diff --git a/config/src/test/java/org/springframework/security/config/annotation/issue50/SecurityConfig.java b/config/src/test/java/org/springframework/security/config/annotation/issue50/SecurityConfig.java index ba7d4a616c..4b338c116d 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/issue50/SecurityConfig.java +++ b/config/src/test/java/org/springframework/security/config/annotation/issue50/SecurityConfig.java @@ -51,9 +51,8 @@ public class SecurityConfig { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .requestMatchers(new AntPathRequestMatcher("/*")).permitAll() - .and() + .authorizeRequests((requests) -> requests + .requestMatchers(new AntPathRequestMatcher("/*")).permitAll()) .authenticationProvider(authenticationProvider()); // @formatter:on return http.build(); diff --git a/config/src/test/java/org/springframework/security/config/annotation/sec2758/Sec2758Tests.java b/config/src/test/java/org/springframework/security/config/annotation/sec2758/Sec2758Tests.java index 7d4ecd7423..ced754e393 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/sec2758/Sec2758Tests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/sec2758/Sec2758Tests.java @@ -87,8 +87,8 @@ public class Sec2758Tests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().access("hasAnyRole('CUSTOM')"); + .authorizeRequests((requests) -> requests + .anyRequest().access("hasAnyRole('CUSTOM')")); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryAnyMatcherTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryAnyMatcherTests.java index d740b41068..0a0b970968 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryAnyMatcherTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryAnyMatcherTests.java @@ -86,9 +86,9 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .requestMatchers(new AntPathRequestMatcher("/demo/**")).permitAll(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated() + .requestMatchers(new AntPathRequestMatcher("/demo/**")).permitAll()); return http.build(); // @formatter:on } @@ -103,9 +103,9 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests { SecurityFilterChain filterChain(HttpSecurity http, HandlerMappingIntrospector introspector) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .requestMatchers(new MvcRequestMatcher(introspector, "/demo/**")).permitAll(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated() + .requestMatchers(new MvcRequestMatcher(introspector, "/demo/**")).permitAll()); return http.build(); // @formatter:on } @@ -120,9 +120,9 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .requestMatchers(new RegexRequestMatcher(".*", null)).permitAll(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated() + .requestMatchers(new RegexRequestMatcher(".*", null)).permitAll()); return http.build(); // @formatter:on } @@ -137,9 +137,9 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .anyRequest().permitAll(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated() + .anyRequest().permitAll()); return http.build(); // @formatter:on } @@ -154,9 +154,9 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .requestMatchers(new AntPathRequestMatcher("/**")).permitAll(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated() + .requestMatchers(new AntPathRequestMatcher("/**")).permitAll()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/builders/HttpConfigurationTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/builders/HttpConfigurationTests.java index e7326ab9f8..7a4cb72b10 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/builders/HttpConfigurationTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/builders/HttpConfigurationTests.java @@ -48,6 +48,7 @@ import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.verify; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; @@ -148,14 +149,12 @@ public class HttpConfigurationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .securityMatchers() + .securityMatchers((security) -> security .requestMatchers(new AntPathRequestMatcher("/api/**")) - .requestMatchers(new AntPathRequestMatcher("/oauth/**")) - .and() - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .httpBasic(); + .requestMatchers(new AntPathRequestMatcher("/oauth/**"))) + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .httpBasic(withDefaults()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java index e24b8d8f10..6aa7666b5d 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java @@ -71,6 +71,7 @@ import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user; @@ -293,9 +294,9 @@ public class NamespaceHttpTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .anyRequest().permitAll() - .accessDecisionManager(ACCESS_DECISION_MANAGER); + .accessDecisionManager(ACCESS_DECISION_MANAGER)); return http.build(); // @formatter:on } @@ -311,12 +312,11 @@ public class NamespaceHttpTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/admin").hasRole("ADMIN") - .anyRequest().authenticated() - .and() - .exceptionHandling() - .accessDeniedPage("/AccessDeniedPage"); + .anyRequest().authenticated()) + .exceptionHandling((handling) -> handling + .accessDeniedPage("/AccessDeniedPage")); return http.build(); // @formatter:on } @@ -338,10 +338,9 @@ public class NamespaceHttpTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .formLogin(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .formLogin(withDefaults()); return http.build(); // @formatter:on } @@ -356,11 +355,10 @@ public class NamespaceHttpTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().permitAll() - .and() - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.ALWAYS); + .authorizeRequests((requests) -> requests + .anyRequest().permitAll()) + .sessionManagement((management) -> management + .sessionCreationPolicy(SessionCreationPolicy.ALWAYS)); return http.build(); // @formatter:on } @@ -375,11 +373,10 @@ public class NamespaceHttpTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().permitAll() - .and() - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.STATELESS); + .authorizeRequests((requests) -> requests + .anyRequest().permitAll()) + .sessionManagement((management) -> management + .sessionCreationPolicy(SessionCreationPolicy.STATELESS)); return http.build(); // @formatter:on } @@ -395,14 +392,12 @@ public class NamespaceHttpTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/unsecure").permitAll() - .anyRequest().authenticated() - .and() - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED) - .and() - .formLogin(); + .anyRequest().authenticated()) + .sessionManagement((management) -> management + .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)) + .formLogin(withDefaults()); return http.build(); // @formatter:on } @@ -417,11 +412,10 @@ public class NamespaceHttpTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().anonymous() - .and() - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.NEVER); + .authorizeRequests((requests) -> requests + .anyRequest().anonymous()) + .sessionManagement((management) -> management + .sessionCreationPolicy(SessionCreationPolicy.NEVER)); return http.build(); // @formatter:on } @@ -436,13 +430,11 @@ public class NamespaceHttpTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .exceptionHandling() - .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/entry-point")) - .and() - .formLogin(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .exceptionHandling((handling) -> handling + .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/entry-point"))) + .formLogin(withDefaults()); return http.build(); // @formatter:on } @@ -472,11 +464,10 @@ public class NamespaceHttpTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .httpBasic() - .realmName("RealmConfig"); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .httpBasic((basic) -> basic + .realmName("RealmConfig")); return http.build(); // @formatter:on } @@ -562,13 +553,11 @@ public class NamespaceHttpTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .securityContext() - .securityContextRepository(new NullSecurityContextRepository()) - .and() - .formLogin(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .securityContext((context) -> context + .securityContextRepository(new NullSecurityContextRepository())) + .formLogin(withDefaults()); // @formatter:on return http.build(); } @@ -588,11 +577,10 @@ public class NamespaceHttpTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().permitAll() - .and() - .servletApi() - .disable(); + .authorizeRequests((requests) -> requests + .anyRequest().permitAll()) + .servletApi((api) -> api + .disable()); return http.build(); // @formatter:on } @@ -607,8 +595,8 @@ public class NamespaceHttpTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().permitAll(); + .authorizeRequests((requests) -> requests + .anyRequest().permitAll()); return http.build(); // @formatter:on } @@ -641,10 +629,10 @@ public class NamespaceHttpTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/users**", "/sessions/**").hasRole("USER") .requestMatchers("/signup").permitAll() - .anyRequest().hasRole("USER"); + .anyRequest().hasRole("USER")); this.httpSecurity = http; return http.build(); // @formatter:on diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/builders/WebSecurityTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/builders/WebSecurityTests.java index a8d18adf4a..2b58af889f 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/builders/WebSecurityTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/builders/WebSecurityTests.java @@ -50,6 +50,7 @@ import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.handler.HandlerMappingIntrospector; import static org.assertj.core.api.Assertions.assertThat; +import static org.springframework.security.config.Customizer.withDefaults; /** * @author Rob Winch @@ -137,9 +138,9 @@ public class WebSecurityTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic().and() - .authorizeRequests() - .anyRequest().denyAll(); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().denyAll()); // @formatter:on return http.build(); } @@ -176,9 +177,9 @@ public class WebSecurityTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic().and() - .authorizeRequests() - .anyRequest().denyAll(); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().denyAll()); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/OAuth2ClientConfigurationTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/OAuth2ClientConfigurationTests.java index 83a247673a..106204efe5 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/OAuth2ClientConfigurationTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/OAuth2ClientConfigurationTests.java @@ -58,6 +58,7 @@ import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoInteractions; import static org.mockito.Mockito.verifyNoMoreInteractions; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; @@ -272,10 +273,9 @@ public class OAuth2ClientConfigurationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2Login(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2Login(withDefaults()); return http.build(); // @formatter:on } @@ -311,10 +311,9 @@ public class OAuth2ClientConfigurationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2Login(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2Login(withDefaults()); return http.build(); // @formatter:on } @@ -330,10 +329,9 @@ public class OAuth2ClientConfigurationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2Login(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2Login(withDefaults()); return http.build(); // @formatter:on } @@ -369,10 +367,9 @@ public class OAuth2ClientConfigurationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2Login(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2Login(withDefaults()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/SecurityReactorContextConfigurationResourceServerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/SecurityReactorContextConfigurationResourceServerTests.java index 76001a2fac..eb57f56960 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/SecurityReactorContextConfigurationResourceServerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/SecurityReactorContextConfigurationResourceServerTests.java @@ -113,7 +113,7 @@ public class SecurityReactorContextConfigurationResourceServerTests { @Bean SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - http.securityContext().requireExplicitSave(false); + http.securityContext((context) -> context.requireExplicitSave(false)); return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java index f96d67809e..afabd761ba 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java @@ -535,9 +535,9 @@ public class WebSecurityConfigurationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .anyRequest().authenticated() - .expressionHandler(EXPRESSION_HANDLER); + .expressionHandler(EXPRESSION_HANDLER)); return http.build(); // @formatter:on } @@ -563,8 +563,8 @@ public class WebSecurityConfigurationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()); return http.build(); // @formatter:on } @@ -616,8 +616,8 @@ public class WebSecurityConfigurationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()); return http.build(); // @formatter:on } @@ -649,8 +649,8 @@ public class WebSecurityConfigurationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().access("request.method == 'GET' ? @b.grant() : @b.deny()"); + .authorizeRequests((requests) -> requests + .anyRequest().access("request.method == 'GET' ? @b.grant() : @b.deny()")); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AnonymousConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AnonymousConfigurerTests.java index 599434e2f4..49b5d7d962 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AnonymousConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AnonymousConfigurerTests.java @@ -110,11 +110,10 @@ public class AnonymousConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .anonymous() + .anonymous((anonymous) -> anonymous .key("key") - .principal("principal") - .and() - .anonymous(); + .principal("principal")) + .anonymous(withDefaults()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurerTests.java index 7d57cae201..ea79dda610 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurerTests.java @@ -762,7 +762,7 @@ public class AuthorizeHttpRequestsConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeHttpRequests(); + .authorizeHttpRequests(withDefaults()); // @formatter:on return http.build(); @@ -793,8 +793,8 @@ public class AuthorizeHttpRequestsConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeHttpRequests() - .anyRequest(); + .authorizeHttpRequests((requests) -> requests + .anyRequest()); // @formatter:on return http.build(); @@ -849,8 +849,8 @@ public class AuthorizeHttpRequestsConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeHttpRequests() - .anyRequest().access(authorizationManager); + .authorizeHttpRequests((requests) -> requests + .anyRequest().access(authorizationManager)); // @formatter:on return http.build(); @@ -899,12 +899,11 @@ public class AuthorizeHttpRequestsConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off return http - .httpBasic() - .and() - .authorizeHttpRequests((requests) -> requests + .httpBasic(withDefaults()) + .authorizeHttpRequests((requests) -> requests .anyRequest().hasAnyAuthority("ROLE_USER") - ) - .build(); + ) + .build(); // @formatter:on } @@ -918,12 +917,11 @@ public class AuthorizeHttpRequestsConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off return http - .httpBasic() - .and() - .authorizeHttpRequests((requests) -> requests + .httpBasic(withDefaults()) + .authorizeHttpRequests((requests) -> requests .anyRequest().hasAuthority("ROLE_USER") - ) - .build(); + ) + .build(); // @formatter:on } @@ -937,12 +935,11 @@ public class AuthorizeHttpRequestsConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off return http - .httpBasic() - .and() - .authorizeHttpRequests((requests) -> requests + .httpBasic(withDefaults()) + .authorizeHttpRequests((requests) -> requests .anyRequest().hasAnyAuthority("ROLE_USER", "ROLE_ADMIN") - ) - .build(); + ) + .build(); // @formatter:on } @@ -1014,12 +1011,11 @@ public class AuthorizeHttpRequestsConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off return http - .httpBasic() - .and() - .authorizeHttpRequests((requests) -> requests + .httpBasic(withDefaults()) + .authorizeHttpRequests((requests) -> requests .anyRequest().denyAll() - ) - .build(); + ) + .build(); // @formatter:on } @@ -1050,13 +1046,12 @@ public class AuthorizeHttpRequestsConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off return http - .httpBasic() - .and() - .authorizeHttpRequests((requests) -> requests + .httpBasic(withDefaults()) + .authorizeHttpRequests((requests) -> requests .anyRequest().authenticated() - ) - .authorizeHttpRequests(withDefaults()) - .build(); + ) + .authorizeHttpRequests(withDefaults()) + .build(); // @formatter:on } @@ -1090,12 +1085,11 @@ public class AuthorizeHttpRequestsConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off return http - .httpBasic() - .and() - .authorizeHttpRequests((requests) -> requests + .httpBasic(withDefaults()) + .authorizeHttpRequests((requests) -> requests .anyRequest().authenticated() - ) - .build(); + ) + .build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeRequestsTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeRequestsTests.java index 4bf3d4ef78..0b79c086a7 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeRequestsTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeRequestsTests.java @@ -198,8 +198,8 @@ public class AuthorizeRequestsTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .requestMatchers(new AntPathRequestMatcher("/**", HttpMethod.POST.name())).denyAll(); + .authorizeRequests((requests) -> requests + .requestMatchers(new AntPathRequestMatcher("/**", HttpMethod.POST.name())).denyAll()); // @formatter:on return http.build(); } @@ -242,9 +242,9 @@ public class AuthorizeRequestsTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .requestMatchers(new AntPathRequestMatcher("/user/{user}", null, false)).access("#user == 'user'") - .anyRequest().denyAll(); + .authorizeRequests((requests) -> requests + .requestMatchers(new AntPathRequestMatcher("/user/{user}", null, false)).access("#user == 'user'") + .anyRequest().denyAll()); // @formatter:on return http.build(); } @@ -264,9 +264,9 @@ public class AuthorizeRequestsTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .requestMatchers(new AntPathRequestMatcher("/user/{userName}", null, false)).access("#userName == 'user'") - .anyRequest().denyAll(); + .authorizeRequests((requests) -> requests + .requestMatchers(new AntPathRequestMatcher("/user/{userName}", null, false)).access("#userName == 'user'") + .anyRequest().denyAll()); // @formatter:on return http.build(); } @@ -286,8 +286,8 @@ public class AuthorizeRequestsTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("ADMIN"); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("ADMIN")); // @formatter:on return http.build(); } @@ -315,9 +315,9 @@ public class AuthorizeRequestsTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic().and() - .authorizeRequests() - .requestMatchers("/path").denyAll(); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .requestMatchers("/path").denyAll()); // @formatter:on return http.build(); } @@ -385,9 +385,9 @@ public class AuthorizeRequestsTests { .servletPath("/spring"); // @formatter:off http - .httpBasic().and() - .authorizeRequests() - .requestMatchers(mvcMatcherBuilder.pattern("/path")).denyAll(); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .requestMatchers(mvcMatcherBuilder.pattern("/path")).denyAll()); // @formatter:on return http.build(); } @@ -455,9 +455,9 @@ public class AuthorizeRequestsTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic().and() - .authorizeRequests() - .requestMatchers("/user/{userName}").access("#userName == 'user'"); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .requestMatchers("/user/{userName}").access("#userName == 'user'")); // @formatter:on return http.build(); } @@ -523,9 +523,9 @@ public class AuthorizeRequestsTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic().and() - .authorizeRequests() - .requestMatchers("/user").denyAll(); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .requestMatchers("/user").denyAll()); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ChannelSecurityConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ChannelSecurityConfigurerTests.java index 8ff4f51361..21cbc87af8 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ChannelSecurityConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ChannelSecurityConfigurerTests.java @@ -46,6 +46,7 @@ import org.springframework.web.servlet.config.annotation.EnableWebMvc; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.verify; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl; @@ -138,8 +139,8 @@ public class ChannelSecurityConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .requiresChannel() - .anyRequest().requiresSecure(); + .requiresChannel((channel) -> channel + .anyRequest().requiresSecure()); return http.build(); // @formatter:on } @@ -168,10 +169,9 @@ public class ChannelSecurityConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .requiresChannel() - .anyRequest().requiresSecure() - .and() - .requiresChannel(); + .requiresChannel((channel) -> channel + .anyRequest().requiresSecure()) + .requiresChannel(withDefaults()); return http.build(); // @formatter:on } @@ -204,13 +204,12 @@ public class ChannelSecurityConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .portMapper() - .portMapper(new PortMapperImpl()) - .and() - .requiresChannel() + .portMapper((mapper) -> mapper + .portMapper(new PortMapperImpl())) + .requiresChannel((channel) -> channel .redirectStrategy(new TestUrlRedirectStrategy()) .anyRequest() - .requiresSecure(); + .requiresSecure()); return http.build(); // @formatter:on } @@ -239,18 +238,17 @@ public class ChannelSecurityConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .portMapper() - .portMapper(new PortMapperImpl()) - .and() - .requiresChannel() + .portMapper((mapper) -> mapper + .portMapper(new PortMapperImpl())) + .requiresChannel((channel) -> channel .requestMatchers("/test-1") - .requiresSecure() + .requiresSecure() .requestMatchers("/test-2") - .requiresSecure() + .requiresSecure() .requestMatchers("/test-3") - .requiresSecure() + .requiresSecure() .anyRequest() - .requiresInsecure(); + .requiresInsecure()); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/CorsConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/CorsConfigurerTests.java index e1ea28c637..a7935fdde5 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/CorsConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/CorsConfigurerTests.java @@ -204,10 +204,9 @@ public class CorsConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .cors(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .cors(withDefaults()); return http.build(); // @formatter:on } @@ -223,10 +222,9 @@ public class CorsConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .cors(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .cors(withDefaults()); return http.build(); // @formatter:on } @@ -283,10 +281,9 @@ public class CorsConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .cors(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .cors(withDefaults()); return http.build(); // @formatter:on } @@ -340,10 +337,9 @@ public class CorsConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .cors(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .cors(withDefaults()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerIgnoringRequestMatchersTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerIgnoringRequestMatchersTests.java index a9aab54ba0..bd22ccf67e 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerIgnoringRequestMatchersTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerIgnoringRequestMatchersTests.java @@ -108,9 +108,9 @@ public class CsrfConfigurerIgnoringRequestMatchersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf() + .csrf((csrf) -> csrf .requireCsrfProtectionMatcher(new AntPathRequestMatcher("/path")) - .ignoringRequestMatchers(this.requestMatcher); + .ignoringRequestMatchers(this.requestMatcher)); return http.build(); // @formatter:on } @@ -149,9 +149,9 @@ public class CsrfConfigurerIgnoringRequestMatchersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf() + .csrf((csrf) -> csrf .ignoringRequestMatchers(new AntPathRequestMatcher("/no-csrf")) - .ignoringRequestMatchers(this.requestMatcher); + .ignoringRequestMatchers(this.requestMatcher)); return http.build(); // @formatter:on } @@ -189,8 +189,8 @@ public class CsrfConfigurerIgnoringRequestMatchersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf() - .ignoringRequestMatchers("/no-csrf"); + .csrf((csrf) -> csrf + .ignoringRequestMatchers("/no-csrf")); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerTests.java index a37a101fbc..ce08191199 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerTests.java @@ -676,8 +676,8 @@ public class CsrfConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf() - .disable(); + .csrf((csrf) -> csrf + .disable()); return http.build(); // @formatter:on } @@ -707,13 +707,11 @@ public class CsrfConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .formLogin() - .and() - .csrf() - .disable(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .formLogin(withDefaults()) + .csrf((csrf) -> csrf + .disable()); // @formatter:on return http.build(); } @@ -735,13 +733,11 @@ public class CsrfConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .formLogin() - .and() - .csrf() - .csrfTokenRepository(REPO); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .formLogin(withDefaults()) + .csrf((csrf) -> csrf + .csrfTokenRepository(REPO)); // @formatter:on return http.build(); } @@ -761,10 +757,9 @@ public class CsrfConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf() - .and() - .sessionManagement() - .invalidSessionUrl("/error/sessionError"); + .csrf(withDefaults()) + .sessionManagement((management) -> management + .invalidSessionUrl("/error/sessionError")); return http.build(); // @formatter:on } @@ -781,8 +776,8 @@ public class CsrfConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf() - .requireCsrfProtectionMatcher(MATCHER); + .csrf((csrf) -> csrf + .requireCsrfProtectionMatcher(MATCHER)); return http.build(); // @formatter:on } @@ -816,10 +811,9 @@ public class CsrfConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .and() - .csrf() - .csrfTokenRepository(REPO); + .formLogin(withDefaults()) + .csrf((csrf) -> csrf + .csrfTokenRepository(REPO)); // @formatter:on return http.build(); } @@ -859,8 +853,8 @@ public class CsrfConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .exceptionHandling() - .accessDeniedHandler(DENIED_HANDLER); + .exceptionHandling((handling) -> handling + .accessDeniedHandler(DENIED_HANDLER)); return http.build(); // @formatter:on } @@ -879,8 +873,8 @@ public class CsrfConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .exceptionHandling() - .defaultAccessDeniedHandlerFor(DENIED_HANDLER, MATCHER); + .exceptionHandling((handling) -> handling + .defaultAccessDeniedHandlerFor(DENIED_HANDLER, MATCHER)); return http.build(); // @formatter:on } @@ -895,7 +889,7 @@ public class CsrfConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin(); + .formLogin(withDefaults()); return http.build(); // @formatter:on } @@ -910,10 +904,9 @@ public class CsrfConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .and() - .logout() - .logoutRequestMatcher(new AntPathRequestMatcher("/logout")); + .formLogin(withDefaults()) + .logout((logout) -> logout + .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))); return http.build(); // @formatter:on } @@ -928,8 +921,8 @@ public class CsrfConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf() - .requireCsrfProtectionMatcher(null); + .csrf((csrf) -> csrf + .requireCsrfProtectionMatcher(null)); return http.build(); // @formatter:on } @@ -944,12 +937,10 @@ public class CsrfConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().permitAll() - .and() - .formLogin() - .and() - .httpBasic(); + .authorizeRequests((requests) -> requests + .anyRequest().permitAll()) + .formLogin(withDefaults()) + .httpBasic(withDefaults()); // @formatter:on return http.build(); } @@ -969,8 +960,8 @@ public class CsrfConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf() - .sessionAuthenticationStrategy(null); + .csrf((csrf) -> csrf + .sessionAuthenticationStrategy(null)); return http.build(); // @formatter:on } @@ -987,10 +978,9 @@ public class CsrfConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .and() - .csrf() - .sessionAuthenticationStrategy(STRATEGY); + .formLogin(withDefaults()) + .csrf((csrf) -> csrf + .sessionAuthenticationStrategy(STRATEGY)); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultFiltersTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultFiltersTests.java index e5a3b3cc0b..46d0fbe54a 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultFiltersTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultFiltersTests.java @@ -63,6 +63,7 @@ import org.springframework.security.web.util.matcher.AnyRequestMatcher; import org.springframework.web.servlet.config.annotation.EnableWebMvc; import static org.assertj.core.api.Assertions.assertThat; +import static org.springframework.security.config.Customizer.withDefaults; /** * @author Rob Winch @@ -170,7 +171,7 @@ public class DefaultFiltersTests { @Bean SecurityFilterChain filterChain(HttpSecurity http) throws Exception { TestHttpSecurities.disableDefaults(http); - http.formLogin(); + http.formLogin(withDefaults()); return http.build(); } @@ -190,8 +191,8 @@ public class DefaultFiltersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER"); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.java index 4a1c9d05d7..61156188e1 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.java @@ -387,10 +387,9 @@ public class DefaultLoginPageConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin(); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin(withDefaults()); // @formatter:on return http.build(); } @@ -410,13 +409,11 @@ public class DefaultLoginPageConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .logout() - .logoutSuccessHandler(new SimpleUrlLogoutSuccessHandler()) - .and() - .formLogin(); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .logout((logout) -> logout + .logoutSuccessHandler(new SimpleUrlLogoutSuccessHandler())) + .formLogin(withDefaults()); return http.build(); // @formatter:on } @@ -431,13 +428,11 @@ public class DefaultLoginPageConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .logout() - .logoutSuccessUrl("/login?logout") - .and() - .formLogin(); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .logout((logout) -> logout + .logoutSuccessUrl("/login?logout")) + .formLogin(withDefaults()); return http.build(); // @formatter:on } @@ -452,12 +447,10 @@ public class DefaultLoginPageConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin() - .and() - .rememberMe(); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin(withDefaults()) + .rememberMe(withDefaults()); return http.build(); // @formatter:on } @@ -477,13 +470,11 @@ public class DefaultLoginPageConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .exceptionHandling() - .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login")) - .and() - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin(); + .exceptionHandling((handling) -> handling + .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login"))) + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin(withDefaults()); return http.build(); // @formatter:on } @@ -500,9 +491,8 @@ public class DefaultLoginPageConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .exceptionHandling() - .and() - .formLogin(); + .exceptionHandling(withDefaults()) + .formLogin(withDefaults()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerAccessDeniedHandlerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerAccessDeniedHandlerTests.java index e9097fd9c1..5b92a1af89 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerAccessDeniedHandlerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerAccessDeniedHandlerTests.java @@ -87,16 +87,15 @@ public class ExceptionHandlingConfigurerAccessDeniedHandlerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().denyAll() - .and() - .exceptionHandling() + .authorizeRequests((requests) -> requests + .anyRequest().denyAll()) + .exceptionHandling((handling) -> handling .defaultAccessDeniedHandlerFor( - this.teapotDeniedHandler, - new AntPathRequestMatcher("/hello/**")) + this.teapotDeniedHandler, + new AntPathRequestMatcher("/hello/**")) .defaultAccessDeniedHandlerFor( - new AccessDeniedHandlerImpl(), - AnyRequestMatcher.INSTANCE); + new AccessDeniedHandlerImpl(), + AnyRequestMatcher.INSTANCE)); return http.build(); // @formatter:on } @@ -146,13 +145,12 @@ public class ExceptionHandlingConfigurerAccessDeniedHandlerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().denyAll() - .and() - .exceptionHandling() + .authorizeRequests((requests) -> requests + .anyRequest().denyAll()) + .exceptionHandling((handling) -> handling .defaultAccessDeniedHandlerFor( - this.teapotDeniedHandler, - new AntPathRequestMatcher("/hello/**")); + this.teapotDeniedHandler, + new AntPathRequestMatcher("/hello/**"))); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerTests.java index d89526127e..07b4a274bb 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerTests.java @@ -52,6 +52,7 @@ import static org.mockito.Mockito.atLeastOnce; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.verify; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.config.annotation.SecurityContextChangedListenerArgumentMatchers.setAuthentication; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl; @@ -241,7 +242,7 @@ public class ExceptionHandlingConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .exceptionHandling(); + .exceptionHandling(withDefaults()); return http.build(); // @formatter:on } @@ -291,12 +292,10 @@ public class ExceptionHandlingConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .httpBasic() - .and() - .formLogin(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .httpBasic(withDefaults()) + .formLogin(withDefaults()); // @formatter:on return http.build(); } @@ -330,12 +329,10 @@ public class ExceptionHandlingConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .httpBasic() - .and() - .formLogin(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .httpBasic(withDefaults()) + .formLogin(withDefaults()); return http.build(); // @formatter:on } @@ -352,12 +349,11 @@ public class ExceptionHandlingConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .exceptionHandling() - .authenticationEntryPoint(AEP).and() - .exceptionHandling(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .exceptionHandling((handling) -> handling + .authenticationEntryPoint(AEP)) + .exceptionHandling(withDefaults()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerTests.java index ebb6b48bae..836d638e3f 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerTests.java @@ -70,6 +70,7 @@ import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.verify; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user; @@ -566,8 +567,8 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("ROLE_USER"); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("ROLE_USER")); return http.build(); // @formatter:on } @@ -584,8 +585,8 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER"); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")); return http.build(); // @formatter:on } @@ -605,7 +606,7 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests(); + .authorizeRequests(withDefaults()); return http.build(); // @formatter:on } @@ -621,9 +622,9 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/a").authenticated() - .anyRequest(); + .anyRequest()); return http.build(); // @formatter:on } @@ -638,10 +639,9 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic() - .and() - .authorizeRequests() - .anyRequest().hasAnyAuthority("ROLE_USER"); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().hasAnyAuthority("ROLE_USER")); return http.build(); // @formatter:on } @@ -656,10 +656,9 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic() - .and() - .authorizeRequests() - .anyRequest().hasAuthority("ROLE_USER"); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().hasAuthority("ROLE_USER")); return http.build(); // @formatter:on } @@ -674,10 +673,9 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic() - .and() - .authorizeRequests() - .anyRequest().hasAnyAuthority("ROLE_USER", "ROLE_ADMIN"); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().hasAnyAuthority("ROLE_USER", "ROLE_ADMIN")); return http.build(); // @formatter:on } @@ -692,8 +690,8 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasAnyRole("USER"); + .authorizeRequests((requests) -> requests + .anyRequest().hasAnyRole("USER")); return http.build(); // @formatter:on } @@ -708,8 +706,8 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasAnyRole("USER"); + .authorizeRequests((requests) -> requests + .anyRequest().hasAnyRole("USER")); return http.build(); // @formatter:on } @@ -729,8 +727,8 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasAnyRole("USER"); + .authorizeRequests((requests) -> requests + .anyRequest().hasAnyRole("USER")); return http.build(); // @formatter:on } @@ -750,8 +748,8 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasAnyRole("USER", "ADMIN"); + .authorizeRequests((requests) -> requests + .anyRequest().hasAnyRole("USER", "ADMIN")); return http.build(); // @formatter:on } @@ -766,8 +764,8 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasAnyRole("USER", "ADMIN"); + .authorizeRequests((requests) -> requests + .anyRequest().hasAnyRole("USER", "ADMIN")); return http.build(); // @formatter:on } @@ -787,8 +785,8 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasAnyRole("USER", "ADMIN"); + .authorizeRequests((requests) -> requests + .anyRequest().hasAnyRole("USER", "ADMIN")); return http.build(); // @formatter:on } @@ -808,10 +806,9 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic() - .and() - .authorizeRequests() - .anyRequest().hasIpAddress("192.168.1.0"); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().hasIpAddress("192.168.1.0")); return http.build(); // @formatter:on } @@ -826,10 +823,9 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic() - .and() - .authorizeRequests() - .anyRequest().anonymous(); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().anonymous()); return http.build(); // @formatter:on } @@ -844,12 +840,10 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .rememberMe() - .and() - .httpBasic() - .and() - .authorizeRequests() - .anyRequest().rememberMe(); + .rememberMe(withDefaults()) + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().rememberMe()); // @formatter:on return http.build(); } @@ -869,10 +863,9 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic() - .and() - .authorizeRequests() - .anyRequest().denyAll(); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().denyAll()); return http.build(); // @formatter:on } @@ -887,10 +880,9 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic() - .and() - .authorizeRequests() - .anyRequest().not().denyAll(); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().not().denyAll()); return http.build(); // @formatter:on } @@ -905,12 +897,10 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .rememberMe() - .and() - .httpBasic() - .and() - .authorizeRequests() - .anyRequest().fullyAuthenticated(); + .rememberMe(withDefaults()) + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().fullyAuthenticated()); return http.build(); // @formatter:on } @@ -930,12 +920,10 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .rememberMe() - .and() - .httpBasic() - .and() - .authorizeRequests() - .anyRequest().access("hasRole('ROLE_USER') or request.method == 'GET'"); + .rememberMe(withDefaults()) + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().access("hasRole('ROLE_USER') or request.method == 'GET'")); return http.build(); // @formatter:on } @@ -955,12 +943,10 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic() - .and() - .authorizeRequests() - .anyRequest().authenticated() - .and() - .authorizeRequests(); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .authorizeRequests(withDefaults()); return http.build(); // @formatter:on } @@ -979,14 +965,13 @@ public class ExpressionUrlAuthorizationConfigurerTests { AffirmativeBased adm = new AffirmativeBased(Collections.singletonList(expressionVoter)); // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .expressionHandler(handler) .accessDecisionManager(adm) .filterSecurityInterceptorOncePerRequest(true) .requestMatchers("/a", "/b").hasRole("ADMIN") - .anyRequest().permitAll() - .and() - .formLogin(); + .anyRequest().permitAll()) + .formLogin(withDefaults()); return http.build(); // @formatter:on } @@ -1001,7 +986,7 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .anyRequest().permitAll() .withObjectPostProcessor(new ObjectPostProcessor() { @Override @@ -1010,7 +995,7 @@ public class ExpressionUrlAuthorizationConfigurerTests { fsi.setPublishAuthorizationSuccess(true); return fsi; } - }); + })); return http.build(); // @formatter:on } @@ -1046,11 +1031,11 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/admin").hasRole("ADMIN") .requestMatchers("/user").hasRole("USER") .requestMatchers("/allow").access("@permission.check(authentication,'user')") - .anyRequest().access("@permission.check(authentication,'admin')"); + .anyRequest().access("@permission.check(authentication,'admin')")); return http.build(); // @formatter:on } @@ -1079,12 +1064,12 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .expressionHandler(expressionHandler()) .requestMatchers("/admin").hasRole("ADMIN") .requestMatchers("/user").hasRole("USER") .requestMatchers("/allow").access("check('user')") - .anyRequest().access("check('admin')"); + .anyRequest().access("check('admin')")); return http.build(); // @formatter:on } @@ -1133,8 +1118,8 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()); // @formatter:on return http.build(); } @@ -1160,12 +1145,12 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/allow").access("hasPermission('ID', 'TYPE', 'PERMISSION')") .requestMatchers("/allowObject").access("hasPermission('TESTOBJ', 'PERMISSION')") .requestMatchers("/deny").access("hasPermission('ID', 'TYPE', 'NO PERMISSION')") .requestMatchers("/denyObject").access("hasPermission('TESTOBJ', 'NO PERMISSION')") - .anyRequest().permitAll(); + .anyRequest().permitAll()); return http.build(); // @formatter:on } @@ -1198,10 +1183,10 @@ public class ExpressionUrlAuthorizationConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/allow").access("hasRole('MEMBER')") .requestMatchers("/deny").access("hasRole('ADMIN')") - .anyRequest().permitAll(); + .anyRequest().permitAll()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java index bea1f943d8..8401ef354e 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java @@ -396,9 +396,9 @@ public class FormLoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin().and() - .requestCache() - .requestCache(this.requestCache); + .formLogin(withDefaults()) + .requestCache((cache) -> cache + .requestCache(this.requestCache)); return http.build(); // @formatter:on } @@ -430,11 +430,10 @@ public class FormLoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin() - .loginPage("/login"); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin((login) -> login + .loginPage("/login")); // @formatter:on return http.build(); } @@ -478,11 +477,10 @@ public class FormLoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin() - .permitAll(); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin((login) -> login + .permitAll()); return http.build(); // @formatter:on } @@ -497,15 +495,13 @@ public class FormLoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin() + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin((login) -> login .loginPage("/authenticate") - .permitAll() - .and() - .logout() - .permitAll(); + .permitAll()) + .logout((logout) -> logout + .permitAll()); return http.build(); // @formatter:on } @@ -544,21 +540,19 @@ public class FormLoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .formLogin() + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .formLogin((login) -> login .loginProcessingUrl("/loginCheck") .loginPage("/login") .defaultSuccessUrl("/", true) .passwordParameter("password") .usernameParameter("username") - .permitAll() - .and() - .logout() + .permitAll()) + .logout((logout) -> logout .logoutSuccessUrl("/login") .logoutUrl("/logout") - .deleteCookies("JSESSIONID"); + .deleteCookies("JSESSIONID")); // @formatter:on return http.build(); } @@ -616,14 +610,12 @@ public class FormLoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin() - .permitAll() - .and() - .portMapper() - .portMapper(PORT_MAPPER); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin((login) -> login + .permitAll()) + .portMapper((mapper) -> mapper + .portMapper(PORT_MAPPER)); // @formatter:on LoginUrlAuthenticationEntryPoint authenticationEntryPoint = (LoginUrlAuthenticationEntryPoint) http .getConfigurer(FormLoginConfigurer.class) @@ -644,12 +636,11 @@ public class FormLoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin() + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin((login) -> login .failureHandler(FAILURE_HANDLER) - .permitAll(); + .permitAll()); return http.build(); // @formatter:on } @@ -664,10 +655,9 @@ public class FormLoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .usernameParameter("custom-username") - .and() - .formLogin(); + .formLogin((login) -> login + .usernameParameter("custom-username")) + .formLogin(withDefaults()); // @formatter:on return http.build(); } @@ -687,15 +677,14 @@ public class FormLoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf() - .disable() - .authorizeRequests() - .anyRequest().authenticated() - .and() - .formLogin() + .csrf((csrf) -> csrf + .disable()) + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .formLogin((login) -> login .failureForwardUrl("/failure_forward_url") .successForwardUrl("/success_forward_url") - .permitAll(); + .permitAll()); // @formatter:on return http.build(); } @@ -717,9 +706,8 @@ public class FormLoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .exceptionHandling() - .and() - .formLogin(); + .exceptionHandling(withDefaults()) + .formLogin(withDefaults()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurerEagerHeadersTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurerEagerHeadersTests.java index 2a75aa5cc9..1525b8cfbd 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurerEagerHeadersTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurerEagerHeadersTests.java @@ -71,14 +71,14 @@ public class HeadersConfigurerEagerHeadersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .addObjectPostProcessor(new ObjectPostProcessor() { @Override public HeaderWriterFilter postProcess(HeaderWriterFilter filter) { filter.setShouldWriteHeadersEagerly(true); return filter; } - }); + })); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurerTests.java index 6c1d75786d..1b68c27628 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurerTests.java @@ -28,6 +28,7 @@ import org.springframework.beans.factory.BeanCreationException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.test.SpringTestContext; @@ -582,7 +583,7 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers(); + .headers(withDefaults()); return http.build(); // @formatter:on } @@ -612,9 +613,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .contentTypeOptions(); + .contentTypeOptions(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -648,9 +649,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .frameOptions(); + .frameOptions(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -665,9 +666,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .httpStrictTransportSecurity(); + .httpStrictTransportSecurity(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -682,9 +683,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .cacheControl(); + .cacheControl(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -718,9 +719,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .xssProtection(); + .xssProtection(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -735,10 +736,10 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .xssProtection() - .headerValue(XXssProtectionHeaderWriter.HeaderValue.ENABLED_MODE_BLOCK); + .xssProtection((xss) -> xss + .headerValue(XXssProtectionHeaderWriter.HeaderValue.ENABLED_MODE_BLOCK))); // @formatter:on return http.build(); } @@ -791,8 +792,8 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() - .frameOptions().sameOrigin(); + .headers((headers) -> headers + .frameOptions((frameOptions) -> frameOptions.sameOrigin())); return http.build(); // @formatter:on } @@ -825,9 +826,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .httpPublicKeyPinning(); + .httpPublicKeyPinning(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -842,10 +843,10 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .httpPublicKeyPinning() - .addSha256Pins("d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM="); + .httpPublicKeyPinning((hpkp) -> hpkp + .addSha256Pins("d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM="))); return http.build(); // @formatter:on } @@ -863,10 +864,9 @@ public class HeadersConfigurerTests { pins.put("E9CZ9INDbd+2eRQozYqqbQ2yXLVKB9+xcprMF+44U1g=", "sha256"); // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .httpPublicKeyPinning() - .withPins(pins); + .httpPublicKeyPinning((hpkp) -> hpkp.withPins(pins))); return http.build(); // @formatter:on } @@ -881,11 +881,11 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .httpPublicKeyPinning() + .httpPublicKeyPinning((hpkp) -> hpkp .addSha256Pins("d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM=") - .maxAgeInSeconds(604800); + .maxAgeInSeconds(604800))); return http.build(); // @formatter:on } @@ -900,11 +900,11 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .httpPublicKeyPinning() + .httpPublicKeyPinning((hpkp) -> hpkp .addSha256Pins("d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM=") - .reportOnly(false); + .reportOnly(false))); return http.build(); // @formatter:on } @@ -919,11 +919,11 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .httpPublicKeyPinning() + .httpPublicKeyPinning((hpkp) -> hpkp .addSha256Pins("d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM=") - .includeSubDomains(true); + .includeSubDomains(true))); return http.build(); // @formatter:on } @@ -938,11 +938,11 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .httpPublicKeyPinning() + .httpPublicKeyPinning((hpkp) -> hpkp .addSha256Pins("d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM=") - .reportUri(new URI("https://example.net/pkp-report")); + .reportUri(URI.create("https://example.net/pkp-report")))); return http.build(); // @formatter:on } @@ -957,11 +957,11 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .httpPublicKeyPinning() + .httpPublicKeyPinning((hpkp) -> hpkp .addSha256Pins("d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM=") - .reportUri("https://example.net/pkp-report"); + .reportUri("https://example.net/pkp-report"))); return http.build(); // @formatter:on } @@ -999,9 +999,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .contentSecurityPolicy("default-src 'self'"); + .contentSecurityPolicy((csp) -> csp.policyDirectives("default-src 'self'"))); return http.build(); // @formatter:on } @@ -1016,10 +1016,11 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .contentSecurityPolicy("default-src 'self'; script-src trustedscripts.example.com") - .reportOnly(); + .contentSecurityPolicy((csp) -> csp + .policyDirectives("default-src 'self'; script-src trustedscripts.example.com") + .reportOnly())); return http.build(); // @formatter:on } @@ -1057,9 +1058,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .contentSecurityPolicy(""); + .contentSecurityPolicy((csp) -> csp.policyDirectives(""))); return http.build(); // @formatter:on } @@ -1114,9 +1115,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .referrerPolicy(); + .referrerPolicy(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -1134,7 +1135,7 @@ public class HeadersConfigurerTests { .headers((headers) -> headers .defaultsDisabled() - .referrerPolicy() + .referrerPolicy(Customizer.withDefaults()) ); return http.build(); // @formatter:on @@ -1150,9 +1151,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .referrerPolicy(ReferrerPolicy.SAME_ORIGIN); + .referrerPolicy((referrer) -> referrer.policy(ReferrerPolicy.SAME_ORIGIN))); return http.build(); // @formatter:on } @@ -1188,9 +1189,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .featurePolicy("geolocation 'self'"); + .featurePolicy("geolocation 'self'")); return http.build(); // @formatter:on } @@ -1205,9 +1206,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .featurePolicy(""); + .featurePolicy("")); return http.build(); // @formatter:on } @@ -1222,9 +1223,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .permissionsPolicy((permissionsPolicy) -> permissionsPolicy.policy("geolocation=(self)")); + .permissionsPolicy((permissionsPolicy) -> permissionsPolicy.policy("geolocation=(self)"))); return http.build(); // @formatter:on } @@ -1239,10 +1240,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .permissionsPolicy() - .policy("geolocation=(self)"); + .permissionsPolicy((permissions) -> permissions.policy("geolocation=(self)"))); return http.build(); // @formatter:on } @@ -1257,9 +1257,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .permissionsPolicy((permissionsPolicy) -> permissionsPolicy.policy(null)); + .permissionsPolicy((permissionsPolicy) -> permissionsPolicy.policy(null))); return http.build(); // @formatter:on } @@ -1274,10 +1274,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .permissionsPolicy() - .policy(""); + .permissionsPolicy((permissions) -> permissions.policy(""))); return http.build(); // @formatter:on } @@ -1292,10 +1291,9 @@ public class HeadersConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .httpStrictTransportSecurity() - .preload(true); + .httpStrictTransportSecurity((hsts) -> hsts.preload(true))); return http.build(); // @formatter:on } @@ -1353,16 +1351,14 @@ public class HeadersConfigurerTests { @Bean SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { // @formatter:off - http.headers() - .defaultsDisabled() - .crossOriginOpenerPolicy() - .policy(CrossOriginOpenerPolicyHeaderWriter.CrossOriginOpenerPolicy.SAME_ORIGIN) - .and() - .crossOriginEmbedderPolicy() - .policy(CrossOriginEmbedderPolicyHeaderWriter.CrossOriginEmbedderPolicy.REQUIRE_CORP) - .and() - .crossOriginResourcePolicy() - .policy(CrossOriginResourcePolicyHeaderWriter.CrossOriginResourcePolicy.SAME_ORIGIN); + http.headers((headers) -> headers + .defaultsDisabled() + .crossOriginOpenerPolicy((opener) -> opener + .policy(CrossOriginOpenerPolicyHeaderWriter.CrossOriginOpenerPolicy.SAME_ORIGIN)) + .crossOriginEmbedderPolicy((embedder) -> embedder + .policy(CrossOriginEmbedderPolicyHeaderWriter.CrossOriginEmbedderPolicy.REQUIRE_CORP)) + .crossOriginResourcePolicy((resource) -> resource + .policy(CrossOriginResourcePolicyHeaderWriter.CrossOriginResourcePolicy.SAME_ORIGIN))); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurerTests.java index 421289ddf4..ce019a7f1d 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurerTests.java @@ -221,7 +221,7 @@ public class HttpBasicConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic(); + .httpBasic(withDefaults()); return http.build(); // @formatter:on } @@ -274,10 +274,9 @@ public class HttpBasicConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .httpBasic(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .httpBasic(withDefaults()); // @formatter:on return http.build(); } @@ -299,11 +298,10 @@ public class HttpBasicConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .httpBasic() - .authenticationEntryPoint(ENTRY_POINT); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .httpBasic((basic) -> basic + .authenticationEntryPoint(ENTRY_POINT)); // @formatter:on return http.build(); } @@ -325,13 +323,11 @@ public class HttpBasicConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .httpBasic() - .authenticationEntryPoint(ENTRY_POINT) - .and() - .httpBasic(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .httpBasic((basic) -> basic + .authenticationEntryPoint(ENTRY_POINT)) + .httpBasic(withDefaults()); // @formatter:on return http.build(); } @@ -351,9 +347,8 @@ public class HttpBasicConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic() - .and() - .rememberMe(); + .httpBasic(withDefaults()) + .rememberMe(withDefaults()); return http.build(); // @formatter:on } @@ -397,8 +392,8 @@ public class HttpBasicConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic() - .securityContextRepository(SECURITY_CONTEXT_REPOSITORY); + .httpBasic((basic) -> basic + .securityContextRepository(SECURITY_CONTEXT_REPOSITORY)); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityLogoutTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityLogoutTests.java index a635aa6cad..b82c2a57a3 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityLogoutTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityLogoutTests.java @@ -100,9 +100,9 @@ public class HttpSecurityLogoutTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf().disable() - .logout() - .clearAuthentication(false); + .csrf((csrf) -> csrf.disable()) + .logout((logout) -> logout + .clearAuthentication(false)); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityRequestMatchersTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityRequestMatchersTests.java index 52f97c4a3e..73a03f4cad 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityRequestMatchersTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityRequestMatchersTests.java @@ -222,14 +222,12 @@ public class HttpSecurityRequestMatchersTests { MvcRequestMatcher.Builder mvcMatcherBuilder = new MvcRequestMatcher.Builder(introspector); // @formatter:off http - .securityMatchers() + .securityMatchers((security) -> security .requestMatchers(mvcMatcherBuilder.pattern("/test-1")) .requestMatchers(mvcMatcherBuilder.pattern("/test-2")) - .requestMatchers(mvcMatcherBuilder.pattern("/test-3")) - .and() - .authorizeRequests() - .anyRequest().denyAll() - .and() + .requestMatchers(mvcMatcherBuilder.pattern("/test-3"))) + .authorizeRequests((requests) -> requests + .anyRequest().denyAll()) .httpBasic(withDefaults()); // @formatter:on return http.build(); @@ -240,11 +238,10 @@ public class HttpSecurityRequestMatchersTests { MvcRequestMatcher.Builder mvcMatcherBuilder = new MvcRequestMatcher.Builder(introspector); // @formatter:off http - .securityMatchers() - .requestMatchers(mvcMatcherBuilder.pattern("/test-1")) - .and() - .authorizeRequests() - .anyRequest().permitAll(); + .securityMatchers((security) -> security + .requestMatchers(mvcMatcherBuilder.pattern("/test-1"))) + .authorizeRequests((requests) -> requests + .anyRequest().permitAll()); // @formatter:on return http.build(); } @@ -271,9 +268,9 @@ public class HttpSecurityRequestMatchersTests { // @formatter:off http .securityMatcher(new MvcRequestMatcher(introspector, "/path")) - .httpBasic().and() - .authorizeRequests() - .anyRequest().denyAll(); + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().denyAll()); // @formatter:on return http.build(); } @@ -304,12 +301,11 @@ public class HttpSecurityRequestMatchersTests { SecurityFilterChain filterChain(HttpSecurity http, HandlerMappingIntrospector introspector) throws Exception { // @formatter:off http - .securityMatchers() - .requestMatchers(new MvcRequestMatcher(introspector, "/path")) - .and() - .httpBasic().and() - .authorizeRequests() - .anyRequest().denyAll(); + .securityMatchers((security) -> security + .requestMatchers(new MvcRequestMatcher(introspector, "/path"))) + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().denyAll()); // @formatter:on return http.build(); } @@ -376,13 +372,12 @@ public class HttpSecurityRequestMatchersTests { mvcMatcherBuilder.servletPath("/spring"); // @formatter:off http - .securityMatchers() + .securityMatchers((security) -> security .requestMatchers(mvcMatcherBuilder.pattern("/path")) - .requestMatchers("/never-match") - .and() - .httpBasic().and() - .authorizeRequests() - .anyRequest().denyAll(); + .requestMatchers("/never-match")) + .httpBasic(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().denyAll()); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecuritySecurityMatchersNoMvcTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecuritySecurityMatchersNoMvcTests.java index d56c40d9e2..7dca1b7b5e 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecuritySecurityMatchersNoMvcTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecuritySecurityMatchersNoMvcTests.java @@ -45,6 +45,7 @@ import org.springframework.web.bind.annotation.RestController; import org.springframework.web.context.support.AnnotationConfigWebApplicationContext; import static org.assertj.core.api.Assertions.assertThat; +import static org.springframework.security.config.Customizer.withDefaults; /** * @author Marcus Da Coregio @@ -121,9 +122,9 @@ public class HttpSecuritySecurityMatchersNoMvcTests { // @formatter:off http .securityMatcher("/path") - .httpBasic().and() - .authorizeHttpRequests() - .anyRequest().denyAll(); + .httpBasic(withDefaults()) + .authorizeHttpRequests((requests) -> requests + .anyRequest().denyAll()); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecuritySecurityMatchersTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecuritySecurityMatchersTests.java index 3f70043e67..b476c45c38 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecuritySecurityMatchersTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecuritySecurityMatchersTests.java @@ -222,14 +222,12 @@ public class HttpSecuritySecurityMatchersTests { SecurityFilterChain first(HttpSecurity http) throws Exception { // @formatter:off http - .securityMatchers() + .securityMatchers((security) -> security .requestMatchers("/test-1") .requestMatchers("/test-2") - .requestMatchers("/test-3") - .and() - .authorizeHttpRequests() - .anyRequest().denyAll() - .and() + .requestMatchers("/test-3")) + .authorizeHttpRequests((requests) -> requests + .anyRequest().denyAll()) .httpBasic(withDefaults()); // @formatter:on return http.build(); @@ -239,11 +237,10 @@ public class HttpSecuritySecurityMatchersTests { SecurityFilterChain second(HttpSecurity http) throws Exception { // @formatter:off http - .securityMatchers() - .requestMatchers("/test-1") - .and() - .authorizeHttpRequests() - .anyRequest().permitAll(); + .securityMatchers((security) -> security + .requestMatchers("/test-1")) + .authorizeHttpRequests((requests) -> requests + .anyRequest().permitAll()); // @formatter:on return http.build(); } @@ -271,9 +268,9 @@ public class HttpSecuritySecurityMatchersTests { // @formatter:off http .securityMatcher("/path") - .httpBasic().and() - .authorizeHttpRequests() - .anyRequest().denyAll(); + .httpBasic(withDefaults()) + .authorizeHttpRequests((requests) -> requests + .anyRequest().denyAll()); // @formatter:on return http.build(); } @@ -301,9 +298,9 @@ public class HttpSecuritySecurityMatchersTests { // @formatter:off http .securityMatcher("/path") - .httpBasic().and() - .authorizeHttpRequests() - .anyRequest().denyAll(); + .httpBasic(withDefaults()) + .authorizeHttpRequests((requests) -> requests + .anyRequest().denyAll()); // @formatter:on return http.build(); } @@ -364,13 +361,13 @@ public class HttpSecuritySecurityMatchersTests { .servletPath("/spring"); // @formatter:off http - .securityMatchers() + .securityMatchers((security) -> security .requestMatchers(mvcMatcherBuilder.pattern("/path")) .requestMatchers(mvcMatcherBuilder.pattern("/never-match")) - .and() - .httpBasic().and() - .authorizeHttpRequests() - .anyRequest().denyAll(); + ) + .httpBasic(withDefaults()) + .authorizeHttpRequests((requests) -> requests + .anyRequest().denyAll()); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/JeeConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/JeeConfigurerTests.java index 327c755a6a..527933f178 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/JeeConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/JeeConfigurerTests.java @@ -44,6 +44,7 @@ import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.verify; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; @@ -162,7 +163,7 @@ public class JeeConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .jee(); + .jee(withDefaults()); return http.build(); // @formatter:on } @@ -191,10 +192,9 @@ public class JeeConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .jee() - .mappableRoles("USER") - .and() - .jee(); + .jee((jee) -> jee + .mappableRoles("USER")) + .jee(withDefaults()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurerClearSiteDataTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurerClearSiteDataTests.java index 2a8f102a0f..7cae3927d7 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurerClearSiteDataTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurerClearSiteDataTests.java @@ -97,8 +97,8 @@ public class LogoutConfigurerClearSiteDataTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .logout() - .addLogoutHandler(new HeaderWriterLogoutHandler(new ClearSiteDataHeaderWriter(SOURCE))); + .logout((logout) -> logout + .addLogoutHandler(new HeaderWriterLogoutHandler(new ClearSiteDataHeaderWriter(SOURCE)))); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurerTests.java index ea62cd7046..b8414c53fd 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurerTests.java @@ -56,6 +56,7 @@ import static org.mockito.Mockito.mock; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.delete; @@ -414,8 +415,8 @@ public class LogoutConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .logout() - .defaultLogoutSuccessHandlerFor(null, mock(RequestMatcher.class)); + .logout((logout) -> logout + .defaultLogoutSuccessHandlerFor(null, mock(RequestMatcher.class))); return http.build(); // @formatter:on } @@ -447,8 +448,8 @@ public class LogoutConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .logout() - .defaultLogoutSuccessHandlerFor(mock(LogoutSuccessHandler.class), null); + .logout((logout) -> logout + .defaultLogoutSuccessHandlerFor(mock(LogoutSuccessHandler.class), null)); return http.build(); // @formatter:on } @@ -482,7 +483,7 @@ public class LogoutConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .logout(); + .logout(withDefaults()); return http.build(); // @formatter:on } @@ -511,10 +512,9 @@ public class LogoutConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .logout() - .logoutUrl("/custom/logout") - .and() - .logout(); + .logout((logout) -> logout + .logoutUrl("/custom/logout")) + .logout(withDefaults()); // @formatter:on return http.build(); } @@ -534,9 +534,9 @@ public class LogoutConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf() - .disable() - .logout(); + .csrf((csrf) -> csrf + .disable()) + .logout(withDefaults()); return http.build(); // @formatter:on } @@ -551,10 +551,10 @@ public class LogoutConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf() - .disable() - .logout() - .logoutUrl("/custom/logout"); + .csrf((csrf) -> csrf + .disable()) + .logout((logout) -> logout + .logoutUrl("/custom/logout")); return http.build(); // @formatter:on } @@ -569,8 +569,8 @@ public class LogoutConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf() - .disable() + .csrf((csrf) -> csrf + .disable()) .logout((logout) -> logout.logoutUrl("/custom/logout")); return http.build(); // @formatter:on @@ -586,8 +586,8 @@ public class LogoutConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .logout() - .addLogoutHandler(null); + .logout((logout) -> logout + .addLogoutHandler(null)); return http.build(); // @formatter:on } @@ -619,8 +619,8 @@ public class LogoutConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .rememberMe() - .rememberMeServices(REMEMBER_ME); + .rememberMe((me) -> me + .rememberMeServices(REMEMBER_ME)); return http.build(); // @formatter:on } @@ -641,8 +641,8 @@ public class LogoutConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .logout() - .disable(); + .logout((logout) -> logout + .disable()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpAnonymousTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpAnonymousTests.java index 46839372cf..e0128d8ae2 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpAnonymousTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpAnonymousTests.java @@ -99,9 +99,9 @@ public class NamespaceHttpAnonymousTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/type").anonymous() - .anyRequest().denyAll(); + .anyRequest().denyAll()); return http.build(); // @formatter:on } @@ -116,10 +116,9 @@ public class NamespaceHttpAnonymousTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().permitAll() - .and() - .anonymous().disable(); + .authorizeRequests((requests) -> requests + .anyRequest().permitAll()) + .anonymous((anonymous) -> anonymous.disable()); // @formatter:on return http.build(); } @@ -140,12 +139,11 @@ public class NamespaceHttpAnonymousTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/type").hasRole("ANON") - .anyRequest().denyAll() - .and() - .anonymous() - .authorities("ROLE_ANON"); + .anyRequest().denyAll()) + .anonymous((anonymous) -> anonymous + .authorities("ROLE_ANON")); return http.build(); // @formatter:on } @@ -161,11 +159,10 @@ public class NamespaceHttpAnonymousTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/key").anonymous() - .anyRequest().denyAll() - .and() - .anonymous().key("AnonymousKeyConfig"); + .anyRequest().denyAll()) + .anonymous((anonymous) -> anonymous.key("AnonymousKeyConfig")); return http.build(); // @formatter:on } @@ -181,11 +178,10 @@ public class NamespaceHttpAnonymousTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/principal").anonymous() - .anyRequest().denyAll() - .and() - .anonymous().principal("AnonymousUsernameConfig"); + .anyRequest().denyAll()) + .anonymous((anonymous) -> anonymous.principal("AnonymousUsernameConfig")); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.java index 1ffc8d349c..c1fa89078a 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.java @@ -183,10 +183,9 @@ public class NamespaceHttpBasicTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .httpBasic(); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .httpBasic(withDefaults()); return http.build(); // @formatter:on } @@ -220,10 +219,9 @@ public class NamespaceHttpBasicTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .httpBasic().realmName("Custom Realm"); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .httpBasic((basic) -> basic.realmName("Custom Realm")); return http.build(); // @formatter:on } @@ -260,8 +258,8 @@ public class NamespaceHttpBasicTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic() - .authenticationDetailsSource(this.authenticationDetailsSource); + .httpBasic((basic) -> basic + .authenticationDetailsSource(this.authenticationDetailsSource)); return http.build(); // @formatter:on } @@ -307,11 +305,10 @@ public class NamespaceHttpBasicTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .httpBasic() - .authenticationEntryPoint(this.authenticationEntryPoint); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .httpBasic((basic) -> basic + .authenticationEntryPoint(this.authenticationEntryPoint)); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.java index 36920cd85a..2ff73da375 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.java @@ -48,6 +48,7 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic import org.springframework.web.filter.OncePerRequestFilter; import static org.assertj.core.api.Assertions.assertThat; +import static org.springframework.security.config.Customizer.withDefaults; /** * Tests to verify that all the functionality of <custom-filter> attributes is @@ -110,7 +111,7 @@ public class NamespaceHttpCustomFilterTests { // @formatter:off http .addFilterBefore(new CustomFilter(), UsernamePasswordAuthenticationFilter.class) - .formLogin(); + .formLogin(withDefaults()); return http.build(); // @formatter:on } @@ -126,7 +127,7 @@ public class NamespaceHttpCustomFilterTests { // @formatter:off http .addFilterAfter(new CustomFilter(), UsernamePasswordAuthenticationFilter.class) - .formLogin(); + .formLogin(withDefaults()); return http.build(); // @formatter:on } @@ -181,9 +182,8 @@ public class NamespaceHttpCustomFilterTests { // @formatter:off TestHttpSecurities.disableDefaults(http); http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) .addFilterBefore(new CustomFilter(), UsernamePasswordAuthenticationFilter.class); return http.build(); // @formatter:on diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.java index 37cbeb59bb..d9738431e4 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.java @@ -99,9 +99,9 @@ public class NamespaceHttpExpressionHandlerTests { handler.setExpressionParser(expressionParser()); // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .expressionHandler(handler) - .anyRequest().access("hasRole('USER')"); + .anyRequest().access("hasRole('USER')")); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java index c1bd55dbdb..54b0e5ca87 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java @@ -42,6 +42,7 @@ import org.springframework.web.servlet.config.annotation.EnableWebMvc; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.verify; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; @@ -124,10 +125,9 @@ public class NamespaceHttpFormLoginTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin(); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin(withDefaults()); return http.build(); // @formatter:on } @@ -143,16 +143,15 @@ public class NamespaceHttpFormLoginTests { boolean alwaysUseDefaultSuccess = true; // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin() + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin((login) -> login .usernameParameter("username") // form-login@username-parameter .passwordParameter("password") // form-login@password-parameter .loginPage("/authentication/login") // form-login@login-page .failureUrl("/authentication/login?failed") // form-login@authentication-failure-url .loginProcessingUrl("/authentication/login/process") // form-login@login-processing-url - .defaultSuccessUrl("/default", alwaysUseDefaultSuccess); + .defaultSuccessUrl("/default", alwaysUseDefaultSuccess)); return http.build(); // form-login@default-target-url / form-login@always-use-default-target // @formatter:on } @@ -169,15 +168,13 @@ public class NamespaceHttpFormLoginTests { successHandler.setDefaultTargetUrl("/custom/targetUrl"); // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin() + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin((login) -> login .loginPage("/login") .failureHandler(new SimpleUrlAuthenticationFailureHandler("/custom/failure")) // form-login@authentication-failure-handler-ref .successHandler(successHandler) // form-login@authentication-success-handler-ref - .authenticationDetailsSource(authenticationDetailsSource()) // form-login@authentication-details-source-ref - .and(); + .authenticationDetailsSource(authenticationDetailsSource())); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpHeadersTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpHeadersTests.java index 97fc903076..4a59f2312e 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpHeadersTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpHeadersTests.java @@ -27,6 +27,7 @@ import org.junit.jupiter.api.extension.ExtendWith; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.test.SpringTestContext; @@ -41,6 +42,7 @@ import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.ResultMatcher; import static org.assertj.core.api.Assertions.assertThat; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header; @@ -161,7 +163,7 @@ public class NamespaceHttpHeadersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers(); + .headers(withDefaults()); return http.build(); // @formatter:on } @@ -176,9 +178,9 @@ public class NamespaceHttpHeadersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .cacheControl(); + .cacheControl(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -193,9 +195,9 @@ public class NamespaceHttpHeadersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .httpStrictTransportSecurity(); + .httpStrictTransportSecurity(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -210,13 +212,13 @@ public class NamespaceHttpHeadersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers // hsts@request-matcher-ref, hsts@max-age-seconds, hsts@include-subdomains .defaultsDisabled() - .httpStrictTransportSecurity() + .httpStrictTransportSecurity((hsts) -> hsts .requestMatcher(AnyRequestMatcher.INSTANCE) .maxAgeInSeconds(15768000) - .includeSubDomains(false); + .includeSubDomains(false))); return http.build(); // @formatter:on } @@ -231,11 +233,10 @@ public class NamespaceHttpHeadersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers // frame-options@policy=SAMEORIGIN .defaultsDisabled() - .frameOptions() - .sameOrigin(); + .frameOptions((frameOptions) -> frameOptions.sameOrigin())); return http.build(); // @formatter:on } @@ -250,11 +251,11 @@ public class NamespaceHttpHeadersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers // frame-options@ref .defaultsDisabled() .addHeaderWriter(new XFrameOptionsHeaderWriter( - new StaticAllowFromStrategy(URI.create("https://example.com")))); + new StaticAllowFromStrategy(URI.create("https://example.com"))))); return http.build(); // @formatter:on } @@ -269,10 +270,10 @@ public class NamespaceHttpHeadersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers // xss-protection .defaultsDisabled() - .xssProtection(); + .xssProtection(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -287,11 +288,11 @@ public class NamespaceHttpHeadersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers // xss-protection@enabled and xss-protection@block .defaultsDisabled() - .xssProtection() - .headerValue(XXssProtectionHeaderWriter.HeaderValue.ENABLED_MODE_BLOCK); + .xssProtection((xss) -> xss + .headerValue(XXssProtectionHeaderWriter.HeaderValue.ENABLED_MODE_BLOCK))); // @formatter:on return http.build(); } @@ -306,10 +307,10 @@ public class NamespaceHttpHeadersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers // content-type-options .defaultsDisabled() - .contentTypeOptions(); + .contentTypeOptions(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -324,9 +325,9 @@ public class NamespaceHttpHeadersTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .headers() + .headers((headers) -> headers .defaultsDisabled() - .addHeaderWriter(new StaticHeadersWriter("customHeaderName", "customHeaderValue")); + .addHeaderWriter(new StaticHeadersWriter("customHeaderName", "customHeaderValue"))); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.java index 37cc5ea2c2..9b10de45ea 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.java @@ -118,7 +118,7 @@ public class NamespaceHttpInterceptUrlTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests().requestMatchers( + .authorizeRequests((requests) -> requests.requestMatchers( // the line below is similar to intercept-url@pattern: // //" access="hasRole('ROLE_ADMIN')"/> @@ -128,14 +128,13 @@ public class NamespaceHttpInterceptUrlTests { //" access="hasRole('ROLE_ADMIN')" method="POST"/> HttpMethod.POST, "/admin/post", "/admin/another-post/**").hasRole("ADMIN") .requestMatchers("/signup").permitAll() - .anyRequest().hasRole("USER") - .and() - .requiresChannel().requestMatchers("/login", "/secured/**") + .anyRequest().hasRole("USER")) + .requiresChannel((channel) -> channel.requestMatchers("/login", "/secured/**") // NOTE: channel security is configured separately of authorization (i.e. intercept-url@access // the line below is similar to intercept-url@requires-channel="https": // //" requires-channel="https"/> - .requiresSecure().anyRequest().requiresInsecure(); + .requiresSecure().anyRequest().requiresInsecure()); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.java index dad9820b34..b5edd3b5b1 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.java @@ -104,11 +104,10 @@ public class NamespaceHttpJeeTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("user") - .and() - .jee() - .mappableRoles("user", "admin"); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("user")) + .jee((jee) -> jee + .mappableRoles("user", "admin")); return http.build(); // @formatter:on } @@ -126,12 +125,11 @@ public class NamespaceHttpJeeTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("user") - .and() - .jee() + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("user")) + .jee((jee) -> jee .mappableAuthorities("ROLE_user", "ROLE_admin") - .authenticatedUserDetailsService(this.authenticationUserDetailsService); + .authenticatedUserDetailsService(this.authenticationUserDetailsService)); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpLogoutTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpLogoutTests.java index 3d00e909d3..7f8858b964 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpLogoutTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpLogoutTests.java @@ -196,11 +196,11 @@ public class NamespaceHttpLogoutTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .logout() + .logout((logout) -> logout .deleteCookies("remove") // logout@delete-cookies .invalidateHttpSession(false) // logout@invalidate-session=false (default is true) .logoutUrl("/custom-logout") // logout@logout-url (default is /logout) - .logoutSuccessUrl("/logout-success"); + .logoutSuccessUrl("/logout-success")); return http.build(); // logout@success-url (default is /login?logout) // @formatter:on } @@ -237,8 +237,8 @@ public class NamespaceHttpLogoutTests { logoutSuccessHandler.setDefaultTargetUrl("/SuccessHandlerRefHttpLogoutConfig"); // @formatter:off http - .logout() - .logoutSuccessHandler(logoutSuccessHandler); + .logout((logout) -> logout + .logoutSuccessHandler(logoutSuccessHandler)); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.java index 382772a21a..474de9516e 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.java @@ -70,15 +70,13 @@ public class NamespaceHttpPortMappingsTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .portMapper() - .http(9080).mapsTo(9443) - .and() - .requiresChannel() + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .portMapper((mapper) -> mapper + .http(9080).mapsTo(9443)) + .requiresChannel((channel) -> channel .requestMatchers("/login", "/secured/**").requiresSecure() - .anyRequest().requiresInsecure(); + .anyRequest().requiresInsecure()); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpRequestCacheTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpRequestCacheTests.java index 1c463544f4..4eb4667b97 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpRequestCacheTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpRequestCacheTests.java @@ -88,11 +88,10 @@ public class NamespaceHttpRequestCacheTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .requestCache() - .requestCache(requestCache()); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .requestCache((cache) -> cache + .requestCache(requestCache())); // @formatter:on return http.build(); } @@ -117,8 +116,8 @@ public class NamespaceHttpRequestCacheTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpServerAccessDeniedHandlerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpServerAccessDeniedHandlerTests.java index 1df9a4a4cf..8980c95c8c 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpServerAccessDeniedHandlerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpServerAccessDeniedHandlerTests.java @@ -112,11 +112,10 @@ public class NamespaceHttpServerAccessDeniedHandlerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().denyAll() - .and() - .exceptionHandling() - .accessDeniedPage("/AccessDeniedPageConfig"); + .authorizeRequests((requests) -> requests + .anyRequest().denyAll()) + .exceptionHandling((handling) -> handling + .accessDeniedPage("/AccessDeniedPageConfig")); return http.build(); // @formatter:on } @@ -152,11 +151,10 @@ public class NamespaceHttpServerAccessDeniedHandlerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().denyAll() - .and() - .exceptionHandling() - .accessDeniedHandler(accessDeniedHandler()); + .authorizeRequests((requests) -> requests + .anyRequest().denyAll()) + .exceptionHandling((handling) -> handling + .accessDeniedHandler(accessDeniedHandler())); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.java index 7085786c4e..5b6bbfd05c 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.java @@ -54,6 +54,7 @@ import org.springframework.web.servlet.config.annotation.EnableWebMvc; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.x509; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; @@ -153,10 +154,9 @@ public class NamespaceHttpX509Tests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .x509(); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .x509(withDefaults()); // @formatter:on return http.build(); } @@ -182,11 +182,10 @@ public class NamespaceHttpX509Tests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .x509() - .authenticationDetailsSource(authenticationDetailsSource()); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .x509((x509) -> x509 + .authenticationDetailsSource(authenticationDetailsSource())); // @formatter:on return http.build(); } @@ -217,11 +216,10 @@ public class NamespaceHttpX509Tests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .x509() - .subjectPrincipalRegex("CN=(.*?)@example.com(?:,|$)"); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .x509((x509) -> x509 + .subjectPrincipalRegex("CN=(.*?)@example.com(?:,|$)")); // @formatter:on return http.build(); } @@ -247,11 +245,10 @@ public class NamespaceHttpX509Tests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .x509() - .x509PrincipalExtractor(this::extractCommonName); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .x509((x509) -> x509 + .x509PrincipalExtractor(this::extractCommonName)); // @formatter:on return http.build(); } @@ -282,11 +279,10 @@ public class NamespaceHttpX509Tests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .x509() - .userDetailsService((username) -> USER); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .x509((x509) -> x509 + .userDetailsService((username) -> USER)); // @formatter:on return http.build(); } @@ -312,11 +308,10 @@ public class NamespaceHttpX509Tests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .x509() - .authenticationUserDetailsService((authentication) -> USER); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .x509((x509) -> x509 + .authenticationUserDetailsService((authentication) -> USER)); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java index c55f865db8..a9434bef89 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.java @@ -57,6 +57,7 @@ import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoMoreInteractions; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; @@ -287,12 +288,10 @@ public class NamespaceRememberMeTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin() - .and() - .rememberMe(); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin(withDefaults()) + .rememberMe(withDefaults()); return http.build(); // @formatter:on } @@ -313,10 +312,9 @@ public class NamespaceRememberMeTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .and() - .rememberMe() - .rememberMeServices(REMEMBER_ME_SERVICES); + .formLogin(withDefaults()) + .rememberMe((me) -> me + .rememberMeServices(REMEMBER_ME_SERVICES)); return http.build(); // @formatter:on } @@ -333,10 +331,9 @@ public class NamespaceRememberMeTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .and() - .rememberMe() - .authenticationSuccessHandler(SUCCESS_HANDLER); + .formLogin(withDefaults()) + .rememberMe((me) -> me + .authenticationSuccessHandler(SUCCESS_HANDLER)); return http.build(); // @formatter:on } @@ -354,10 +351,9 @@ public class NamespaceRememberMeTests { http .securityMatcher(new AntPathRequestMatcher("/without-key/**")) .authorizeHttpRequests((requests) -> requests.anyRequest().authenticated()) - .formLogin() - .loginProcessingUrl("/without-key/login") - .and() - .rememberMe(); + .formLogin((login) -> login + .loginProcessingUrl("/without-key/login")) + .rememberMe(withDefaults()); return http.build(); // @formatter:on } @@ -367,13 +363,11 @@ public class NamespaceRememberMeTests { SecurityFilterChain keyFilterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .formLogin() - .and() - .rememberMe() - .key("KeyConfig"); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .formLogin(withDefaults()) + .rememberMe((me) -> me + .key("KeyConfig")); return http.build(); // @formatter:on } @@ -392,10 +386,9 @@ public class NamespaceRememberMeTests { // tokenRepository.setDataSource(dataSource); // @formatter:off http - .formLogin() - .and() - .rememberMe() - .tokenRepository(TOKEN_REPOSITORY); + .formLogin(withDefaults()) + .rememberMe((me) -> me + .tokenRepository(TOKEN_REPOSITORY)); return http.build(); // @formatter:on } @@ -410,13 +403,11 @@ public class NamespaceRememberMeTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .formLogin() - .and() - .rememberMe() - .tokenValiditySeconds(314); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .formLogin(withDefaults()) + .rememberMe((me) -> me + .tokenValiditySeconds(314)); return http.build(); // @formatter:on } @@ -431,10 +422,9 @@ public class NamespaceRememberMeTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .and() - .rememberMe() - .useSecureCookie(true); + .formLogin(withDefaults()) + .rememberMe((me) -> me + .useSecureCookie(true)); return http.build(); // @formatter:on } @@ -449,10 +439,9 @@ public class NamespaceRememberMeTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .and() - .rememberMe() - .rememberMeParameter("rememberMe"); + .formLogin(withDefaults()) + .rememberMe((me) -> me + .rememberMeParameter("rememberMe")); return http.build(); // @formatter:on } @@ -467,10 +456,9 @@ public class NamespaceRememberMeTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .and() - .rememberMe() - .rememberMeCookieName("rememberMe"); + .formLogin(withDefaults()) + .rememberMe((me) -> me + .rememberMeCookieName("rememberMe")); return http.build(); // @formatter:on } @@ -487,9 +475,8 @@ public class NamespaceRememberMeTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .and() - .rememberMe(); + .formLogin(withDefaults()) + .rememberMe(withDefaults()); // @formatter:on return http.build(); } @@ -511,10 +498,9 @@ public class NamespaceRememberMeTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .and() - .rememberMe() - .userDetailsService(USERDETAILS_SERVICE); + .formLogin(withDefaults()) + .rememberMe((me) -> me + .userDetailsService(USERDETAILS_SERVICE)); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceSessionManagementTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceSessionManagementTests.java index 6f518db408..c06d54ede4 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceSessionManagementTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceSessionManagementTests.java @@ -63,6 +63,7 @@ import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.verify; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl; @@ -287,18 +288,16 @@ public class NamespaceSessionManagementTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .httpBasic() - .and() - .sessionManagement() + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .httpBasic(withDefaults()) + .sessionManagement((management) -> management .invalidSessionUrl("/invalid-session") // session-management@invalid-session-url .sessionAuthenticationErrorUrl("/session-auth-error") // session-management@session-authentication-error-url .maximumSessions(1) // session-management/concurrency-control@max-sessions - .maxSessionsPreventsLogin(true) // session-management/concurrency-control@error-if-maximum-exceeded - .expiredUrl("/expired-session") // session-management/concurrency-control@expired-url - .sessionRegistry(sessionRegistry()); + .maxSessionsPreventsLogin(true) // session-management/concurrency-control@error-if-maximum-exceeded + .expiredUrl("/expired-session") // session-management/concurrency-control@expired-url + .sessionRegistry(sessionRegistry())); return http.build(); // session-management/concurrency-control@session-registry-ref // @formatter:on } @@ -320,8 +319,8 @@ public class NamespaceSessionManagementTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .sessionManagement() - .invalidSessionStrategy(invalidSessionStrategy()); + .sessionManagement((management) -> management + .invalidSessionStrategy(invalidSessionStrategy())); return http.build(); // @formatter:on } @@ -343,10 +342,9 @@ public class NamespaceSessionManagementTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .sessionManagement() - .sessionAuthenticationStrategy(sessionAuthenticationStrategy()) // session-management@session-authentication-strategy-ref - .and() - .httpBasic(); + .sessionManagement((management) -> management + .sessionAuthenticationStrategy(sessionAuthenticationStrategy())) + .httpBasic(withDefaults()); return http.build(); // @formatter:on } @@ -366,10 +364,9 @@ public class NamespaceSessionManagementTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .sessionManagement() - .sessionAuthenticationStrategy(new NullAuthenticatedSessionStrategy()) - .and() - .httpBasic(); + .sessionManagement((management) -> management + .sessionAuthenticationStrategy(new NullAuthenticatedSessionStrategy())) + .httpBasic(withDefaults()); return http.build(); // @formatter:on } @@ -384,10 +381,9 @@ public class NamespaceSessionManagementTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .sessionManagement() - .requireExplicitAuthenticationStrategy(false) - .and() - .httpBasic(); + .sessionManagement((management) -> management + .requireExplicitAuthenticationStrategy(false)) + .httpBasic(withDefaults()); return http.build(); // @formatter:on } @@ -403,9 +399,9 @@ public class NamespaceSessionManagementTests { // @formatter:off http .sessionManagement((sessions) -> sessions - .requireExplicitAuthenticationStrategy(false) + .requireExplicitAuthenticationStrategy(false) ) - .httpBasic(); + .httpBasic(withDefaults()); return http.build(); // @formatter:on } @@ -426,10 +422,10 @@ public class NamespaceSessionManagementTests { // @formatter:off http .sessionManagement((sessions) -> sessions - .sessionFixation().newSession() - .requireExplicitAuthenticationStrategy(false) + .sessionFixation().newSession() + .requireExplicitAuthenticationStrategy(false) ) - .httpBasic(); + .httpBasic(withDefaults()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PermitAllSupportTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PermitAllSupportTests.java index 802735ec1a..1ff5905ca1 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PermitAllSupportTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PermitAllSupportTests.java @@ -100,12 +100,11 @@ public class PermitAllSupportTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .formLogin() + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .formLogin((login) -> login .loginPage("/xyz").permitAll() - .loginProcessingUrl("/abc?def").permitAll(); + .loginProcessingUrl("/abc?def").permitAll()); return http.build(); // @formatter:on } @@ -120,12 +119,11 @@ public class PermitAllSupportTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeHttpRequests() - .anyRequest().authenticated() - .and() - .formLogin() - .loginPage("/xyz").permitAll() - .loginProcessingUrl("/abc?def").permitAll(); + .authorizeHttpRequests((requests) -> requests + .anyRequest().authenticated()) + .formLogin((login) -> login + .loginPage("/xyz").permitAll() + .loginProcessingUrl("/abc?def").permitAll()); return http.build(); // @formatter:on } @@ -140,15 +138,13 @@ public class PermitAllSupportTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .authorizeHttpRequests() - .anyRequest().authenticated() - .and() - .formLogin() - .loginPage("/xyz").permitAll() - .loginProcessingUrl("/abc?def").permitAll(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .authorizeHttpRequests((requests) -> requests + .anyRequest().authenticated()) + .formLogin((login) -> login + .loginPage("/xyz").permitAll() + .loginProcessingUrl("/abc?def").permitAll()); return http.build(); // @formatter:on } @@ -163,8 +159,8 @@ public class PermitAllSupportTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .permitAll(); + .formLogin((login) -> login + .permitAll()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PortMapperConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PortMapperConfigurerTests.java index ce19e6aa20..8241948f98 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PortMapperConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/PortMapperConfigurerTests.java @@ -32,6 +32,7 @@ import org.springframework.security.web.PortMapperImpl; import org.springframework.security.web.SecurityFilterChain; import org.springframework.test.web.servlet.MockMvc; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl; @@ -73,13 +74,11 @@ public class PortMapperConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .requiresChannel() - .anyRequest().requiresSecure() - .and() - .portMapper() - .http(543).mapsTo(123) - .and() - .portMapper(); + .requiresChannel((channel) -> channel + .anyRequest().requiresSecure()) + .portMapper((mapper) -> mapper + .http(543).mapsTo(123)) + .portMapper(withDefaults()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurerTests.java index e3cb83f76f..73be687d53 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurerTests.java @@ -365,12 +365,10 @@ public class RememberMeConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin() - .and() - .rememberMe(); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin(withDefaults()) + .rememberMe(withDefaults()); // @formatter:on return http.build(); } @@ -398,8 +396,8 @@ public class RememberMeConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .rememberMe() - .userDetailsService(new AuthenticationManagerBuilder(this.objectPostProcessor).getDefaultUserDetailsService()); + .rememberMe((me) -> me + .userDetailsService(new AuthenticationManagerBuilder(this.objectPostProcessor).getDefaultUserDetailsService())); // @formatter:on return http.build(); } @@ -435,12 +433,10 @@ public class RememberMeConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic() - .and() - .rememberMe() - .userDetailsService(userDetailsService) - .and() - .rememberMe(); + .httpBasic(withDefaults()) + .rememberMe((me) -> me + .userDetailsService(userDetailsService)) + .rememberMe(withDefaults()); return http.build(); // @formatter:on } @@ -489,12 +485,10 @@ public class RememberMeConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin() - .and() - .rememberMe(); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin(withDefaults()) + .rememberMe(withDefaults()); return http.build(); // @formatter:on } @@ -539,13 +533,11 @@ public class RememberMeConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin() - .and() - .rememberMe() - .rememberMeCookieDomain("spring.io"); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin(withDefaults()) + .rememberMe((me) -> me + .rememberMeCookieDomain("spring.io")); return http.build(); // @formatter:on } @@ -595,15 +587,13 @@ public class RememberMeConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin() - .and() - .rememberMe() + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin(withDefaults()) + .rememberMe((me) -> me .rememberMeCookieName("SPRING_COOKIE_DOMAIN") .rememberMeCookieDomain("spring.io") - .rememberMeServices(REMEMBER_ME); + .rememberMeServices(REMEMBER_ME)); return http.build(); // @formatter:on } @@ -627,13 +617,11 @@ public class RememberMeConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().hasRole("USER") - .and() - .formLogin() - .and() - .rememberMe() - .rememberMeServices(new TokenBasedRememberMeServices("key", userDetailsService())); + .authorizeRequests((requests) -> requests + .anyRequest().hasRole("USER")) + .formLogin(withDefaults()) + .rememberMe((me) -> me + .rememberMeServices(new TokenBasedRememberMeServices("key", userDetailsService()))); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java index e6a597e0a8..f22d69e1a3 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java @@ -328,7 +328,7 @@ public class RequestCacheConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .requestCache(); + .requestCache(withDefaults()); return http.build(); // @formatter:on } @@ -359,10 +359,9 @@ public class RequestCacheConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .requestCache() - .requestCache(requestCache) - .and() - .requestCache(); + .requestCache((cache) -> cache + .requestCache(requestCache)) + .requestCache(withDefaults()); return http.build(); // @formatter:on } @@ -377,10 +376,9 @@ public class RequestCacheConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .formLogin(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .formLogin(withDefaults()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestMatcherConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestMatcherConfigurerTests.java index 066c491701..f8b18381be 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestMatcherConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestMatcherConfigurerTests.java @@ -78,14 +78,12 @@ public class RequestMatcherConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .securityMatchers() - .requestMatchers(new AntPathRequestMatcher("/api/**")) - .and() - .securityMatchers() - .requestMatchers(new AntPathRequestMatcher("/oauth/**")) - .and() - .authorizeRequests() - .anyRequest().denyAll(); + .securityMatchers((security) -> security + .requestMatchers(new AntPathRequestMatcher("/api/**"))) + .securityMatchers((security) -> security + .requestMatchers(new AntPathRequestMatcher("/oauth/**"))) + .authorizeRequests((requests) -> requests + .anyRequest().denyAll()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SecurityContextConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SecurityContextConfigurerTests.java index 31c6fbfc66..ad14a2c5d1 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SecurityContextConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SecurityContextConfigurerTests.java @@ -152,7 +152,7 @@ public class SecurityContextConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .securityContext(); + .securityContext(withDefaults()); return http.build(); // @formatter:on } @@ -183,10 +183,9 @@ public class SecurityContextConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .securityContext() - .securityContextRepository(SCR) - .and() - .securityContext(); + .securityContext((context) -> context + .securityContextRepository(SCR)) + .securityContext(withDefaults()); return http.build(); // @formatter:on } @@ -203,14 +202,11 @@ public class SecurityContextConfigurerTests { // @formatter:off http .addFilter(new WebAsyncManagerIntegrationFilter()) - .anonymous() - .and() - .securityContext() - .and() - .authorizeRequests() - .anyRequest().permitAll() - .and() - .httpBasic(); + .anonymous(withDefaults()) + .securityContext(withDefaults()) + .authorizeRequests((requests) -> requests + .anyRequest().permitAll()) + .httpBasic(withDefaults()); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ServletApiConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ServletApiConfigurerTests.java index 9c1a47cf90..f1df48be8c 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ServletApiConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ServletApiConfigurerTests.java @@ -224,7 +224,7 @@ public class ServletApiConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .servletApi(); + .servletApi(withDefaults()); return http.build(); // @formatter:on } @@ -286,13 +286,11 @@ public class ServletApiConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .exceptionHandling() - .authenticationEntryPoint(ENTRYPOINT) - .and() - .formLogin(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .exceptionHandling((handling) -> handling + .authenticationEntryPoint(ENTRYPOINT)) + .formLogin(withDefaults()); // @formatter:on return http.build(); } @@ -312,10 +310,9 @@ public class ServletApiConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .servletApi() - .rolePrefix("PERMISSION_") - .and() - .servletApi(); + .servletApi((api) -> api + .rolePrefix("PERMISSION_")) + .servletApi(withDefaults()); return http.build(); // @formatter:on } @@ -392,8 +389,8 @@ public class ServletApiConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .servletApi().and() - .logout(); + .servletApi(withDefaults()) + .logout(withDefaults()); return http.build(); // @formatter:on } @@ -408,7 +405,7 @@ public class ServletApiConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf().disable(); + .csrf((csrf) -> csrf.disable()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerServlet31Tests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerServlet31Tests.java index e5e129197d..cd32887961 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerServlet31Tests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerServlet31Tests.java @@ -45,6 +45,7 @@ import org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository; import org.springframework.security.web.csrf.XorCsrfTokenRequestAttributeHandler; import static org.assertj.core.api.Assertions.assertThat; +import static org.springframework.security.config.Customizer.withDefaults; /** * @author Rob Winch @@ -122,9 +123,8 @@ public class SessionManagementConfigurerServlet31Tests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .and() - .sessionManagement(); + .formLogin(withDefaults()) + .sessionManagement(withDefaults()); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionAuthenticationStrategyTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionAuthenticationStrategyTests.java index 045c1089e1..75feb75189 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionAuthenticationStrategyTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionAuthenticationStrategyTests.java @@ -39,6 +39,7 @@ import org.springframework.test.web.servlet.MockMvc; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin; /** @@ -72,10 +73,9 @@ public class SessionManagementConfigurerSessionAuthenticationStrategyTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .and() - .sessionManagement() - .sessionAuthenticationStrategy(customSessionAuthenticationStrategy); + .formLogin(withDefaults()) + .sessionManagement((management) -> management + .sessionAuthenticationStrategy(customSessionAuthenticationStrategy)); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionCreationPolicyTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionCreationPolicyTests.java index c7305f9834..50eadd28ed 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionCreationPolicyTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionCreationPolicyTests.java @@ -93,7 +93,7 @@ public class SessionManagementConfigurerSessionCreationPolicyTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); + .sessionManagement((management) -> management.sessionCreationPolicy(SessionCreationPolicy.STATELESS)); // @formatter:on http.setSharedObject(SessionCreationPolicy.class, SessionCreationPolicy.ALWAYS); return http.build(); diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTests.java index bca300ec52..04ce689e96 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTests.java @@ -551,11 +551,10 @@ public class SessionManagementConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .requestCache() - .requestCache(REQUEST_CACHE) - .and() - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.STATELESS); + .requestCache((cache) -> cache + .requestCache(REQUEST_CACHE)) + .sessionManagement((management) -> management + .sessionCreationPolicy(SessionCreationPolicy.STATELESS)); return http.build(); // @formatter:on } @@ -572,11 +571,10 @@ public class SessionManagementConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .securityContext() - .securityContextRepository(SECURITY_CONTEXT_REPO) - .and() - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.STATELESS); + .securityContext((context) -> context + .securityContextRepository(SECURITY_CONTEXT_REPO)) + .sessionManagement((management) -> management + .sessionCreationPolicy(SessionCreationPolicy.STATELESS)); return http.build(); // @formatter:on } @@ -591,10 +589,9 @@ public class SessionManagementConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.STATELESS) - .and() - .sessionManagement(); + .sessionManagement((management) -> management + .sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .sessionManagement(withDefaults()); return http.build(); // @formatter:on } @@ -609,11 +606,10 @@ public class SessionManagementConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .httpBasic() - .and() - .sessionManagement() + .httpBasic(withDefaults()) + .sessionManagement((management) -> management .sessionFixation().none() - .maximumSessions(1); + .maximumSessions(1)); // @formatter:on return http.build(); } @@ -658,11 +654,10 @@ public class SessionManagementConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .formLogin() - .and() - .sessionManagement() + .formLogin(withDefaults()) + .sessionManagement((management) -> management .maximumSessions(1) - .maxSessionsPreventsLogin(true); + .maxSessionsPreventsLogin(true)); // @formatter:on return http.build(); } @@ -766,8 +761,8 @@ public class SessionManagementConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .sessionManagement() - .maximumSessions(1); + .sessionManagement((management) -> management + .maximumSessions(1)); return http.build(); // @formatter:on } @@ -818,8 +813,8 @@ public class SessionManagementConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .sessionManagement() - .maximumSessions(1); + .sessionManagement((management) -> management + .maximumSessions(1)); return http.build(); // @formatter:on } @@ -843,8 +838,8 @@ public class SessionManagementConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .sessionManagement() - .maximumSessions(1); + .sessionManagement((management) -> management + .maximumSessions(1)); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTransientAuthenticationTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTransientAuthenticationTests.java index bef7862820..0011e89af8 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTransientAuthenticationTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTransientAuthenticationTests.java @@ -72,7 +72,7 @@ public class SessionManagementConfigurerTransientAuthenticationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .csrf().disable() + .csrf((csrf) -> csrf.disable()) .authenticationProvider(new TransientAuthenticationProvider()); // @formatter:on return http.build(); @@ -88,7 +88,7 @@ public class SessionManagementConfigurerTransientAuthenticationTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS); + .sessionManagement((management) -> management.sessionCreationPolicy(SessionCreationPolicy.ALWAYS)); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurerTests.java index fe93d6bb64..d0728428dc 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurerTests.java @@ -49,6 +49,7 @@ import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.handler.HandlerMappingIntrospector; import static org.assertj.core.api.Assertions.assertThat; +import static org.springframework.security.config.Customizer.withDefaults; /** * @author Rob Winch @@ -135,9 +136,9 @@ public class UrlAuthorizationConfigurerTests { HandlerMappingIntrospector introspector) throws Exception { // @formatter:off http - .httpBasic().and() + .httpBasic(withDefaults()) .apply(new UrlAuthorizationConfigurer(context)).getRegistry() - .requestMatchers(new MvcRequestMatcher(introspector, "/path")).hasRole("ADMIN"); + .requestMatchers(new MvcRequestMatcher(introspector, "/path")).hasRole("ADMIN"); // @formatter:on return http.build(); } @@ -171,9 +172,9 @@ public class UrlAuthorizationConfigurerTests { mvcRequestMatcher.setServletPath("/spring"); // @formatter:off http - .httpBasic().and() + .httpBasic(withDefaults()) .apply(new UrlAuthorizationConfigurer(context)).getRegistry() - .requestMatchers(mvcRequestMatcher).hasRole("ADMIN"); + .requestMatchers(mvcRequestMatcher).hasRole("ADMIN"); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationsTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationsTests.java index 9cbf6617b9..7f0af95555 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationsTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationsTests.java @@ -141,13 +141,13 @@ public class UrlAuthorizationsTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/role-user-authority").hasAnyAuthority("ROLE_USER") .requestMatchers("/role-admin-authority").hasAnyAuthority("ROLE_ADMIN") .requestMatchers("/role-user-admin-authority").hasAnyAuthority("ROLE_USER", "ROLE_ADMIN") .requestMatchers("/role-user").hasAnyRole("USER") .requestMatchers("/role-admin").hasAnyRole("ADMIN") - .requestMatchers("/role-user-admin").hasAnyRole("USER", "ADMIN"); + .requestMatchers("/role-user-admin").hasAnyRole("USER", "ADMIN")); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/X509ConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/X509ConfigurerTests.java index 63a3a963df..7293eb32fa 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/X509ConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/X509ConfigurerTests.java @@ -199,7 +199,7 @@ public class X509ConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .x509(); + .x509(withDefaults()); return http.build(); // @formatter:on } @@ -228,10 +228,9 @@ public class X509ConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .x509() - .subjectPrincipalRegex("CN=(.*?)@example.com(?:,|$)") - .and() - .x509(); + .x509((x509) -> x509 + .subjectPrincipalRegex("CN=(.*?)@example.com(?:,|$)")) + .x509(withDefaults()); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java index 42d6ab7103..15f011de74 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java @@ -354,17 +354,15 @@ public class OAuth2ClientConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .requestCache() - .requestCache(requestCache) - .and() - .oauth2Client() - .authorizationCodeGrant() + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .requestCache((cache) -> cache + .requestCache(requestCache)) + .oauth2Client((client) -> client + .authorizationCodeGrant((code) -> code .authorizationRequestResolver(authorizationRequestResolver) .authorizationRedirectStrategy(authorizationRedirectStrategy) - .accessTokenResponseClient(accessTokenResponseClient); + .accessTokenResponseClient(accessTokenResponseClient))); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java index 9895beaded..980c7c5995 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java @@ -44,6 +44,7 @@ import org.springframework.mock.web.MockFilterChain; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.authentication.event.AuthenticationSuccessEvent; +import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.SecurityContextChangedListenerConfig; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; @@ -118,6 +119,7 @@ import static org.mockito.Mockito.atLeastOnce; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoInteractions; +import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.config.annotation.SecurityContextChangedListenerArgumentMatchers.setAuthentication; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; @@ -780,9 +782,9 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .oauth2Login() + .oauth2Login((login) -> login .clientRegistrationRepository( - new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION)); + new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION))); // @formatter:on return super.configureFilterChain(http); } @@ -805,10 +807,9 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .oauth2Login() - .clientRegistrationRepository(this.clientRegistrationRepository) - .and() - .formLogin(); + .oauth2Login((login) -> login + .clientRegistrationRepository(this.clientRegistrationRepository)) + .formLogin(withDefaults()); // @formatter:on return super.configureFilterChain(http); } @@ -850,11 +851,11 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .oauth2Login() + .oauth2Login((login) -> login .clientRegistrationRepository( - new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION)) - .userInfoEndpoint() - .userAuthoritiesMapper(createGrantedAuthoritiesMapper()); + new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION)) + .userInfoEndpoint((info) -> info + .userAuthoritiesMapper(createGrantedAuthoritiesMapper()))); // @formatter:on return super.configureFilterChain(http); } @@ -869,7 +870,7 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .oauth2Login(); + .oauth2Login(withDefaults()); // @formatter:on return super.configureFilterChain(http); } @@ -894,15 +895,13 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .securityContext() - .securityContextRepository(securityContextRepository()) - .and() - .oauth2Login() - .tokenEndpoint() - .accessTokenResponseClient(createOauth2AccessTokenResponseClient()); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .securityContext((context) -> context + .securityContextRepository(securityContextRepository())) + .oauth2Login((login) -> login + .tokenEndpoint((token) -> token + .accessTokenResponseClient(createOauth2AccessTokenResponseClient()))); return http.build(); // @formatter:on } @@ -947,10 +946,10 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .oauth2Login() + .oauth2Login((login) -> login .clientRegistrationRepository( new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION)) - .loginProcessingUrl("/login/oauth2/*"); + .loginProcessingUrl("/login/oauth2/*")); // @formatter:on return super.configureFilterChain(http); } @@ -970,10 +969,10 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .oauth2Login() + .oauth2Login((login) -> login .clientRegistrationRepository(this.clientRegistrationRepository) - .authorizationEndpoint() - .authorizationRequestResolver(this.resolver); + .authorizationEndpoint((authorize) -> authorize + .authorizationRequestResolver(this.resolver))); // @formatter:on return super.configureFilterChain(http); } @@ -991,9 +990,9 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .oauth2Login() + .oauth2Login((login) -> login .clientRegistrationRepository(this.clientRegistrationRepository) - .authorizationEndpoint(); + .authorizationEndpoint(Customizer.withDefaults())); // @formatter:on return super.configureFilterChain(http); } @@ -1106,10 +1105,10 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .oauth2Login() + .oauth2Login((login) -> login .clientRegistrationRepository( - new InMemoryClientRegistrationRepository( - GOOGLE_CLIENT_REGISTRATION, GITHUB_CLIENT_REGISTRATION)); + new InMemoryClientRegistrationRepository( + GOOGLE_CLIENT_REGISTRATION, GITHUB_CLIENT_REGISTRATION))); // @formatter:on return super.configureFilterChain(http); } @@ -1124,10 +1123,10 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .oauth2Login() + .oauth2Login((login) -> login .clientRegistrationRepository( - new InMemoryClientRegistrationRepository( - GOOGLE_CLIENT_REGISTRATION, CLIENT_CREDENTIALS_REGISTRATION)); + new InMemoryClientRegistrationRepository( + GOOGLE_CLIENT_REGISTRATION, CLIENT_CREDENTIALS_REGISTRATION))); // @formatter:on return super.configureFilterChain(http); } @@ -1142,10 +1141,10 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .oauth2Login() + .oauth2Login((login) -> login .clientRegistrationRepository( - new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION)) - .loginPage("/custom-login"); + new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION)) + .loginPage("/custom-login")); // @formatter:on return super.configureFilterChain(http); } @@ -1180,8 +1179,8 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .logout() - .logoutSuccessHandler(oidcLogoutSuccessHandler()); + .logout((logout) -> logout + .logoutSuccessHandler(oidcLogoutSuccessHandler())); // @formatter:on return super.configureFilterChain(http); } @@ -1209,11 +1208,10 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .oauth2Login() + .oauth2Login((login) -> login .clientRegistrationRepository( - new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION)) - .and() - .httpBasic(); + new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION))) + .httpBasic(withDefaults()); // @formatter:on return super.configureFilterChain(http); } @@ -1254,14 +1252,13 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .oauth2Login() + .oauth2Login((login) -> login .clientRegistrationRepository( - new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION)) - .and() - .exceptionHandling() + new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION))) + .exceptionHandling((handling) -> handling .defaultAuthenticationEntryPointFor( - new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED), - new RequestHeaderRequestMatcher("X-Requested-With", "XMLHttpRequest")); + new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED), + new RequestHeaderRequestMatcher("X-Requested-With", "XMLHttpRequest"))); // @formatter:on return super.configureFilterChain(http); } @@ -1312,19 +1309,16 @@ public class OAuth2LoginConfigurerTests { SecurityFilterChain configureFilterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .securityContext() - .securityContextRepository(securityContextRepository()) - .and() - .oauth2Login() - .tokenEndpoint() - .accessTokenResponseClient(createOauth2AccessTokenResponseClient()) - .and() - .userInfoEndpoint() + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .securityContext((context) -> context + .securityContextRepository(securityContextRepository())) + .oauth2Login((login) -> login + .tokenEndpoint((token) -> token + .accessTokenResponseClient(createOauth2AccessTokenResponseClient())) + .userInfoEndpoint((info) -> info .userService(createOauth2UserService()) - .oidcUserService(createOidcUserService()); + .oidcUserService(createOidcUserService()))); // @formatter:on return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java index b88ed1a1c7..c7c31aa5e4 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java @@ -82,10 +82,10 @@ import org.springframework.security.authentication.AuthenticationManagerResolver import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.AuthenticationServiceException; import org.springframework.security.authentication.TestingAuthenticationToken; +import org.springframework.security.config.Customizer; import org.springframework.security.config.ObjectPostProcessor; import org.springframework.security.config.annotation.SecurityContextChangedListenerConfig; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; -import org.springframework.security.config.annotation.web.HttpSecurityBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; @@ -163,7 +163,6 @@ import static org.mockito.ArgumentMatchers.eq; import static org.mockito.BDDMockito.given; import static org.mockito.Mockito.atLeastOnce; import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.never; import static org.mockito.Mockito.verify; import static org.springframework.security.config.Customizer.withDefaults; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; @@ -815,15 +814,16 @@ public class OAuth2ResourceServerConfigurerTests { @Test public void getJwtDecoderWhenConfiguredWithDecoderAndJwkSetUriThenLastOneWins() { ApplicationContext context = mock(ApplicationContext.class); - OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = new OAuth2ResourceServerConfigurer(context).jwt(); JwtDecoder decoder = mock(JwtDecoder.class); - jwtConfigurer.jwkSetUri(JWK_SET_URI); - jwtConfigurer.decoder(decoder); - assertThat(jwtConfigurer.getJwtDecoder()).isEqualTo(decoder); - jwtConfigurer = new OAuth2ResourceServerConfigurer(context).jwt(); - jwtConfigurer.decoder(decoder); - jwtConfigurer.jwkSetUri(JWK_SET_URI); - assertThat(jwtConfigurer.getJwtDecoder()).isInstanceOf(NimbusJwtDecoder.class); + new OAuth2ResourceServerConfigurer(context).jwt((jwt) -> { + jwt.jwkSetUri(JWK_SET_URI); + jwt.decoder(decoder); + assertThat(jwt.getJwtDecoder()).isEqualTo(decoder); + }); + new OAuth2ResourceServerConfigurer(context).jwt((jwt) -> { + jwt.decoder(decoder).jwkSetUri(JWK_SET_URI); + assertThat(jwt.getJwtDecoder()).isInstanceOf(NimbusJwtDecoder.class); + }); } @Test @@ -832,9 +832,10 @@ public class OAuth2ResourceServerConfigurerTests { JwtDecoder decoder = mock(JwtDecoder.class); ApplicationContext context = mock(ApplicationContext.class); given(context.getBean(JwtDecoder.class)).willReturn(decoderBean); - OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = new OAuth2ResourceServerConfigurer(context).jwt(); - jwtConfigurer.decoder(decoder); - assertThat(jwtConfigurer.getJwtDecoder()).isEqualTo(decoder); + new OAuth2ResourceServerConfigurer(context).jwt((jwt) -> { + jwt.decoder(decoder); + assertThat(jwt.getJwtDecoder()).isEqualTo(decoder); + }); } @Test @@ -842,10 +843,11 @@ public class OAuth2ResourceServerConfigurerTests { JwtDecoder decoder = mock(JwtDecoder.class); ApplicationContext context = mock(ApplicationContext.class); given(context.getBean(JwtDecoder.class)).willReturn(decoder); - OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = new OAuth2ResourceServerConfigurer(context).jwt(); - jwtConfigurer.jwkSetUri(JWK_SET_URI); - assertThat(jwtConfigurer.getJwtDecoder()).isNotEqualTo(decoder); - assertThat(jwtConfigurer.getJwtDecoder()).isInstanceOf(NimbusJwtDecoder.class); + new OAuth2ResourceServerConfigurer(context).jwt((jwt) -> { + jwt.jwkSetUri(JWK_SET_URI); + assertThat(jwt.getJwtDecoder()).isNotEqualTo(decoder); + assertThat(jwt.getJwtDecoder()).isInstanceOf(NimbusJwtDecoder.class); + }); } @Test @@ -856,9 +858,10 @@ public class OAuth2ResourceServerConfigurerTests { context.registerBean("decoderOne", JwtDecoder.class, () -> decoderBean); context.registerBean("decoderTwo", JwtDecoder.class, () -> decoderBean); this.spring.context(context).autowire(); - OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = new OAuth2ResourceServerConfigurer(context).jwt(); - jwtConfigurer.decoder(decoder); - assertThat(jwtConfigurer.getJwtDecoder()).isEqualTo(decoder); + new OAuth2ResourceServerConfigurer(context).jwt((jwt) -> { + jwt.decoder(decoder); + assertThat(jwt.getJwtDecoder()).isEqualTo(decoder); + }); } @Test @@ -868,8 +871,9 @@ public class OAuth2ResourceServerConfigurerTests { context.registerBean("decoderOne", JwtDecoder.class, () -> decoder); context.registerBean("decoderTwo", JwtDecoder.class, () -> decoder); this.spring.context(context).autowire(); - OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = new OAuth2ResourceServerConfigurer(context).jwt(); - assertThatExceptionOfType(NoUniqueBeanDefinitionException.class).isThrownBy(jwtConfigurer::getJwtDecoder); + new OAuth2ResourceServerConfigurer(context) + .jwt((jwt) -> assertThatExceptionOfType(NoUniqueBeanDefinitionException.class) + .isThrownBy(jwt::getJwtDecoder)); } @Test @@ -1152,19 +1156,19 @@ public class OAuth2ResourceServerConfigurerTests { @Test public void getIntrospectionClientWhenConfiguredWithClientAndIntrospectionUriThenLastOneWins() { ApplicationContext context = mock(ApplicationContext.class); - OAuth2ResourceServerConfigurer.OpaqueTokenConfigurer opaqueTokenConfigurer = new OAuth2ResourceServerConfigurer( - context) - .opaqueToken(); OpaqueTokenIntrospector client = mock(OpaqueTokenIntrospector.class); - opaqueTokenConfigurer.introspectionUri(INTROSPECTION_URI); - opaqueTokenConfigurer.introspectionClientCredentials(CLIENT_ID, CLIENT_SECRET); - opaqueTokenConfigurer.introspector(client); - assertThat(opaqueTokenConfigurer.getIntrospector()).isEqualTo(client); - opaqueTokenConfigurer = new OAuth2ResourceServerConfigurer(context).opaqueToken(); - opaqueTokenConfigurer.introspector(client); - opaqueTokenConfigurer.introspectionUri(INTROSPECTION_URI); - opaqueTokenConfigurer.introspectionClientCredentials(CLIENT_ID, CLIENT_SECRET); - assertThat(opaqueTokenConfigurer.getIntrospector()).isNotSameAs(client); + new OAuth2ResourceServerConfigurer(context).opaqueToken((opaqueToken) -> { + opaqueToken.introspectionUri(INTROSPECTION_URI); + opaqueToken.introspectionClientCredentials(CLIENT_ID, CLIENT_SECRET); + opaqueToken.introspector(client); + assertThat(opaqueToken.getIntrospector()).isEqualTo(client); + }); + new OAuth2ResourceServerConfigurer(context).opaqueToken((opaqueToken) -> { + opaqueToken.introspector(client); + opaqueToken.introspectionUri(INTROSPECTION_URI); + opaqueToken.introspectionClientCredentials(CLIENT_ID, CLIENT_SECRET); + assertThat(opaqueToken.getIntrospector()).isNotSameAs(client); + }); } @Test @@ -1172,11 +1176,11 @@ public class OAuth2ResourceServerConfigurerTests { GenericApplicationContext context = new GenericApplicationContext(); registerMockBean(context, "introspectionClientOne", OpaqueTokenIntrospector.class); registerMockBean(context, "introspectionClientTwo", OpaqueTokenIntrospector.class); - OAuth2ResourceServerConfigurer.OpaqueTokenConfigurer opaqueToken = new OAuth2ResourceServerConfigurer(context) - .opaqueToken(); - opaqueToken.introspectionUri(INTROSPECTION_URI); - opaqueToken.introspectionClientCredentials(CLIENT_ID, CLIENT_SECRET); - assertThat(opaqueToken.getIntrospector()).isNotNull(); + new OAuth2ResourceServerConfigurer(context).opaqueToken((opaqueToken) -> { + opaqueToken.introspectionUri(INTROSPECTION_URI); + opaqueToken.introspectionClientCredentials(CLIENT_ID, CLIENT_SECRET); + assertThat(opaqueToken.getIntrospector()).isNotNull(); + }); } @Test @@ -1263,17 +1267,16 @@ public class OAuth2ResourceServerConfigurerTests { @Test public void getAuthenticationManagerWhenConfiguredAuthenticationManagerThenTakesPrecedence() { ApplicationContext context = mock(ApplicationContext.class); - HttpSecurityBuilder http = mock(HttpSecurityBuilder.class); - OAuth2ResourceServerConfigurer oauth2ResourceServer = new OAuth2ResourceServerConfigurer(context); + OAuth2ResourceServerConfigurer oauth2ResourceServer = new OAuth2ResourceServerConfigurer<>( + context); AuthenticationManager authenticationManager = mock(AuthenticationManager.class); - oauth2ResourceServer.jwt().authenticationManager(authenticationManager).decoder(mock(JwtDecoder.class)); - assertThat(oauth2ResourceServer.getAuthenticationManager(http)).isSameAs(authenticationManager); - oauth2ResourceServer = new OAuth2ResourceServerConfigurer(context); - oauth2ResourceServer.opaqueToken() - .authenticationManager(authenticationManager) - .introspector(mock(OpaqueTokenIntrospector.class)); - assertThat(oauth2ResourceServer.getAuthenticationManager(http)).isSameAs(authenticationManager); - verify(http, never()).authenticationProvider(any(AuthenticationProvider.class)); + oauth2ResourceServer + .jwt((jwt) -> jwt.authenticationManager(authenticationManager).decoder(mock(JwtDecoder.class))); + assertThat(oauth2ResourceServer.getAuthenticationManager(null)).isSameAs(authenticationManager); + oauth2ResourceServer = new OAuth2ResourceServerConfigurer<>(context); + oauth2ResourceServer.opaqueToken((opaqueToken) -> opaqueToken.authenticationManager(authenticationManager) + .introspector(mock(OpaqueTokenIntrospector.class))); + assertThat(oauth2ResourceServer.getAuthenticationManager(null)).isSameAs(authenticationManager); } @Test @@ -1343,8 +1346,9 @@ public class OAuth2ResourceServerConfigurerTests { @Test public void getJwtAuthenticationConverterWhenNoConverterSpecifiedThenTheDefaultIsUsed() { ApplicationContext context = this.spring.context(new GenericWebApplicationContext()).getContext(); - OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = new OAuth2ResourceServerConfigurer(context).jwt(); - assertThat(jwtConfigurer.getJwtAuthenticationConverter()).isInstanceOf(JwtAuthenticationConverter.class); + new OAuth2ResourceServerConfigurer(context) + .jwt((jwt) -> assertThat(jwt.getJwtAuthenticationConverter()) + .isInstanceOf(JwtAuthenticationConverter.class)); } @Test @@ -1353,8 +1357,8 @@ public class OAuth2ResourceServerConfigurerTests { GenericWebApplicationContext context = new GenericWebApplicationContext(); context.registerBean(JwtAuthenticationConverter.class, () -> converterBean); this.spring.context(context).autowire(); - OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = new OAuth2ResourceServerConfigurer(context).jwt(); - assertThat(jwtConfigurer.getJwtAuthenticationConverter()).isEqualTo(converterBean); + new OAuth2ResourceServerConfigurer(context) + .jwt((jwt) -> assertThat(jwt.getJwtAuthenticationConverter()).isEqualTo(converterBean)); } @Test @@ -1364,9 +1368,10 @@ public class OAuth2ResourceServerConfigurerTests { GenericWebApplicationContext context = new GenericWebApplicationContext(); context.registerBean(JwtAuthenticationConverter.class, () -> converterBean); this.spring.context(context).autowire(); - OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = new OAuth2ResourceServerConfigurer(context).jwt(); - jwtConfigurer.jwtAuthenticationConverter(converter); - assertThat(jwtConfigurer.getJwtAuthenticationConverter()).isEqualTo(converter); + new OAuth2ResourceServerConfigurer(context).jwt((jwt) -> { + jwt.jwtAuthenticationConverter(converter); + assertThat(jwt.getJwtAuthenticationConverter()).isEqualTo(converter); + }); } @Test @@ -1377,9 +1382,10 @@ public class OAuth2ResourceServerConfigurerTests { context.registerBean("converterOne", JwtAuthenticationConverter.class, () -> converterBean); context.registerBean("converterTwo", JwtAuthenticationConverter.class, () -> converterBean); this.spring.context(context).autowire(); - OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = new OAuth2ResourceServerConfigurer(context).jwt(); - jwtConfigurer.jwtAuthenticationConverter(converter); - assertThat(jwtConfigurer.getJwtAuthenticationConverter()).isEqualTo(converter); + new OAuth2ResourceServerConfigurer(context).jwt((jwt) -> { + jwt.jwtAuthenticationConverter(converter); + assertThat(jwt.getJwtAuthenticationConverter()).isEqualTo(converter); + }); } @Test @@ -1389,9 +1395,10 @@ public class OAuth2ResourceServerConfigurerTests { context.registerBean("converterOne", JwtAuthenticationConverter.class, () -> converterBean); context.registerBean("converterTwo", JwtAuthenticationConverter.class, () -> converterBean); this.spring.context(context).autowire(); - OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = new OAuth2ResourceServerConfigurer(context).jwt(); - assertThatExceptionOfType(NoUniqueBeanDefinitionException.class) - .isThrownBy(jwtConfigurer::getJwtAuthenticationConverter); + new OAuth2ResourceServerConfigurer(context).jwt((jwt) -> { + assertThatExceptionOfType(NoUniqueBeanDefinitionException.class) + .isThrownBy(jwt::getJwtAuthenticationConverter); + }); } @Test @@ -1550,12 +1557,11 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/requires-read-scope").access("hasAuthority('SCOPE_message:read')") - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .jwt(); + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -1600,14 +1606,12 @@ public class OAuth2ResourceServerConfigurerTests { DefaultBearerTokenResolver defaultBearerTokenResolver = new DefaultBearerTokenResolver(); defaultBearerTokenResolver.setAllowUriQueryParameter(true); http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/requires-read-scope").access("hasAuthority('SCOPE_message:read')") - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server .bearerTokenResolver(defaultBearerTokenResolver) - .jwt() - .jwkSetUri(this.jwkSetUri); + .jwt((jwt) -> jwt.jwkSetUri(this.jwkSetUri))); return http.build(); // @formatter:on } @@ -1656,14 +1660,12 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/requires-read-scope").access("hasAuthority('SCOPE_message:read')") - .anyRequest().authenticated() - .and() - .csrf().disable() - .oauth2ResourceServer() - .jwt() - .jwkSetUri(this.jwkSetUri); + .anyRequest().authenticated()) + .csrf((csrf) -> csrf.disable()) + .oauth2ResourceServer((server) -> server + .jwt((jwt) -> jwt.jwkSetUri(this.jwkSetUri))); return http.build(); // @formatter:on } @@ -1678,12 +1680,11 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .anonymous().disable() - .oauth2ResourceServer() - .jwt(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .anonymous((anonymous) -> anonymous.disable()) + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -1699,11 +1700,10 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .jwt(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -1718,10 +1718,9 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer(withDefaults()); return http.build(); // @formatter:on } @@ -1736,12 +1735,11 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server .authenticationEntryPoint(authenticationEntryPoint()) - .jwt(); + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -1762,12 +1760,11 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().denyAll() - .and() - .oauth2ResourceServer() + .authorizeRequests((requests) -> requests + .anyRequest().denyAll()) + .oauth2ResourceServer((server) -> server .accessDeniedHandler(accessDeniedHandler()) - .jwt(); + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -1788,16 +1785,13 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().denyAll() - .and() - .exceptionHandling() - .defaultAccessDeniedHandlerFor(new AccessDeniedHandlerImpl(), (request) -> false) - .and() - .httpBasic() - .and() - .oauth2ResourceServer() - .jwt(); + .authorizeRequests((requests) -> requests + .anyRequest().denyAll()) + .exceptionHandling((handling) -> handling + .defaultAccessDeniedHandlerFor(new AccessDeniedHandlerImpl(), (request) -> false)) + .httpBasic(withDefaults()) + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -1826,12 +1820,11 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .jwt() - .jwtAuthenticationConverter(getJwtAuthenticationConverter()); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .jwt((jwt) -> jwt + .jwtAuthenticationConverter(getJwtAuthenticationConverter()))); return http.build(); // @formatter:on } @@ -1851,12 +1844,11 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .requestMatchers("/requires-read-scope").access("hasAuthority('message:read')") - .and() - .oauth2ResourceServer() - .jwt() - .jwtAuthenticationConverter(getJwtAuthenticationConverter()); + .authorizeRequests((requests) -> requests + .requestMatchers("/requires-read-scope").access("hasAuthority('message:read')")) + .oauth2ResourceServer((server) -> server + .jwt((jwt) -> jwt + .jwtAuthenticationConverter(getJwtAuthenticationConverter()))); return http.build(); // @formatter:on } @@ -1878,13 +1870,11 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .httpBasic() - .and() - .oauth2ResourceServer() - .jwt(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .httpBasic(withDefaults()) + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -1911,13 +1901,11 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .formLogin() - .and() - .oauth2ResourceServer() - .jwt(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .formLogin(withDefaults()) + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -1957,11 +1945,10 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .jwt(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // missing key configuration, e.g. jwkSetUri // @formatter:on } @@ -1976,11 +1963,10 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .sessionManagement() - .sessionCreationPolicy(SessionCreationPolicy.ALWAYS) - .and() - .oauth2ResourceServer() - .jwt(); + .sessionManagement((management) -> management + .sessionCreationPolicy(SessionCreationPolicy.ALWAYS)) + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -1995,12 +1981,11 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server .bearerTokenResolver(allowRequestBody()) - .jwt(); + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -2021,11 +2006,10 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .jwt(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -2047,11 +2031,10 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .jwt(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -2115,12 +2098,10 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .jwt() - .decoder(decoder()); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .jwt((jwt) -> jwt.decoder(decoder()))); return http.build(); // @formatter:on } @@ -2170,11 +2151,10 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .jwt(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -2194,12 +2174,11 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .jwt() - .authenticationManager(authenticationProvider()::authenticate); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .jwt((jwt) -> jwt + .authenticationManager(authenticationProvider()::authenticate))); return http.build(); // @formatter:on } @@ -2260,8 +2239,8 @@ public class OAuth2ResourceServerConfigurerTests { this.jwtDecoder.setJwtValidator(this.jwtValidator); // @formatter:off http - .oauth2ResourceServer() - .jwt(); + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -2288,8 +2267,8 @@ public class OAuth2ResourceServerConfigurerTests { this.jwtDecoder.setJwtValidator(jwtValidator); // @formatter:off http - .oauth2ResourceServer() - .jwt(); + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -2312,8 +2291,8 @@ public class OAuth2ResourceServerConfigurerTests { this.jwtDecoder.setJwtValidator(jwtValidator); // @formatter:off http - .oauth2ResourceServer() - .jwt(); + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); } } @@ -2333,11 +2312,10 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .jwt(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -2359,11 +2337,10 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .jwt(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -2389,12 +2366,11 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/requires-read-scope").hasAuthority("SCOPE_message:read") - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .opaqueToken(); + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .opaqueToken(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -2433,12 +2409,11 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .opaqueToken() - .authenticationManager(authenticationProvider()::authenticate); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .opaqueToken((opaqueToken) -> opaqueToken + .authenticationManager(authenticationProvider()::authenticate))); return http.build(); // @formatter:on } @@ -2523,10 +2498,9 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .oauth2ResourceServer() - .jwt() - .and() - .opaqueToken(); + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults()) + .opaqueToken(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -2541,12 +2515,11 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .opaqueToken() - .introspectionUri("https://idp.example.com"); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .opaqueToken((opaqueToken) -> opaqueToken + .introspectionUri("https://idp.example.com"))); return http.build(); // missing credentials // @formatter:on } @@ -2561,11 +2534,10 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .jwt(); + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .jwt(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -2605,9 +2577,8 @@ public class OAuth2ResourceServerConfigurerTests { issuerOne, issuerTwo); // @formatter:off http - .oauth2ResourceServer() - .authenticationManagerResolver(authenticationManagerResolver) - .and() + .oauth2ResourceServer((server) -> server + .authenticationManagerResolver(authenticationManagerResolver)) .anonymous(AbstractHttpConfigurer::disable); return http.build(); // @formatter:on @@ -2623,12 +2594,11 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() + .authorizeRequests((requests) -> requests + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server .authenticationManagerResolver(mock(AuthenticationManagerResolver.class)) - .opaqueToken(); + .opaqueToken(Customizer.withDefaults())); return http.build(); // @formatter:on } @@ -2644,13 +2614,12 @@ public class OAuth2ResourceServerConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() + .authorizeRequests((requests) -> requests .requestMatchers("/requires-read-scope").hasAuthority("SCOPE_message:read") - .anyRequest().authenticated() - .and() - .oauth2ResourceServer() - .opaqueToken() - .authenticationConverter(authenticationConverter()); + .anyRequest().authenticated()) + .oauth2ResourceServer((server) -> server + .opaqueToken((opaqueToken) -> opaqueToken + .authenticationConverter(authenticationConverter()))); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java index 4d262c91d5..8db919dd72 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java @@ -486,7 +486,7 @@ public class Saml2LoginConfigurerTests { @Bean SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - http.saml2Login().authenticationManager(getAuthenticationManagerMock("ROLE_AUTH_MANAGER")); + http.saml2Login((login) -> login.authenticationManager(getAuthenticationManagerMock("ROLE_AUTH_MANAGER"))); return http.build(); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurerTests.java index bb3a3dbfb8..36c2d0895c 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurerTests.java @@ -591,7 +591,7 @@ public class Saml2LogoutConfigurerTests { .logout((logout) -> logout.logoutSuccessHandler(this.mockLogoutSuccessHandler)) .saml2Login(withDefaults()) .saml2Logout(withDefaults()) - .csrf().disable(); + .csrf((csrf) -> csrf.disable()); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsJcTests.java b/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsJcTests.java index 05553ba0ab..b15337e7b3 100644 --- a/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsJcTests.java +++ b/config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsJcTests.java @@ -165,8 +165,8 @@ public class GrantedAuthorityDefaultsJcTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .authorizeRequests() - .anyRequest().access("hasRole('USER')"); + .authorizeRequests((requests) -> requests + .anyRequest().access("hasRole('USER')")); return http.build(); // @formatter:on } diff --git a/config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomConfigurer.java b/config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomConfigurer.java index d5460316da..1c2ca465fa 100644 --- a/config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomConfigurer.java +++ b/config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomConfigurer.java @@ -43,16 +43,16 @@ public class CustomConfigurer extends SecurityConfigurerAdapter requests .requestMatchers(new AntPathRequestMatcher(this.permitAllPattern)).permitAll() - .anyRequest().authenticated(); + .anyRequest().authenticated()); // @formatter:on if (http.getConfigurer(FormLoginConfigurer.class) == null) { // only apply if formLogin() was not invoked by the user // @formatter:off http - .formLogin() - .loginPage(this.loginPage); + .formLogin((login) -> login + .loginPage(this.loginPage)); // @formatter:on } } diff --git a/config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomHttpSecurityConfigurerTests.java b/config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomHttpSecurityConfigurerTests.java index 077a530388..c47bf68b6e 100644 --- a/config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomHttpSecurityConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomHttpSecurityConfigurerTests.java @@ -32,6 +32,7 @@ import org.springframework.context.annotation.Configuration; import org.springframework.mock.web.MockFilterChain; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.web.FilterChainProxy; @@ -144,11 +145,10 @@ public class CustomHttpSecurityConfigurerTests { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http - .apply(CustomConfigurer.customConfigurer()) - .and() - .csrf().disable() - .formLogin() - .loginPage("/other"); + .with(CustomConfigurer.customConfigurer(), Customizer.withDefaults()) + .csrf((csrf) -> csrf.disable()) + .formLogin((login) -> login + .loginPage("/other")); return http.build(); // @formatter:on } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/CorsDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/CorsDslTests.kt index 67caafa812..b176c6bad8 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/CorsDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/CorsDslTests.kt @@ -24,6 +24,7 @@ import org.springframework.beans.factory.annotation.Autowired import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.http.HttpHeaders +import org.springframework.security.config.Customizer.withDefaults import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.test.SpringTestContext @@ -128,7 +129,7 @@ class CorsDslTests { open class CorsDisabledConfig { @Bean open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { - http.cors() + http.cors(withDefaults()) http { cors { disable() diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt index 3d35b8c2fe..71d7fd9e2c 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt @@ -25,6 +25,7 @@ import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration +import org.springframework.security.config.Customizer.withDefaults import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity @@ -127,7 +128,7 @@ class FormLoginDslTests { open class DisabledConfig { @Bean open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { - http.formLogin() + http.formLogin(withDefaults()) http { formLogin { disable()