From 48ac100a92ac060a92ac49d7a505bf9ec3643404 Mon Sep 17 00:00:00 2001 From: Eleftheria Stein Date: Thu, 28 Apr 2022 14:10:52 +0200 Subject: [PATCH] Remove WebSecurityConfigurerAdapter from Kotlin tests Issue gh-10902 --- .../annotation/web/AnonymousDslTests.kt | 29 +++--- .../web/AuthorizeRequestsDslTests.kt | 64 +++++++++----- .../config/annotation/web/CorsDslTests.kt | 28 +++--- .../config/annotation/web/CsrfDslTests.kt | 48 ++++++---- .../web/ExceptionHandlingDslTests.kt | 47 ++++++---- .../annotation/web/FormLoginDslTests.kt | 66 +++++++++----- .../config/annotation/web/HeadersDslTests.kt | 34 ++++--- .../annotation/web/HttpBasicDslTests.kt | 30 ++++--- .../annotation/web/HttpSecurityDslTests.kt | 74 ++++++++++------ .../config/annotation/web/LogoutDslTests.kt | 65 +++++++++----- .../annotation/web/OAuth2ClientDslTests.kt | 16 ++-- .../annotation/web/OAuth2LoginDslTests.kt | 30 ++++--- .../web/OAuth2ResourceServerDslTests.kt | 34 ++++--- .../web/PasswordManagementDslTests.kt | 17 ++-- .../annotation/web/PortMapperDslTests.kt | 17 ++-- .../annotation/web/RememberMeDslTests.kt | 88 ++++++++++++------- .../annotation/web/RequestCacheDslTests.kt | 17 ++-- .../annotation/web/RequiresChannelDslTests.kt | 23 +++-- .../config/annotation/web/Saml2DslTests.kt | 22 +++-- .../annotation/web/SecurityContextDslTests.kt | 73 +++++---------- .../web/SessionManagementDslTests.kt | 40 ++++++--- .../config/annotation/web/X509DslTests.kt | 44 ++++++---- .../web/headers/CacheControlDslTests.kt | 17 ++-- .../headers/ContentSecurityPolicyDslTests.kt | 23 +++-- .../web/headers/ContentTypeOptionsDslTests.kt | 17 ++-- .../web/headers/FrameOptionsDslTests.kt | 35 +++++--- .../headers/HttpPublicKeyPinningDslTests.kt | 47 ++++++---- .../HttpStrictTransportSecurityDslTests.kt | 35 +++++--- .../web/headers/ReferrerPolicyDslTests.kt | 17 ++-- .../headers/XssProtectionConfigDslTests.kt | 29 +++--- .../client/AuthorizationCodeGrantDslTests.kt | 22 +++-- .../login/AuthorizationEndpointDslTests.kt | 22 +++-- .../login/RedirectionEndpointDslTests.kt | 10 ++- .../web/oauth2/login/TokenEndpointDslTests.kt | 10 ++- .../oauth2/login/UserInfoEndpointDslTests.kt | 10 ++- .../web/oauth2/resourceserver/JwtDslTests.kt | 34 ++++--- .../resourceserver/OpaqueTokenDslTests.kt | 28 +++--- .../web/session/SessionConcurrencyDslTests.kt | 22 +++-- .../web/session/SessionFixationDslTests.kt | 28 +++--- 39 files changed, 819 insertions(+), 493 deletions(-) diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/AnonymousDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/AnonymousDslTests.kt index 2387a2c64d..b16b6102e0 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/AnonymousDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/AnonymousDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,15 +19,16 @@ package org.springframework.security.config.annotation.web import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.security.authentication.AnonymousAuthenticationToken import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.core.annotation.AuthenticationPrincipal import org.springframework.security.core.authority.SimpleGrantedAuthority import org.springframework.security.core.context.SecurityContextHolder +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get import org.springframework.web.bind.annotation.GetMapping @@ -60,13 +61,15 @@ class AnonymousDslTests { @EnableWebSecurity @EnableWebMvc - open class PrincipalConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class PrincipalConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { anonymous { principal = "principal" } } + return http.build() } } @@ -82,13 +85,15 @@ class AnonymousDslTests { @EnableWebSecurity @EnableWebMvc - open class KeyConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class KeyConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { anonymous { key = "key" } } + return http.build() } } @@ -104,13 +109,15 @@ class AnonymousDslTests { @EnableWebSecurity @EnableWebMvc - open class AnonymousDisabledConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class AnonymousDisabledConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { anonymous { disable() } } + return http.build() } } @@ -126,8 +133,9 @@ class AnonymousDslTests { @EnableWebSecurity @EnableWebMvc - open class AnonymousAuthoritiesConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class AnonymousAuthoritiesConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { anonymous { authorities = listOf(SimpleGrantedAuthority("TEST")) @@ -136,6 +144,7 @@ class AnonymousDslTests { authorize(anyRequest, hasAuthority("TEST")) } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/AuthorizeRequestsDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/AuthorizeRequestsDslTests.kt index 94c31ff768..4dcf5e9d81 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/AuthorizeRequestsDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/AuthorizeRequestsDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,7 +24,6 @@ import org.springframework.context.annotation.Configuration import org.springframework.http.HttpMethod import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.core.userdetails.User @@ -32,6 +31,7 @@ import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.util.matcher.RegexRequestMatcher import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -96,8 +96,9 @@ class AuthorizeRequestsDslTests { } @EnableWebSecurity - open class AuthorizeRequestsByRegexConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class AuthorizeRequestsByRegexConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(RegexRequestMatcher("/path", null), permitAll) @@ -106,6 +107,7 @@ class AuthorizeRequestsDslTests { authorize(RegexRequestMatcher(".*", null), authenticated) } } + return http.build() } @RestController @@ -152,14 +154,16 @@ class AuthorizeRequestsDslTests { @EnableWebSecurity @EnableWebMvc - open class AuthorizeRequestsByMvcConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class AuthorizeRequestsByMvcConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize("/path", permitAll) authorize("/**", authenticated) } } + return http.build() } @RestController @@ -194,13 +198,15 @@ class AuthorizeRequestsDslTests { @EnableWebSecurity @EnableWebMvc - open class MvcMatcherPathVariablesConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class MvcMatcherPathVariablesConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize("/user/{userName}", "#userName == 'user'") } } + return http.build() } @RestController @@ -235,14 +241,16 @@ class AuthorizeRequestsDslTests { @EnableWebSecurity @EnableWebMvc - open class HasRoleConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HasRoleConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize("/**", hasRole("ADMIN")) } httpBasic { } } + return http.build() } @RestController @@ -253,7 +261,7 @@ class AuthorizeRequestsDslTests { } @Bean - override fun userDetailsService(): UserDetailsService { + open fun userDetailsService(): UserDetailsService { val userDetails = User.withDefaultPasswordEncoder() .username("user") .password("password") @@ -298,14 +306,16 @@ class AuthorizeRequestsDslTests { @EnableWebSecurity @EnableWebMvc - open class HasAnyRoleConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HasAnyRoleConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize("/**", hasAnyRole("ADMIN", "USER")) } httpBasic { } } + return http.build() } @RestController @@ -316,7 +326,7 @@ class AuthorizeRequestsDslTests { } @Bean - override fun userDetailsService(): UserDetailsService { + open fun userDetailsService(): UserDetailsService { val userDetails = User.withDefaultPasswordEncoder() .username("user") .password("password") @@ -366,14 +376,16 @@ class AuthorizeRequestsDslTests { @EnableWebSecurity @EnableWebMvc - open class HasAnyAuthorityConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HasAnyAuthorityConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize("/**", hasAnyAuthority("ROLE_ADMIN", "ROLE_USER")) } httpBasic { } } + return http.build() } @RestController @@ -384,7 +396,7 @@ class AuthorizeRequestsDslTests { } @Bean - override fun userDetailsService(): UserDetailsService { + open fun userDetailsService(): UserDetailsService { val userDetails = User.withDefaultPasswordEncoder() .username("user") .password("password") @@ -425,8 +437,9 @@ class AuthorizeRequestsDslTests { @EnableWebSecurity @EnableWebMvc - open class MvcMatcherServletPathConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class MvcMatcherServletPathConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize("/path", @@ -434,6 +447,7 @@ class AuthorizeRequestsDslTests { denyAll) } } + return http.build() } @RestController @@ -446,14 +460,16 @@ class AuthorizeRequestsDslTests { @EnableWebSecurity @EnableWebMvc - open class AuthorizeRequestsByMvcConfigWithHttpMethod : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class AuthorizeRequestsByMvcConfigWithHttpMethod{ + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(HttpMethod.GET, "/path", permitAll) authorize(HttpMethod.PUT, "/path", denyAll) } } + return http.build() } @RestController @@ -481,14 +497,16 @@ class AuthorizeRequestsDslTests { @EnableWebSecurity @EnableWebMvc - open class MvcMatcherServletPathHttpMethodConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class MvcMatcherServletPathHttpMethodConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(HttpMethod.GET, "/path", "/spring", denyAll) authorize(HttpMethod.PUT, "/path", "/spring", denyAll) } } + return http.build() } @RestController diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/CorsDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/CorsDslTests.kt index c5a21e72ac..6cafcc2cd8 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/CorsDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/CorsDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,9 +25,9 @@ import org.springframework.context.annotation.Bean import org.springframework.http.HttpHeaders import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get import org.springframework.web.bind.annotation.RequestMethod @@ -58,11 +58,13 @@ class CorsDslTests { } @EnableWebSecurity - open class DefaultCorsConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class DefaultCorsConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { cors { } } + return http.build() } } @@ -80,11 +82,13 @@ class CorsDslTests { @EnableWebMvc @EnableWebSecurity - open class CorsCrossOriginBeanConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CorsCrossOriginBeanConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { cors { } } + return http.build() } @Bean @@ -114,14 +118,16 @@ class CorsDslTests { @EnableWebMvc @EnableWebSecurity - open class CorsDisabledConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CorsDisabledConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http.cors() http { cors { disable() } } + return http.build() } @Bean @@ -151,8 +157,9 @@ class CorsDslTests { @EnableWebMvc @EnableWebSecurity - open class CorsCrossOriginSourceConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CorsCrossOriginSourceConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { val source = UrlBasedCorsConfigurationSource() val corsConfiguration = CorsConfiguration() corsConfiguration.allowedOrigins = listOf("*") @@ -165,6 +172,7 @@ class CorsDslTests { configurationSource = source } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/CsrfDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/CsrfDslTests.kt index 22322bf308..14102778b4 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/CsrfDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/CsrfDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,7 +25,6 @@ import org.springframework.beans.factory.annotation.Autowired import org.springframework.context.annotation.Bean import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.core.userdetails.User @@ -33,6 +32,7 @@ import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy import org.springframework.security.web.csrf.CsrfTokenRepository @@ -81,11 +81,13 @@ class CsrfDslTests { } @EnableWebSecurity - open class DefaultCsrfConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class DefaultCsrfConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { csrf { } } + return http.build() } } @@ -100,13 +102,15 @@ class CsrfDslTests { } @EnableWebSecurity - open class CsrfDisabledConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CsrfDisabledConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { csrf { disable() } } + return http.build() } } @@ -124,18 +128,20 @@ class CsrfDslTests { } @EnableWebSecurity - open class CustomRepositoryConfig : WebSecurityConfigurerAdapter() { + open class CustomRepositoryConfig { companion object { val REPO: CsrfTokenRepository = HttpSessionCsrfTokenRepository() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { csrf { csrfTokenRepository = REPO } } + return http.build() } } @@ -155,13 +161,15 @@ class CsrfDslTests { } @EnableWebSecurity - open class RequireCsrfProtectionMatcherConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class RequireCsrfProtectionMatcherConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { csrf { requireCsrfProtectionMatcher = AntPathRequestMatcher("/test1") } } + return http.build() } } @@ -178,23 +186,25 @@ class CsrfDslTests { } @EnableWebSecurity - open class CustomStrategyConfig : WebSecurityConfigurerAdapter() { + open class CustomStrategyConfig { companion object { var STRATEGY: SessionAuthenticationStrategy = NullAuthenticatedSessionStrategy() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin { } csrf { sessionAuthenticationStrategy = STRATEGY } } + return http.build() } @Bean - override fun userDetailsService(): UserDetailsService { + open fun userDetailsService(): UserDetailsService { val userDetails = User.withDefaultPasswordEncoder() .username("user") .password("password") @@ -220,14 +230,16 @@ class CsrfDslTests { } @EnableWebSecurity - open class IgnoringRequestMatchersConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class IgnoringRequestMatchersConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { csrf { requireCsrfProtectionMatcher = AntPathRequestMatcher("/**") ignoringRequestMatchers(AntPathRequestMatcher("/test2")) } } + return http.build() } } @@ -247,14 +259,16 @@ class CsrfDslTests { } @EnableWebSecurity - open class IgnoringAntMatchersConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class IgnoringAntMatchersConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { csrf { requireCsrfProtectionMatcher = AntPathRequestMatcher("/**") ignoringAntMatchers("/test2") } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/ExceptionHandlingDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/ExceptionHandlingDslTests.kt index d49e106d72..ec767bf76e 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/ExceptionHandlingDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/ExceptionHandlingDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,14 +20,15 @@ import org.assertj.core.api.Assertions.assertThatExceptionOfType import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.security.access.AccessDeniedException import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.core.userdetails.User.withUsername import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.access.AccessDeniedHandlerImpl import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint import org.springframework.security.web.util.matcher.AntPathRequestMatcher @@ -60,14 +61,16 @@ class ExceptionHandlingDslTests { @EnableWebSecurity @EnableWebMvc - open class ExceptionHandlingConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class ExceptionHandlingConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) } exceptionHandling { } } + return http.build() } } @@ -81,8 +84,9 @@ class ExceptionHandlingDslTests { } @EnableWebSecurity - open class ExceptionHandlingDisabledConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class ExceptionHandlingDisabledConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -91,6 +95,7 @@ class ExceptionHandlingDslTests { disable() } } + return http.build() } } @@ -108,8 +113,9 @@ class ExceptionHandlingDslTests { @EnableWebSecurity @EnableWebMvc - open class AccessDeniedPageConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class AccessDeniedPageConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize("/admin", hasAuthority("ROLE_ADMIN")) @@ -119,6 +125,7 @@ class ExceptionHandlingDslTests { accessDeniedPage = "/access-denied" } } + return http.build() } } @@ -136,8 +143,9 @@ class ExceptionHandlingDslTests { @EnableWebSecurity @EnableWebMvc - open class AccessDeniedHandlerConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class AccessDeniedHandlerConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { val customAccessDeniedHandler = AccessDeniedHandlerImpl() customAccessDeniedHandler.setErrorPage("/access-denied") http { @@ -149,6 +157,7 @@ class ExceptionHandlingDslTests { accessDeniedHandler = customAccessDeniedHandler } } + return http.build() } } @@ -173,8 +182,9 @@ class ExceptionHandlingDslTests { @EnableWebSecurity @EnableWebMvc - open class AccessDeniedHandlerForConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class AccessDeniedHandlerForConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { val customAccessDeniedHandler1 = AccessDeniedHandlerImpl() customAccessDeniedHandler1.setErrorPage("/access-denied1") val customAccessDeniedHandler2 = AccessDeniedHandlerImpl() @@ -190,6 +200,7 @@ class ExceptionHandlingDslTests { defaultAccessDeniedHandlerFor(customAccessDeniedHandler2, AntPathRequestMatcher("/admin2")) } } + return http.build() } } @@ -206,8 +217,9 @@ class ExceptionHandlingDslTests { @EnableWebSecurity @EnableWebMvc - open class AuthenticationEntryPointConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class AuthenticationEntryPointConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -216,6 +228,7 @@ class ExceptionHandlingDslTests { authenticationEntryPoint = LoginUrlAuthenticationEntryPoint("/custom-login") } } + return http.build() } } @@ -238,8 +251,9 @@ class ExceptionHandlingDslTests { @EnableWebSecurity @EnableWebMvc - open class AuthenticationEntryPointForConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class AuthenticationEntryPointForConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { val customAuthenticationEntryPoint1 = LoginUrlAuthenticationEntryPoint("/custom-login1") val customAuthenticationEntryPoint2 = LoginUrlAuthenticationEntryPoint("/custom-login2") http { @@ -251,6 +265,7 @@ class ExceptionHandlingDslTests { defaultAuthenticationEntryPointFor(customAuthenticationEntryPoint2, AntPathRequestMatcher("/secured2")) } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt index 587994961d..604085a87d 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,11 +24,9 @@ import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired import org.springframework.context.annotation.Configuration -import org.springframework.security.authentication.AuthenticationDetailsSource import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.core.userdetails.User @@ -42,6 +40,8 @@ import org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirec import org.springframework.test.web.servlet.result.MockMvcResultMatchers.status import org.springframework.web.bind.annotation.GetMapping import jakarta.servlet.http.HttpServletRequest +import org.springframework.context.annotation.Bean +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.authentication.WebAuthenticationDetails import org.springframework.security.web.authentication.WebAuthenticationDetailsSource @@ -91,11 +91,13 @@ class FormLoginDslTests { } @EnableWebSecurity - open class FormLoginConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class FormLoginConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin {} } + return http.build() } } @@ -111,14 +113,16 @@ class FormLoginDslTests { } @EnableWebSecurity - open class AllSecuredConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class AllSecuredConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin {} authorizeRequests { authorize(anyRequest, authenticated) } } + return http.build() } } @@ -134,8 +138,9 @@ class FormLoginDslTests { } @EnableWebSecurity - open class LoginPageConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class LoginPageConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin { loginPage = "/log-in" @@ -144,6 +149,7 @@ class FormLoginDslTests { authorize(anyRequest, authenticated) } } + return http.build() } } @@ -159,13 +165,15 @@ class FormLoginDslTests { } @EnableWebSecurity - open class SuccessHandlerConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class SuccessHandlerConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin { authenticationSuccessHandler = SimpleUrlAuthenticationSuccessHandler("/success") } } + return http.build() } } @@ -181,13 +189,15 @@ class FormLoginDslTests { } @EnableWebSecurity - open class FailureHandlerConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class FailureHandlerConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin { authenticationFailureHandler = SimpleUrlAuthenticationFailureHandler("/failure") } } + return http.build() } } @@ -203,13 +213,15 @@ class FormLoginDslTests { } @EnableWebSecurity - open class FailureUrlConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class FailureUrlConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin { failureUrl = "/failure" } } + return http.build() } } @@ -225,13 +237,15 @@ class FormLoginDslTests { } @EnableWebSecurity - open class LoginProcessingUrlConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class LoginProcessingUrlConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin { loginProcessingUrl = "/custom" } } + return http.build() } } @@ -247,13 +261,15 @@ class FormLoginDslTests { } @EnableWebSecurity - open class DefaultSuccessUrlConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class DefaultSuccessUrlConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin { defaultSuccessUrl("/custom", true) } } + return http.build() } } @@ -268,8 +284,9 @@ class FormLoginDslTests { } @EnableWebSecurity - open class PermitAllConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class PermitAllConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -279,6 +296,7 @@ class FormLoginDslTests { permitAll() } } + return http.build() } @Controller @@ -308,18 +326,20 @@ class FormLoginDslTests { } @EnableWebSecurity - open class CustomAuthenticationDetailsSourceConfig : WebSecurityConfigurerAdapter() { + open class CustomAuthenticationDetailsSourceConfig { companion object { val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin { authenticationDetailsSource = AUTHENTICATION_DETAILS_SOURCE } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/HeadersDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/HeadersDslTests.kt index c21f1b52ed..6acab988af 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/HeadersDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/HeadersDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,9 +23,9 @@ import org.springframework.context.annotation.Bean import org.springframework.http.HttpHeaders import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.header.writers.StaticHeadersWriter import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter import org.springframework.security.web.server.header.ContentTypeOptionsServerHttpHeadersWriter @@ -66,11 +66,13 @@ class HeadersDslTests { } @EnableWebSecurity - open class DefaultHeadersConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class DefaultHeadersConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { } } + return http.build() } } @@ -86,13 +88,15 @@ class HeadersDslTests { @EnableWebSecurity @Suppress("DEPRECATION") - open class FeaturePolicyConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class FeaturePolicyConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { featurePolicy(policyDirectives = "geolocation 'self'") } } + return http.build() } } @@ -107,8 +111,9 @@ class HeadersDslTests { } @EnableWebSecurity - open class PermissionsPolicyConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class PermissionsPolicyConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { permissionsPolicy { @@ -116,6 +121,7 @@ class HeadersDslTests { } } } + return http.build() } } @@ -136,13 +142,15 @@ class HeadersDslTests { } @EnableWebSecurity - open class HeadersDisabledConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HeadersDisabledConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { disable() } } + return http.build() } } @@ -157,13 +165,15 @@ class HeadersDslTests { } @EnableWebSecurity - open class HeaderWriterConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HeaderWriterConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { addHeaderWriter(StaticHeadersWriter("custom-header", "custom-value")) } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpBasicDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpBasicDslTests.kt index 18edff7f17..b6ab25b1ca 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpBasicDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpBasicDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,17 +20,14 @@ import io.mockk.every import io.mockk.mockk import io.mockk.mockkObject import io.mockk.verify -import jakarta.servlet.http.HttpServletRequest import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.http.HttpStatus -import org.springframework.security.authentication.AuthenticationDetailsSource import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.core.userdetails.User @@ -38,6 +35,7 @@ import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic import org.springframework.security.web.AuthenticationEntryPoint +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.authentication.HttpStatusEntryPoint import org.springframework.security.web.authentication.WebAuthenticationDetailsSource import org.springframework.test.web.servlet.MockMvc @@ -90,14 +88,16 @@ class HttpBasicDslTests { } @EnableWebSecurity - open class HttpBasicConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HttpBasicConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { httpBasic {} authorizeRequests { authorize(anyRequest, authenticated) } } + return http.build() } } @@ -112,8 +112,9 @@ class HttpBasicDslTests { } @EnableWebSecurity - open class CustomRealmConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CustomRealmConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { httpBasic { realmName = "Custom Realm" @@ -122,6 +123,7 @@ class HttpBasicDslTests { authorize(anyRequest, authenticated) } } + return http.build() } } @@ -137,13 +139,14 @@ class HttpBasicDslTests { } @EnableWebSecurity - open class CustomAuthenticationEntryPointConfig : WebSecurityConfigurerAdapter() { + open class CustomAuthenticationEntryPointConfig { companion object { val ENTRY_POINT: AuthenticationEntryPoint = HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED) } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { httpBasic { authenticationEntryPoint = ENTRY_POINT @@ -152,6 +155,7 @@ class HttpBasicDslTests { authorize(anyRequest, authenticated) } } + return http.build() } } @@ -173,13 +177,14 @@ class HttpBasicDslTests { } @EnableWebSecurity - open class CustomAuthenticationDetailsSourceConfig : WebSecurityConfigurerAdapter() { + open class CustomAuthenticationDetailsSourceConfig { companion object { val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { httpBasic { authenticationDetailsSource = AUTHENTICATION_DETAILS_SOURCE @@ -188,6 +193,7 @@ class HttpBasicDslTests { authorize(anyRequest, authenticated) } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpSecurityDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpSecurityDslTests.kt index 5064ab4d4f..b2019e703d 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpSecurityDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpSecurityDslTests.kt @@ -32,7 +32,6 @@ import org.springframework.security.authentication.TestingAuthenticationProvider import org.springframework.security.authentication.TestingAuthenticationToken import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.core.userdetails.User @@ -112,9 +111,10 @@ class HttpSecurityDslTests { } @EnableWebSecurity - open class DefaultSecurityConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { - http {} + open class DefaultSecurityConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { + return http.build() } @Configuration @@ -160,14 +160,16 @@ class HttpSecurityDslTests { } @EnableWebSecurity - open class SecurityRequestMatcherRequestsConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class SecurityRequestMatcherRequestsConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { securityMatcher(RegexRequestMatcher("/path", null)) authorizeRequests { authorize(anyRequest, authenticated) } } + return http.build() } } @@ -215,14 +217,16 @@ class HttpSecurityDslTests { @EnableWebSecurity @EnableWebMvc - open class SecurityPatternMatcherRequestsConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class SecurityPatternMatcherRequestsConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { securityMatcher("/path") authorizeRequests { authorize(anyRequest, authenticated) } } + return http.build() } } @@ -267,8 +271,9 @@ class HttpSecurityDslTests { @EnableWebSecurity @EnableWebMvc - open class MultiMatcherRequestsConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class MultiMatcherRequestsConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { securityMatcher("/path1") securityMatcher(RegexRequestMatcher("/path2", null)) @@ -276,6 +281,7 @@ class HttpSecurityDslTests { authorize(anyRequest, authenticated) } } + return http.build() } } @@ -317,8 +323,9 @@ class HttpSecurityDslTests { } @EnableWebSecurity - open class AuthenticationManagerRequestsConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class AuthenticationManagerRequestsConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authenticationManager = AuthenticationManagerConfig.AUTHENTICATION_MANAGER authorizeRequests { @@ -326,6 +333,7 @@ class HttpSecurityDslTests { } httpBasic { } } + return http.build() } } @@ -351,17 +359,18 @@ class HttpSecurityDslTests { val filterChain = spring.context.getBean(FilterChainProxy::class.java) val filters: List = filterChain.getFilters("/") - assertThat(filters).hasSize(1) - assertThat(filters[0]).isExactlyInstanceOf(CustomFilter::class.java) + assertThat(filters).anyMatch { it is CustomFilter } } @EnableWebSecurity @EnableWebMvc - open class CustomFilterConfig : WebSecurityConfigurerAdapter(true) { - override fun configure(http: HttpSecurity) { + open class CustomFilterConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { addFilterAt(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java) } + return http.build() } } @@ -372,17 +381,18 @@ class HttpSecurityDslTests { val filterChain = spring.context.getBean(FilterChainProxy::class.java) val filters: List = filterChain.getFilters("/") - assertThat(filters).hasSize(1) - assertThat(filters[0]).isExactlyInstanceOf(CustomFilter::class.java) + assertThat(filters).anyMatch { it is CustomFilter } } @EnableWebSecurity @EnableWebMvc - open class CustomFilterConfigReified : WebSecurityConfigurerAdapter(true) { - override fun configure(http: HttpSecurity) { + open class CustomFilterConfigReified { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { addFilterAt(CustomFilter()) } + return http.build() } } @@ -401,12 +411,14 @@ class HttpSecurityDslTests { @EnableWebSecurity @EnableWebMvc - open class CustomFilterAfterConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CustomFilterAfterConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { addFilterAfter(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java) formLogin {} } + return http.build() } } @@ -425,12 +437,14 @@ class HttpSecurityDslTests { @EnableWebSecurity @EnableWebMvc - open class CustomFilterAfterConfigReified : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CustomFilterAfterConfigReified{ + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { addFilterAfter(CustomFilter()) formLogin { } } + return http.build() } } @@ -449,12 +463,14 @@ class HttpSecurityDslTests { @EnableWebSecurity @EnableWebMvc - open class CustomFilterBeforeConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CustomFilterBeforeConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { addFilterBefore(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java) formLogin {} } + return http.build() } } @@ -473,12 +489,14 @@ class HttpSecurityDslTests { @EnableWebSecurity @EnableWebMvc - open class CustomFilterBeforeConfigReified : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CustomFilterBeforeConfigReified{ + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { addFilterBefore(CustomFilter()) formLogin { } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/LogoutDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/LogoutDslTests.kt index 03eee86a24..ee7cf027ba 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/LogoutDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/LogoutDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,16 +25,17 @@ import org.assertj.core.api.Assertions.assertThat import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.mock.web.MockHttpSession import org.springframework.security.authentication.TestingAuthenticationToken import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.core.Authentication import org.springframework.security.core.context.SecurityContextHolder import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.authentication.logout.LogoutHandler import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler import org.springframework.security.web.context.HttpSessionSecurityContextRepository @@ -68,13 +69,15 @@ class LogoutDslTests { } @EnableWebSecurity - open class CustomLogoutUrlConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CustomLogoutUrlConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { logout { logoutUrl = "/custom/logout" } } + return http.build() } } @@ -91,13 +94,15 @@ class LogoutDslTests { } @EnableWebSecurity - open class CustomLogoutRequestMatcherConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CustomLogoutRequestMatcherConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { logout { logoutRequestMatcher = AntPathRequestMatcher("/custom/logout") } } + return http.build() } } @@ -114,13 +119,15 @@ class LogoutDslTests { } @EnableWebSecurity - open class SuccessUrlConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class SuccessUrlConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { logout { logoutSuccessUrl = "/login" } } + return http.build() } } @@ -137,13 +144,15 @@ class LogoutDslTests { } @EnableWebSecurity - open class SuccessHandlerConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class SuccessHandlerConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { logout { logoutSuccessHandler = SimpleUrlLogoutSuccessHandler() } } + return http.build() } } @@ -160,8 +169,9 @@ class LogoutDslTests { } @EnableWebSecurity - open class PermitAllConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class PermitAllConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -171,6 +181,7 @@ class LogoutDslTests { permitAll() } } + return http.build() } } @@ -194,13 +205,15 @@ class LogoutDslTests { } @EnableWebSecurity - open class ClearAuthenticationFalseConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class ClearAuthenticationFalseConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { logout { clearAuthentication = false } } + return http.build() } } @@ -221,13 +234,15 @@ class LogoutDslTests { } @EnableWebSecurity - open class InvalidateHttpSessionFalseConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class InvalidateHttpSessionFalseConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { logout { invalidateHttpSession = false } } + return http.build() } } @@ -245,13 +260,15 @@ class LogoutDslTests { } @EnableWebSecurity - open class DeleteCookiesConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class DeleteCookiesConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { logout { deleteCookies("remove") } } + return http.build() } } @@ -275,14 +292,16 @@ class LogoutDslTests { } @EnableWebSecurity - open class DefaultLogoutSuccessHandlerForConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class DefaultLogoutSuccessHandlerForConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { logout { logoutRequestMatcher = AntPathRequestMatcher("/logout/**") defaultLogoutSuccessHandlerFor(SimpleUrlLogoutSuccessHandler(), AntPathRequestMatcher("/logout/custom")) } } + return http.build() } } @@ -300,18 +319,20 @@ class LogoutDslTests { } @EnableWebSecurity - open class CustomLogoutHandlerConfig : WebSecurityConfigurerAdapter() { + open class CustomLogoutHandlerConfig { companion object { val HANDLER: LogoutHandler = NoopLogoutHandler() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { logout { addLogoutHandler(HANDLER) } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDslTests.kt index 8de517bc6a..0331bbca56 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -26,7 +26,6 @@ import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension @@ -43,6 +42,7 @@ import org.springframework.security.oauth2.core.OAuth2AccessToken import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -65,8 +65,9 @@ class OAuth2ClientDslTests { } @EnableWebSecurity - open class ClientRepoConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class ClientRepoConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { oauth2Client { clientRegistrationRepository = InMemoryClientRegistrationRepository( @@ -76,6 +77,7 @@ class OAuth2ClientDslTests { ) } } + return http.build() } } @@ -118,7 +120,7 @@ class OAuth2ClientDslTests { } @EnableWebSecurity - open class ClientRepositoryConfig : WebSecurityConfigurerAdapter() { + open class ClientRepositoryConfig { companion object { val REQUEST_REPOSITORY: AuthorizationRequestRepository = @@ -128,7 +130,8 @@ class OAuth2ClientDslTests { val CLIENT_REPOSITORY: OAuth2AuthorizedClientRepository = HttpSessionOAuth2AuthorizedClientRepository() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { oauth2Client { authorizedClientRepository = CLIENT_REPOSITORY @@ -141,6 +144,7 @@ class OAuth2ClientDslTests { authorize(anyRequest, authenticated) } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDslTests.kt index 026e079ac4..47e92f9b8f 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,10 +25,8 @@ import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration -import org.springframework.security.authentication.AuthenticationDetailsSource import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension @@ -43,7 +41,7 @@ import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.post import org.springframework.web.bind.annotation.GetMapping import org.springframework.web.bind.annotation.RestController -import jakarta.servlet.http.HttpServletRequest +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.authentication.WebAuthenticationDetailsSource /** @@ -65,8 +63,9 @@ class OAuth2LoginDslTests { } @EnableWebSecurity - open class ClientRepoConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class ClientRepoConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { oauth2Login { clientRegistrationRepository = InMemoryClientRegistrationRepository( @@ -76,6 +75,7 @@ class OAuth2LoginDslTests { ) } } + return http.build() } } @@ -90,11 +90,13 @@ class OAuth2LoginDslTests { } @EnableWebSecurity - open class OAuth2LoginConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class OAuth2LoginConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { oauth2Login { } } + return http.build() } } @@ -109,13 +111,15 @@ class OAuth2LoginDslTests { } @EnableWebSecurity - open class LoginPageConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class LoginPageConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { oauth2Login { loginPage = "/custom-login" } } + return http.build() } @RestController @@ -157,14 +161,15 @@ class OAuth2LoginDslTests { } @EnableWebSecurity - open class CustomAuthenticationDetailsSourceConfig : WebSecurityConfigurerAdapter() { + open class CustomAuthenticationDetailsSourceConfig { companion object { val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource() val AUTHORIZATION_REQUEST_REPOSITORY = HttpSessionOAuth2AuthorizationRequestRepository() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { oauth2Login { authenticationDetailsSource = AUTHENTICATION_DETAILS_SOURCE @@ -173,6 +178,7 @@ class OAuth2LoginDslTests { } } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDslTests.kt index c7a2b8e2e0..888894343c 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -32,7 +32,6 @@ import org.springframework.security.authentication.AuthenticationManager import org.springframework.security.authentication.AuthenticationManagerResolver import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames.SUB @@ -43,6 +42,7 @@ import org.springframework.security.oauth2.server.resource.authentication.JwtIss import org.springframework.security.oauth2.server.resource.web.BearerTokenResolver import org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver import org.springframework.security.web.AuthenticationEntryPoint +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.access.AccessDeniedHandler import org.springframework.security.web.access.AccessDeniedHandlerImpl import org.springframework.security.web.authentication.HttpStatusEntryPoint @@ -79,13 +79,14 @@ class OAuth2ResourceServerDslTests { } @EnableWebSecurity - open class EntryPointConfig : WebSecurityConfigurerAdapter() { + open class EntryPointConfig { companion object { val ENTRY_POINT: AuthenticationEntryPoint = HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED) } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -95,6 +96,7 @@ class OAuth2ResourceServerDslTests { jwt { } } } + return http.build() } @Bean @@ -115,14 +117,15 @@ class OAuth2ResourceServerDslTests { } @EnableWebSecurity - open class BearerTokenResolverConfig : WebSecurityConfigurerAdapter() { + open class BearerTokenResolverConfig { companion object { val RESOLVER: BearerTokenResolver = DefaultBearerTokenResolver() val DECODER: JwtDecoder = MockJwtDecoder() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -132,6 +135,7 @@ class OAuth2ResourceServerDslTests { jwt { } } } + return http.build() } @Bean @@ -168,14 +172,15 @@ class OAuth2ResourceServerDslTests { } @EnableWebSecurity - open class AccessDeniedHandlerConfig : WebSecurityConfigurerAdapter() { + open class AccessDeniedHandlerConfig { companion object { val DECODER: JwtDecoder = MockJwtDecoder() val DENIED_HANDLER: AccessDeniedHandler = AccessDeniedHandlerImpl() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, denyAll) @@ -185,6 +190,7 @@ class OAuth2ResourceServerDslTests { jwt { } } } + return http.build() } @Bean @@ -209,14 +215,15 @@ class OAuth2ResourceServerDslTests { } @EnableWebSecurity - open class AuthenticationManagerResolverConfig : WebSecurityConfigurerAdapter() { + open class AuthenticationManagerResolverConfig { companion object { val RESOLVER: AuthenticationManagerResolver = JwtIssuerAuthenticationManagerResolver("issuer") } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -225,6 +232,7 @@ class OAuth2ResourceServerDslTests { authenticationManagerResolver = RESOLVER } } + return http.build() } } @@ -236,8 +244,9 @@ class OAuth2ResourceServerDslTests { } @EnableWebSecurity - open class AuthenticationManagerResolverAndOpaqueConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class AuthenticationManagerResolverAndOpaqueConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -247,6 +256,7 @@ class OAuth2ResourceServerDslTests { opaqueToken { } } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/PasswordManagementDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/PasswordManagementDslTests.kt index 53d9b3ed18..8d147bde6c 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/PasswordManagementDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/PasswordManagementDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,11 +19,12 @@ package org.springframework.security.config.annotation.web import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -53,11 +54,13 @@ class PasswordManagementDslTests { } @EnableWebSecurity - open class PasswordManagementWithDefaultChangePasswordPageConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class PasswordManagementWithDefaultChangePasswordPageConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { passwordManagement {} } + return http.build() } } @@ -73,13 +76,15 @@ class PasswordManagementDslTests { } @EnableWebSecurity - open class PasswordManagementWithCustomChangePasswordPageConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class PasswordManagementWithCustomChangePasswordPageConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { passwordManagement { changePasswordPage = "/custom-change-password-page" } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/PortMapperDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/PortMapperDslTests.kt index 14e221ed36..71d8cab7bb 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/PortMapperDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/PortMapperDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,12 +19,13 @@ package org.springframework.security.config.annotation.web import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.web.PortMapperImpl +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get import java.util.* @@ -53,8 +54,9 @@ class PortMapperDslTests { } @EnableWebSecurity - open class PortMapperMapConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class PortMapperMapConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { requiresChannel { secure(anyRequest, requiresSecure) @@ -63,6 +65,7 @@ class PortMapperDslTests { map(543, 123) } } + return http.build() } } @@ -77,8 +80,9 @@ class PortMapperDslTests { } @EnableWebSecurity - open class CustomPortMapperConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CustomPortMapperConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { val customPortMapper = PortMapperImpl() customPortMapper.setPortMappings(Collections.singletonMap("543", "123")) http { @@ -89,6 +93,7 @@ class PortMapperDslTests { portMapper = customPortMapper } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt index fa793fa126..d393757902 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -26,13 +26,12 @@ import org.junit.jupiter.api.Test import org.junit.jupiter.api.fail import org.springframework.beans.factory.annotation.Autowired import org.springframework.context.annotation.Bean +import org.springframework.context.annotation.Configuration import org.springframework.core.annotation.Order import org.springframework.mock.web.MockHttpSession import org.springframework.security.authentication.RememberMeAuthenticationToken -import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.core.Authentication import org.springframework.security.core.authority.AuthorityUtils @@ -45,6 +44,7 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf import org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.authentication.AuthenticationSuccessHandler import org.springframework.security.web.authentication.NullRememberMeServices import org.springframework.security.web.authentication.RememberMeServices @@ -219,7 +219,7 @@ internal class RememberMeDslTests { @Test fun `Remember Me when key then remember me works only for matching routes`() { - this.spring.register(WithoutKeyConfig::class.java, KeyConfig::class.java).autowire() + this.spring.register(WithAndWithoutKeyConfig::class.java).autowire() val withoutKeyMvcResult = mockMvc.post("/without-key/login") { loginRememberMeRequest() }.andReturn() @@ -383,17 +383,18 @@ internal class RememberMeDslTests { } } - abstract class DefaultUserConfig : WebSecurityConfigurerAdapter() { - @Autowired - open fun configureGlobal(auth: AuthenticationManagerBuilder) { - auth.inMemoryAuthentication() - .withUser(PasswordEncodedUser.user()) + @Configuration + open class DefaultUserConfig { + @Bean + open fun userDetailsService(): UserDetailsService { + return InMemoryUserDetailsManager(PasswordEncodedUser.user()) } } @EnableWebSecurity open class RememberMeConfig : DefaultUserConfig() { - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, hasRole("USER")) @@ -401,12 +402,14 @@ internal class RememberMeDslTests { formLogin {} rememberMe {} } + return http.build() } } @EnableWebSecurity open class RememberMeDomainConfig : DefaultUserConfig() { - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, hasRole("USER")) @@ -416,6 +419,7 @@ internal class RememberMeDslTests { rememberMeCookieDomain = "spring.io" } } + return http.build() } } @@ -426,13 +430,15 @@ internal class RememberMeDslTests { val REMEMBER_ME_SERVICES: RememberMeServices = NullRememberMeServices() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin {} rememberMe { rememberMeServices = REMEMBER_ME_SERVICES } } + return http.build() } } @@ -443,20 +449,23 @@ internal class RememberMeDslTests { val SUCCESS_HANDLER: AuthenticationSuccessHandler = SimpleUrlAuthenticationSuccessHandler() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin {} rememberMe { authenticationSuccessHandler = SUCCESS_HANDLER } } + return http.build() } } @EnableWebSecurity - @Order(0) - open class WithoutKeyConfig : DefaultUserConfig() { - override fun configure(http: HttpSecurity) { + open class WithAndWithoutKeyConfig : DefaultUserConfig() { + @Bean + @Order(0) + open fun securityFilterChainWithoutKey(http: HttpSecurity): SecurityFilterChain { http { securityMatcher(AntPathRequestMatcher("/without-key/**")) formLogin { @@ -464,12 +473,11 @@ internal class RememberMeDslTests { } rememberMe {} } + return http.build() } - } - @EnableWebSecurity - open class KeyConfig : DefaultUserConfig() { - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChainWithKey(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -479,6 +487,7 @@ internal class RememberMeDslTests { key = "RememberMeKey" } } + return http.build() } } @@ -489,66 +498,76 @@ internal class RememberMeDslTests { val TOKEN_REPOSITORY: PersistentTokenRepository = mockk() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin {} rememberMe { tokenRepository = TOKEN_REPOSITORY } } + return http.build() } } @EnableWebSecurity open class RememberMeTokenValidityConfig : DefaultUserConfig() { - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin {} rememberMe { tokenValiditySeconds = 42 } } + return http.build() } } @EnableWebSecurity open class RememberMeUseSecureCookieConfig : DefaultUserConfig() { - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin {} rememberMe { useSecureCookie = true } } + return http.build() } } @EnableWebSecurity open class RememberMeParameterConfig : DefaultUserConfig() { - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin {} rememberMe { rememberMeParameter = "rememberMe" } } + return http.build() } } @EnableWebSecurity open class RememberMeCookieNameConfig : DefaultUserConfig() { - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin {} rememberMe { rememberMeCookieName = "rememberMe" } } + return http.build() } } @EnableWebSecurity - open class RememberMeDefaultUserDetailsServiceConfig : DefaultUserConfig() { + open class RememberMeDefaultUserDetailsServiceConfig { companion object { val USER_DETAIL_SERVICE: UserDetailsService = InMemoryUserDetailsManager( @@ -557,15 +576,18 @@ internal class RememberMeDslTests { val PASSWORD_ENCODER: PasswordEncoder = BCryptPasswordEncoder() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin {} rememberMe {} } + return http.build() } - override fun configure(auth: AuthenticationManagerBuilder) { - auth.userDetailsService(USER_DETAIL_SERVICE) + @Bean + open fun userDetailsService(): UserDetailsService { + return USER_DETAIL_SERVICE } @Bean @@ -582,25 +604,29 @@ internal class RememberMeDslTests { ) } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin {} rememberMe { userDetailsService = USER_DETAIL_SERVICE } } + return http.build() } } @EnableWebSecurity open class RememberMeAlwaysRememberConfig : DefaultUserConfig() { - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { formLogin {} rememberMe { alwaysRemember = true } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/RequestCacheDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/RequestCacheDslTests.kt index 8a50adb1ec..1e101faf30 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/RequestCacheDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/RequestCacheDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,12 +19,13 @@ package org.springframework.security.config.annotation.web import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.savedrequest.NullRequestCache import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -56,12 +57,14 @@ class RequestCacheDslTests { } @EnableWebSecurity - open class RequestCacheConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class RequestCacheConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { requestCache { } formLogin { } } + return http.build() } } @@ -78,14 +81,16 @@ class RequestCacheDslTests { } @EnableWebSecurity - open class CustomRequestCacheConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CustomRequestCacheConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { requestCache { requestCache = NullRequestCache() } formLogin { } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/RequiresChannelDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/RequiresChannelDslTests.kt index 5f7190790c..d29858873c 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/RequiresChannelDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/RequiresChannelDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,13 +21,14 @@ import io.mockk.verify import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.security.access.ConfigAttribute import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.web.FilterInvocation +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.access.channel.ChannelProcessor import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -63,13 +64,15 @@ class RequiresChannelDslTests { } @EnableWebSecurity - open class RequiresSecureConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class RequiresSecureConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { requiresChannel { secure(anyRequest, requiresSecure) } } + return http.build() } } @@ -95,8 +98,9 @@ class RequiresChannelDslTests { @EnableWebSecurity @EnableWebMvc - open class MvcMatcherServletPathConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class MvcMatcherServletPathConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { requiresChannel { secure("/path", @@ -104,6 +108,7 @@ class RequiresChannelDslTests { requiresSecure) } } + return http.build() } @RestController @@ -125,7 +130,7 @@ class RequiresChannelDslTests { } @EnableWebSecurity - open class ChannelProcessorsConfig : WebSecurityConfigurerAdapter() { + open class ChannelProcessorsConfig { companion object { val CHANNEL_PROCESSOR: ChannelProcessor = object : ChannelProcessor { @@ -134,13 +139,15 @@ class RequiresChannelDslTests { } } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { requiresChannel { channelProcessors = listOf(CHANNEL_PROCESSOR) secure(anyRequest, requiresSecure) } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/Saml2DslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/Saml2DslTests.kt index da48324474..03ba3e8492 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/Saml2DslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/Saml2DslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -32,7 +32,6 @@ import org.springframework.security.authentication.ProviderManager import org.springframework.security.authentication.TestingAuthenticationProvider import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.saml2.credentials.Saml2X509Credential @@ -42,6 +41,7 @@ import org.springframework.security.saml2.provider.service.registration.RelyingP import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository import org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.request.MockMvcRequestBuilders @@ -71,11 +71,13 @@ class Saml2DslTests { } @EnableWebSecurity - open class Saml2LoginNoRelyingPArtyRegistrationRepoConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class Saml2LoginNoRelyingPArtyRegistrationRepoConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { saml2Login { } } + return http.build() } } @@ -90,9 +92,10 @@ class Saml2DslTests { } @EnableWebSecurity - open class Saml2LoginConfig : WebSecurityConfigurerAdapter() { + open class Saml2LoginConfig { - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { saml2Login { relyingPartyRegistrationRepository = @@ -106,6 +109,7 @@ class Saml2DslTests { ) } } + return http.build() } private fun loadCert(location: String): T { @@ -127,17 +131,19 @@ class Saml2DslTests { } @EnableWebSecurity - open class Saml2LoginCustomAuthenticationManagerConfig : WebSecurityConfigurerAdapter() { + open class Saml2LoginCustomAuthenticationManagerConfig { companion object { val AUTHENTICATION_MANAGER: AuthenticationManager = ProviderManager(TestingAuthenticationProvider()) } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { saml2Login { authenticationManager = AUTHENTICATION_MANAGER } } + return http.build() } @Bean diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/SecurityContextDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/SecurityContextDslTests.kt index e526fa237f..1332c653dd 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/SecurityContextDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/SecurityContextDslTests.kt @@ -19,27 +19,28 @@ package org.springframework.security.config.annotation.web import io.mockk.every import io.mockk.mockk import io.mockk.mockkObject -import io.mockk.spyk import io.mockk.verify import org.assertj.core.api.Assertions.assertThat import org.junit.jupiter.api.Test -import org.junit.jupiter.api.assertDoesNotThrow import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired import org.springframework.context.annotation.Bean -import org.springframework.security.config.annotation.ObjectPostProcessor -import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.core.context.SecurityContext import org.springframework.security.core.userdetails.PasswordEncodedUser +import org.springframework.security.core.userdetails.UserDetailsService +import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders import org.springframework.security.web.FilterChainProxy -import org.springframework.security.web.context.* -import org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter +import org.springframework.security.web.SecurityFilterChain +import org.springframework.security.web.context.HttpRequestResponseHolder +import org.springframework.security.web.context.HttpSessionSecurityContextRepository +import org.springframework.security.web.context.NullSecurityContextRepository +import org.springframework.security.web.context.SecurityContextHolderFilter +import org.springframework.security.web.context.SecurityContextPersistenceFilter import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get @@ -56,14 +57,17 @@ class SecurityContextDslTests { fun `security context when invoked twice then uses original security context repository`() { spring.register(DuplicateDoesNotOverrideConfig::class.java).autowire() mockkObject(DuplicateDoesNotOverrideConfig.SECURITY_CONTEXT_REPOSITORY) - every { DuplicateDoesNotOverrideConfig.SECURITY_CONTEXT_REPOSITORY.loadContext(any()) } returns mockk(relaxed = true) + every { DuplicateDoesNotOverrideConfig.SECURITY_CONTEXT_REPOSITORY.loadContext(any()) } returns mockk( + relaxed = true + ) mvc.perform(get("/")) verify(exactly = 1) { DuplicateDoesNotOverrideConfig.SECURITY_CONTEXT_REPOSITORY.loadContext(any()) } } @EnableWebSecurity - open class DuplicateDoesNotOverrideConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class DuplicateDoesNotOverrideConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { // @formatter:off http { securityContext { @@ -72,6 +76,7 @@ class SecurityContextDslTests { securityContext { } } // @formatter:on + return http.build() } companion object { @@ -79,37 +84,6 @@ class SecurityContextDslTests { } } - @Test - fun `security context when security context repository not configured then does not throw exception`() { - spring.register(SecurityContextRepositoryDefaultsSecurityContextRepositoryConfig::class.java).autowire() - assertDoesNotThrow { mvc.perform(get("/")) } - } - - @EnableWebSecurity - open class SecurityContextRepositoryDefaultsSecurityContextRepositoryConfig : WebSecurityConfigurerAdapter(true) { - override fun configure(http: HttpSecurity) { - // @formatter:off - http { - addFilterAt(WebAsyncManagerIntegrationFilter()) - anonymous { } - securityContext { } - authorizeRequests { - authorize(anyRequest, permitAll) - } - httpBasic { } - } - // @formatter:on - } - - override fun configure(auth: AuthenticationManagerBuilder) { - // @formatter:off - auth - .inMemoryAuthentication() - .withUser("user").password("password").roles("USER") - // @formatter:on - } - } - @Test fun `security context when require explicit save is true then configure SecurityContextHolderFilter`() { val repository = HttpSessionSecurityContextRepository() @@ -125,13 +99,14 @@ class SecurityContextDslTests { // @formatter:on val mvcResult = mvc.perform(SecurityMockMvcRequestBuilders.formLogin()).andReturn() val securityContext = repository - .loadContext(HttpRequestResponseHolder(mvcResult.request, mvcResult.response)) + .loadContext(HttpRequestResponseHolder(mvcResult.request, mvcResult.response)) assertThat(securityContext.authentication).isNotNull } @EnableWebSecurity - open class RequireExplicitSaveConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class RequireExplicitSaveConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { // @formatter:off http { formLogin { } @@ -140,14 +115,12 @@ class SecurityContextDslTests { } } // @formatter:on + return http.build() } - override fun configure(auth: AuthenticationManagerBuilder) { - // @formatter:off - auth - .inMemoryAuthentication() - .withUser(PasswordEncodedUser.user()) - // @formatter:on + @Bean + open fun userDetailsService(): UserDetailsService { + return InMemoryUserDetailsManager(PasswordEncodedUser.user()) } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/SessionManagementDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/SessionManagementDslTests.kt index 8875bb8cd2..e36e6f94e7 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/SessionManagementDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/SessionManagementDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -29,12 +29,12 @@ import org.springframework.context.annotation.Bean import org.springframework.mock.web.MockHttpSession import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.http.SessionCreationPolicy import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.core.Authentication import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy import org.springframework.security.web.authentication.session.SessionAuthenticationException @@ -73,13 +73,15 @@ class SessionManagementDslTests { } @EnableWebSecurity - open class InvalidSessionUrlConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class InvalidSessionUrlConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { sessionManagement { invalidSessionUrl = "/invalid" } } + return http.build() } } @@ -98,13 +100,15 @@ class SessionManagementDslTests { } @EnableWebSecurity - open class InvalidSessionStrategyConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class InvalidSessionStrategyConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { sessionManagement { invalidSessionStrategy = SimpleRedirectInvalidSessionStrategy("/invalid") } } + return http.build() } } @@ -124,8 +128,9 @@ class SessionManagementDslTests { } @EnableWebSecurity - open class SessionAuthenticationErrorUrlConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class SessionAuthenticationErrorUrlConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -134,6 +139,7 @@ class SessionManagementDslTests { sessionAuthenticationErrorUrl = "/session-auth-error" } } + return http.build() } } @@ -153,8 +159,9 @@ class SessionManagementDslTests { } @EnableWebSecurity - open class SessionAuthenticationFailureHandlerConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class SessionAuthenticationFailureHandlerConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -163,6 +170,7 @@ class SessionManagementDslTests { sessionAuthenticationFailureHandler = SimpleUrlAuthenticationFailureHandler("/session-auth-error") } } + return http.build() } } @@ -177,8 +185,9 @@ class SessionManagementDslTests { } @EnableWebSecurity - open class StatelessSessionManagementConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class StatelessSessionManagementConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -187,6 +196,7 @@ class SessionManagementDslTests { sessionCreationPolicy = SessionCreationPolicy.STATELESS } } + return http.build() } } @@ -208,13 +218,14 @@ class SessionManagementDslTests { } @EnableWebSecurity - open class SessionAuthenticationStrategyConfig : WebSecurityConfigurerAdapter() { + open class SessionAuthenticationStrategyConfig { companion object { val STRATEGY: SessionAuthenticationStrategy = NullAuthenticatedSessionStrategy() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -223,6 +234,7 @@ class SessionManagementDslTests { sessionAuthenticationStrategy = STRATEGY } } + return http.build() } @Bean diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/X509DslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/X509DslTests.kt index 71be404073..c8c0de7da4 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/X509DslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/X509DslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -27,7 +27,6 @@ import org.springframework.context.annotation.Bean import org.springframework.core.io.ClassPathResource import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.core.userdetails.User @@ -36,6 +35,7 @@ import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.x509 import org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken import org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor import org.springframework.test.web.servlet.MockMvc @@ -65,15 +65,17 @@ class X509DslTests { } @EnableWebSecurity - open class X509Config : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class X509Config { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { x509 { } } + return http.build() } @Bean - override fun userDetailsService(): UserDetailsService { + open fun userDetailsService(): UserDetailsService { val userDetails = User.withDefaultPasswordEncoder() .username("rod") .password("password") @@ -94,17 +96,19 @@ class X509DslTests { } @EnableWebSecurity - open class X509RegexConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class X509RegexConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { x509 { subjectPrincipalRegex = "CN=(.*?)@example.com(?:,|$)" } } + return http.build() } @Bean - override fun userDetailsService(): UserDetailsService { + open fun userDetailsService(): UserDetailsService { val userDetails = User.withDefaultPasswordEncoder() .username("rod") .password("password") @@ -125,8 +129,9 @@ class X509DslTests { } @EnableWebSecurity - open class UserDetailsServiceConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class UserDetailsServiceConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { val userDetails = User.withDefaultPasswordEncoder() .username("rod") .password("password") @@ -138,10 +143,11 @@ class X509DslTests { userDetailsService = customUserDetailsService } } + return http.build() } @Bean - override fun userDetailsService(): UserDetailsService = mockk() + open fun userDetailsService(): UserDetailsService = mockk() } @Test @@ -155,8 +161,9 @@ class X509DslTests { } @EnableWebSecurity - open class AuthenticationUserDetailsServiceConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class AuthenticationUserDetailsServiceConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { val userDetails = User.withDefaultPasswordEncoder() .username("rod") .password("password") @@ -170,10 +177,11 @@ class X509DslTests { authenticationUserDetailsService = customSource } } + return http.build() } @Bean - override fun userDetailsService(): UserDetailsService = mockk() + open fun userDetailsService(): UserDetailsService = mockk() } @Test @@ -187,8 +195,9 @@ class X509DslTests { } @EnableWebSecurity - open class X509PrincipalExtractorConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class X509PrincipalExtractorConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { val principalExtractor = SubjectDnX509PrincipalExtractor() principalExtractor.setSubjectDnRegex("CN=(.*?)@example.com(?:,|$)") http { @@ -196,10 +205,11 @@ class X509DslTests { x509PrincipalExtractor = principalExtractor } } + return http.build() } @Bean - override fun userDetailsService(): UserDetailsService { + open fun userDetailsService(): UserDetailsService { val userDetails = User.withDefaultPasswordEncoder() .username("rod") .password("password") diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/CacheControlDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/CacheControlDslTests.kt index c058f368d9..b4fcedc7bc 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/CacheControlDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/CacheControlDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,13 +19,14 @@ package org.springframework.security.config.annotation.web.headers import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.http.HttpHeaders import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -55,14 +56,16 @@ class CacheControlDslTests { } @EnableWebSecurity - open class CacheControlConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CacheControlConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true cacheControl { } } } + return http.build() } } @@ -79,8 +82,9 @@ class CacheControlDslTests { } @EnableWebSecurity - open class CacheControlDisabledConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CacheControlDisabledConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { cacheControl { @@ -88,6 +92,7 @@ class CacheControlDslTests { } } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ContentSecurityPolicyDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ContentSecurityPolicyDslTests.kt index 130e143dfa..d90c52dbfd 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ContentSecurityPolicyDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ContentSecurityPolicyDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,12 +19,13 @@ package org.springframework.security.config.annotation.web.headers import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -54,14 +55,16 @@ class ContentSecurityPolicyDslTests { } @EnableWebSecurity - open class ContentSecurityPolicyConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class ContentSecurityPolicyConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true contentSecurityPolicy { } } } + return http.build() } } @@ -77,8 +80,9 @@ class ContentSecurityPolicyDslTests { } @EnableWebSecurity - open class CustomPolicyDirectivesConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CustomPolicyDirectivesConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -87,6 +91,7 @@ class ContentSecurityPolicyDslTests { } } } + return http.build() } } @@ -102,8 +107,9 @@ class ContentSecurityPolicyDslTests { } @EnableWebSecurity - open class ReportOnlyConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class ReportOnlyConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -112,6 +118,7 @@ class ContentSecurityPolicyDslTests { } } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ContentTypeOptionsDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ContentTypeOptionsDslTests.kt index 75efe8c8c0..cdd5e14abb 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ContentTypeOptionsDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ContentTypeOptionsDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,12 +19,13 @@ package org.springframework.security.config.annotation.web.headers import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.server.header.ContentTypeOptionsServerHttpHeadersWriter import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -53,14 +54,16 @@ class ContentTypeOptionsDslTests { } @EnableWebSecurity - open class ContentTypeOptionsConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class ContentTypeOptionsConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true contentTypeOptions { } } } + return http.build() } } @@ -75,8 +78,9 @@ class ContentTypeOptionsDslTests { } @EnableWebSecurity - open class ContentTypeOptionsDisabledConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class ContentTypeOptionsDisabledConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { contentTypeOptions { @@ -84,6 +88,7 @@ class ContentTypeOptionsDslTests { } } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/FrameOptionsDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/FrameOptionsDslTests.kt index 215b015b1b..58a45442d1 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/FrameOptionsDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/FrameOptionsDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,12 +19,13 @@ package org.springframework.security.config.annotation.web.headers import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter import org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter import org.springframework.test.web.servlet.MockMvc @@ -55,14 +56,16 @@ class FrameOptionsDslTests { } @EnableWebSecurity - open class FrameOptionsConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class FrameOptionsConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true frameOptions { } } } + return http.build() } } @@ -78,8 +81,9 @@ class FrameOptionsDslTests { } @EnableWebSecurity - open class FrameOptionsDenyConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class FrameOptionsDenyConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -88,6 +92,7 @@ class FrameOptionsDslTests { } } } + return http.build() } } @@ -103,8 +108,9 @@ class FrameOptionsDslTests { } @EnableWebSecurity - open class FrameOptionsSameOriginConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class FrameOptionsSameOriginConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -113,6 +119,7 @@ class FrameOptionsDslTests { } } } + return http.build() } } @@ -128,8 +135,9 @@ class FrameOptionsDslTests { } @EnableWebSecurity - open class FrameOptionsSameOriginAndDenyConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class FrameOptionsSameOriginAndDenyConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -139,6 +147,7 @@ class FrameOptionsDslTests { } } } + return http.build() } } @@ -154,8 +163,9 @@ class FrameOptionsDslTests { } @EnableWebSecurity - open class FrameOptionsDisabledConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class FrameOptionsDisabledConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { frameOptions { @@ -163,6 +173,7 @@ class FrameOptionsDslTests { } } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/HttpPublicKeyPinningDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/HttpPublicKeyPinningDslTests.kt index 3ffd42a66d..8ffc13367d 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/HttpPublicKeyPinningDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/HttpPublicKeyPinningDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,12 +20,13 @@ import org.assertj.core.api.Assertions import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.annotation.web.invoke +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -57,14 +58,16 @@ class HttpPublicKeyPinningDslTests { } @EnableWebSecurity - open class HpkpNoPinConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HpkpNoPinConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true httpPublicKeyPinning { } } } + return http.build() } } @@ -80,8 +83,9 @@ class HttpPublicKeyPinningDslTests { } @EnableWebSecurity - open class HpkpPinConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HpkpPinConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -90,6 +94,7 @@ class HttpPublicKeyPinningDslTests { } } } + return http.build() } } @@ -105,8 +110,9 @@ class HttpPublicKeyPinningDslTests { } @EnableWebSecurity - open class HpkpMaxAgeConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HpkpMaxAgeConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -116,6 +122,7 @@ class HttpPublicKeyPinningDslTests { } } } + return http.build() } } @@ -131,8 +138,9 @@ class HttpPublicKeyPinningDslTests { } @EnableWebSecurity - open class HpkpReportOnlyFalseConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HpkpReportOnlyFalseConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -142,6 +150,7 @@ class HttpPublicKeyPinningDslTests { } } } + return http.build() } } @@ -160,8 +169,9 @@ class HttpPublicKeyPinningDslTests { } @EnableWebSecurity - open class HpkpIncludeSubdomainsConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HpkpIncludeSubdomainsConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -171,6 +181,7 @@ class HttpPublicKeyPinningDslTests { } } } + return http.build() } } @@ -189,8 +200,9 @@ class HttpPublicKeyPinningDslTests { } @EnableWebSecurity - open class HpkpReportUriConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HpkpReportUriConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -200,6 +212,7 @@ class HttpPublicKeyPinningDslTests { } } } + return http.build() } } @@ -217,8 +230,9 @@ class HttpPublicKeyPinningDslTests { } @EnableWebSecurity - open class HpkpDisabledConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HpkpDisabledConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { httpPublicKeyPinning { @@ -226,6 +240,7 @@ class HttpPublicKeyPinningDslTests { } } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/HttpStrictTransportSecurityDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/HttpStrictTransportSecurityDslTests.kt index 00decf1d0a..66331f45b6 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/HttpStrictTransportSecurityDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/HttpStrictTransportSecurityDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,12 +20,13 @@ import org.assertj.core.api.Assertions import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.server.header.StrictTransportSecurityServerHttpHeadersWriter import org.springframework.security.web.util.matcher.AntPathRequestMatcher import org.springframework.test.web.servlet.MockMvc @@ -56,14 +57,16 @@ class HttpStrictTransportSecurityDslTests { } @EnableWebSecurity - open class HstsConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HstsConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true httpStrictTransportSecurity { } } } + return http.build() } } @@ -79,8 +82,9 @@ class HttpStrictTransportSecurityDslTests { } @EnableWebSecurity - open class HstsPreloadConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HstsPreloadConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -89,6 +93,7 @@ class HttpStrictTransportSecurityDslTests { } } } + return http.build() } } @@ -104,8 +109,9 @@ class HttpStrictTransportSecurityDslTests { } @EnableWebSecurity - open class HstsMaxAgeConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HstsMaxAgeConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -114,6 +120,7 @@ class HttpStrictTransportSecurityDslTests { } } } + return http.build() } } @@ -129,8 +136,9 @@ class HttpStrictTransportSecurityDslTests { } @EnableWebSecurity - open class HstsCustomMatcherConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HstsCustomMatcherConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -139,6 +147,7 @@ class HttpStrictTransportSecurityDslTests { } } } + return http.build() } } @@ -154,8 +163,9 @@ class HttpStrictTransportSecurityDslTests { } @EnableWebSecurity - open class HstsDisabledConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class HstsDisabledConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { httpStrictTransportSecurity { @@ -163,6 +173,7 @@ class HttpStrictTransportSecurityDslTests { } } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ReferrerPolicyDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ReferrerPolicyDslTests.kt index 76dc74bfd8..3dcf6d69ac 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ReferrerPolicyDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ReferrerPolicyDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,12 +19,13 @@ package org.springframework.security.config.annotation.web.headers import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -53,14 +54,16 @@ class ReferrerPolicyDslTests { } @EnableWebSecurity - open class ReferrerPolicyConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class ReferrerPolicyConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true referrerPolicy { } } } + return http.build() } } @@ -75,8 +78,9 @@ class ReferrerPolicyDslTests { } @EnableWebSecurity - open class ReferrerPolicyCustomPolicyConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class ReferrerPolicyCustomPolicyConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -85,6 +89,7 @@ class ReferrerPolicyDslTests { } } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/XssProtectionConfigDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/XssProtectionConfigDslTests.kt index 93622c15fb..c6d5dc0a8c 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/XssProtectionConfigDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/XssProtectionConfigDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,12 +19,13 @@ package org.springframework.security.config.annotation.web.headers import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.ExtendWith import org.springframework.beans.factory.annotation.Autowired +import org.springframework.context.annotation.Bean import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -54,14 +55,16 @@ class XssProtectionConfigDslTests { } @EnableWebSecurity - open class XssProtectionConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class XssProtectionConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true xssProtection { } } } + return http.build() } } @@ -77,8 +80,9 @@ class XssProtectionConfigDslTests { } @EnableWebSecurity - open class XssProtectionBlockFalseConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class XssProtectionBlockFalseConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -87,6 +91,7 @@ class XssProtectionConfigDslTests { } } } + return http.build() } } @@ -102,8 +107,9 @@ class XssProtectionConfigDslTests { } @EnableWebSecurity - open class XssProtectionDisabledConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class XssProtectionDisabledConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { defaultsDisabled = true @@ -112,6 +118,7 @@ class XssProtectionConfigDslTests { } } } + return http.build() } } @@ -127,8 +134,9 @@ class XssProtectionConfigDslTests { } @EnableWebSecurity - open class XssProtectionDisabledFunctionConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class XssProtectionDisabledFunctionConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { headers { xssProtection { @@ -136,6 +144,7 @@ class XssProtectionConfigDslTests { } } } + return http.build() } } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/client/AuthorizationCodeGrantDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/client/AuthorizationCodeGrantDslTests.kt index 617b5f94ef..f4cb3ed6e5 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/client/AuthorizationCodeGrantDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/client/AuthorizationCodeGrantDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -27,7 +27,6 @@ import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension @@ -44,6 +43,7 @@ import org.springframework.security.oauth2.core.OAuth2AccessToken import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -81,14 +81,15 @@ class AuthorizationCodeGrantDslTests { } @EnableWebSecurity - open class RequestRepositoryConfig : WebSecurityConfigurerAdapter() { + open class RequestRepositoryConfig { companion object { val REQUEST_REPOSITORY: AuthorizationRequestRepository = HttpSessionOAuth2AuthorizationRequestRepository() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { oauth2Client { authorizationCodeGrant { @@ -99,6 +100,7 @@ class AuthorizationCodeGrantDslTests { authorize(anyRequest, authenticated) } } + return http.build() } } @@ -130,7 +132,7 @@ class AuthorizationCodeGrantDslTests { } @EnableWebSecurity - open class AuthorizedClientConfig : WebSecurityConfigurerAdapter() { + open class AuthorizedClientConfig { companion object { val REQUEST_REPOSITORY: AuthorizationRequestRepository = HttpSessionOAuth2AuthorizationRequestRepository() @@ -138,7 +140,8 @@ class AuthorizationCodeGrantDslTests { DefaultAuthorizationCodeTokenResponseClient() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { oauth2Client { authorizationCodeGrant { @@ -150,6 +153,7 @@ class AuthorizationCodeGrantDslTests { authorize(anyRequest, authenticated) } } + return http.build() } } @@ -171,11 +175,12 @@ class AuthorizationCodeGrantDslTests { } @EnableWebSecurity - open class RequestResolverConfig : WebSecurityConfigurerAdapter() { + open class RequestResolverConfig { val requestResolver: OAuth2AuthorizationRequestResolver = mockk() - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { oauth2Client { authorizationCodeGrant { @@ -186,6 +191,7 @@ class AuthorizationCodeGrantDslTests { authorize(anyRequest, authenticated) } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/AuthorizationEndpointDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/AuthorizationEndpointDslTests.kt index 84d0d79297..5571688f5a 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/AuthorizationEndpointDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/AuthorizationEndpointDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -27,7 +27,6 @@ import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension @@ -38,6 +37,7 @@ import org.springframework.security.oauth2.client.web.AuthorizationRequestReposi import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -66,7 +66,7 @@ class AuthorizationEndpointDslTests { } @EnableWebSecurity - open class ResolverConfig : WebSecurityConfigurerAdapter() { + open class ResolverConfig { companion object { val RESOLVER: OAuth2AuthorizationRequestResolver = object : OAuth2AuthorizationRequestResolver { @@ -80,7 +80,8 @@ class AuthorizationEndpointDslTests { } } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { oauth2Login { authorizationEndpoint { @@ -88,6 +89,7 @@ class AuthorizationEndpointDslTests { } } } + return http.build() } } @@ -103,14 +105,15 @@ class AuthorizationEndpointDslTests { } @EnableWebSecurity - open class RequestRepoConfig : WebSecurityConfigurerAdapter() { + open class RequestRepoConfig { companion object { val REPOSITORY: AuthorizationRequestRepository = HttpSessionOAuth2AuthorizationRequestRepository() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { oauth2Login { authorizationEndpoint { @@ -118,6 +121,7 @@ class AuthorizationEndpointDslTests { } } } + return http.build() } } @@ -132,14 +136,15 @@ class AuthorizationEndpointDslTests { } @EnableWebSecurity - open class AuthorizationUriConfig : WebSecurityConfigurerAdapter() { + open class AuthorizationUriConfig { companion object { val REPOSITORY: AuthorizationRequestRepository = HttpSessionOAuth2AuthorizationRequestRepository() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { oauth2Login { authorizationEndpoint { @@ -148,6 +153,7 @@ class AuthorizationEndpointDslTests { } } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/RedirectionEndpointDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/RedirectionEndpointDslTests.kt index eee2b8a92e..a0985c330f 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/RedirectionEndpointDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/RedirectionEndpointDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,7 +25,6 @@ import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension @@ -47,6 +46,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames import org.springframework.security.oauth2.core.user.DefaultOAuth2User import org.springframework.security.oauth2.core.user.OAuth2User +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -103,7 +103,7 @@ class RedirectionEndpointDslTests { } @EnableWebSecurity - open class UserServiceConfig : WebSecurityConfigurerAdapter() { + open class UserServiceConfig { companion object { val REPOSITORY: AuthorizationRequestRepository = @@ -113,7 +113,8 @@ class RedirectionEndpointDslTests { val USER_SERVICE: OAuth2UserService = DefaultOAuth2UserService() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -133,6 +134,7 @@ class RedirectionEndpointDslTests { } } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/TokenEndpointDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/TokenEndpointDslTests.kt index c0a32af663..6f83de1229 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/TokenEndpointDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/TokenEndpointDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -26,7 +26,6 @@ import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension @@ -42,6 +41,7 @@ import org.springframework.security.oauth2.core.OAuth2AccessToken import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -94,7 +94,7 @@ class TokenEndpointDslTests { } @EnableWebSecurity - open class TokenConfig : WebSecurityConfigurerAdapter() { + open class TokenConfig { companion object { val REPOSITORY: AuthorizationRequestRepository = @@ -103,7 +103,8 @@ class TokenEndpointDslTests { DefaultAuthorizationCodeTokenResponseClient() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -117,6 +118,7 @@ class TokenEndpointDslTests { } } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/UserInfoEndpointDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/UserInfoEndpointDslTests.kt index 23d7e42281..1d6f181a91 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/UserInfoEndpointDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/UserInfoEndpointDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -27,7 +27,6 @@ import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension @@ -46,6 +45,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames import org.springframework.security.oauth2.core.user.DefaultOAuth2User import org.springframework.security.oauth2.core.user.OAuth2User +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get @@ -102,7 +102,7 @@ class UserInfoEndpointDslTests { } @EnableWebSecurity - open class UserServiceConfig : WebSecurityConfigurerAdapter() { + open class UserServiceConfig { companion object { val REPOSITORY: AuthorizationRequestRepository = mockk() @@ -110,7 +110,8 @@ class UserInfoEndpointDslTests { val USER_SERVICE: OAuth2UserService = mockk() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -127,6 +128,7 @@ class UserInfoEndpointDslTests { } } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/JwtDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/JwtDslTests.kt index e379bee340..0fc020a85a 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/JwtDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/JwtDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -32,7 +32,6 @@ import org.springframework.security.authentication.TestingAuthenticationProvider import org.springframework.security.authentication.TestingAuthenticationToken import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.annotation.web.invoke @@ -41,6 +40,7 @@ import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames import org.springframework.security.oauth2.jwt.Jwt import org.springframework.security.oauth2.jwt.JwtDecoder import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get import org.springframework.web.bind.annotation.GetMapping @@ -75,8 +75,9 @@ class JwtDslTests { } @EnableWebSecurity - open class CustomJwtDecoderConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CustomJwtDecoderConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { oauth2ResourceServer { jwt { @@ -84,6 +85,7 @@ class JwtDslTests { } } } + return http.build() } } @@ -93,8 +95,9 @@ class JwtDslTests { } @EnableWebSecurity - open class CustomJwkSetUriConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class CustomJwkSetUriConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { oauth2ResourceServer { jwt { @@ -102,6 +105,7 @@ class JwtDslTests { } } } + return http.build() } } @@ -127,14 +131,15 @@ class JwtDslTests { } @EnableWebSecurity - open class CustomJwtAuthenticationConverterConfig : WebSecurityConfigurerAdapter() { + open class CustomJwtAuthenticationConverterConfig { companion object { val CONVERTER: Converter = MockConverter() val DECODER: JwtDecoder = MockJwtDecoder() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -145,6 +150,7 @@ class JwtDslTests { } } } + return http.build() } @Bean @@ -176,13 +182,14 @@ class JwtDslTests { } @EnableWebSecurity - open class JwtDecoderAfterJwkSetUriConfig : WebSecurityConfigurerAdapter() { + open class JwtDecoderAfterJwkSetUriConfig { companion object { val DECODER: JwtDecoder = MockJwtDecoder() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -194,6 +201,7 @@ class JwtDslTests { } } } + return http.build() } } @@ -222,13 +230,14 @@ class JwtDslTests { } @EnableWebSecurity - open class AuthenticationManagerConfig : WebSecurityConfigurerAdapter() { + open class AuthenticationManagerConfig { companion object { val AUTHENTICATION_MANAGER: AuthenticationManager = ProviderManager(TestingAuthenticationProvider()) } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -239,6 +248,7 @@ class JwtDslTests { } } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/OpaqueTokenDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/OpaqueTokenDslTests.kt index 44c61ae8e5..092f099d81 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/OpaqueTokenDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/OpaqueTokenDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -32,7 +32,6 @@ import org.springframework.security.authentication.ProviderManager import org.springframework.security.authentication.TestingAuthenticationProvider import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.annotation.web.invoke @@ -44,6 +43,7 @@ import org.springframework.security.oauth2.server.resource.authentication.Bearer import org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector import org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.get import org.springframework.web.bind.annotation.GetMapping @@ -102,13 +102,14 @@ class OpaqueTokenDslTests { } @EnableWebSecurity - open class DefaultOpaqueConfig : WebSecurityConfigurerAdapter() { + open class DefaultOpaqueConfig { companion object { val REST: RestOperations = RestTemplate() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -117,6 +118,7 @@ class OpaqueTokenDslTests { opaqueToken { } } } + return http.build() } @Bean @@ -145,13 +147,14 @@ class OpaqueTokenDslTests { } @EnableWebSecurity - open class CustomIntrospectorConfig : WebSecurityConfigurerAdapter() { + open class CustomIntrospectorConfig { companion object { val INTROSPECTOR: OpaqueTokenIntrospector = SpringOpaqueTokenIntrospector("uri", "clientId", "clientSecret") } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -162,6 +165,7 @@ class OpaqueTokenDslTests { } } } + return http.build() } } @@ -181,13 +185,14 @@ class OpaqueTokenDslTests { } @EnableWebSecurity - open class IntrospectorAfterClientCredentialsConfig : WebSecurityConfigurerAdapter() { + open class IntrospectorAfterClientCredentialsConfig { companion object { val INTROSPECTOR: OpaqueTokenIntrospector = SpringOpaqueTokenIntrospector("uri", "clientId", "clientSecret") } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -200,6 +205,7 @@ class OpaqueTokenDslTests { } } } + return http.build() } } @@ -222,13 +228,14 @@ class OpaqueTokenDslTests { } @EnableWebSecurity - open class AuthenticationManagerConfig : WebSecurityConfigurerAdapter() { + open class AuthenticationManagerConfig { companion object { val AUTHENTICATION_MANAGER: AuthenticationManager = ProviderManager(TestingAuthenticationProvider()) } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { authorizeRequests { authorize(anyRequest, authenticated) @@ -239,6 +246,7 @@ class OpaqueTokenDslTests { } } } + return http.build() } } diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/session/SessionConcurrencyDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/session/SessionConcurrencyDslTests.kt index 5a44272c71..4f19ff1cbd 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/session/SessionConcurrencyDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/session/SessionConcurrencyDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -27,7 +27,6 @@ import org.springframework.context.annotation.Configuration import org.springframework.mock.web.MockHttpSession import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.annotation.web.invoke @@ -38,6 +37,7 @@ import org.springframework.security.core.userdetails.User import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf +import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get @@ -76,8 +76,9 @@ class SessionConcurrencyDslTests { } @EnableWebSecurity - open class MaximumSessionsConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class MaximumSessionsConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { sessionManagement { sessionConcurrency { @@ -87,6 +88,7 @@ class SessionConcurrencyDslTests { } formLogin { } } + return http.build() } } @@ -105,13 +107,14 @@ class SessionConcurrencyDslTests { } @EnableWebSecurity - open class ExpiredUrlConfig : WebSecurityConfigurerAdapter() { + open class ExpiredUrlConfig { companion object { val SESSION_REGISTRY: SessionRegistry = SessionRegistryImpl() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { sessionManagement { sessionConcurrency { @@ -121,6 +124,7 @@ class SessionConcurrencyDslTests { } } } + return http.build() } @Bean @@ -142,13 +146,14 @@ class SessionConcurrencyDslTests { } @EnableWebSecurity - open class ExpiredSessionStrategyConfig : WebSecurityConfigurerAdapter() { + open class ExpiredSessionStrategyConfig { companion object { val SESSION_REGISTRY: SessionRegistry = SessionRegistryImpl() } - override fun configure(http: HttpSecurity) { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { sessionManagement { sessionConcurrency { @@ -158,6 +163,7 @@ class SessionConcurrencyDslTests { } } } + return http.build() } @Bean diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/session/SessionFixationDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/session/SessionFixationDslTests.kt index 349bcfe747..e7ee6de2bd 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/session/SessionFixationDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/session/SessionFixationDslTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,7 +25,6 @@ import org.springframework.context.annotation.Configuration import org.springframework.mock.web.MockHttpSession import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter import org.springframework.security.core.userdetails.User import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.config.annotation.web.invoke @@ -33,6 +32,7 @@ import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic +import org.springframework.security.web.SecurityFilterChain import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.request.MockMvcRequestBuilders @@ -69,8 +69,9 @@ class SessionFixationDslTests { } @EnableWebSecurity - open class NewSessionConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class NewSessionConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { sessionManagement { sessionFixation { @@ -79,6 +80,7 @@ class SessionFixationDslTests { } httpBasic { } } + return http.build() } } @@ -102,8 +104,9 @@ class SessionFixationDslTests { } @EnableWebSecurity - open class MigrateSessionConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class MigrateSessionConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { sessionManagement { sessionFixation { @@ -112,6 +115,7 @@ class SessionFixationDslTests { } httpBasic { } } + return http.build() } } @@ -135,8 +139,9 @@ class SessionFixationDslTests { } @EnableWebSecurity - open class ChangeSessionIdConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class ChangeSessionIdConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { sessionManagement { sessionFixation { @@ -145,6 +150,7 @@ class SessionFixationDslTests { } httpBasic { } } + return http.build() } } @@ -168,8 +174,9 @@ class SessionFixationDslTests { } @EnableWebSecurity - open class NoneConfig : WebSecurityConfigurerAdapter() { - override fun configure(http: HttpSecurity) { + open class NoneConfig { + @Bean + open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http { sessionManagement { sessionFixation { @@ -178,6 +185,7 @@ class SessionFixationDslTests { } httpBasic { } } + return http.build() } }