From 13e738e73323660efadf1e4ac94bdf7bbd725229 Mon Sep 17 00:00:00 2001 From: Josh Cummings <3627351+jzheaux@users.noreply.github.com> Date: Fri, 20 Jun 2025 10:05:25 -0600 Subject: [PATCH] Use HttpSecurity Lambda DSL in Test Issue gh-13067 --- .../test/web/servlet/request/Sec2935Tests.java | 8 ++++---- ...PostProcessorsAuthenticationStatelessTests.java | 4 ++-- ...cRequestPostProcessorsCsrfDebugFilterTests.java | 2 +- ...kMvcRequestPostProcessorsOAuth2ClientTests.java | 5 +++-- ...ckMvcRequestPostProcessorsOAuth2LoginTests.java | 7 ++++--- ...MockMvcRequestPostProcessorsOidcLoginTests.java | 8 ++++---- ...ckMvcRequestPostProcessorsOpaqueTokenTests.java | 11 +++++------ ...rocessorsTestSecurityContextStatelessTests.java | 4 ++-- .../test/web/servlet/response/Gh3409Tests.java | 10 +++++----- .../showcase/csrf/CustomCsrfShowcaseTests.java | 4 ++-- .../login/CustomConfigAuthenticationTests.java | 14 ++++++-------- ...stomLoginRequestBuilderAuthenticationTests.java | 9 ++++----- .../secured/DefaultfSecurityRequestsTests.java | 8 ++++---- .../showcase/secured/SecurityRequestsTests.java | 8 ++++---- .../secured/WithUserAuthenticationTests.java | 8 ++++---- .../WithUserClassLevelAuthenticationTests.java | 8 ++++---- .../WithUserDetailsAuthenticationTests.java | 8 ++++---- ...thUserDetailsClassLevelAuthenticationTests.java | 8 ++++---- .../test/web/support/WebTestUtilsTests.java | 11 +++++------ 19 files changed, 71 insertions(+), 74 deletions(-) diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/Sec2935Tests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/Sec2935Tests.java index eb14f3173f..a9e0bec7a0 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/Sec2935Tests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/Sec2935Tests.java @@ -37,6 +37,7 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user; import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated; import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated; @@ -132,11 +133,10 @@ public class Sec2935Tests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/admin/**").hasRole("ADMIN") - .anyRequest().authenticated() - .and() - .httpBasic(); + .anyRequest().authenticated()) + .httpBasic(withDefaults()); return http.build(); // @formatter:on } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests.java index 1ff15e3d8f..62814874fa 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests.java @@ -82,8 +82,8 @@ public class SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.STATELESS); + .sessionManagement((management) -> management + .sessionCreationPolicy(SessionCreationPolicy.STATELESS)); return http.build(); // @formatter:on } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsCsrfDebugFilterTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsCsrfDebugFilterTests.java index f994130201..2be19b7a2e 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsCsrfDebugFilterTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsCsrfDebugFilterTests.java @@ -63,7 +63,7 @@ public class SecurityMockMvcRequestPostProcessorsCsrfDebugFilterTests { @Bean SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - http.csrf().csrfTokenRepository(cookieCsrfTokenRepository); + http.csrf((csrf) -> csrf.csrfTokenRepository(cookieCsrfTokenRepository)); return http.build(); } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2ClientTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2ClientTests.java index 276cc5286f..a2fb282113 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2ClientTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2ClientTests.java @@ -60,6 +60,7 @@ import static org.mockito.ArgumentMatchers.eq; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.oauth2Client; import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; @@ -181,9 +182,9 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2ClientTests { // @formatter:off http .authorizeRequests((authz) -> authz - .anyRequest().permitAll() + .anyRequest().permitAll() ) - .oauth2Client(); + .oauth2Client(withDefaults()); return http.build(); // @formatter:on } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java index f834d43165..eb64e86f63 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java @@ -55,6 +55,7 @@ import org.springframework.web.context.WebApplicationContext; import org.springframework.web.servlet.config.annotation.EnableWebMvc; import static org.mockito.Mockito.mock; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.oauth2Login; import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; @@ -158,9 +159,9 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2LoginTests { // @formatter:off http .authorizeRequests((authorize) -> authorize - .requestMatchers("/admin/**").hasAuthority("SCOPE_admin") - .anyRequest().hasAuthority("SCOPE_read") - ).oauth2Login(); + .requestMatchers("/admin/**").hasAuthority("SCOPE_admin") + .anyRequest().hasAuthority("SCOPE_read") + ).oauth2Login(withDefaults()); return http.build(); // @formatter:on } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java index 418cd4f4e7..d02467ad87 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java @@ -56,6 +56,7 @@ import org.springframework.web.context.WebApplicationContext; import org.springframework.web.servlet.config.annotation.EnableWebMvc; import static org.mockito.Mockito.mock; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.oidcLogin; import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; @@ -155,11 +156,10 @@ public class SecurityMockMvcRequestPostProcessorsOidcLoginTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/admin/**").hasAuthority("SCOPE_admin") - .anyRequest().hasAuthority("SCOPE_read") - .and() - .oauth2Login(); + .anyRequest().hasAuthority("SCOPE_read")) + .oauth2Login(withDefaults()); return http.build(); // @formatter:on } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOpaqueTokenTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOpaqueTokenTests.java index 734a439c06..6cd177a44a 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOpaqueTokenTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOpaqueTokenTests.java @@ -130,13 +130,12 @@ public class SecurityMockMvcRequestPostProcessorsOpaqueTokenTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/admin/**").hasAuthority("SCOPE_admin") - .anyRequest().hasAuthority("SCOPE_read") - .and() - .oauth2ResourceServer() - .opaqueToken() - .introspector(mock(OpaqueTokenIntrospector.class)); + .anyRequest().hasAuthority("SCOPE_read")) + .oauth2ResourceServer((server) -> server + .opaqueToken((opaqueToken) -> opaqueToken + .introspector(mock(OpaqueTokenIntrospector.class)))); return http.build(); // @formatter:on } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTests.java index af8d6ec607..90173d3a2d 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTests.java @@ -80,8 +80,8 @@ public class SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTes SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.STATELESS); + .sessionManagement((management) -> management + .sessionCreationPolicy(SessionCreationPolicy.STATELESS)); return http.build(); // @formatter:on } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/response/Gh3409Tests.java b/test/src/test/java/org/springframework/security/test/web/servlet/response/Gh3409Tests.java index 1e40bf04d2..a065a4fa7d 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/response/Gh3409Tests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/response/Gh3409Tests.java @@ -35,6 +35,7 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.securityContext; import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated; import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity; @@ -98,12 +99,11 @@ public class Gh3409Tests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/public/**").permitAll() - .anyRequest().authenticated() - .and() - .formLogin().and() - .httpBasic(); + .anyRequest().authenticated()) + .formLogin(withDefaults()) + .httpBasic(withDefaults()); return http.build(); // @formatter:on } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/csrf/CustomCsrfShowcaseTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/csrf/CustomCsrfShowcaseTests.java index c1cd2098dd..b1ffca0d83 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/csrf/CustomCsrfShowcaseTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/csrf/CustomCsrfShowcaseTests.java @@ -84,8 +84,8 @@ public class CustomCsrfShowcaseTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf() - .csrfTokenRepository(repo()); + .csrf((csrf) -> csrf + .csrfTokenRepository(repo())); return http.build(); // @formatter:on } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomConfigAuthenticationTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomConfigAuthenticationTests.java index e96998532d..c055705362 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomConfigAuthenticationTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomConfigAuthenticationTests.java @@ -99,16 +99,14 @@ public class CustomConfigAuthenticationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .securityContext() - .securityContextRepository(securityContextRepository()) - .and() - .formLogin() + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .securityContext((context) -> context + .securityContextRepository(securityContextRepository())) + .formLogin((login) -> login .usernameParameter("user") .passwordParameter("pass") - .loginPage("/authenticate"); + .loginPage("/authenticate")); return http.build(); // @formatter:on } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomLoginRequestBuilderAuthenticationTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomLoginRequestBuilderAuthenticationTests.java index a430b6e6f5..7048193d39 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomLoginRequestBuilderAuthenticationTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomLoginRequestBuilderAuthenticationTests.java @@ -90,13 +90,12 @@ public class CustomLoginRequestBuilderAuthenticationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .formLogin() + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .formLogin((login) -> login .usernameParameter("user") .passwordParameter("pass") - .loginPage("/authenticate"); + .loginPage("/authenticate")); return http.build(); // @formatter:on } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/DefaultfSecurityRequestsTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/DefaultfSecurityRequestsTests.java index e00726209e..635d7a6024 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/DefaultfSecurityRequestsTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/DefaultfSecurityRequestsTests.java @@ -35,6 +35,7 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.anonymous; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user; import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated; @@ -97,11 +98,10 @@ public class DefaultfSecurityRequestsTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/admin/**").hasRole("ADMIN") - .anyRequest().authenticated() - .and() - .httpBasic(); + .anyRequest().authenticated()) + .httpBasic(withDefaults()); return http.build(); // @formatter:on } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/SecurityRequestsTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/SecurityRequestsTests.java index da358687a2..461d4a6d81 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/SecurityRequestsTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/SecurityRequestsTests.java @@ -40,6 +40,7 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user; import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated; @@ -112,11 +113,10 @@ public class SecurityRequestsTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/admin/**").hasRole("ADMIN") - .anyRequest().authenticated() - .and() - .formLogin(); + .anyRequest().authenticated()) + .formLogin(withDefaults()); // @formatter:on return http.build(); } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserAuthenticationTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserAuthenticationTests.java index 27ded9e526..662315cc5b 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserAuthenticationTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserAuthenticationTests.java @@ -37,6 +37,7 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; @@ -97,11 +98,10 @@ public class WithUserAuthenticationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/admin/**").hasRole("ADMIN") - .anyRequest().authenticated() - .and() - .formLogin(); + .anyRequest().authenticated()) + .formLogin(withDefaults()); return http.build(); // @formatter:on } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserClassLevelAuthenticationTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserClassLevelAuthenticationTests.java index ec6b7fbc34..71ab53568f 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserClassLevelAuthenticationTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserClassLevelAuthenticationTests.java @@ -37,6 +37,7 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated; import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated; import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity; @@ -96,11 +97,10 @@ public class WithUserClassLevelAuthenticationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/admin/**").hasRole("ADMIN") - .anyRequest().authenticated() - .and() - .httpBasic(); + .anyRequest().authenticated()) + .httpBasic(withDefaults()); return http.build(); // @formatter:on } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsAuthenticationTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsAuthenticationTests.java index 9fbc66ecd0..2994ff9aeb 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsAuthenticationTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsAuthenticationTests.java @@ -38,6 +38,7 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated; import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; @@ -87,11 +88,10 @@ public class WithUserDetailsAuthenticationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/admin/**").hasRole("ADMIN") - .anyRequest().authenticated() - .and() - .formLogin(); + .anyRequest().authenticated()) + .formLogin(withDefaults()); // @formatter:on return http.build(); } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsClassLevelAuthenticationTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsClassLevelAuthenticationTests.java index 2b44e71654..2827daf3b6 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsClassLevelAuthenticationTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsClassLevelAuthenticationTests.java @@ -38,6 +38,7 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated; import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; @@ -86,11 +87,10 @@ public class WithUserDetailsClassLevelAuthenticationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/admin/**").hasRole("ADMIN") - .anyRequest().authenticated() - .and() - .formLogin(); + .anyRequest().authenticated()) + .formLogin(withDefaults()); // @formatter:on return http.build(); } diff --git a/test/src/test/java/org/springframework/security/test/web/support/WebTestUtilsTests.java b/test/src/test/java/org/springframework/security/test/web/support/WebTestUtilsTests.java index 496f403783..f1d973e5f6 100644 --- a/test/src/test/java/org/springframework/security/test/web/support/WebTestUtilsTests.java +++ b/test/src/test/java/org/springframework/security/test/web/support/WebTestUtilsTests.java @@ -191,7 +191,7 @@ public class WebTestUtilsTests { @Bean SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - http.csrf().disable(); + http.csrf((csrf) -> csrf.disable()); return http.build(); } @@ -208,11 +208,10 @@ public class WebTestUtilsTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf() - .csrfTokenRepository(CSRF_REPO) - .and() - .securityContext() - .securityContextRepository(CONTEXT_REPO); + .csrf((csrf) -> csrf + .csrfTokenRepository(CSRF_REPO)) + .securityContext((context) -> context + .securityContextRepository(CONTEXT_REPO)); return http.build(); // @formatter:on }