + // @formatter:off http .authorizeRequests() .expressionHandler(handler) .anyRequest().access("hasRole('USER')"); + // @formatter:on } @Bean diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java index f33623f1ce..553033215c 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java @@ -90,11 +90,13 @@ public class NamespaceHttpFormLoginTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") .and() .formLogin(); + // @formatter:on } } @@ -120,6 +122,7 @@ public class NamespaceHttpFormLoginTests { static class FormLoginCustomConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { boolean alwaysUseDefaultSuccess = true; + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") @@ -131,6 +134,7 @@ public class NamespaceHttpFormLoginTests { .failureUrl("/authentication/login?failed") // form-login@authentication-failure-url .loginProcessingUrl("/authentication/login/process") // form-login@login-processing-url .defaultSuccessUrl("/default", alwaysUseDefaultSuccess); // form-login@default-target-url / form-login@always-use-default-target + // @formatter:on } } @@ -159,7 +163,7 @@ public class NamespaceHttpFormLoginTests { SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler(); successHandler.setDefaultTargetUrl("/custom/targetUrl"); - + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") @@ -170,6 +174,7 @@ public class NamespaceHttpFormLoginTests { .successHandler(successHandler) // form-login@authentication-success-handler-ref .authenticationDetailsSource(authenticationDetailsSource()) // form-login@authentication-details-source-ref .and(); + // @formatter:on } @Bean diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpHeadersTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpHeadersTests.java index 6496668b7d..22a29ce700 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpHeadersTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpHeadersTests.java @@ -77,8 +77,10 @@ public class NamespaceHttpHeadersTests { static class HeadersDefaultConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .headers(); + // @formatter:on } } @@ -94,10 +96,12 @@ public class NamespaceHttpHeadersTests { static class HeadersCacheControlConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .headers() .defaultsDisabled() .cacheControl(); + // @formatter:on } } @@ -113,10 +117,12 @@ public class NamespaceHttpHeadersTests { static class HstsConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .headers() .defaultsDisabled() .httpStrictTransportSecurity(); + // @formatter:on } } @@ -132,6 +138,7 @@ public class NamespaceHttpHeadersTests { static class HstsCustomConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .headers() // hsts@request-matcher-ref, hsts@max-age-seconds, hsts@include-subdomains @@ -140,6 +147,7 @@ public class NamespaceHttpHeadersTests { .requestMatcher(AnyRequestMatcher.INSTANCE) .maxAgeInSeconds(15768000) .includeSubDomains(false); + // @formatter:on } } @@ -155,12 +163,14 @@ public class NamespaceHttpHeadersTests { static class FrameOptionsSameOriginConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .headers() // frame-options@policy=SAMEORIGIN .defaultsDisabled() .frameOptions() .sameOrigin(); + // @formatter:on } } @@ -178,12 +188,14 @@ public class NamespaceHttpHeadersTests { static class FrameOptionsAllowFromConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .headers() // frame-options@ref .defaultsDisabled() .addHeaderWriter(new XFrameOptionsHeaderWriter( new StaticAllowFromStrategy(URI.create("https://example.com")))); + // @formatter:on } } @@ -199,11 +211,13 @@ public class NamespaceHttpHeadersTests { static class XssProtectionConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .headers() // xss-protection .defaultsDisabled() .xssProtection(); + // @formatter:on } } @@ -219,6 +233,7 @@ public class NamespaceHttpHeadersTests { static class XssProtectionCustomConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .headers() // xss-protection@enabled and xss-protection@block @@ -226,6 +241,7 @@ public class NamespaceHttpHeadersTests { .xssProtection() .xssProtectionEnabled(true) .block(false); + // @formatter:on } } @@ -241,11 +257,13 @@ public class NamespaceHttpHeadersTests { static class ContentTypeOptionsConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .headers() // content-type-options .defaultsDisabled() .contentTypeOptions(); + // @formatter:on } } @@ -263,10 +281,12 @@ public class NamespaceHttpHeadersTests { static class HeaderRefConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .headers() .defaultsDisabled() .addHeaderWriter(new StaticHeadersWriter("customHeaderName", "customHeaderValue")); + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.java index 26fcdfcac6..76aa167d30 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.java @@ -120,6 +120,7 @@ public class NamespaceHttpInterceptUrlTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() // the line below is similar to intercept-url@pattern: @@ -142,6 +143,7 @@ public class NamespaceHttpInterceptUrlTests { // the line below is similar to intercept-url@requires-channel="http": // .anyRequest().requiresInsecure(); + // @formatter:on } protected void configure(AuthenticationManagerBuilder auth) throws Exception { diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.java index ed06b41183..f9841f024a 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.java @@ -83,12 +83,14 @@ public class NamespaceHttpJeeTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("user") .and() .jee() .mappableRoles("user", "admin"); + // @formatter:on } } @@ -120,6 +122,7 @@ public class NamespaceHttpJeeTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("user") @@ -127,6 +130,7 @@ public class NamespaceHttpJeeTests { .jee() .mappableAuthorities("ROLE_user", "ROLE_admin") .authenticatedUserDetailsService(this.authenticationUserDetailsService); + // @formatter:on } @Bean diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpLogoutTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpLogoutTests.java index f0edd6301c..6a74081ee4 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpLogoutTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpLogoutTests.java @@ -122,12 +122,14 @@ public class NamespaceHttpLogoutTests { static class CustomHttpLogoutConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .logout() .deleteCookies("remove") // logout@delete-cookies .invalidateHttpSession(false) // logout@invalidate-session=false (default is true) .logoutUrl("/custom-logout") // logout@logout-url (default is /logout) .logoutSuccessUrl("/logout-success"); // logout@success-url (default is /login?logout) + // @formatter:on } } @@ -182,10 +184,11 @@ public class NamespaceHttpLogoutTests { SimpleUrlLogoutSuccessHandler logoutSuccessHandler = new SimpleUrlLogoutSuccessHandler(); logoutSuccessHandler.setDefaultTargetUrl("/SuccessHandlerRefHttpLogoutConfig"); - + // @formatter:off http .logout() .logoutSuccessHandler(logoutSuccessHandler); + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpOpenIDLoginTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpOpenIDLoginTests.java index c2be226617..04bbe88d51 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpOpenIDLoginTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpOpenIDLoginTests.java @@ -97,12 +97,14 @@ public class NamespaceHttpOpenIDLoginTests { static class OpenIDLoginConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") .and() .openidLogin() .permitAll(); + // @formatter:on } } @@ -159,6 +161,7 @@ public class NamespaceHttpOpenIDLoginTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") @@ -191,6 +194,7 @@ public class NamespaceHttpOpenIDLoginTests { .and() .and() .permitAll(); + // @formatter:on } } @@ -209,6 +213,7 @@ public class NamespaceHttpOpenIDLoginTests { @Override protected void configure(HttpSecurity http) throws Exception { boolean alwaysUseDefaultSuccess = true; + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") @@ -219,6 +224,7 @@ public class NamespaceHttpOpenIDLoginTests { .failureUrl("/authentication/login?failed") // openid-login@authentication-failure-url .loginProcessingUrl("/authentication/login/process") // openid-login@login-processing-url .defaultSuccessUrl("/default", alwaysUseDefaultSuccess); // openid-login@default-target-url / openid-login@always-use-default-target + // @formatter:on } } @@ -267,7 +273,7 @@ public class NamespaceHttpOpenIDLoginTests { SavedRequestAwareAuthenticationSuccessHandler handler = new SavedRequestAwareAuthenticationSuccessHandler(); handler.setDefaultTargetUrl("/custom/targetUrl"); - + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") @@ -285,7 +291,7 @@ public class NamespaceHttpOpenIDLoginTests { return filter; } }); - + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.java index cd246b87f7..f742f4c9e9 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.java @@ -64,6 +64,7 @@ public class NamespaceHttpPortMappingsTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") @@ -74,6 +75,7 @@ public class NamespaceHttpPortMappingsTests { .requiresChannel() .antMatchers("/login", "/secured/**").requiresSecure() .anyRequest().requiresInsecure(); + // @formatter:on } protected void configure(AuthenticationManagerBuilder auth) throws Exception { diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpRequestCacheTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpRequestCacheTests.java index 9d1cf59ef4..ac895fc284 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpRequestCacheTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpRequestCacheTests.java @@ -67,12 +67,14 @@ public class NamespaceHttpRequestCacheTests { @EnableWebSecurity static class RequestCacheRefConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() .and() .requestCache() .requestCache(requestCache()); + // @formatter:on } protected void configure(AuthenticationManagerBuilder auth) throws Exception { @@ -104,9 +106,11 @@ public class NamespaceHttpRequestCacheTests { @EnableWebSecurity static class DefaultRequestCacheRefConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated(); + // @formatter:on } protected void configure(AuthenticationManagerBuilder auth) throws Exception { diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpServerAccessDeniedHandlerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpServerAccessDeniedHandlerTests.java index 0aea788b3d..94c07da54c 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpServerAccessDeniedHandlerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpServerAccessDeniedHandlerTests.java @@ -70,12 +70,14 @@ public class NamespaceHttpServerAccessDeniedHandlerTests { @EnableWebSecurity static class AccessDeniedPageConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().denyAll() .and() .exceptionHandling() .accessDeniedPage("/AccessDeniedPageConfig"); + // @formatter:on } } @@ -121,12 +123,14 @@ public class NamespaceHttpServerAccessDeniedHandlerTests { @EnableWebSecurity static class AccessDeniedHandlerRefConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().denyAll() .and() .exceptionHandling() .accessDeniedHandler(accessDeniedHandler()); + // @formatter:on } @Bean diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.java index beaeb1f73a..6f9d7d7cc4 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.java @@ -88,11 +88,13 @@ public class NamespaceHttpX509Tests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") .and() .x509(); + // @formatter:on } } @@ -119,12 +121,14 @@ public class NamespaceHttpX509Tests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") .and() .x509() .authenticationDetailsSource(authenticationDetailsSource()); + // @formatter:on } @Bean @@ -155,12 +159,14 @@ public class NamespaceHttpX509Tests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") .and() .x509() .subjectPrincipalRegex("CN=(.*?)@example.com(?:,|$)"); + // @formatter:on } } @@ -184,12 +190,14 @@ public class NamespaceHttpX509Tests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") .and() .x509() .x509PrincipalExtractor(this::extractCommonName); + // @formatter:on } private String extractCommonName(X509Certificate certificate) { @@ -221,12 +229,14 @@ public class NamespaceHttpX509Tests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") .and() .x509() .userDetailsService(username -> USER); + // @formatter:on } } @@ -248,12 +258,14 @@ public class NamespaceHttpX509Tests { } protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().hasRole("USER") .and() .x509() .authenticationUserDetailsService(authentication -> USER); + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceSessionManagementTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceSessionManagementTests.java index e3a1f6bde0..e163d7946e 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceSessionManagementTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceSessionManagementTests.java @@ -174,6 +174,7 @@ public class NamespaceSessionManagementTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() @@ -187,6 +188,7 @@ public class NamespaceSessionManagementTests { .maxSessionsPreventsLogin(true) // session-management/concurrency-control@error-if-maximum-exceeded .expiredUrl("/expired-session") // session-management/concurrency-control@expired-url .sessionRegistry(sessionRegistry()); // session-management/concurrency-control@session-registry-ref + // @formatter:on } @Bean @@ -219,9 +221,11 @@ public class NamespaceSessionManagementTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .sessionManagement() .invalidSessionStrategy(invalidSessionStrategy()); + // @formatter:on } @Bean @@ -250,11 +254,13 @@ public class NamespaceSessionManagementTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .sessionManagement() .sessionAuthenticationStrategy(sessionAuthenticationStrategy()) // session-management@session-authentication-strategy-ref .and() .httpBasic(); + // @formatter:on } @Bean @@ -283,11 +289,13 @@ public class NamespaceSessionManagementTests { static class SFPNoneSessionManagementConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .sessionManagement() .sessionAuthenticationStrategy(new NullAuthenticatedSessionStrategy()) .and() .httpBasic(); + // @formatter:on } } @@ -314,10 +322,12 @@ public class NamespaceSessionManagementTests { static class SFPMigrateSessionManagementConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .sessionManagement() .and() .httpBasic(); + // @formatter:on } } @@ -338,10 +348,12 @@ public class NamespaceSessionManagementTests { static class SFPPostProcessedConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .sessionManagement() .and() .httpBasic(); + // @formatter:on } @Bean @@ -373,11 +385,13 @@ public class NamespaceSessionManagementTests { static class SFPNewSessionSessionManagementConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .sessionManagement() .sessionFixation().newSession() .and() .httpBasic(); + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PermitAllSupportTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PermitAllSupportTests.java index eda13cb8b2..be0d8b9cd2 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PermitAllSupportTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PermitAllSupportTests.java @@ -63,6 +63,7 @@ public class PermitAllSupportTests { static class PermitAllConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() @@ -70,6 +71,7 @@ public class PermitAllSupportTests { .formLogin() .loginPage("/xyz").permitAll() .loginProcessingUrl("/abc?def").permitAll(); + // @formatter:on } } @@ -85,9 +87,11 @@ public class PermitAllSupportTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .formLogin() .permitAll(); + // @formatter:on } } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PortMapperConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PortMapperConfigurerTests.java index bd68d2ecec..715e079c9e 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PortMapperConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PortMapperConfigurerTests.java @@ -54,6 +54,7 @@ public class PortMapperConfigurerTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .requiresChannel() .anyRequest().requiresSecure() @@ -62,6 +63,7 @@ public class PortMapperConfigurerTests { .http(543).mapsTo(123) .and() .portMapper(); + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java index c2ec1211f5..5b22f8662f 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java @@ -260,11 +260,13 @@ public class RequestCacheConfigurerTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() .and() .formLogin(); + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerServlet31Tests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerServlet31Tests.java index 3c5d5725db..f9d5a64972 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerServlet31Tests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerServlet31Tests.java @@ -103,15 +103,15 @@ public class SessionManagementConfigurerServlet31Tests { @EnableWebSecurity static class SessionManagementDefaultSessionFixationServlet31Config extends WebSecurityConfigurerAdapter { - // @formatter:off @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .formLogin() .and() .sessionManagement(); + // @formatter:on } - // @formatter:on // @formatter:off @Override diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionAuthenticationStrategyTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionAuthenticationStrategyTests.java index 519b4a9703..6d4b39966f 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionAuthenticationStrategyTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionAuthenticationStrategyTests.java @@ -60,16 +60,16 @@ public class SessionManagementConfigurerSessionAuthenticationStrategyTests { static class CustomSessionAuthenticationStrategyConfig extends WebSecurityConfigurerAdapter { static SessionAuthenticationStrategy customSessionAuthenticationStrategy = mock(SessionAuthenticationStrategy.class); - // @formatter:off @Override public void configure(HttpSecurity http) throws Exception { + // @formatter:off http .formLogin() .and() .sessionManagement() .sessionAuthenticationStrategy(customSessionAuthenticationStrategy); + // @formatter:on } - // @formatter:on // @formatter:off @Override diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionCreationPolicyTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionCreationPolicyTests.java index aaea0b4343..c3412a840a 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionCreationPolicyTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionCreationPolicyTests.java @@ -80,8 +80,10 @@ public class SessionManagementConfigurerSessionCreationPolicyTests { @Override protected void configure(HttpSecurity http) throws Exception { super.configure(http); + // @formatter:off http .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); + // @formatter:on http.setSharedObject(SessionCreationPolicy.class, SessionCreationPolicy.ALWAYS); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTransientAuthenticationTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTransientAuthenticationTests.java index 184943bec6..98d863223d 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTransientAuthenticationTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTransientAuthenticationTests.java @@ -70,9 +70,10 @@ public class SessionManagementConfigurerTransientAuthenticationTests { @Override protected void configure(HttpSecurity http) throws Exception { super.configure(http); - + // @formatter:off http .csrf().disable(); + // @formatter:on } @Override @@ -86,8 +87,10 @@ public class SessionManagementConfigurerTransientAuthenticationTests { static class AlwaysCreateSessionConfig extends WithTransientAuthenticationConfig { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS); + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java index 43e934c6bf..c2944260aa 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java @@ -268,6 +268,7 @@ public class OAuth2ClientConfigurerTests { static class OAuth2ClientConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() @@ -279,6 +280,7 @@ public class OAuth2ClientConfigurerTests { .authorizationCodeGrant() .authorizationRequestResolver(authorizationRequestResolver) .accessTokenResponseClient(accessTokenResponseClient); + // @formatter:on } @Bean diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java index 48274c5e08..7daea6e6c6 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java @@ -617,10 +617,12 @@ public class OAuth2LoginConfigurerTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .oauth2Login() .clientRegistrationRepository( new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION)); + // @formatter:on super.configure(http); } @@ -658,12 +660,14 @@ public class OAuth2LoginConfigurerTests { static class OAuth2LoginConfigCustomWithConfigurer extends CommonWebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .oauth2Login() .clientRegistrationRepository( new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION)) .userInfoEndpoint() .userAuthoritiesMapper(createGrantedAuthoritiesMapper()); + // @formatter:on super.configure(http); } } @@ -672,8 +676,10 @@ public class OAuth2LoginConfigurerTests { static class OAuth2LoginConfigCustomWithBeanRegistration extends CommonWebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .oauth2Login(); + // @formatter:on super.configure(http); } @@ -692,6 +698,7 @@ public class OAuth2LoginConfigurerTests { static class OAuth2LoginConfigCustomUserServiceBeanRegistration extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() @@ -702,6 +709,7 @@ public class OAuth2LoginConfigurerTests { .oauth2Login() .tokenEndpoint() .accessTokenResponseClient(createOauth2AccessTokenResponseClient()); + // @formatter:on } @Bean @@ -739,11 +747,13 @@ public class OAuth2LoginConfigurerTests { static class OAuth2LoginConfigLoginProcessingUrl extends CommonWebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .oauth2Login() .clientRegistrationRepository( new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION)) .loginProcessingUrl("/login/oauth2/*"); + // @formatter:on super.configure(http); } } @@ -757,11 +767,13 @@ public class OAuth2LoginConfigurerTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .oauth2Login() .clientRegistrationRepository(this.clientRegistrationRepository) .authorizationEndpoint() .authorizationRequestResolver(this.resolver); + // @formatter:on super.configure(http); } } @@ -775,6 +787,7 @@ public class OAuth2LoginConfigurerTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .oauth2Login(oauth2Login -> oauth2Login @@ -784,6 +797,7 @@ public class OAuth2LoginConfigurerTests { .authorizationRequestResolver(this.resolver) ) ); + // @formatter:on super.configure(http); } } @@ -792,11 +806,13 @@ public class OAuth2LoginConfigurerTests { static class OAuth2LoginConfigMultipleClients extends CommonWebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .oauth2Login() .clientRegistrationRepository( new InMemoryClientRegistrationRepository( GOOGLE_CLIENT_REGISTRATION, GITHUB_CLIENT_REGISTRATION)); + // @formatter:on super.configure(http); } } @@ -805,11 +821,13 @@ public class OAuth2LoginConfigurerTests { static class OAuth2LoginConfigCustomLoginPage extends CommonWebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .oauth2Login() .clientRegistrationRepository( new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION)) .loginPage("/custom-login"); + // @formatter:on super.configure(http); } } @@ -835,9 +853,11 @@ public class OAuth2LoginConfigurerTests { static class OAuth2LoginConfigWithOidcLogoutSuccessHandler extends CommonWebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .logout() .logoutSuccessHandler(oidcLogoutSuccessHandler()); + // @formatter:on super.configure(http); } @@ -859,6 +879,7 @@ public class OAuth2LoginConfigurerTests { private static abstract class CommonWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() @@ -873,6 +894,7 @@ public class OAuth2LoginConfigurerTests { .userInfoEndpoint() .userService(createOauth2UserService()) .oidcUserService(createOidcUserService()); + // @formatter:on } @Bean diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java index cf552a6ece..957c383d96 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java @@ -1761,7 +1761,6 @@ public class OAuth2ResourceServerConfigurerTests { @Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off - http .authorizeRequests() .anyRequest().authenticated() @@ -1769,7 +1768,6 @@ public class OAuth2ResourceServerConfigurerTests { .oauth2ResourceServer() .jwt() .jwtAuthenticationConverter(getJwtAuthenticationConverter()); - // @formatter:on } @@ -1783,7 +1781,6 @@ public class OAuth2ResourceServerConfigurerTests { @Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off - http .authorizeRequests() .antMatchers("/requires-read-scope").access("hasAuthority('message:read')") @@ -1791,7 +1788,6 @@ public class OAuth2ResourceServerConfigurerTests { .oauth2ResourceServer() .jwt() .jwtAuthenticationConverter(getJwtAuthenticationConverter()); - // @formatter:on } @@ -2255,6 +2251,7 @@ public class OAuth2ResourceServerConfigurerTests { .jwt() .and() .opaqueToken(); + // @formatter:on } } @@ -2306,6 +2303,7 @@ public class OAuth2ResourceServerConfigurerTests { .oauth2ResourceServer() .authenticationManagerResolver(mock(AuthenticationManagerResolver.class)) .opaqueToken(); + // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java index d4be974be4..598f5bf09c 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java @@ -300,11 +300,13 @@ public class Saml2LoginConfigurerTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests(authz -> authz .anyRequest().authenticated() ) .saml2Login(withDefaults()); + // @formatter:on } @Bean @@ -319,11 +321,13 @@ public class Saml2LoginConfigurerTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests(authz -> authz .anyRequest().authenticated() ) .saml2Login(saml2 -> {}); + // @formatter:on } @Bean diff --git a/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsJcTests.java b/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsJcTests.java index c26ec69d11..d62e1f8821 100644 --- a/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsJcTests.java +++ b/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsJcTests.java @@ -165,9 +165,11 @@ public class GrantedAuthorityDefaultsJcTests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().access("hasRole('USER')"); + // @formatter:on } @Bean diff --git a/config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomConfigurer.java b/config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomConfigurer.java index d377d0dc35..cf2f5bace0 100644 --- a/config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomConfigurer.java +++ b/config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomConfigurer.java @@ -42,17 +42,19 @@ public class CustomConfigurer extends SecurityConfigurerAdapter c.requestCache(this.requestCache)); + // @formatter:on return http.build(); } } @@ -274,6 +278,7 @@ public class OAuth2ClientSpecTests { @Bean public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) { + // @formatter:off http .oauth2Client(oauth2Client -> oauth2Client @@ -281,6 +286,7 @@ public class OAuth2ClientSpecTests { .authenticationManager(this.manager) .authorizationRequestRepository(this.authorizationRequestRepository)) .requestCache(c -> c.requestCache(this.requestCache)); + // @formatter:on return http.build(); } } diff --git a/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java b/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java index b1e5662a3e..d8ab7c8481 100644 --- a/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java +++ b/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java @@ -253,12 +253,14 @@ public class OAuth2LoginTests { @Bean SecurityWebFilterChain springSecurity(ServerHttpSecurity http) { + // @formatter:off http .requestCache() .requestCache(this.requestCache) .and() .oauth2Login() .authorizationRequestRepository(this.authorizationRequestRepository); + // @formatter:on return http.build(); } @@ -395,6 +397,7 @@ public class OAuth2LoginTests { @Bean public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) { + // @formatter:off http .authorizeExchange() .anyExchange().authenticated() @@ -406,6 +409,7 @@ public class OAuth2LoginTests { .authorizationRequestResolver(resolver) .authenticationSuccessHandler(successHandler) .authenticationFailureHandler(failureHandler); + // @formatter:on return http.build(); } } @@ -474,6 +478,7 @@ public class OAuth2LoginTests { @Bean public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) { + // @formatter:off http .authorizeExchange(exchanges -> exchanges @@ -487,6 +492,7 @@ public class OAuth2LoginTests { .authorizationRequestResolver(resolver) .authenticationSuccessHandler(successHandler) ); + // @formatter:on return http.build(); } } @@ -715,7 +721,7 @@ public class OAuth2LoginTests { @Bean public SecurityWebFilterChain springSecurity(ServerHttpSecurity http) { - + // @formatter:off http .csrf().disable() .logout() @@ -726,7 +732,7 @@ public class OAuth2LoginTests { new InMemoryReactiveClientRegistrationRepository(this.withLogout))) .and() .securityContextRepository(this.repository); - + // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java b/config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java index 943fe62d71..f0e1f3765a 100644 --- a/config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java +++ b/config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java @@ -486,8 +486,6 @@ public class OAuth2ResourceServerSpecTests { .jwt() .publicKey(publicKey()); // @formatter:on - - return http.build(); } } @@ -511,7 +509,6 @@ public class OAuth2ResourceServerSpecTests { ) ); // @formatter:on - return http.build(); } } @@ -533,8 +530,6 @@ public class OAuth2ResourceServerSpecTests { .jwt() .publicKey(this.key); // @formatter:on - - return http.build(); } } @@ -877,6 +872,7 @@ public class OAuth2ResourceServerSpecTests { .oauth2ResourceServer() .authenticationManagerResolver(mock(ReactiveAuthenticationManagerResolver.class)) .opaqueToken(); + // @formatter:on return http.build(); } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/Sec2935Tests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/Sec2935Tests.java index 03499732a8..58633511ce 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/Sec2935Tests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/Sec2935Tests.java @@ -148,12 +148,14 @@ public class Sec2935Tests { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .antMatchers("/admin/**").hasRole("ADMIN") .anyRequest().authenticated() .and() .httpBasic(); + // @formatter:on } @Autowired diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests.java index d0a00f5cdd..e4d84b99d9 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests.java @@ -72,16 +72,15 @@ public class SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests { @EnableWebMvc static class Config extends WebSecurityConfigurerAdapter { - // @formatter:off @Override protected void configure(HttpSecurity http) throws Exception { super.configure(http); - + // @formatter:off http .sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS); + // @formatter:on } - // @formatter:on // @formatter:off @Autowired diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2ClientTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2ClientTests.java index 13450d318f..0f2b0e75ff 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2ClientTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2ClientTests.java @@ -165,11 +165,13 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2ClientTests { static class OAuth2ClientConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests(authz -> authz .anyRequest().permitAll() ) .oauth2Client(); + // @formatter:on } @Bean diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java index 52e8941eaf..deb4d0bb9d 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java @@ -167,11 +167,13 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2LoginTests { static class OAuth2LoginConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests(authorize -> authorize .mvcMatchers("/admin/**").hasAuthority("SCOPE_admin") .anyRequest().hasAuthority("SCOPE_read") ).oauth2Login(); + // @formatter:on } @Bean diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java index 4728d78a4d..6171c335f5 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java @@ -173,12 +173,14 @@ public class SecurityMockMvcRequestPostProcessorsOidcLoginTests { static class OAuth2LoginConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .mvcMatchers("/admin/**").hasAuthority("SCOPE_admin") .anyRequest().hasAuthority("SCOPE_read") .and() .oauth2Login(); + // @formatter:on } @Bean diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOpaqueTokenTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOpaqueTokenTests.java index 041a4d2e0f..572b672e81 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOpaqueTokenTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOpaqueTokenTests.java @@ -130,6 +130,7 @@ public class SecurityMockMvcRequestPostProcessorsOpaqueTokenTests { static class OAuth2LoginConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .mvcMatchers("/admin/**").hasAuthority("SCOPE_admin") @@ -138,6 +139,7 @@ public class SecurityMockMvcRequestPostProcessorsOpaqueTokenTests { .oauth2ResourceServer() .opaqueToken() .introspector(mock(OpaqueTokenIntrospector.class)); + // @formatter:on } @RestController diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTests.java index a82709e4ad..b957c7c98e 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTests.java @@ -72,16 +72,15 @@ public class SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTes @EnableWebMvc static class Config extends WebSecurityConfigurerAdapter { - // @formatter:off @Override protected void configure(HttpSecurity http) throws Exception { super.configure(http); - + // @formatter:off http .sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS); + // @formatter:on } - // @formatter:on // @formatter:off @Autowired diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/csrf/CustomCsrfShowcaseTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/csrf/CustomCsrfShowcaseTests.java index dfcdf91bfc..8ce1ec6637 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/csrf/CustomCsrfShowcaseTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/csrf/CustomCsrfShowcaseTests.java @@ -74,14 +74,14 @@ public class CustomCsrfShowcaseTests { @EnableWebMvc static class Config extends WebSecurityConfigurerAdapter { - // @formatter:off @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .csrf() .csrfTokenRepository(repo()); + // @formatter:on } - // @formatter:on // @formatter:off @Autowired diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomConfigAuthenticationTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomConfigAuthenticationTests.java index c2a45bc74e..eedcc107fc 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomConfigAuthenticationTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomConfigAuthenticationTests.java @@ -91,9 +91,9 @@ public class CustomConfigAuthenticationTests { @EnableWebMvc static class Config extends WebSecurityConfigurerAdapter { - // @formatter:off @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() @@ -105,8 +105,8 @@ public class CustomConfigAuthenticationTests { .usernameParameter("user") .passwordParameter("pass") .loginPage("/authenticate"); + // @formatter:on } - // @formatter:on // @formatter:off @Bean diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomLoginRequestBuilderAuthenticationTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomLoginRequestBuilderAuthenticationTests.java index 820f66d49a..821efe3b88 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomLoginRequestBuilderAuthenticationTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomLoginRequestBuilderAuthenticationTests.java @@ -81,9 +81,9 @@ public class CustomLoginRequestBuilderAuthenticationTests { @EnableWebMvc static class Config extends WebSecurityConfigurerAdapter { - // @formatter:off @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .anyRequest().authenticated() @@ -92,8 +92,8 @@ public class CustomLoginRequestBuilderAuthenticationTests { .usernameParameter("user") .passwordParameter("pass") .loginPage("/authenticate"); + // @formatter:on } - // @formatter:on // @formatter:off @Bean diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/DefaultfSecurityRequestsTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/DefaultfSecurityRequestsTests.java index ea580da186..a1bf100d43 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/DefaultfSecurityRequestsTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/DefaultfSecurityRequestsTests.java @@ -85,17 +85,17 @@ public class DefaultfSecurityRequestsTests { @EnableWebMvc static class Config extends WebSecurityConfigurerAdapter { - // @formatter:off @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .antMatchers("/admin/**").hasRole("ADMIN") .anyRequest().authenticated() .and() .httpBasic(); + // @formatter:on } - // @formatter:on // @formatter:off @Autowired diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/SecurityRequestsTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/SecurityRequestsTests.java index e1bb963c04..226197aa38 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/SecurityRequestsTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/SecurityRequestsTests.java @@ -103,17 +103,17 @@ public class SecurityRequestsTests { @EnableWebMvc static class Config extends WebSecurityConfigurerAdapter { - // @formatter:off @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .antMatchers("/admin/**").hasRole("ADMIN") .anyRequest().authenticated() .and() .formLogin(); + // @formatter:on } - // @formatter:on // @formatter:off @Autowired diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserAuthenticationTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserAuthenticationTests.java index 46b6df9861..cfdc27f7af 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserAuthenticationTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserAuthenticationTests.java @@ -87,17 +87,17 @@ public class WithUserAuthenticationTests { @EnableWebMvc static class Config extends WebSecurityConfigurerAdapter { - // @formatter:off @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .antMatchers("/admin/**").hasRole("ADMIN") .anyRequest().authenticated() .and() .formLogin(); + // @formatter:on } - // @formatter:on // @formatter:off @Autowired diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserClassLevelAuthenticationTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserClassLevelAuthenticationTests.java index 7ebb3e4c51..951245aa12 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserClassLevelAuthenticationTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserClassLevelAuthenticationTests.java @@ -87,17 +87,17 @@ public class WithUserClassLevelAuthenticationTests { @EnableWebMvc static class Config extends WebSecurityConfigurerAdapter { - // @formatter:off @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .antMatchers("/admin/**").hasRole("ADMIN") .anyRequest().authenticated() .and() .httpBasic(); + // @formatter:on } - // @formatter:on // @formatter:off @Autowired diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsAuthenticationTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsAuthenticationTests.java index 75ea96fcdd..5d89232bc8 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsAuthenticationTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsAuthenticationTests.java @@ -79,17 +79,17 @@ public class WithUserDetailsAuthenticationTests { @EnableWebMvc static class Config extends WebSecurityConfigurerAdapter { - // @formatter:off @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .antMatchers("/admin/**").hasRole("ADMIN") .anyRequest().authenticated() .and() .formLogin(); + // @formatter:on } - // @formatter:on @Bean @Override diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsClassLevelAuthenticationTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsClassLevelAuthenticationTests.java index 56b2f324b8..23c19d12b6 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsClassLevelAuthenticationTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsClassLevelAuthenticationTests.java @@ -79,17 +79,17 @@ public class WithUserDetailsClassLevelAuthenticationTests { @EnableWebMvc static class Config extends WebSecurityConfigurerAdapter { - // @formatter:off @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .authorizeRequests() .antMatchers("/admin/**").hasRole("ADMIN") .anyRequest().authenticated() .and() .formLogin(); + // @formatter:on } - // @formatter:on @Bean @Override diff --git a/test/src/test/java/org/springframework/security/test/web/support/WebTestUtilsTests.java b/test/src/test/java/org/springframework/security/test/web/support/WebTestUtilsTests.java index c7aead4ed9..914eb046b5 100644 --- a/test/src/test/java/org/springframework/security/test/web/support/WebTestUtilsTests.java +++ b/test/src/test/java/org/springframework/security/test/web/support/WebTestUtilsTests.java @@ -189,29 +189,29 @@ public class WebTestUtilsTests { static CsrfTokenRepository CSRF_REPO; static SecurityContextRepository CONTEXT_REPO; - // @formatter:off @Override protected void configure(HttpSecurity http) throws Exception { + // @formatter:off http .csrf() .csrfTokenRepository(CSRF_REPO) .and() .securityContext() .securityContextRepository(CONTEXT_REPO); + // @formatter:on } - // @formatter:on } @EnableWebSecurity static class PartialSecurityConfig extends WebSecurityConfigurerAdapter { - // @formatter:off @Override public void configure(HttpSecurity http) { + // @formatter:off http .antMatcher("/willnotmatchthis"); + // @formatter:on } - // @formatter:on } @Configuration