Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch '5.8.x'

This commit is contained in:
Steve Riesenberg 2022-08-30 12:59:19 -05:00
parent 00584327bd 5bdbc3f78d
commit 3eac274317
No known key found for this signature in database
GPG Key ID: 5F311AB48A55D521
5 changed files with 394 additions and 316 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

180
config/src/main/kotlin/org/springframework/security/config/annotation/web/HttpSecurityDsl.kt
View File

@ -34,9 +34,10 @@ import jakarta.servlet.http.HttpServletRequest
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* authorizeRequests {
* authorize("/public", permitAll)
@ -46,6 +47,7 @@ import jakarta.servlet.http.HttpServletRequest
* loginPage = "/log-in"
* }
* }
* return http.build()
* }
* }
* ```
@ -85,15 +87,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* securityMatcher("/private/**")
* formLogin {
* loginPage = "/log-in"
* }
* }
* return http.build()
* }
* }
* ```
@ -126,15 +130,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* securityMatcher(AntPathRequestMatcher("/private/**"))
* formLogin {
* loginPage = "/log-in"
* }
* }
* return http.build()
* }
* }
* ```
@ -156,14 +162,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* formLogin {
* loginPage = "/log-in"
* }
* }
* return http.build()
* }
* }
* ```
@ -185,15 +193,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* authorizeRequests {
* authorize("/public", permitAll)
* authorize(anyRequest, authenticated)
* }
* }
* return http.build()
* }
* }
* ```
@ -248,14 +258,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* httpBasic {
* realmName = "Custom Realm"
* }
* }
* return http.build()
* }
* }
* ```
@ -277,14 +289,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* passwordManagement {
* changePasswordPage = "/custom-change-password-page"
* }
* }
* return http.build()
* }
* }
* ```
@ -307,9 +321,10 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* headers {
* referrerPolicy {
@ -317,6 +332,7 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* }
* }
* }
* return http.build()
* }
* }
* ```
@ -338,14 +354,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* cors {
* disable()
* }
* }
* return http.build()
* }
* }
* ```
@ -367,9 +385,10 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* sessionManagement {
* invalidSessionUrl = "/invalid-session"
@ -378,6 +397,7 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* }
* }
* }
* return http.build()
* }
* }
* ```
@ -399,14 +419,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* portMapper {
* map(80, 443)
* }
* }
* return http.build()
* }
* }
* ```
@ -428,15 +450,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* requiresChannel {
* secure("/public", requiresInsecure)
* secure(anyRequest, requiresSecure)
* }
* }
* return http.build()
* }
* }
* ```
@ -458,12 +482,14 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* x509 { }
* }
* return http.build()
* }
* }
* ```
@ -486,12 +512,14 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* requestCache { }
* }
* return http.build()
* }
* }
* ```
@ -513,14 +541,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* exceptionHandling {
* accessDeniedPage = "/access-denied"
* }
* }
* return http.build()
* }
* }
* ```
@ -542,12 +572,14 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* csrf { }
* }
* return http.build()
* }
* }
* ```
@ -568,14 +600,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* logout {
* logoutUrl = "/log-out"
* }
* }
* return http.build()
* }
* }
* ```
@ -599,14 +633,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* saml2Login {
* relyingPartyRegistration = getSaml2RelyingPartyRegistration()
* }
* }
* return http.build()
* }
* }
* ```
@ -628,14 +664,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* anonymous {
* authorities = listOf(SimpleGrantedAuthority("ROLE_ANON"))
* }
* }
* return http.build()
* }
* }
* ```
@ -659,14 +697,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* oauth2Login {
* clientRegistrationRepository = getClientRegistrationRepository()
* }
* }
* return http.build()
* }
* }
* ```
@ -688,12 +728,14 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* oauth2Client { }
* }
* return http.build()
* }
* }
* ```
@ -715,14 +757,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* oauth2ResourceServer {
* jwt { }
* }
* }
* return http.build()
* }
* }
* ```
@ -744,14 +788,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* rememberMe {
* tokenValiditySeconds = 604800
* }
* }
* return http.build()
* }
* }
* ```
@ -772,12 +818,14 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* addFilterAt(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
* }
* return http.build()
* }
* }
* ```
@ -800,12 +848,14 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* addFilterAt<UsernamePasswordAuthenticationFilter>(CustomFilter())
* }
* return http.build()
* }
* }
* ```
@ -827,12 +877,14 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* addFilterAfter(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
* }
* return http.build()
* }
* }
* ```
@ -855,12 +907,14 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* addFilterAfter<UsernamePasswordAuthenticationFilter>(CustomFilter())
* }
* return http.build()
* }
* }
* ```
@ -882,12 +936,14 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* addFilterBefore(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
* }
* return http.build()
* }
* }
* ```
@ -910,12 +966,14 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* addFilterBefore<UsernamePasswordAuthenticationFilter>(CustomFilter())
* }
* return http.build()
* }
* }
* ```
@ -945,14 +1003,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* securityContext {
* securityContextRepository = SECURITY_CONTEXT_REPOSITORY
* }
* }
* return http.build()
* }
* }
* ```

10
config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDsl.kt
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -66,16 +66,18 @@ class OAuth2ClientDsl {
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* httpSecurity(http) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* oauth2Client {
* authorizationCodeGrant {
* authorizationRequestResolver = getAuthorizationRequestResolver()
* }
* }
* }
* return http.build()
* }
* }
* ```

34
config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDsl.kt
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -97,16 +97,18 @@ class OAuth2LoginDsl {
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* httpSecurity(http) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* oauth2Login {
* authorizationEndpoint {
* baseUri = "/auth"
* }
* }
* }
* return http.build()
* }
* }
* ```
@ -127,16 +129,18 @@ class OAuth2LoginDsl {
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* httpSecurity(http) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* oauth2Login {
* tokenEndpoint {
* accessTokenResponseClient = getAccessTokenResponseClient()
* }
* }
* }
* return http.build()
* }
* }
* ```
@ -157,16 +161,18 @@ class OAuth2LoginDsl {
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* httpSecurity(http) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* oauth2Login {
* redirectionEndpoint {
* baseUri = "/home"
* }
* }
* }
* return http.build()
* }
* }
* ```
@ -187,16 +193,18 @@ class OAuth2LoginDsl {
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* httpSecurity(http) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* oauth2Login {
* userInfoEndpoint {
* userService = getUserService()
* }
* }
* }
* return http.build()
* }
* }
* ```

18
config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDsl.kt
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -57,16 +57,18 @@ class OAuth2ResourceServerDsl {
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* httpSecurity(http) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* oauth2ResourceServer {
* jwt {
* jwkSetUri = "https://example.com/oauth2/jwk"
* }
* }
* }
* return http.build()
* }
* }
* ```
@ -86,14 +88,16 @@ class OAuth2ResourceServerDsl {
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* httpSecurity(http) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* oauth2ResourceServer {
* opaqueToken { }
* }
* }
* return http.build()
* }
* }
* ```

18
config/src/main/kotlin/org/springframework/security/config/annotation/web/SessionManagementDsl.kt
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2022 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -52,14 +52,16 @@ class SessionManagementDsl {
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* httpSecurity(http) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* sessionManagement {
* sessionFixation { }
* }
* }
* return http.build()
* }
* }
* ```
@ -80,10 +82,11 @@ class SessionManagementDsl {
* ```
* @Configuration
* @EnableWebSecurity
* class SecurityConfig : WebSecurityConfigurerAdapter() {
* class SecurityConfig {
*
* override fun configure(http: HttpSecurity) {
* httpSecurity(http) {
* @Bean
* fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
* http {
* sessionManagement {
* sessionConcurrency {
* maximumSessions = 1
@ -91,6 +94,7 @@ class SessionManagementDsl {
* }
* }
* }
* return http.build()
* }
* }
* ```