Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Replace < and > with &lt and &gt in Javadoc 

Closes gh-9847
This commit is contained in:
Eleftheria Stein 2021-06-04 12:26:07 +03:00
parent 20751d2063
commit 204a32aba8
7 changed files with 99 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2019 the original author or authors.
* Copyright 2019-2021 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -60,7 +60,7 @@ import org.springframework.security.rsocket.util.matcher.RoutePayloadExchangeMat
* &#064;Bean
* PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rsocket) {
* rsocket
* .authorizePayload((authorize) ->
* .authorizePayload((authorize) -&gt;
* authorize
* .anyRequest().authenticated()
* );
@ -87,7 +87,7 @@ import org.springframework.security.rsocket.util.matcher.RoutePayloadExchangeMat
* &#064;Bean
* PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rsocket) {
* rsocket
* .authorizePayload((authorize) ->
* .authorizePayload((authorize) -&gt;
* authorize
* // must have ROLE_SETUP to make connection
* .setup().hasRole("SETUP")

128
config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2021 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -269,11 +269,11 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
* .openidLogin((openidLogin) ->
* .openidLogin((openidLogin) -&gt;
* openidLogin
* .permitAll()
* );
@ -302,48 +302,48 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
*
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http.authorizeRequests((authorizeRequests) ->
* http.authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
* .openidLogin((openidLogin) ->
* .openidLogin((openidLogin) -&gt;
* openidLogin
* .loginPage(&quot;/login&quot;)
* .permitAll()
* .authenticationUserDetailsService(
* new AutoProvisioningUserDetailsService())
* .attributeExchange((googleExchange) ->
* .attributeExchange((googleExchange) -&gt;
* googleExchange
* .identifierPattern(&quot;https://www.google.com/.*&quot;)
* .attribute((emailAttribute) ->
* .attribute((emailAttribute) -&gt;
* emailAttribute
* .name(&quot;email&quot;)
* .type(&quot;https://axschema.org/contact/email&quot;)
* .required(true)
* )
* .attribute((firstnameAttribute) ->
* .attribute((firstnameAttribute) -&gt;
* firstnameAttribute
* .name(&quot;firstname&quot;)
* .type(&quot;https://axschema.org/namePerson/first&quot;)
* .required(true)
* )
* .attribute((lastnameAttribute) ->
* .attribute((lastnameAttribute) -&gt;
* lastnameAttribute
* .name(&quot;lastname&quot;)
* .type(&quot;https://axschema.org/namePerson/last&quot;)
* .required(true)
* )
* )
* .attributeExchange((yahooExchange) ->
* .attributeExchange((yahooExchange) -&gt;
* yahooExchange
* .identifierPattern(&quot;.*yahoo.com.*&quot;)
* .attribute((emailAttribute) ->
* .attribute((emailAttribute) -&gt;
* emailAttribute
* .name(&quot;email&quot;)
* .type(&quot;https://schema.openid.net/contact/email&quot;)
* .required(true)
* )
* .attribute((fullnameAttribute) ->
* .attribute((fullnameAttribute) -&gt;
* fullnameAttribute
* .name(&quot;fullname&quot;)
* .type(&quot;https://axschema.org/namePerson&quot;)
@ -497,7 +497,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .headers((headers) ->
* .headers((headers) -&gt;
* headers
* .contentTypeOptions(withDefaults())
* .xssProtection(withDefaults())
@ -519,7 +519,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .headers((headers) -> headers.disable());
* .headers((headers) -&gt; headers.disable());
* }
* }
* </pre>
@ -538,7 +538,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .headers((headers) ->
* .headers((headers) -&gt;
* headers
* .defaultsDisabled()
* .cacheControl(withDefaults())
@ -560,9 +560,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .headers((headers) ->
* .headers((headers) -&gt;
* headers
* .frameOptions((frameOptions) -> frameOptions.disable())
* .frameOptions((frameOptions) -&gt; frameOptions.disable())
* );
* }
* </pre>
@ -686,17 +686,17 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .anyRequest().hasRole(&quot;USER&quot;)
* )
* .formLogin((formLogin) ->
* .formLogin((formLogin) -&gt;
* formLogin
* .permitAll()
* )
* .sessionManagement((sessionManagement) ->
* .sessionManagement((sessionManagement) -&gt;
* sessionManagement
* .sessionConcurrency((sessionConcurrency) ->
* .sessionConcurrency((sessionConcurrency) -&gt;
* sessionConcurrency
* .maximumSessions(1)
* .expiredUrl(&quot;/login?expired&quot;)
@ -797,11 +797,11 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .requiresChannel((requiresChannel) ->
* .requiresChannel((requiresChannel) -&gt;
* requiresChannel
* .anyRequest().requiresSecure()
* )
* .portMapper((portMapper) ->
* .portMapper((portMapper) -&gt;
* portMapper
* .http(9090).mapsTo(9443)
* .http(80).mapsTo(443)
@ -910,11 +910,11 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
* .jee((jee) ->
* .jee((jee) -&gt;
* jee
* .mappableRoles(&quot;USER&quot;, &quot;ADMIN&quot;)
* );
@ -1018,7 +1018,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
@ -1090,7 +1090,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
@ -1197,7 +1197,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
@ -1218,7 +1218,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
@ -1240,7 +1240,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
@ -1281,7 +1281,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeHttpRequests((authorizeHttpRequests) ->
* .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
@ -1302,7 +1302,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeHttpRequests((authorizeHttpRequests) ->
* .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests
* .antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
@ -1324,7 +1324,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeHttpRequests((authorizeHttpRequests) ->
* .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
@ -1380,11 +1380,11 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
* .requestCache((requestCache) ->
* .requestCache((requestCache) -&gt;
* requestCache.disable()
* );
* }
@ -1428,12 +1428,12 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
* // sample exception handling customization
* .exceptionHandling((exceptionHandling) ->
* .exceptionHandling((exceptionHandling) -&gt;
* exceptionHandling
* .accessDeniedPage(&quot;/errors/access-denied&quot;)
* );
@ -1477,7 +1477,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .securityContext((securityContext) ->
* .securityContext((securityContext) -&gt;
* securityContext
* .securityContextRepository(SCR)
* );
@ -1519,7 +1519,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .servletApi((servletApi) ->
* .servletApi((servletApi) -&gt;
* servletApi.disable()
* );
* }
@ -1575,7 +1575,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .csrf((csrf) -> csrf.disable());
* .csrf((csrf) -&gt; csrf.disable());
* }
* }
* </pre>
@ -1651,13 +1651,13 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
* .formLogin(withDefaults())
* // sample logout customization
* .logout((logout) ->
* .logout((logout) -&gt;
* logout.deleteCookies(&quot;remove&quot;)
* .invalidateHttpSession(false)
* .logoutUrl(&quot;/custom-logout&quot;)
@ -1766,13 +1766,13 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
* .formLogin(withDefaults())
* // sample anonymous customization
* .anonymous((anonymous) ->
* .anonymous((anonymous) -&gt;
* anonymous
* .authorities(&quot;ROLE_ANON&quot;)
* )
@ -1792,13 +1792,13 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
* .formLogin(withDefaults())
* // sample anonymous customization
* .anonymous((anonymous) ->
* .anonymous((anonymous) -&gt;
* anonymous.disable()
* );
* }
@ -1901,7 +1901,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
@ -1920,11 +1920,11 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
* .formLogin((formLogin) ->
* .formLogin((formLogin) -&gt;
* formLogin
* .usernameParameter(&quot;username&quot;)
* .passwordParameter(&quot;password&quot;)
@ -2278,7 +2278,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .anyRequest().authenticated()
* )
@ -2362,7 +2362,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .anyRequest().authenticated()
* )
@ -2419,13 +2419,13 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .anyRequest().authenticated()
* )
* .oauth2ResourceServer((oauth2ResourceServer) ->
* .oauth2ResourceServer((oauth2ResourceServer) -&gt;
* oauth2ResourceServer
* .jwt((jwt) ->
* .jwt((jwt) -&gt;
* jwt
* .decoder(jwtDecoder())
* )
@ -2512,12 +2512,12 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
* .formLogin(withDefaults())
* .requiresChannel((requiresChannel) ->
* .requiresChannel((requiresChannel) -&gt;
* requiresChannel
* .anyRequest().requiresSecure()
* );
@ -2586,7 +2586,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
@ -2828,11 +2828,11 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .requestMatchers((requestMatchers) ->
* .requestMatchers((requestMatchers) -&gt;
* requestMatchers
* .antMatchers(&quot;/api/**&quot;, &quot;/oauth/**&quot;)
* )
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
@ -2851,12 +2851,12 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .requestMatchers((requestMatchers) ->
* .requestMatchers((requestMatchers) -&gt;
* requestMatchers
* .antMatchers(&quot;/api/**&quot;)
* .antMatchers(&quot;/oauth/**&quot;)
* )
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )
@ -2875,15 +2875,15 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .requestMatchers((requestMatchers) ->
* .requestMatchers((requestMatchers) -&gt;
* requestMatchers
* .antMatchers(&quot;/api/**&quot;)
* )
* .requestMatchers((requestMatchers) ->
* .requestMatchers((requestMatchers) -&gt;
* requestMatchers
* .antMatchers(&quot;/oauth/**&quot;)
* )
* .authorizeRequests((authorizeRequests) ->
* .authorizeRequests((authorizeRequests) -&gt;
* authorizeRequests
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* )

4
config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityCustomizer.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2021 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -29,7 +29,7 @@ import org.springframework.security.config.annotation.web.builders.WebSecurity;
* <pre>
* &#064;Bean
* public WebSecurityCustomizer ignoringCustomizer() {
* return (web) -> web.ignoring().antMatchers("/ignore1", "/ignore2");
* return (web) -&gt; web.ignoring().antMatchers("/ignore1", "/ignore2");
* }
* </pre>
*

4
config/src/main/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurer.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2019 the original author or authors.
* Copyright 2002-2021 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -170,7 +170,7 @@ public final class CsrfConfigurer<H extends HttpSecurityBuilder<H>>
* <pre>
* http
* .csrf()
* .ignoringRequestMatchers((request) -> "XMLHttpRequest".equals(request.getHeader("X-Requested-With")))
* .ignoringRequestMatchers((request) -&gt; "XMLHttpRequest".equals(request.getHeader("X-Requested-With")))
* .and()
* ...
* </pre>

48
config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
View File

@ -398,7 +398,7 @@ public class ServerHttpSecurity {
* http
* // ...
* .redirectToHttps()
* .httpsRedirectWhen((serverWebExchange) ->
* .httpsRedirectWhen((serverWebExchange) -&gt;
* serverWebExchange.getRequest().getHeaders().containsKey("X-Requires-Https"))
* return http.build();
* }
@ -433,9 +433,9 @@ public class ServerHttpSecurity {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .redirectToHttps((redirectToHttps) ->
* .redirectToHttps((redirectToHttps) -&gt;
* redirectToHttps
* .httpsRedirectWhen((serverWebExchange) ->
* .httpsRedirectWhen((serverWebExchange) -&gt;
* serverWebExchange.getRequest().getHeaders().containsKey("X-Requires-Https"))
* );
* return http.build();
@ -503,7 +503,7 @@ public class ServerHttpSecurity {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .csrf((csrf) ->
* .csrf((csrf) -&gt;
* csrf.disabled()
* );
* return http.build();
@ -518,7 +518,7 @@ public class ServerHttpSecurity {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .csrf((csrf) ->
* .csrf((csrf) -&gt;
* csrf
* // Handle CSRF failures
* .accessDeniedHandler(accessDeniedHandler)
@ -609,7 +609,7 @@ public class ServerHttpSecurity {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .anonymous((anonymous) ->
* .anonymous((anonymous) -&gt;
* anonymous
* .key("key")
* .authorities("ROLE_ANONYMOUS")
@ -662,7 +662,7 @@ public class ServerHttpSecurity {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .httpBasic((httpBasic) ->
* .httpBasic((httpBasic) -&gt;
* httpBasic
* // used for authenticating the credentials
* .authenticationManager(authenticationManager)
@ -721,7 +721,7 @@ public class ServerHttpSecurity {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .formLogin((formLogin) ->
* .formLogin((formLogin) -&gt;
* formLogin
* // used for authenticating the credentials
* .authenticationManager(authenticationManager)
@ -783,7 +783,7 @@ public class ServerHttpSecurity {
* &#064;Bean
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* .x509((x509) ->
* .x509((x509) -&gt;
* x509
* .authenticationManager(authenticationManager)
* .principalExtractor(principalExtractor)
@ -841,7 +841,7 @@ public class ServerHttpSecurity {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .oauth2Login((oauth2Login) ->
* .oauth2Login((oauth2Login) -&gt;
* oauth2Login
* .authenticationConverter(authenticationConverter)
* .authenticationManager(manager)
@ -892,7 +892,7 @@ public class ServerHttpSecurity {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .oauth2Client((oauth2Client) ->
* .oauth2Client((oauth2Client) -&gt;
* oauth2Client
* .clientRegistrationRepository(clientRegistrationRepository)
* .authorizedClientRepository(authorizedClientRepository)
@ -943,9 +943,9 @@ public class ServerHttpSecurity {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .oauth2ResourceServer((oauth2ResourceServer) ->
* .oauth2ResourceServer((oauth2ResourceServer) -&gt;
* oauth2ResourceServer
* .jwt((jwt) ->
* .jwt((jwt) -&gt;
* jwt
* .publicKey(publicKey())
* )
@ -1029,15 +1029,15 @@ public class ServerHttpSecurity {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .headers((headers) ->
* .headers((headers) -&gt;
* headers
* // customize frame options to be same origin
* .frameOptions((frameOptions) ->
* .frameOptions((frameOptions) -&gt;
* frameOptions
* .mode(XFrameOptionsServerHttpHeadersWriter.Mode.SAMEORIGIN)
* )
* // disable cache control
* .cache((cache) ->
* .cache((cache) -&gt;
* cache
* .disable()
* )
@ -1090,7 +1090,7 @@ public class ServerHttpSecurity {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .exceptionHandling((exceptionHandling) ->
* .exceptionHandling((exceptionHandling) -&gt;
* exceptionHandling
* // customize how to request for authentication
* .authenticationEntryPoint(entryPoint)
@ -1125,10 +1125,10 @@ public class ServerHttpSecurity {
* .pathMatchers(HttpMethod.POST, "/users").hasAuthority("USER_POST")
* // a request to /users/{username} requires the current authentication's username
* // to be equal to the {username}
* .pathMatchers("/users/{username}").access((authentication, context) ->
* .pathMatchers("/users/{username}").access((authentication, context) -&gt;
* authentication
* .map(Authentication::getName)
* .map((username) -> username.equals(context.getVariables().get("username")))
* .map((username) -&gt; username.equals(context.getVariables().get("username")))
* .map(AuthorizationDecision::new)
* )
* // allows providing a custom matching strategy that requires the role "ROLE_CUSTOM"
@ -1155,7 +1155,7 @@ public class ServerHttpSecurity {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .authorizeExchange((exchanges) ->
* .authorizeExchange((exchanges) -&gt;
* exchanges
* // any URL that starts with /admin/ requires the role "ROLE_ADMIN"
* .pathMatchers("/admin/**").hasRole("ADMIN")
@ -1163,10 +1163,10 @@ public class ServerHttpSecurity {
* .pathMatchers(HttpMethod.POST, "/users").hasAuthority("USER_POST")
* // a request to /users/{username} requires the current authentication's username
* // to be equal to the {username}
* .pathMatchers("/users/{username}").access((authentication, context) ->
* .pathMatchers("/users/{username}").access((authentication, context) -&gt;
* authentication
* .map(Authentication::getName)
* .map((username) -> username.equals(context.getVariables().get("username")))
* .map((username) -&gt; username.equals(context.getVariables().get("username")))
* .map(AuthorizationDecision::new)
* )
* // allows providing a custom matching strategy that requires the role "ROLE_CUSTOM"
@ -1224,7 +1224,7 @@ public class ServerHttpSecurity {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .logout((logout) ->
* .logout((logout) -&gt;
* logout
* // configures how log out is done
* .logoutHandler(logoutHandler)
@ -1280,7 +1280,7 @@ public class ServerHttpSecurity {
* public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
* http
* // ...
* .requestCache((requestCache) ->
* .requestCache((requestCache) -&gt;
* requestCache
* // configures how the request is cached
* .requestCache(customRequestCache)

4
crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2018 the original author or authors.
* Copyright 2002-2021 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -31,7 +31,7 @@ import java.util.Map;
*
* <pre>
* String idForEncode = "bcrypt";
* Map&lt;String,PasswordEncoder&gt; encoders = new HashMap<>();
* Map&lt;String,PasswordEncoder&gt; encoders = new HashMap&lt;&gt;();
* encoders.put(idForEncode, new BCryptPasswordEncoder());
* encoders.put("noop", NoOpPasswordEncoder.getInstance());
* encoders.put("pbkdf2", new Pbkdf2PasswordEncoder());

4
oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerReactiveAuthenticationManagerResolver.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2021 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -99,7 +99,7 @@ public final class JwtIssuerReactiveAuthenticationManagerResolver
* authenticationManagers.put("https://issuerOne.example.org", managerOne);
* authenticationManagers.put("https://issuerTwo.example.org", managerTwo);
* JwtIssuerReactiveAuthenticationManagerResolver resolver = new JwtIssuerReactiveAuthenticationManagerResolver
* ((issuer) -> Mono.justOrEmpty(authenticationManagers.get(issuer));
* ((issuer) -&gt; Mono.justOrEmpty(authenticationManagers.get(issuer));
* </pre>
*
* The keys in the {@link Map} are the trusted issuers.