Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-04 17:52:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove WebSecurityConfigurerAdapter from Kotlin tests

Browse Source 
Issue gh-10902
This commit is contained in:
Eleftheria Stein 2022-04-28 14:10:52 +02:00
parent 736f439bb5
commit 48ac100a92
39 changed files with 819 additions and 493 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
config/src/test/kotlin/org/springframework/security/config/annotation/web/AnonymousDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -19,15 +19,16 @@ package org.springframework.security.config.annotation.web
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.security.authentication.AnonymousAuthenticationToken import org.springframework.security.authentication.AnonymousAuthenticationToken
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.core.annotation.AuthenticationPrincipal import org.springframework.security.core.annotation.AuthenticationPrincipal
import org.springframework.security.core.authority.SimpleGrantedAuthority import org.springframework.security.core.authority.SimpleGrantedAuthority
import org.springframework.security.core.context.SecurityContextHolder import org.springframework.security.core.context.SecurityContextHolder
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
import org.springframework.web.bind.annotation.GetMapping import org.springframework.web.bind.annotation.GetMapping
@ -60,13 +61,15 @@ class AnonymousDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class PrincipalConfig : WebSecurityConfigurerAdapter() { open class PrincipalConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
anonymous { anonymous {
principal = "principal" principal = "principal"
} }
} }
return http.build()
} }
} }
@ -82,13 +85,15 @@ class AnonymousDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class KeyConfig : WebSecurityConfigurerAdapter() { open class KeyConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
anonymous { anonymous {
key = "key" key = "key"
} }
} }
return http.build()
} }
} }
@ -104,13 +109,15 @@ class AnonymousDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class AnonymousDisabledConfig : WebSecurityConfigurerAdapter() { open class AnonymousDisabledConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
anonymous { anonymous {
disable() disable()
} }
} }
return http.build()
} }
} }
@ -126,8 +133,9 @@ class AnonymousDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class AnonymousAuthoritiesConfig : WebSecurityConfigurerAdapter() { open class AnonymousAuthoritiesConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
anonymous { anonymous {
authorities = listOf(SimpleGrantedAuthority("TEST")) authorities = listOf(SimpleGrantedAuthority("TEST"))
@ -136,6 +144,7 @@ class AnonymousDslTests {
authorize(anyRequest, hasAuthority("TEST")) authorize(anyRequest, hasAuthority("TEST"))
} }
} }
return http.build()
} }
} }

64
config/src/test/kotlin/org/springframework/security/config/annotation/web/AuthorizeRequestsDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -24,7 +24,6 @@ import org.springframework.context.annotation.Configuration
import org.springframework.http.HttpMethod import org.springframework.http.HttpMethod
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.core.userdetails.User import org.springframework.security.core.userdetails.User
@ -32,6 +31,7 @@ import org.springframework.security.core.userdetails.UserDetailsService
import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.provisioning.InMemoryUserDetailsManager
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.util.matcher.RegexRequestMatcher import org.springframework.security.web.util.matcher.RegexRequestMatcher
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -96,8 +96,9 @@ class AuthorizeRequestsDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class AuthorizeRequestsByRegexConfig : WebSecurityConfigurerAdapter() { open class AuthorizeRequestsByRegexConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(RegexRequestMatcher("/path", null), permitAll) authorize(RegexRequestMatcher("/path", null), permitAll)
@ -106,6 +107,7 @@ class AuthorizeRequestsDslTests {
authorize(RegexRequestMatcher(".*", null), authenticated) authorize(RegexRequestMatcher(".*", null), authenticated)
} }
} }
return http.build()
} }
@RestController @RestController
@ -152,14 +154,16 @@ class AuthorizeRequestsDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class AuthorizeRequestsByMvcConfig : WebSecurityConfigurerAdapter() { open class AuthorizeRequestsByMvcConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize("/path", permitAll) authorize("/path", permitAll)
authorize("/**", authenticated) authorize("/**", authenticated)
} }
} }
return http.build()
} }
@RestController @RestController
@ -194,13 +198,15 @@ class AuthorizeRequestsDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class MvcMatcherPathVariablesConfig : WebSecurityConfigurerAdapter() { open class MvcMatcherPathVariablesConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize("/user/{userName}", "#userName == 'user'") authorize("/user/{userName}", "#userName == 'user'")
} }
} }
return http.build()
} }
@RestController @RestController
@ -235,14 +241,16 @@ class AuthorizeRequestsDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class HasRoleConfig : WebSecurityConfigurerAdapter() { open class HasRoleConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize("/**", hasRole("ADMIN")) authorize("/**", hasRole("ADMIN"))
} }
httpBasic { } httpBasic { }
} }
return http.build()
} }
@RestController @RestController
@ -253,7 +261,7 @@ class AuthorizeRequestsDslTests {
} }
@Bean @Bean
override fun userDetailsService(): UserDetailsService { open fun userDetailsService(): UserDetailsService {
val userDetails = User.withDefaultPasswordEncoder() val userDetails = User.withDefaultPasswordEncoder()
.username("user") .username("user")
.password("password") .password("password")
@ -298,14 +306,16 @@ class AuthorizeRequestsDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class HasAnyRoleConfig : WebSecurityConfigurerAdapter() { open class HasAnyRoleConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize("/**", hasAnyRole("ADMIN", "USER")) authorize("/**", hasAnyRole("ADMIN", "USER"))
} }
httpBasic { } httpBasic { }
} }
return http.build()
} }
@RestController @RestController
@ -316,7 +326,7 @@ class AuthorizeRequestsDslTests {
} }
@Bean @Bean
override fun userDetailsService(): UserDetailsService { open fun userDetailsService(): UserDetailsService {
val userDetails = User.withDefaultPasswordEncoder() val userDetails = User.withDefaultPasswordEncoder()
.username("user") .username("user")
.password("password") .password("password")
@ -366,14 +376,16 @@ class AuthorizeRequestsDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class HasAnyAuthorityConfig : WebSecurityConfigurerAdapter() { open class HasAnyAuthorityConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize("/**", hasAnyAuthority("ROLE_ADMIN", "ROLE_USER")) authorize("/**", hasAnyAuthority("ROLE_ADMIN", "ROLE_USER"))
} }
httpBasic { } httpBasic { }
} }
return http.build()
} }
@RestController @RestController
@ -384,7 +396,7 @@ class AuthorizeRequestsDslTests {
} }
@Bean @Bean
override fun userDetailsService(): UserDetailsService { open fun userDetailsService(): UserDetailsService {
val userDetails = User.withDefaultPasswordEncoder() val userDetails = User.withDefaultPasswordEncoder()
.username("user") .username("user")
.password("password") .password("password")
@ -425,8 +437,9 @@ class AuthorizeRequestsDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class MvcMatcherServletPathConfig : WebSecurityConfigurerAdapter() { open class MvcMatcherServletPathConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize("/path", authorize("/path",
@ -434,6 +447,7 @@ class AuthorizeRequestsDslTests {
denyAll) denyAll)
} }
} }
return http.build()
} }
@RestController @RestController
@ -446,14 +460,16 @@ class AuthorizeRequestsDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class AuthorizeRequestsByMvcConfigWithHttpMethod : WebSecurityConfigurerAdapter() { open class AuthorizeRequestsByMvcConfigWithHttpMethod{
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(HttpMethod.GET, "/path", permitAll) authorize(HttpMethod.GET, "/path", permitAll)
authorize(HttpMethod.PUT, "/path", denyAll) authorize(HttpMethod.PUT, "/path", denyAll)
} }
} }
return http.build()
} }
@RestController @RestController
@ -481,14 +497,16 @@ class AuthorizeRequestsDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class MvcMatcherServletPathHttpMethodConfig : WebSecurityConfigurerAdapter() { open class MvcMatcherServletPathHttpMethodConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(HttpMethod.GET, "/path", "/spring", denyAll) authorize(HttpMethod.GET, "/path", "/spring", denyAll)
authorize(HttpMethod.PUT, "/path", "/spring", denyAll) authorize(HttpMethod.PUT, "/path", "/spring", denyAll)
} }
} }
return http.build()
} }
@RestController @RestController

28
config/src/test/kotlin/org/springframework/security/config/annotation/web/CorsDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -25,9 +25,9 @@ import org.springframework.context.annotation.Bean
import org.springframework.http.HttpHeaders import org.springframework.http.HttpHeaders
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
import org.springframework.web.bind.annotation.RequestMethod import org.springframework.web.bind.annotation.RequestMethod
@ -58,11 +58,13 @@ class CorsDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class DefaultCorsConfig : WebSecurityConfigurerAdapter() { open class DefaultCorsConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
cors { } cors { }
} }
return http.build()
} }
} }
@ -80,11 +82,13 @@ class CorsDslTests {
@EnableWebMvc @EnableWebMvc
@EnableWebSecurity @EnableWebSecurity
open class CorsCrossOriginBeanConfig : WebSecurityConfigurerAdapter() { open class CorsCrossOriginBeanConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
cors { } cors { }
} }
return http.build()
} }
@Bean @Bean
@ -114,14 +118,16 @@ class CorsDslTests {
@EnableWebMvc @EnableWebMvc
@EnableWebSecurity @EnableWebSecurity
open class CorsDisabledConfig : WebSecurityConfigurerAdapter() { open class CorsDisabledConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http.cors() http.cors()
http { http {
cors { cors {
disable() disable()
} }
} }
return http.build()
} }
@Bean @Bean
@ -151,8 +157,9 @@ class CorsDslTests {
@EnableWebMvc @EnableWebMvc
@EnableWebSecurity @EnableWebSecurity
open class CorsCrossOriginSourceConfig : WebSecurityConfigurerAdapter() { open class CorsCrossOriginSourceConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
val source = UrlBasedCorsConfigurationSource() val source = UrlBasedCorsConfigurationSource()
val corsConfiguration = CorsConfiguration() val corsConfiguration = CorsConfiguration()
corsConfiguration.allowedOrigins = listOf("*") corsConfiguration.allowedOrigins = listOf("*")
@ -165,6 +172,7 @@ class CorsDslTests {
configurationSource = source configurationSource = source
} }
} }
return http.build()
} }
} }
} }

48
config/src/test/kotlin/org/springframework/security/config/annotation/web/CsrfDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -25,7 +25,6 @@ import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Bean
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.core.userdetails.User import org.springframework.security.core.userdetails.User
@ -33,6 +32,7 @@ import org.springframework.security.core.userdetails.UserDetailsService
import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.provisioning.InMemoryUserDetailsManager
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
import org.springframework.security.web.csrf.CsrfTokenRepository import org.springframework.security.web.csrf.CsrfTokenRepository
@ -81,11 +81,13 @@ class CsrfDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class DefaultCsrfConfig : WebSecurityConfigurerAdapter() { open class DefaultCsrfConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
csrf { } csrf { }
} }
return http.build()
} }
} }
@ -100,13 +102,15 @@ class CsrfDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CsrfDisabledConfig : WebSecurityConfigurerAdapter() { open class CsrfDisabledConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
csrf { csrf {
disable() disable()
} }
} }
return http.build()
} }
} }
@ -124,18 +128,20 @@ class CsrfDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomRepositoryConfig : WebSecurityConfigurerAdapter() { open class CustomRepositoryConfig {
companion object { companion object {
val REPO: CsrfTokenRepository = HttpSessionCsrfTokenRepository() val REPO: CsrfTokenRepository = HttpSessionCsrfTokenRepository()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
csrf { csrf {
csrfTokenRepository = REPO csrfTokenRepository = REPO
} }
} }
return http.build()
} }
} }
@ -155,13 +161,15 @@ class CsrfDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class RequireCsrfProtectionMatcherConfig : WebSecurityConfigurerAdapter() { open class RequireCsrfProtectionMatcherConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
csrf { csrf {
requireCsrfProtectionMatcher = AntPathRequestMatcher("/test1") requireCsrfProtectionMatcher = AntPathRequestMatcher("/test1")
} }
} }
return http.build()
} }
} }
@ -178,23 +186,25 @@ class CsrfDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomStrategyConfig : WebSecurityConfigurerAdapter() { open class CustomStrategyConfig {
companion object { companion object {
var STRATEGY: SessionAuthenticationStrategy = NullAuthenticatedSessionStrategy() var STRATEGY: SessionAuthenticationStrategy = NullAuthenticatedSessionStrategy()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin { } formLogin { }
csrf { csrf {
sessionAuthenticationStrategy = STRATEGY sessionAuthenticationStrategy = STRATEGY
} }
} }
return http.build()
} }
@Bean @Bean
override fun userDetailsService(): UserDetailsService { open fun userDetailsService(): UserDetailsService {
val userDetails = User.withDefaultPasswordEncoder() val userDetails = User.withDefaultPasswordEncoder()
.username("user") .username("user")
.password("password") .password("password")
@ -220,14 +230,16 @@ class CsrfDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class IgnoringRequestMatchersConfig : WebSecurityConfigurerAdapter() { open class IgnoringRequestMatchersConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
csrf { csrf {
requireCsrfProtectionMatcher = AntPathRequestMatcher("/**") requireCsrfProtectionMatcher = AntPathRequestMatcher("/**")
ignoringRequestMatchers(AntPathRequestMatcher("/test2")) ignoringRequestMatchers(AntPathRequestMatcher("/test2"))
} }
} }
return http.build()
} }
} }
@ -247,14 +259,16 @@ class CsrfDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class IgnoringAntMatchersConfig : WebSecurityConfigurerAdapter() { open class IgnoringAntMatchersConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
csrf { csrf {
requireCsrfProtectionMatcher = AntPathRequestMatcher("/**") requireCsrfProtectionMatcher = AntPathRequestMatcher("/**")
ignoringAntMatchers("/test2") ignoringAntMatchers("/test2")
} }
} }
return http.build()
} }
} }

47
config/src/test/kotlin/org/springframework/security/config/annotation/web/ExceptionHandlingDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -20,14 +20,15 @@ import org.assertj.core.api.Assertions.assertThatExceptionOfType
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.security.access.AccessDeniedException import org.springframework.security.access.AccessDeniedException
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.core.userdetails.User.withUsername import org.springframework.security.core.userdetails.User.withUsername
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.access.AccessDeniedHandlerImpl import org.springframework.security.web.access.AccessDeniedHandlerImpl
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
import org.springframework.security.web.util.matcher.AntPathRequestMatcher import org.springframework.security.web.util.matcher.AntPathRequestMatcher
@ -60,14 +61,16 @@ class ExceptionHandlingDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class ExceptionHandlingConfig : WebSecurityConfigurerAdapter() { open class ExceptionHandlingConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
} }
exceptionHandling { } exceptionHandling { }
} }
return http.build()
} }
} }
@ -81,8 +84,9 @@ class ExceptionHandlingDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ExceptionHandlingDisabledConfig : WebSecurityConfigurerAdapter() { open class ExceptionHandlingDisabledConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -91,6 +95,7 @@ class ExceptionHandlingDslTests {
disable() disable()
} }
} }
return http.build()
} }
} }
@ -108,8 +113,9 @@ class ExceptionHandlingDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class AccessDeniedPageConfig : WebSecurityConfigurerAdapter() { open class AccessDeniedPageConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize("/admin", hasAuthority("ROLE_ADMIN")) authorize("/admin", hasAuthority("ROLE_ADMIN"))
@ -119,6 +125,7 @@ class ExceptionHandlingDslTests {
accessDeniedPage = "/access-denied" accessDeniedPage = "/access-denied"
} }
} }
return http.build()
} }
} }
@ -136,8 +143,9 @@ class ExceptionHandlingDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class AccessDeniedHandlerConfig : WebSecurityConfigurerAdapter() { open class AccessDeniedHandlerConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
val customAccessDeniedHandler = AccessDeniedHandlerImpl() val customAccessDeniedHandler = AccessDeniedHandlerImpl()
customAccessDeniedHandler.setErrorPage("/access-denied") customAccessDeniedHandler.setErrorPage("/access-denied")
http { http {
@ -149,6 +157,7 @@ class ExceptionHandlingDslTests {
accessDeniedHandler = customAccessDeniedHandler accessDeniedHandler = customAccessDeniedHandler
} }
} }
return http.build()
} }
} }
@ -173,8 +182,9 @@ class ExceptionHandlingDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class AccessDeniedHandlerForConfig : WebSecurityConfigurerAdapter() { open class AccessDeniedHandlerForConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
val customAccessDeniedHandler1 = AccessDeniedHandlerImpl() val customAccessDeniedHandler1 = AccessDeniedHandlerImpl()
customAccessDeniedHandler1.setErrorPage("/access-denied1") customAccessDeniedHandler1.setErrorPage("/access-denied1")
val customAccessDeniedHandler2 = AccessDeniedHandlerImpl() val customAccessDeniedHandler2 = AccessDeniedHandlerImpl()
@ -190,6 +200,7 @@ class ExceptionHandlingDslTests {
defaultAccessDeniedHandlerFor(customAccessDeniedHandler2, AntPathRequestMatcher("/admin2")) defaultAccessDeniedHandlerFor(customAccessDeniedHandler2, AntPathRequestMatcher("/admin2"))
} }
} }
return http.build()
} }
} }
@ -206,8 +217,9 @@ class ExceptionHandlingDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class AuthenticationEntryPointConfig : WebSecurityConfigurerAdapter() { open class AuthenticationEntryPointConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -216,6 +228,7 @@ class ExceptionHandlingDslTests {
authenticationEntryPoint = LoginUrlAuthenticationEntryPoint("/custom-login") authenticationEntryPoint = LoginUrlAuthenticationEntryPoint("/custom-login")
} }
} }
return http.build()
} }
} }
@ -238,8 +251,9 @@ class ExceptionHandlingDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class AuthenticationEntryPointForConfig : WebSecurityConfigurerAdapter() { open class AuthenticationEntryPointForConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
val customAuthenticationEntryPoint1 = LoginUrlAuthenticationEntryPoint("/custom-login1") val customAuthenticationEntryPoint1 = LoginUrlAuthenticationEntryPoint("/custom-login1")
val customAuthenticationEntryPoint2 = LoginUrlAuthenticationEntryPoint("/custom-login2") val customAuthenticationEntryPoint2 = LoginUrlAuthenticationEntryPoint("/custom-login2")
http { http {
@ -251,6 +265,7 @@ class ExceptionHandlingDslTests {
defaultAuthenticationEntryPointFor(customAuthenticationEntryPoint2, AntPathRequestMatcher("/secured2")) defaultAuthenticationEntryPointFor(customAuthenticationEntryPoint2, AntPathRequestMatcher("/secured2"))
} }
} }
return http.build()
} }
} }
} }

66
config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -24,11 +24,9 @@ import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.security.authentication.AuthenticationDetailsSource
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.core.userdetails.User import org.springframework.security.core.userdetails.User
@ -42,6 +40,8 @@ import org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirec
import org.springframework.test.web.servlet.result.MockMvcResultMatchers.status import org.springframework.test.web.servlet.result.MockMvcResultMatchers.status
import org.springframework.web.bind.annotation.GetMapping import org.springframework.web.bind.annotation.GetMapping
import jakarta.servlet.http.HttpServletRequest import jakarta.servlet.http.HttpServletRequest
import org.springframework.context.annotation.Bean
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.authentication.WebAuthenticationDetails import org.springframework.security.web.authentication.WebAuthenticationDetails
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource import org.springframework.security.web.authentication.WebAuthenticationDetailsSource
@ -91,11 +91,13 @@ class FormLoginDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class FormLoginConfig : WebSecurityConfigurerAdapter() { open class FormLoginConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin {} formLogin {}
} }
return http.build()
} }
} }
@ -111,14 +113,16 @@ class FormLoginDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class AllSecuredConfig : WebSecurityConfigurerAdapter() { open class AllSecuredConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin {} formLogin {}
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
} }
} }
return http.build()
} }
} }
@ -134,8 +138,9 @@ class FormLoginDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class LoginPageConfig : WebSecurityConfigurerAdapter() { open class LoginPageConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin { formLogin {
loginPage = "/log-in" loginPage = "/log-in"
@ -144,6 +149,7 @@ class FormLoginDslTests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
} }
} }
return http.build()
} }
} }
@ -159,13 +165,15 @@ class FormLoginDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class SuccessHandlerConfig : WebSecurityConfigurerAdapter() { open class SuccessHandlerConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin { formLogin {
authenticationSuccessHandler = SimpleUrlAuthenticationSuccessHandler("/success") authenticationSuccessHandler = SimpleUrlAuthenticationSuccessHandler("/success")
} }
} }
return http.build()
} }
} }
@ -181,13 +189,15 @@ class FormLoginDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class FailureHandlerConfig : WebSecurityConfigurerAdapter() { open class FailureHandlerConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin { formLogin {
authenticationFailureHandler = SimpleUrlAuthenticationFailureHandler("/failure") authenticationFailureHandler = SimpleUrlAuthenticationFailureHandler("/failure")
} }
} }
return http.build()
} }
} }
@ -203,13 +213,15 @@ class FormLoginDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class FailureUrlConfig : WebSecurityConfigurerAdapter() { open class FailureUrlConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin { formLogin {
failureUrl = "/failure" failureUrl = "/failure"
} }
} }
return http.build()
} }
} }
@ -225,13 +237,15 @@ class FormLoginDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class LoginProcessingUrlConfig : WebSecurityConfigurerAdapter() { open class LoginProcessingUrlConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin { formLogin {
loginProcessingUrl = "/custom" loginProcessingUrl = "/custom"
} }
} }
return http.build()
} }
} }
@ -247,13 +261,15 @@ class FormLoginDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class DefaultSuccessUrlConfig : WebSecurityConfigurerAdapter() { open class DefaultSuccessUrlConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin { formLogin {
defaultSuccessUrl("/custom", true) defaultSuccessUrl("/custom", true)
} }
} }
return http.build()
} }
} }
@ -268,8 +284,9 @@ class FormLoginDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class PermitAllConfig : WebSecurityConfigurerAdapter() { open class PermitAllConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -279,6 +296,7 @@ class FormLoginDslTests {
permitAll() permitAll()
} }
} }
return http.build()
} }
@Controller @Controller
@ -308,18 +326,20 @@ class FormLoginDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomAuthenticationDetailsSourceConfig : WebSecurityConfigurerAdapter() { open class CustomAuthenticationDetailsSourceConfig {
companion object { companion object {
val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource() val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin { formLogin {
authenticationDetailsSource = AUTHENTICATION_DETAILS_SOURCE authenticationDetailsSource = AUTHENTICATION_DETAILS_SOURCE
} }
} }
return http.build()
} }
} }

34
config/src/test/kotlin/org/springframework/security/config/annotation/web/HeadersDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -23,9 +23,9 @@ import org.springframework.context.annotation.Bean
import org.springframework.http.HttpHeaders import org.springframework.http.HttpHeaders
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.header.writers.StaticHeadersWriter import org.springframework.security.web.header.writers.StaticHeadersWriter
import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter
import org.springframework.security.web.server.header.ContentTypeOptionsServerHttpHeadersWriter import org.springframework.security.web.server.header.ContentTypeOptionsServerHttpHeadersWriter
@ -66,11 +66,13 @@ class HeadersDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class DefaultHeadersConfig : WebSecurityConfigurerAdapter() { open class DefaultHeadersConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { } headers { }
} }
return http.build()
} }
} }
@ -86,13 +88,15 @@ class HeadersDslTests {
@EnableWebSecurity @EnableWebSecurity
@Suppress("DEPRECATION") @Suppress("DEPRECATION")
open class FeaturePolicyConfig : WebSecurityConfigurerAdapter() { open class FeaturePolicyConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
featurePolicy(policyDirectives = "geolocation 'self'") featurePolicy(policyDirectives = "geolocation 'self'")
} }
} }
return http.build()
} }
} }
@ -107,8 +111,9 @@ class HeadersDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class PermissionsPolicyConfig : WebSecurityConfigurerAdapter() { open class PermissionsPolicyConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
permissionsPolicy { permissionsPolicy {
@ -116,6 +121,7 @@ class HeadersDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -136,13 +142,15 @@ class HeadersDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HeadersDisabledConfig : WebSecurityConfigurerAdapter() { open class HeadersDisabledConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
disable() disable()
} }
} }
return http.build()
} }
} }
@ -157,13 +165,15 @@ class HeadersDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HeaderWriterConfig : WebSecurityConfigurerAdapter() { open class HeaderWriterConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
addHeaderWriter(StaticHeadersWriter("custom-header", "custom-value")) addHeaderWriter(StaticHeadersWriter("custom-header", "custom-value"))
} }
} }
return http.build()
} }
} }
} }

30
config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpBasicDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -20,17 +20,14 @@ import io.mockk.every
import io.mockk.mockk import io.mockk.mockk
import io.mockk.mockkObject import io.mockk.mockkObject
import io.mockk.verify import io.mockk.verify
import jakarta.servlet.http.HttpServletRequest
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.http.HttpStatus import org.springframework.http.HttpStatus
import org.springframework.security.authentication.AuthenticationDetailsSource
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.core.userdetails.User import org.springframework.security.core.userdetails.User
@ -38,6 +35,7 @@ import org.springframework.security.core.userdetails.UserDetailsService
import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.provisioning.InMemoryUserDetailsManager
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic
import org.springframework.security.web.AuthenticationEntryPoint import org.springframework.security.web.AuthenticationEntryPoint
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.authentication.HttpStatusEntryPoint import org.springframework.security.web.authentication.HttpStatusEntryPoint
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource import org.springframework.security.web.authentication.WebAuthenticationDetailsSource
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
@ -90,14 +88,16 @@ class HttpBasicDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HttpBasicConfig : WebSecurityConfigurerAdapter() { open class HttpBasicConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
httpBasic {} httpBasic {}
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
} }
} }
return http.build()
} }
} }
@ -112,8 +112,9 @@ class HttpBasicDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomRealmConfig : WebSecurityConfigurerAdapter() { open class CustomRealmConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
httpBasic { httpBasic {
realmName = "Custom Realm" realmName = "Custom Realm"
@ -122,6 +123,7 @@ class HttpBasicDslTests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
} }
} }
return http.build()
} }
} }
@ -137,13 +139,14 @@ class HttpBasicDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomAuthenticationEntryPointConfig : WebSecurityConfigurerAdapter() { open class CustomAuthenticationEntryPointConfig {
companion object { companion object {
val ENTRY_POINT: AuthenticationEntryPoint = HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED) val ENTRY_POINT: AuthenticationEntryPoint = HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
httpBasic { httpBasic {
authenticationEntryPoint = ENTRY_POINT authenticationEntryPoint = ENTRY_POINT
@ -152,6 +155,7 @@ class HttpBasicDslTests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
} }
} }
return http.build()
} }
} }
@ -173,13 +177,14 @@ class HttpBasicDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomAuthenticationDetailsSourceConfig : WebSecurityConfigurerAdapter() { open class CustomAuthenticationDetailsSourceConfig {
companion object { companion object {
val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource() val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
httpBasic { httpBasic {
authenticationDetailsSource = AUTHENTICATION_DETAILS_SOURCE authenticationDetailsSource = AUTHENTICATION_DETAILS_SOURCE
@ -188,6 +193,7 @@ class HttpBasicDslTests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
} }
} }
return http.build()
} }
} }

74
config/src/test/kotlin/org/springframework/security/config/annotation/web/HttpSecurityDslTests.kt
View File

@ -32,7 +32,6 @@ import org.springframework.security.authentication.TestingAuthenticationProvider
import org.springframework.security.authentication.TestingAuthenticationToken import org.springframework.security.authentication.TestingAuthenticationToken
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.core.userdetails.User import org.springframework.security.core.userdetails.User
@ -112,9 +111,10 @@ class HttpSecurityDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class DefaultSecurityConfig : WebSecurityConfigurerAdapter() { open class DefaultSecurityConfig {
override fun configure(http: HttpSecurity) { @Bean
http {} open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
return http.build()
} }
@Configuration @Configuration
@ -160,14 +160,16 @@ class HttpSecurityDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class SecurityRequestMatcherRequestsConfig : WebSecurityConfigurerAdapter() { open class SecurityRequestMatcherRequestsConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
securityMatcher(RegexRequestMatcher("/path", null)) securityMatcher(RegexRequestMatcher("/path", null))
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
} }
} }
return http.build()
} }
} }
@ -215,14 +217,16 @@ class HttpSecurityDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class SecurityPatternMatcherRequestsConfig : WebSecurityConfigurerAdapter() { open class SecurityPatternMatcherRequestsConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
securityMatcher("/path") securityMatcher("/path")
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
} }
} }
return http.build()
} }
} }
@ -267,8 +271,9 @@ class HttpSecurityDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class MultiMatcherRequestsConfig : WebSecurityConfigurerAdapter() { open class MultiMatcherRequestsConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
securityMatcher("/path1") securityMatcher("/path1")
securityMatcher(RegexRequestMatcher("/path2", null)) securityMatcher(RegexRequestMatcher("/path2", null))
@ -276,6 +281,7 @@ class HttpSecurityDslTests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
} }
} }
return http.build()
} }
} }
@ -317,8 +323,9 @@ class HttpSecurityDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class AuthenticationManagerRequestsConfig : WebSecurityConfigurerAdapter() { open class AuthenticationManagerRequestsConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authenticationManager = AuthenticationManagerConfig.AUTHENTICATION_MANAGER authenticationManager = AuthenticationManagerConfig.AUTHENTICATION_MANAGER
authorizeRequests { authorizeRequests {
@ -326,6 +333,7 @@ class HttpSecurityDslTests {
} }
httpBasic { } httpBasic { }
} }
return http.build()
} }
} }
@ -351,17 +359,18 @@ class HttpSecurityDslTests {
val filterChain = spring.context.getBean(FilterChainProxy::class.java) val filterChain = spring.context.getBean(FilterChainProxy::class.java)
val filters: List<Filter> = filterChain.getFilters("/") val filters: List<Filter> = filterChain.getFilters("/")
assertThat(filters).hasSize(1) assertThat(filters).anyMatch { it is CustomFilter }
assertThat(filters[0]).isExactlyInstanceOf(CustomFilter::class.java)
} }
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class CustomFilterConfig : WebSecurityConfigurerAdapter(true) { open class CustomFilterConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
addFilterAt(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java) addFilterAt(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
} }
return http.build()
} }
} }
@ -372,17 +381,18 @@ class HttpSecurityDslTests {
val filterChain = spring.context.getBean(FilterChainProxy::class.java) val filterChain = spring.context.getBean(FilterChainProxy::class.java)
val filters: List<Filter> = filterChain.getFilters("/") val filters: List<Filter> = filterChain.getFilters("/")
assertThat(filters).hasSize(1) assertThat(filters).anyMatch { it is CustomFilter }
assertThat(filters[0]).isExactlyInstanceOf(CustomFilter::class.java)
} }
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class CustomFilterConfigReified : WebSecurityConfigurerAdapter(true) { open class CustomFilterConfigReified {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
addFilterAt<UsernamePasswordAuthenticationFilter>(CustomFilter()) addFilterAt<UsernamePasswordAuthenticationFilter>(CustomFilter())
} }
return http.build()
} }
} }
@ -401,12 +411,14 @@ class HttpSecurityDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class CustomFilterAfterConfig : WebSecurityConfigurerAdapter() { open class CustomFilterAfterConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
addFilterAfter(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java) addFilterAfter(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
formLogin {} formLogin {}
} }
return http.build()
} }
} }
@ -425,12 +437,14 @@ class HttpSecurityDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class CustomFilterAfterConfigReified : WebSecurityConfigurerAdapter() { open class CustomFilterAfterConfigReified{
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
addFilterAfter<UsernamePasswordAuthenticationFilter>(CustomFilter()) addFilterAfter<UsernamePasswordAuthenticationFilter>(CustomFilter())
formLogin { } formLogin { }
} }
return http.build()
} }
} }
@ -449,12 +463,14 @@ class HttpSecurityDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class CustomFilterBeforeConfig : WebSecurityConfigurerAdapter() { open class CustomFilterBeforeConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
addFilterBefore(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java) addFilterBefore(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
formLogin {} formLogin {}
} }
return http.build()
} }
} }
@ -473,12 +489,14 @@ class HttpSecurityDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class CustomFilterBeforeConfigReified : WebSecurityConfigurerAdapter() { open class CustomFilterBeforeConfigReified{
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
addFilterBefore<UsernamePasswordAuthenticationFilter>(CustomFilter()) addFilterBefore<UsernamePasswordAuthenticationFilter>(CustomFilter())
formLogin { } formLogin { }
} }
return http.build()
} }
} }

65
config/src/test/kotlin/org/springframework/security/config/annotation/web/LogoutDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -25,16 +25,17 @@ import org.assertj.core.api.Assertions.assertThat
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.mock.web.MockHttpSession import org.springframework.mock.web.MockHttpSession
import org.springframework.security.authentication.TestingAuthenticationToken import org.springframework.security.authentication.TestingAuthenticationToken
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.core.Authentication import org.springframework.security.core.Authentication
import org.springframework.security.core.context.SecurityContextHolder import org.springframework.security.core.context.SecurityContextHolder
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.authentication.logout.LogoutHandler import org.springframework.security.web.authentication.logout.LogoutHandler
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler
import org.springframework.security.web.context.HttpSessionSecurityContextRepository import org.springframework.security.web.context.HttpSessionSecurityContextRepository
@ -68,13 +69,15 @@ class LogoutDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomLogoutUrlConfig : WebSecurityConfigurerAdapter() { open class CustomLogoutUrlConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
logout { logout {
logoutUrl = "/custom/logout" logoutUrl = "/custom/logout"
} }
} }
return http.build()
} }
} }
@ -91,13 +94,15 @@ class LogoutDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomLogoutRequestMatcherConfig : WebSecurityConfigurerAdapter() { open class CustomLogoutRequestMatcherConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
logout { logout {
logoutRequestMatcher = AntPathRequestMatcher("/custom/logout") logoutRequestMatcher = AntPathRequestMatcher("/custom/logout")
} }
} }
return http.build()
} }
} }
@ -114,13 +119,15 @@ class LogoutDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class SuccessUrlConfig : WebSecurityConfigurerAdapter() { open class SuccessUrlConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
logout { logout {
logoutSuccessUrl = "/login" logoutSuccessUrl = "/login"
} }
} }
return http.build()
} }
} }
@ -137,13 +144,15 @@ class LogoutDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class SuccessHandlerConfig : WebSecurityConfigurerAdapter() { open class SuccessHandlerConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
logout { logout {
logoutSuccessHandler = SimpleUrlLogoutSuccessHandler() logoutSuccessHandler = SimpleUrlLogoutSuccessHandler()
} }
} }
return http.build()
} }
} }
@ -160,8 +169,9 @@ class LogoutDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class PermitAllConfig : WebSecurityConfigurerAdapter() { open class PermitAllConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -171,6 +181,7 @@ class LogoutDslTests {
permitAll() permitAll()
} }
} }
return http.build()
} }
} }
@ -194,13 +205,15 @@ class LogoutDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ClearAuthenticationFalseConfig : WebSecurityConfigurerAdapter() { open class ClearAuthenticationFalseConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
logout { logout {
clearAuthentication = false clearAuthentication = false
} }
} }
return http.build()
} }
} }
@ -221,13 +234,15 @@ class LogoutDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class InvalidateHttpSessionFalseConfig : WebSecurityConfigurerAdapter() { open class InvalidateHttpSessionFalseConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
logout { logout {
invalidateHttpSession = false invalidateHttpSession = false
} }
} }
return http.build()
} }
} }
@ -245,13 +260,15 @@ class LogoutDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class DeleteCookiesConfig : WebSecurityConfigurerAdapter() { open class DeleteCookiesConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
logout { logout {
deleteCookies("remove") deleteCookies("remove")
} }
} }
return http.build()
} }
} }
@ -275,14 +292,16 @@ class LogoutDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class DefaultLogoutSuccessHandlerForConfig : WebSecurityConfigurerAdapter() { open class DefaultLogoutSuccessHandlerForConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
logout { logout {
logoutRequestMatcher = AntPathRequestMatcher("/logout/**") logoutRequestMatcher = AntPathRequestMatcher("/logout/**")
defaultLogoutSuccessHandlerFor(SimpleUrlLogoutSuccessHandler(), AntPathRequestMatcher("/logout/custom")) defaultLogoutSuccessHandlerFor(SimpleUrlLogoutSuccessHandler(), AntPathRequestMatcher("/logout/custom"))
} }
} }
return http.build()
} }
} }
@ -300,18 +319,20 @@ class LogoutDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomLogoutHandlerConfig : WebSecurityConfigurerAdapter() { open class CustomLogoutHandlerConfig {
companion object { companion object {
val HANDLER: LogoutHandler = NoopLogoutHandler() val HANDLER: LogoutHandler = NoopLogoutHandler()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
logout { logout {
addLogoutHandler(HANDLER) addLogoutHandler(HANDLER)
} }
} }
return http.build()
} }
} }

16
config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -26,7 +26,6 @@ import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.oauth2.client.CommonOAuth2Provider
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
@ -43,6 +42,7 @@ import org.springframework.security.oauth2.core.OAuth2AccessToken
import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -65,8 +65,9 @@ class OAuth2ClientDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ClientRepoConfig : WebSecurityConfigurerAdapter() { open class ClientRepoConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
oauth2Client { oauth2Client {
clientRegistrationRepository = InMemoryClientRegistrationRepository( clientRegistrationRepository = InMemoryClientRegistrationRepository(
@ -76,6 +77,7 @@ class OAuth2ClientDslTests {
) )
} }
} }
return http.build()
} }
} }
@ -118,7 +120,7 @@ class OAuth2ClientDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ClientRepositoryConfig : WebSecurityConfigurerAdapter() { open class ClientRepositoryConfig {
companion object { companion object {
val REQUEST_REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> = val REQUEST_REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> =
@ -128,7 +130,8 @@ class OAuth2ClientDslTests {
val CLIENT_REPOSITORY: OAuth2AuthorizedClientRepository = HttpSessionOAuth2AuthorizedClientRepository() val CLIENT_REPOSITORY: OAuth2AuthorizedClientRepository = HttpSessionOAuth2AuthorizedClientRepository()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
oauth2Client { oauth2Client {
authorizedClientRepository = CLIENT_REPOSITORY authorizedClientRepository = CLIENT_REPOSITORY
@ -141,6 +144,7 @@ class OAuth2ClientDslTests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
} }
} }
return http.build()
} }
} }

30
config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -25,10 +25,8 @@ import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.security.authentication.AuthenticationDetailsSource
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.oauth2.client.CommonOAuth2Provider
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
@ -43,7 +41,7 @@ import org.springframework.test.web.servlet.get
import org.springframework.test.web.servlet.post import org.springframework.test.web.servlet.post
import org.springframework.web.bind.annotation.GetMapping import org.springframework.web.bind.annotation.GetMapping
import org.springframework.web.bind.annotation.RestController import org.springframework.web.bind.annotation.RestController
import jakarta.servlet.http.HttpServletRequest import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource import org.springframework.security.web.authentication.WebAuthenticationDetailsSource
/** /**
@ -65,8 +63,9 @@ class OAuth2LoginDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ClientRepoConfig : WebSecurityConfigurerAdapter() { open class ClientRepoConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
oauth2Login { oauth2Login {
clientRegistrationRepository = InMemoryClientRegistrationRepository( clientRegistrationRepository = InMemoryClientRegistrationRepository(
@ -76,6 +75,7 @@ class OAuth2LoginDslTests {
) )
} }
} }
return http.build()
} }
} }
@ -90,11 +90,13 @@ class OAuth2LoginDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class OAuth2LoginConfig : WebSecurityConfigurerAdapter() { open class OAuth2LoginConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
oauth2Login { } oauth2Login { }
} }
return http.build()
} }
} }
@ -109,13 +111,15 @@ class OAuth2LoginDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class LoginPageConfig : WebSecurityConfigurerAdapter() { open class LoginPageConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
oauth2Login { oauth2Login {
loginPage = "/custom-login" loginPage = "/custom-login"
} }
} }
return http.build()
} }
@RestController @RestController
@ -157,14 +161,15 @@ class OAuth2LoginDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomAuthenticationDetailsSourceConfig : WebSecurityConfigurerAdapter() { open class CustomAuthenticationDetailsSourceConfig {
companion object { companion object {
val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource() val AUTHENTICATION_DETAILS_SOURCE = WebAuthenticationDetailsSource()
val AUTHORIZATION_REQUEST_REPOSITORY = HttpSessionOAuth2AuthorizationRequestRepository() val AUTHORIZATION_REQUEST_REPOSITORY = HttpSessionOAuth2AuthorizationRequestRepository()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
oauth2Login { oauth2Login {
authenticationDetailsSource = AUTHENTICATION_DETAILS_SOURCE authenticationDetailsSource = AUTHENTICATION_DETAILS_SOURCE
@ -173,6 +178,7 @@ class OAuth2LoginDslTests {
} }
} }
} }
return http.build()
} }
} }

34
config/src/test/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -32,7 +32,6 @@ import org.springframework.security.authentication.AuthenticationManager
import org.springframework.security.authentication.AuthenticationManagerResolver import org.springframework.security.authentication.AuthenticationManagerResolver
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames.SUB import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames.SUB
@ -43,6 +42,7 @@ import org.springframework.security.oauth2.server.resource.authentication.JwtIss
import org.springframework.security.oauth2.server.resource.web.BearerTokenResolver import org.springframework.security.oauth2.server.resource.web.BearerTokenResolver
import org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver import org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver
import org.springframework.security.web.AuthenticationEntryPoint import org.springframework.security.web.AuthenticationEntryPoint
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.access.AccessDeniedHandler import org.springframework.security.web.access.AccessDeniedHandler
import org.springframework.security.web.access.AccessDeniedHandlerImpl import org.springframework.security.web.access.AccessDeniedHandlerImpl
import org.springframework.security.web.authentication.HttpStatusEntryPoint import org.springframework.security.web.authentication.HttpStatusEntryPoint
@ -79,13 +79,14 @@ class OAuth2ResourceServerDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class EntryPointConfig : WebSecurityConfigurerAdapter() { open class EntryPointConfig {
companion object { companion object {
val ENTRY_POINT: AuthenticationEntryPoint = HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED) val ENTRY_POINT: AuthenticationEntryPoint = HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -95,6 +96,7 @@ class OAuth2ResourceServerDslTests {
jwt { } jwt { }
} }
} }
return http.build()
} }
@Bean @Bean
@ -115,14 +117,15 @@ class OAuth2ResourceServerDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class BearerTokenResolverConfig : WebSecurityConfigurerAdapter() { open class BearerTokenResolverConfig {
companion object { companion object {
val RESOLVER: BearerTokenResolver = DefaultBearerTokenResolver() val RESOLVER: BearerTokenResolver = DefaultBearerTokenResolver()
val DECODER: JwtDecoder = MockJwtDecoder() val DECODER: JwtDecoder = MockJwtDecoder()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -132,6 +135,7 @@ class OAuth2ResourceServerDslTests {
jwt { } jwt { }
} }
} }
return http.build()
} }
@Bean @Bean
@ -168,14 +172,15 @@ class OAuth2ResourceServerDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class AccessDeniedHandlerConfig : WebSecurityConfigurerAdapter() { open class AccessDeniedHandlerConfig {
companion object { companion object {
val DECODER: JwtDecoder = MockJwtDecoder() val DECODER: JwtDecoder = MockJwtDecoder()
val DENIED_HANDLER: AccessDeniedHandler = AccessDeniedHandlerImpl() val DENIED_HANDLER: AccessDeniedHandler = AccessDeniedHandlerImpl()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, denyAll) authorize(anyRequest, denyAll)
@ -185,6 +190,7 @@ class OAuth2ResourceServerDslTests {
jwt { } jwt { }
} }
} }
return http.build()
} }
@Bean @Bean
@ -209,14 +215,15 @@ class OAuth2ResourceServerDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class AuthenticationManagerResolverConfig : WebSecurityConfigurerAdapter() { open class AuthenticationManagerResolverConfig {
companion object { companion object {
val RESOLVER: AuthenticationManagerResolver<HttpServletRequest> = val RESOLVER: AuthenticationManagerResolver<HttpServletRequest> =
JwtIssuerAuthenticationManagerResolver("issuer") JwtIssuerAuthenticationManagerResolver("issuer")
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -225,6 +232,7 @@ class OAuth2ResourceServerDslTests {
authenticationManagerResolver = RESOLVER authenticationManagerResolver = RESOLVER
} }
} }
return http.build()
} }
} }
@ -236,8 +244,9 @@ class OAuth2ResourceServerDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class AuthenticationManagerResolverAndOpaqueConfig : WebSecurityConfigurerAdapter() { open class AuthenticationManagerResolverAndOpaqueConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -247,6 +256,7 @@ class OAuth2ResourceServerDslTests {
opaqueToken { } opaqueToken { }
} }
} }
return http.build()
} }
} }
} }

17
config/src/test/kotlin/org/springframework/security/config/annotation/web/PasswordManagementDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -19,11 +19,12 @@ package org.springframework.security.config.annotation.web
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -53,11 +54,13 @@ class PasswordManagementDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class PasswordManagementWithDefaultChangePasswordPageConfig : WebSecurityConfigurerAdapter() { open class PasswordManagementWithDefaultChangePasswordPageConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
passwordManagement {} passwordManagement {}
} }
return http.build()
} }
} }
@ -73,13 +76,15 @@ class PasswordManagementDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class PasswordManagementWithCustomChangePasswordPageConfig : WebSecurityConfigurerAdapter() { open class PasswordManagementWithCustomChangePasswordPageConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
passwordManagement { passwordManagement {
changePasswordPage = "/custom-change-password-page" changePasswordPage = "/custom-change-password-page"
} }
} }
return http.build()
} }
} }
} }

17
config/src/test/kotlin/org/springframework/security/config/annotation/web/PortMapperDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -19,12 +19,13 @@ package org.springframework.security.config.annotation.web
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.web.PortMapperImpl import org.springframework.security.web.PortMapperImpl
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
import java.util.* import java.util.*
@ -53,8 +54,9 @@ class PortMapperDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class PortMapperMapConfig : WebSecurityConfigurerAdapter() { open class PortMapperMapConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
requiresChannel { requiresChannel {
secure(anyRequest, requiresSecure) secure(anyRequest, requiresSecure)
@ -63,6 +65,7 @@ class PortMapperDslTests {
map(543, 123) map(543, 123)
} }
} }
return http.build()
} }
} }
@ -77,8 +80,9 @@ class PortMapperDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomPortMapperConfig : WebSecurityConfigurerAdapter() { open class CustomPortMapperConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
val customPortMapper = PortMapperImpl() val customPortMapper = PortMapperImpl()
customPortMapper.setPortMappings(Collections.singletonMap("543", "123")) customPortMapper.setPortMappings(Collections.singletonMap("543", "123"))
http { http {
@ -89,6 +93,7 @@ class PortMapperDslTests {
portMapper = customPortMapper portMapper = customPortMapper
} }
} }
return http.build()
} }
} }
} }

88
config/src/test/kotlin/org/springframework/security/config/annotation/web/RememberMeDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -26,13 +26,12 @@ import org.junit.jupiter.api.Test
import org.junit.jupiter.api.fail import org.junit.jupiter.api.fail
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.core.annotation.Order import org.springframework.core.annotation.Order
import org.springframework.mock.web.MockHttpSession import org.springframework.mock.web.MockHttpSession
import org.springframework.security.authentication.RememberMeAuthenticationToken import org.springframework.security.authentication.RememberMeAuthenticationToken
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.core.Authentication import org.springframework.security.core.Authentication
import org.springframework.security.core.authority.AuthorityUtils import org.springframework.security.core.authority.AuthorityUtils
@ -45,6 +44,7 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf
import org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers import org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.authentication.AuthenticationSuccessHandler import org.springframework.security.web.authentication.AuthenticationSuccessHandler
import org.springframework.security.web.authentication.NullRememberMeServices import org.springframework.security.web.authentication.NullRememberMeServices
import org.springframework.security.web.authentication.RememberMeServices import org.springframework.security.web.authentication.RememberMeServices
@ -219,7 +219,7 @@ internal class RememberMeDslTests {
@Test @Test
fun `Remember Me when key then remember me works only for matching routes`() { fun `Remember Me when key then remember me works only for matching routes`() {
this.spring.register(WithoutKeyConfig::class.java, KeyConfig::class.java).autowire() this.spring.register(WithAndWithoutKeyConfig::class.java).autowire()
val withoutKeyMvcResult = mockMvc.post("/without-key/login") { val withoutKeyMvcResult = mockMvc.post("/without-key/login") {
loginRememberMeRequest() loginRememberMeRequest()
}.andReturn() }.andReturn()
@ -383,17 +383,18 @@ internal class RememberMeDslTests {
} }
} }
abstract class DefaultUserConfig : WebSecurityConfigurerAdapter() { @Configuration
@Autowired open class DefaultUserConfig {
open fun configureGlobal(auth: AuthenticationManagerBuilder) { @Bean
auth.inMemoryAuthentication() open fun userDetailsService(): UserDetailsService {
.withUser(PasswordEncodedUser.user()) return InMemoryUserDetailsManager(PasswordEncodedUser.user())
} }
} }
@EnableWebSecurity @EnableWebSecurity
open class RememberMeConfig : DefaultUserConfig() { open class RememberMeConfig : DefaultUserConfig() {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, hasRole("USER")) authorize(anyRequest, hasRole("USER"))
@ -401,12 +402,14 @@ internal class RememberMeDslTests {
formLogin {} formLogin {}
rememberMe {} rememberMe {}
} }
return http.build()
} }
} }
@EnableWebSecurity @EnableWebSecurity
open class RememberMeDomainConfig : DefaultUserConfig() { open class RememberMeDomainConfig : DefaultUserConfig() {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, hasRole("USER")) authorize(anyRequest, hasRole("USER"))
@ -416,6 +419,7 @@ internal class RememberMeDslTests {
rememberMeCookieDomain = "spring.io" rememberMeCookieDomain = "spring.io"
} }
} }
return http.build()
} }
} }
@ -426,13 +430,15 @@ internal class RememberMeDslTests {
val REMEMBER_ME_SERVICES: RememberMeServices = NullRememberMeServices() val REMEMBER_ME_SERVICES: RememberMeServices = NullRememberMeServices()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin {} formLogin {}
rememberMe { rememberMe {
rememberMeServices = REMEMBER_ME_SERVICES rememberMeServices = REMEMBER_ME_SERVICES
} }
} }
return http.build()
} }
} }
@ -443,20 +449,23 @@ internal class RememberMeDslTests {
val SUCCESS_HANDLER: AuthenticationSuccessHandler = SimpleUrlAuthenticationSuccessHandler() val SUCCESS_HANDLER: AuthenticationSuccessHandler = SimpleUrlAuthenticationSuccessHandler()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin {} formLogin {}
rememberMe { rememberMe {
authenticationSuccessHandler = SUCCESS_HANDLER authenticationSuccessHandler = SUCCESS_HANDLER
} }
} }
return http.build()
} }
} }
@EnableWebSecurity @EnableWebSecurity
@Order(0) open class WithAndWithoutKeyConfig : DefaultUserConfig() {
open class WithoutKeyConfig : DefaultUserConfig() { @Bean
override fun configure(http: HttpSecurity) { @Order(0)
open fun securityFilterChainWithoutKey(http: HttpSecurity): SecurityFilterChain {
http { http {
securityMatcher(AntPathRequestMatcher("/without-key/**")) securityMatcher(AntPathRequestMatcher("/without-key/**"))
formLogin { formLogin {
@ -464,12 +473,11 @@ internal class RememberMeDslTests {
} }
rememberMe {} rememberMe {}
} }
return http.build()
} }
}
@EnableWebSecurity @Bean
open class KeyConfig : DefaultUserConfig() { open fun securityFilterChainWithKey(http: HttpSecurity): SecurityFilterChain {
override fun configure(http: HttpSecurity) {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -479,6 +487,7 @@ internal class RememberMeDslTests {
key = "RememberMeKey" key = "RememberMeKey"
} }
} }
return http.build()
} }
} }
@ -489,66 +498,76 @@ internal class RememberMeDslTests {
val TOKEN_REPOSITORY: PersistentTokenRepository = mockk() val TOKEN_REPOSITORY: PersistentTokenRepository = mockk()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin {} formLogin {}
rememberMe { rememberMe {
tokenRepository = TOKEN_REPOSITORY tokenRepository = TOKEN_REPOSITORY
} }
} }
return http.build()
} }
} }
@EnableWebSecurity @EnableWebSecurity
open class RememberMeTokenValidityConfig : DefaultUserConfig() { open class RememberMeTokenValidityConfig : DefaultUserConfig() {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin {} formLogin {}
rememberMe { rememberMe {
tokenValiditySeconds = 42 tokenValiditySeconds = 42
} }
} }
return http.build()
} }
} }
@EnableWebSecurity @EnableWebSecurity
open class RememberMeUseSecureCookieConfig : DefaultUserConfig() { open class RememberMeUseSecureCookieConfig : DefaultUserConfig() {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin {} formLogin {}
rememberMe { rememberMe {
useSecureCookie = true useSecureCookie = true
} }
} }
return http.build()
} }
} }
@EnableWebSecurity @EnableWebSecurity
open class RememberMeParameterConfig : DefaultUserConfig() { open class RememberMeParameterConfig : DefaultUserConfig() {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin {} formLogin {}
rememberMe { rememberMe {
rememberMeParameter = "rememberMe" rememberMeParameter = "rememberMe"
} }
} }
return http.build()
} }
} }
@EnableWebSecurity @EnableWebSecurity
open class RememberMeCookieNameConfig : DefaultUserConfig() { open class RememberMeCookieNameConfig : DefaultUserConfig() {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin {} formLogin {}
rememberMe { rememberMe {
rememberMeCookieName = "rememberMe" rememberMeCookieName = "rememberMe"
} }
} }
return http.build()
} }
} }
@EnableWebSecurity @EnableWebSecurity
open class RememberMeDefaultUserDetailsServiceConfig : DefaultUserConfig() { open class RememberMeDefaultUserDetailsServiceConfig {
companion object { companion object {
val USER_DETAIL_SERVICE: UserDetailsService = InMemoryUserDetailsManager( val USER_DETAIL_SERVICE: UserDetailsService = InMemoryUserDetailsManager(
@ -557,15 +576,18 @@ internal class RememberMeDslTests {
val PASSWORD_ENCODER: PasswordEncoder = BCryptPasswordEncoder() val PASSWORD_ENCODER: PasswordEncoder = BCryptPasswordEncoder()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin {} formLogin {}
rememberMe {} rememberMe {}
} }
return http.build()
} }
override fun configure(auth: AuthenticationManagerBuilder) { @Bean
auth.userDetailsService(USER_DETAIL_SERVICE) open fun userDetailsService(): UserDetailsService {
return USER_DETAIL_SERVICE
} }
@Bean @Bean
@ -582,25 +604,29 @@ internal class RememberMeDslTests {
) )
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin {} formLogin {}
rememberMe { rememberMe {
userDetailsService = USER_DETAIL_SERVICE userDetailsService = USER_DETAIL_SERVICE
} }
} }
return http.build()
} }
} }
@EnableWebSecurity @EnableWebSecurity
open class RememberMeAlwaysRememberConfig : DefaultUserConfig() { open class RememberMeAlwaysRememberConfig : DefaultUserConfig() {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
formLogin {} formLogin {}
rememberMe { rememberMe {
alwaysRemember = true alwaysRemember = true
} }
} }
return http.build()
} }
} }

17
config/src/test/kotlin/org/springframework/security/config/annotation/web/RequestCacheDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -19,12 +19,13 @@ package org.springframework.security.config.annotation.web
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.savedrequest.NullRequestCache import org.springframework.security.web.savedrequest.NullRequestCache
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -56,12 +57,14 @@ class RequestCacheDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class RequestCacheConfig : WebSecurityConfigurerAdapter() { open class RequestCacheConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
requestCache { } requestCache { }
formLogin { } formLogin { }
} }
return http.build()
} }
} }
@ -78,14 +81,16 @@ class RequestCacheDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomRequestCacheConfig : WebSecurityConfigurerAdapter() { open class CustomRequestCacheConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
requestCache { requestCache {
requestCache = NullRequestCache() requestCache = NullRequestCache()
} }
formLogin { } formLogin { }
} }
return http.build()
} }
} }
} }

23
config/src/test/kotlin/org/springframework/security/config/annotation/web/RequiresChannelDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -21,13 +21,14 @@ import io.mockk.verify
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.security.access.ConfigAttribute import org.springframework.security.access.ConfigAttribute
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.web.FilterInvocation import org.springframework.security.web.FilterInvocation
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.access.channel.ChannelProcessor import org.springframework.security.web.access.channel.ChannelProcessor
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -63,13 +64,15 @@ class RequiresChannelDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class RequiresSecureConfig : WebSecurityConfigurerAdapter() { open class RequiresSecureConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
requiresChannel { requiresChannel {
secure(anyRequest, requiresSecure) secure(anyRequest, requiresSecure)
} }
} }
return http.build()
} }
} }
@ -95,8 +98,9 @@ class RequiresChannelDslTests {
@EnableWebSecurity @EnableWebSecurity
@EnableWebMvc @EnableWebMvc
open class MvcMatcherServletPathConfig : WebSecurityConfigurerAdapter() { open class MvcMatcherServletPathConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
requiresChannel { requiresChannel {
secure("/path", secure("/path",
@ -104,6 +108,7 @@ class RequiresChannelDslTests {
requiresSecure) requiresSecure)
} }
} }
return http.build()
} }
@RestController @RestController
@ -125,7 +130,7 @@ class RequiresChannelDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ChannelProcessorsConfig : WebSecurityConfigurerAdapter() { open class ChannelProcessorsConfig {
companion object { companion object {
val CHANNEL_PROCESSOR: ChannelProcessor = object : ChannelProcessor { val CHANNEL_PROCESSOR: ChannelProcessor = object : ChannelProcessor {
@ -134,13 +139,15 @@ class RequiresChannelDslTests {
} }
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
requiresChannel { requiresChannel {
channelProcessors = listOf(CHANNEL_PROCESSOR) channelProcessors = listOf(CHANNEL_PROCESSOR)
secure(anyRequest, requiresSecure) secure(anyRequest, requiresSecure)
} }
} }
return http.build()
} }
} }
} }

22
config/src/test/kotlin/org/springframework/security/config/annotation/web/Saml2DslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -32,7 +32,6 @@ import org.springframework.security.authentication.ProviderManager
import org.springframework.security.authentication.TestingAuthenticationProvider import org.springframework.security.authentication.TestingAuthenticationProvider
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.saml2.credentials.Saml2X509Credential import org.springframework.security.saml2.credentials.Saml2X509Credential
@ -42,6 +41,7 @@ import org.springframework.security.saml2.provider.service.registration.RelyingP
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository
import org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations import org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations
import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders import org.springframework.test.web.servlet.request.MockMvcRequestBuilders
@ -71,11 +71,13 @@ class Saml2DslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class Saml2LoginNoRelyingPArtyRegistrationRepoConfig : WebSecurityConfigurerAdapter() { open class Saml2LoginNoRelyingPArtyRegistrationRepoConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
saml2Login { } saml2Login { }
} }
return http.build()
} }
} }
@ -90,9 +92,10 @@ class Saml2DslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class Saml2LoginConfig : WebSecurityConfigurerAdapter() { open class Saml2LoginConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
saml2Login { saml2Login {
relyingPartyRegistrationRepository = relyingPartyRegistrationRepository =
@ -106,6 +109,7 @@ class Saml2DslTests {
) )
} }
} }
return http.build()
} }
private fun <T : Certificate> loadCert(location: String): T { private fun <T : Certificate> loadCert(location: String): T {
@ -127,17 +131,19 @@ class Saml2DslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class Saml2LoginCustomAuthenticationManagerConfig : WebSecurityConfigurerAdapter() { open class Saml2LoginCustomAuthenticationManagerConfig {
companion object { companion object {
val AUTHENTICATION_MANAGER: AuthenticationManager = ProviderManager(TestingAuthenticationProvider()) val AUTHENTICATION_MANAGER: AuthenticationManager = ProviderManager(TestingAuthenticationProvider())
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
saml2Login { saml2Login {
authenticationManager = AUTHENTICATION_MANAGER authenticationManager = AUTHENTICATION_MANAGER
} }
} }
return http.build()
} }
@Bean @Bean

73
config/src/test/kotlin/org/springframework/security/config/annotation/web/SecurityContextDslTests.kt
View File

@ -19,27 +19,28 @@ package org.springframework.security.config.annotation.web
import io.mockk.every import io.mockk.every
import io.mockk.mockk import io.mockk.mockk
import io.mockk.mockkObject import io.mockk.mockkObject
import io.mockk.spyk
import io.mockk.verify import io.mockk.verify
import org.assertj.core.api.Assertions.assertThat import org.assertj.core.api.Assertions.assertThat
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.assertDoesNotThrow
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Bean
import org.springframework.security.config.annotation.ObjectPostProcessor
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.core.context.SecurityContext import org.springframework.security.core.context.SecurityContext
import org.springframework.security.core.userdetails.PasswordEncodedUser import org.springframework.security.core.userdetails.PasswordEncodedUser
import org.springframework.security.core.userdetails.UserDetailsService
import org.springframework.security.provisioning.InMemoryUserDetailsManager
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders
import org.springframework.security.web.FilterChainProxy import org.springframework.security.web.FilterChainProxy
import org.springframework.security.web.context.* import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter import org.springframework.security.web.context.HttpRequestResponseHolder
import org.springframework.security.web.context.HttpSessionSecurityContextRepository
import org.springframework.security.web.context.NullSecurityContextRepository
import org.springframework.security.web.context.SecurityContextHolderFilter
import org.springframework.security.web.context.SecurityContextPersistenceFilter
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get import org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get
@ -56,14 +57,17 @@ class SecurityContextDslTests {
fun `security context when invoked twice then uses original security context repository`() { fun `security context when invoked twice then uses original security context repository`() {
spring.register(DuplicateDoesNotOverrideConfig::class.java).autowire() spring.register(DuplicateDoesNotOverrideConfig::class.java).autowire()
mockkObject(DuplicateDoesNotOverrideConfig.SECURITY_CONTEXT_REPOSITORY) mockkObject(DuplicateDoesNotOverrideConfig.SECURITY_CONTEXT_REPOSITORY)
every { DuplicateDoesNotOverrideConfig.SECURITY_CONTEXT_REPOSITORY.loadContext(any<HttpRequestResponseHolder>()) } returns mockk<SecurityContext>(relaxed = true) every { DuplicateDoesNotOverrideConfig.SECURITY_CONTEXT_REPOSITORY.loadContext(any<HttpRequestResponseHolder>()) } returns mockk<SecurityContext>(
relaxed = true
)
mvc.perform(get("/")) mvc.perform(get("/"))
verify(exactly = 1) { DuplicateDoesNotOverrideConfig.SECURITY_CONTEXT_REPOSITORY.loadContext(any<HttpRequestResponseHolder>()) } verify(exactly = 1) { DuplicateDoesNotOverrideConfig.SECURITY_CONTEXT_REPOSITORY.loadContext(any<HttpRequestResponseHolder>()) }
} }
@EnableWebSecurity @EnableWebSecurity
open class DuplicateDoesNotOverrideConfig : WebSecurityConfigurerAdapter() { open class DuplicateDoesNotOverrideConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
// @formatter:off // @formatter:off
http { http {
securityContext { securityContext {
@ -72,6 +76,7 @@ class SecurityContextDslTests {
securityContext { } securityContext { }
} }
// @formatter:on // @formatter:on
return http.build()
} }
companion object { companion object {
@ -79,37 +84,6 @@ class SecurityContextDslTests {
} }
} }
@Test
fun `security context when security context repository not configured then does not throw exception`() {
spring.register(SecurityContextRepositoryDefaultsSecurityContextRepositoryConfig::class.java).autowire()
assertDoesNotThrow { mvc.perform(get("/")) }
}
@EnableWebSecurity
open class SecurityContextRepositoryDefaultsSecurityContextRepositoryConfig : WebSecurityConfigurerAdapter(true) {
override fun configure(http: HttpSecurity) {
// @formatter:off
http {
addFilterAt<WebAsyncManagerIntegrationFilter>(WebAsyncManagerIntegrationFilter())
anonymous { }
securityContext { }
authorizeRequests {
authorize(anyRequest, permitAll)
}
httpBasic { }
}
// @formatter:on
}
override fun configure(auth: AuthenticationManagerBuilder) {
// @formatter:off
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER")
// @formatter:on
}
}
@Test @Test
fun `security context when require explicit save is true then configure SecurityContextHolderFilter`() { fun `security context when require explicit save is true then configure SecurityContextHolderFilter`() {
val repository = HttpSessionSecurityContextRepository() val repository = HttpSessionSecurityContextRepository()
@ -125,13 +99,14 @@ class SecurityContextDslTests {
// @formatter:on // @formatter:on
val mvcResult = mvc.perform(SecurityMockMvcRequestBuilders.formLogin()).andReturn() val mvcResult = mvc.perform(SecurityMockMvcRequestBuilders.formLogin()).andReturn()
val securityContext = repository val securityContext = repository
.loadContext(HttpRequestResponseHolder(mvcResult.request, mvcResult.response)) .loadContext(HttpRequestResponseHolder(mvcResult.request, mvcResult.response))
assertThat(securityContext.authentication).isNotNull assertThat(securityContext.authentication).isNotNull
} }
@EnableWebSecurity @EnableWebSecurity
open class RequireExplicitSaveConfig : WebSecurityConfigurerAdapter() { open class RequireExplicitSaveConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
// @formatter:off // @formatter:off
http { http {
formLogin { } formLogin { }
@ -140,14 +115,12 @@ class SecurityContextDslTests {
} }
} }
// @formatter:on // @formatter:on
return http.build()
} }
override fun configure(auth: AuthenticationManagerBuilder) { @Bean
// @formatter:off open fun userDetailsService(): UserDetailsService {
auth return InMemoryUserDetailsManager(PasswordEncodedUser.user())
.inMemoryAuthentication()
.withUser(PasswordEncodedUser.user())
// @formatter:on
} }
} }
} }

40
config/src/test/kotlin/org/springframework/security/config/annotation/web/SessionManagementDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -29,12 +29,12 @@ import org.springframework.context.annotation.Bean
import org.springframework.mock.web.MockHttpSession import org.springframework.mock.web.MockHttpSession
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.http.SessionCreationPolicy import org.springframework.security.config.http.SessionCreationPolicy
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.core.Authentication import org.springframework.security.core.Authentication
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy
import org.springframework.security.web.authentication.session.SessionAuthenticationException import org.springframework.security.web.authentication.session.SessionAuthenticationException
@ -73,13 +73,15 @@ class SessionManagementDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class InvalidSessionUrlConfig : WebSecurityConfigurerAdapter() { open class InvalidSessionUrlConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
sessionManagement { sessionManagement {
invalidSessionUrl = "/invalid" invalidSessionUrl = "/invalid"
} }
} }
return http.build()
} }
} }
@ -98,13 +100,15 @@ class SessionManagementDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class InvalidSessionStrategyConfig : WebSecurityConfigurerAdapter() { open class InvalidSessionStrategyConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
sessionManagement { sessionManagement {
invalidSessionStrategy = SimpleRedirectInvalidSessionStrategy("/invalid") invalidSessionStrategy = SimpleRedirectInvalidSessionStrategy("/invalid")
} }
} }
return http.build()
} }
} }
@ -124,8 +128,9 @@ class SessionManagementDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class SessionAuthenticationErrorUrlConfig : WebSecurityConfigurerAdapter() { open class SessionAuthenticationErrorUrlConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -134,6 +139,7 @@ class SessionManagementDslTests {
sessionAuthenticationErrorUrl = "/session-auth-error" sessionAuthenticationErrorUrl = "/session-auth-error"
} }
} }
return http.build()
} }
} }
@ -153,8 +159,9 @@ class SessionManagementDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class SessionAuthenticationFailureHandlerConfig : WebSecurityConfigurerAdapter() { open class SessionAuthenticationFailureHandlerConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -163,6 +170,7 @@ class SessionManagementDslTests {
sessionAuthenticationFailureHandler = SimpleUrlAuthenticationFailureHandler("/session-auth-error") sessionAuthenticationFailureHandler = SimpleUrlAuthenticationFailureHandler("/session-auth-error")
} }
} }
return http.build()
} }
} }
@ -177,8 +185,9 @@ class SessionManagementDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class StatelessSessionManagementConfig : WebSecurityConfigurerAdapter() { open class StatelessSessionManagementConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -187,6 +196,7 @@ class SessionManagementDslTests {
sessionCreationPolicy = SessionCreationPolicy.STATELESS sessionCreationPolicy = SessionCreationPolicy.STATELESS
} }
} }
return http.build()
} }
} }
@ -208,13 +218,14 @@ class SessionManagementDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class SessionAuthenticationStrategyConfig : WebSecurityConfigurerAdapter() { open class SessionAuthenticationStrategyConfig {
companion object { companion object {
val STRATEGY: SessionAuthenticationStrategy = NullAuthenticatedSessionStrategy() val STRATEGY: SessionAuthenticationStrategy = NullAuthenticatedSessionStrategy()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -223,6 +234,7 @@ class SessionManagementDslTests {
sessionAuthenticationStrategy = STRATEGY sessionAuthenticationStrategy = STRATEGY
} }
} }
return http.build()
} }
@Bean @Bean

44
config/src/test/kotlin/org/springframework/security/config/annotation/web/X509DslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -27,7 +27,6 @@ import org.springframework.context.annotation.Bean
import org.springframework.core.io.ClassPathResource import org.springframework.core.io.ClassPathResource
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.core.userdetails.User import org.springframework.security.core.userdetails.User
@ -36,6 +35,7 @@ import org.springframework.security.core.userdetails.UserDetailsService
import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.provisioning.InMemoryUserDetailsManager
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.x509 import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.x509
import org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated import org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken
import org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor import org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
@ -65,15 +65,17 @@ class X509DslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class X509Config : WebSecurityConfigurerAdapter() { open class X509Config {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
x509 { } x509 { }
} }
return http.build()
} }
@Bean @Bean
override fun userDetailsService(): UserDetailsService { open fun userDetailsService(): UserDetailsService {
val userDetails = User.withDefaultPasswordEncoder() val userDetails = User.withDefaultPasswordEncoder()
.username("rod") .username("rod")
.password("password") .password("password")
@ -94,17 +96,19 @@ class X509DslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class X509RegexConfig : WebSecurityConfigurerAdapter() { open class X509RegexConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
x509 { x509 {
subjectPrincipalRegex = "CN=(.*?)@example.com(?:,|$)" subjectPrincipalRegex = "CN=(.*?)@example.com(?:,|$)"
} }
} }
return http.build()
} }
@Bean @Bean
override fun userDetailsService(): UserDetailsService { open fun userDetailsService(): UserDetailsService {
val userDetails = User.withDefaultPasswordEncoder() val userDetails = User.withDefaultPasswordEncoder()
.username("rod") .username("rod")
.password("password") .password("password")
@ -125,8 +129,9 @@ class X509DslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class UserDetailsServiceConfig : WebSecurityConfigurerAdapter() { open class UserDetailsServiceConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
val userDetails = User.withDefaultPasswordEncoder() val userDetails = User.withDefaultPasswordEncoder()
.username("rod") .username("rod")
.password("password") .password("password")
@ -138,10 +143,11 @@ class X509DslTests {
userDetailsService = customUserDetailsService userDetailsService = customUserDetailsService
} }
} }
return http.build()
} }
@Bean @Bean
override fun userDetailsService(): UserDetailsService = mockk() open fun userDetailsService(): UserDetailsService = mockk()
} }
@Test @Test
@ -155,8 +161,9 @@ class X509DslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class AuthenticationUserDetailsServiceConfig : WebSecurityConfigurerAdapter() { open class AuthenticationUserDetailsServiceConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
val userDetails = User.withDefaultPasswordEncoder() val userDetails = User.withDefaultPasswordEncoder()
.username("rod") .username("rod")
.password("password") .password("password")
@ -170,10 +177,11 @@ class X509DslTests {
authenticationUserDetailsService = customSource authenticationUserDetailsService = customSource
} }
} }
return http.build()
} }
@Bean @Bean
override fun userDetailsService(): UserDetailsService = mockk() open fun userDetailsService(): UserDetailsService = mockk()
} }
@Test @Test
@ -187,8 +195,9 @@ class X509DslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class X509PrincipalExtractorConfig : WebSecurityConfigurerAdapter() { open class X509PrincipalExtractorConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
val principalExtractor = SubjectDnX509PrincipalExtractor() val principalExtractor = SubjectDnX509PrincipalExtractor()
principalExtractor.setSubjectDnRegex("CN=(.*?)@example.com(?:,|$)") principalExtractor.setSubjectDnRegex("CN=(.*?)@example.com(?:,|$)")
http { http {
@ -196,10 +205,11 @@ class X509DslTests {
x509PrincipalExtractor = principalExtractor x509PrincipalExtractor = principalExtractor
} }
} }
return http.build()
} }
@Bean @Bean
override fun userDetailsService(): UserDetailsService { open fun userDetailsService(): UserDetailsService {
val userDetails = User.withDefaultPasswordEncoder() val userDetails = User.withDefaultPasswordEncoder()
.username("rod") .username("rod")
.password("password") .password("password")

17
config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/CacheControlDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -19,13 +19,14 @@ package org.springframework.security.config.annotation.web.headers
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.http.HttpHeaders import org.springframework.http.HttpHeaders
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -55,14 +56,16 @@ class CacheControlDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CacheControlConfig : WebSecurityConfigurerAdapter() { open class CacheControlConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
cacheControl { } cacheControl { }
} }
} }
return http.build()
} }
} }
@ -79,8 +82,9 @@ class CacheControlDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CacheControlDisabledConfig : WebSecurityConfigurerAdapter() { open class CacheControlDisabledConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
cacheControl { cacheControl {
@ -88,6 +92,7 @@ class CacheControlDslTests {
} }
} }
} }
return http.build()
} }
} }
} }

23
config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ContentSecurityPolicyDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -19,12 +19,13 @@ package org.springframework.security.config.annotation.web.headers
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter import org.springframework.security.web.server.header.ContentSecurityPolicyServerHttpHeadersWriter
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -54,14 +55,16 @@ class ContentSecurityPolicyDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ContentSecurityPolicyConfig : WebSecurityConfigurerAdapter() { open class ContentSecurityPolicyConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
contentSecurityPolicy { } contentSecurityPolicy { }
} }
} }
return http.build()
} }
} }
@ -77,8 +80,9 @@ class ContentSecurityPolicyDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomPolicyDirectivesConfig : WebSecurityConfigurerAdapter() { open class CustomPolicyDirectivesConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -87,6 +91,7 @@ class ContentSecurityPolicyDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -102,8 +107,9 @@ class ContentSecurityPolicyDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ReportOnlyConfig : WebSecurityConfigurerAdapter() { open class ReportOnlyConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -112,6 +118,7 @@ class ContentSecurityPolicyDslTests {
} }
} }
} }
return http.build()
} }
} }
} }

17
config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ContentTypeOptionsDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -19,12 +19,13 @@ package org.springframework.security.config.annotation.web.headers
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.server.header.ContentTypeOptionsServerHttpHeadersWriter import org.springframework.security.web.server.header.ContentTypeOptionsServerHttpHeadersWriter
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -53,14 +54,16 @@ class ContentTypeOptionsDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ContentTypeOptionsConfig : WebSecurityConfigurerAdapter() { open class ContentTypeOptionsConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
contentTypeOptions { } contentTypeOptions { }
} }
} }
return http.build()
} }
} }
@ -75,8 +78,9 @@ class ContentTypeOptionsDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ContentTypeOptionsDisabledConfig : WebSecurityConfigurerAdapter() { open class ContentTypeOptionsDisabledConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
contentTypeOptions { contentTypeOptions {
@ -84,6 +88,7 @@ class ContentTypeOptionsDslTests {
} }
} }
} }
return http.build()
} }
} }
} }

35
config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/FrameOptionsDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -19,12 +19,13 @@ package org.springframework.security.config.annotation.web.headers
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter
import org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter import org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
@ -55,14 +56,16 @@ class FrameOptionsDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class FrameOptionsConfig : WebSecurityConfigurerAdapter() { open class FrameOptionsConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
frameOptions { } frameOptions { }
} }
} }
return http.build()
} }
} }
@ -78,8 +81,9 @@ class FrameOptionsDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class FrameOptionsDenyConfig : WebSecurityConfigurerAdapter() { open class FrameOptionsDenyConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -88,6 +92,7 @@ class FrameOptionsDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -103,8 +108,9 @@ class FrameOptionsDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class FrameOptionsSameOriginConfig : WebSecurityConfigurerAdapter() { open class FrameOptionsSameOriginConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -113,6 +119,7 @@ class FrameOptionsDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -128,8 +135,9 @@ class FrameOptionsDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class FrameOptionsSameOriginAndDenyConfig : WebSecurityConfigurerAdapter() { open class FrameOptionsSameOriginAndDenyConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -139,6 +147,7 @@ class FrameOptionsDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -154,8 +163,9 @@ class FrameOptionsDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class FrameOptionsDisabledConfig : WebSecurityConfigurerAdapter() { open class FrameOptionsDisabledConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
frameOptions { frameOptions {
@ -163,6 +173,7 @@ class FrameOptionsDslTests {
} }
} }
} }
return http.build()
} }
} }
} }

47
config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/HttpPublicKeyPinningDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -20,12 +20,13 @@ import org.assertj.core.api.Assertions
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -57,14 +58,16 @@ class HttpPublicKeyPinningDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HpkpNoPinConfig : WebSecurityConfigurerAdapter() { open class HpkpNoPinConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
httpPublicKeyPinning { } httpPublicKeyPinning { }
} }
} }
return http.build()
} }
} }
@ -80,8 +83,9 @@ class HttpPublicKeyPinningDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HpkpPinConfig : WebSecurityConfigurerAdapter() { open class HpkpPinConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -90,6 +94,7 @@ class HttpPublicKeyPinningDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -105,8 +110,9 @@ class HttpPublicKeyPinningDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HpkpMaxAgeConfig : WebSecurityConfigurerAdapter() { open class HpkpMaxAgeConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -116,6 +122,7 @@ class HttpPublicKeyPinningDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -131,8 +138,9 @@ class HttpPublicKeyPinningDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HpkpReportOnlyFalseConfig : WebSecurityConfigurerAdapter() { open class HpkpReportOnlyFalseConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -142,6 +150,7 @@ class HttpPublicKeyPinningDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -160,8 +169,9 @@ class HttpPublicKeyPinningDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HpkpIncludeSubdomainsConfig : WebSecurityConfigurerAdapter() { open class HpkpIncludeSubdomainsConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -171,6 +181,7 @@ class HttpPublicKeyPinningDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -189,8 +200,9 @@ class HttpPublicKeyPinningDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HpkpReportUriConfig : WebSecurityConfigurerAdapter() { open class HpkpReportUriConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -200,6 +212,7 @@ class HttpPublicKeyPinningDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -217,8 +230,9 @@ class HttpPublicKeyPinningDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HpkpDisabledConfig : WebSecurityConfigurerAdapter() { open class HpkpDisabledConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
httpPublicKeyPinning { httpPublicKeyPinning {
@ -226,6 +240,7 @@ class HttpPublicKeyPinningDslTests {
} }
} }
} }
return http.build()
} }
} }
} }

35
config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/HttpStrictTransportSecurityDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -20,12 +20,13 @@ import org.assertj.core.api.Assertions
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.server.header.StrictTransportSecurityServerHttpHeadersWriter import org.springframework.security.web.server.header.StrictTransportSecurityServerHttpHeadersWriter
import org.springframework.security.web.util.matcher.AntPathRequestMatcher import org.springframework.security.web.util.matcher.AntPathRequestMatcher
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
@ -56,14 +57,16 @@ class HttpStrictTransportSecurityDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HstsConfig : WebSecurityConfigurerAdapter() { open class HstsConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
httpStrictTransportSecurity { } httpStrictTransportSecurity { }
} }
} }
return http.build()
} }
} }
@ -79,8 +82,9 @@ class HttpStrictTransportSecurityDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HstsPreloadConfig : WebSecurityConfigurerAdapter() { open class HstsPreloadConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -89,6 +93,7 @@ class HttpStrictTransportSecurityDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -104,8 +109,9 @@ class HttpStrictTransportSecurityDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HstsMaxAgeConfig : WebSecurityConfigurerAdapter() { open class HstsMaxAgeConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -114,6 +120,7 @@ class HttpStrictTransportSecurityDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -129,8 +136,9 @@ class HttpStrictTransportSecurityDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HstsCustomMatcherConfig : WebSecurityConfigurerAdapter() { open class HstsCustomMatcherConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -139,6 +147,7 @@ class HttpStrictTransportSecurityDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -154,8 +163,9 @@ class HttpStrictTransportSecurityDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class HstsDisabledConfig : WebSecurityConfigurerAdapter() { open class HstsDisabledConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
httpStrictTransportSecurity { httpStrictTransportSecurity {
@ -163,6 +173,7 @@ class HttpStrictTransportSecurityDslTests {
} }
} }
} }
return http.build()
} }
} }
} }

17
config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/ReferrerPolicyDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -19,12 +19,13 @@ package org.springframework.security.config.annotation.web.headers
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -53,14 +54,16 @@ class ReferrerPolicyDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ReferrerPolicyConfig : WebSecurityConfigurerAdapter() { open class ReferrerPolicyConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
referrerPolicy { } referrerPolicy { }
} }
} }
return http.build()
} }
} }
@ -75,8 +78,9 @@ class ReferrerPolicyDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ReferrerPolicyCustomPolicyConfig : WebSecurityConfigurerAdapter() { open class ReferrerPolicyCustomPolicyConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -85,6 +89,7 @@ class ReferrerPolicyDslTests {
} }
} }
} }
return http.build()
} }
} }
} }

29
config/src/test/kotlin/org/springframework/security/config/annotation/web/headers/XssProtectionConfigDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -19,12 +19,13 @@ package org.springframework.security.config.annotation.web.headers
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter import org.springframework.security.web.server.header.XXssProtectionServerHttpHeadersWriter
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -54,14 +55,16 @@ class XssProtectionConfigDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class XssProtectionConfig : WebSecurityConfigurerAdapter() { open class XssProtectionConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
xssProtection { } xssProtection { }
} }
} }
return http.build()
} }
} }
@ -77,8 +80,9 @@ class XssProtectionConfigDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class XssProtectionBlockFalseConfig : WebSecurityConfigurerAdapter() { open class XssProtectionBlockFalseConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -87,6 +91,7 @@ class XssProtectionConfigDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -102,8 +107,9 @@ class XssProtectionConfigDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class XssProtectionDisabledConfig : WebSecurityConfigurerAdapter() { open class XssProtectionDisabledConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
defaultsDisabled = true defaultsDisabled = true
@ -112,6 +118,7 @@ class XssProtectionConfigDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -127,8 +134,9 @@ class XssProtectionConfigDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class XssProtectionDisabledFunctionConfig : WebSecurityConfigurerAdapter() { open class XssProtectionDisabledFunctionConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
headers { headers {
xssProtection { xssProtection {
@ -136,6 +144,7 @@ class XssProtectionConfigDslTests {
} }
} }
} }
return http.build()
} }
} }
} }

22
config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/client/AuthorizationCodeGrantDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -27,7 +27,6 @@ import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.oauth2.client.CommonOAuth2Provider
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
@ -44,6 +43,7 @@ import org.springframework.security.oauth2.core.OAuth2AccessToken
import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -81,14 +81,15 @@ class AuthorizationCodeGrantDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class RequestRepositoryConfig : WebSecurityConfigurerAdapter() { open class RequestRepositoryConfig {
companion object { companion object {
val REQUEST_REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> = val REQUEST_REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> =
HttpSessionOAuth2AuthorizationRequestRepository() HttpSessionOAuth2AuthorizationRequestRepository()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
oauth2Client { oauth2Client {
authorizationCodeGrant { authorizationCodeGrant {
@ -99,6 +100,7 @@ class AuthorizationCodeGrantDslTests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
} }
} }
return http.build()
} }
} }
@ -130,7 +132,7 @@ class AuthorizationCodeGrantDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class AuthorizedClientConfig : WebSecurityConfigurerAdapter() { open class AuthorizedClientConfig {
companion object { companion object {
val REQUEST_REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> = val REQUEST_REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> =
HttpSessionOAuth2AuthorizationRequestRepository() HttpSessionOAuth2AuthorizationRequestRepository()
@ -138,7 +140,8 @@ class AuthorizationCodeGrantDslTests {
DefaultAuthorizationCodeTokenResponseClient() DefaultAuthorizationCodeTokenResponseClient()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
oauth2Client { oauth2Client {
authorizationCodeGrant { authorizationCodeGrant {
@ -150,6 +153,7 @@ class AuthorizationCodeGrantDslTests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
} }
} }
return http.build()
} }
} }
@ -171,11 +175,12 @@ class AuthorizationCodeGrantDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class RequestResolverConfig : WebSecurityConfigurerAdapter() { open class RequestResolverConfig {
val requestResolver: OAuth2AuthorizationRequestResolver = mockk() val requestResolver: OAuth2AuthorizationRequestResolver = mockk()
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
oauth2Client { oauth2Client {
authorizationCodeGrant { authorizationCodeGrant {
@ -186,6 +191,7 @@ class AuthorizationCodeGrantDslTests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
} }
} }
return http.build()
} }
} }

22
config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/AuthorizationEndpointDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -27,7 +27,6 @@ import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.oauth2.client.CommonOAuth2Provider
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
@ -38,6 +37,7 @@ import org.springframework.security.oauth2.client.web.AuthorizationRequestReposi
import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository
import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -66,7 +66,7 @@ class AuthorizationEndpointDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ResolverConfig : WebSecurityConfigurerAdapter() { open class ResolverConfig {
companion object { companion object {
val RESOLVER: OAuth2AuthorizationRequestResolver = object : OAuth2AuthorizationRequestResolver { val RESOLVER: OAuth2AuthorizationRequestResolver = object : OAuth2AuthorizationRequestResolver {
@ -80,7 +80,8 @@ class AuthorizationEndpointDslTests {
} }
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
oauth2Login { oauth2Login {
authorizationEndpoint { authorizationEndpoint {
@ -88,6 +89,7 @@ class AuthorizationEndpointDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -103,14 +105,15 @@ class AuthorizationEndpointDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class RequestRepoConfig : WebSecurityConfigurerAdapter() { open class RequestRepoConfig {
companion object { companion object {
val REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> = val REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> =
HttpSessionOAuth2AuthorizationRequestRepository() HttpSessionOAuth2AuthorizationRequestRepository()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
oauth2Login { oauth2Login {
authorizationEndpoint { authorizationEndpoint {
@ -118,6 +121,7 @@ class AuthorizationEndpointDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -132,14 +136,15 @@ class AuthorizationEndpointDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class AuthorizationUriConfig : WebSecurityConfigurerAdapter() { open class AuthorizationUriConfig {
companion object { companion object {
val REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> = val REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> =
HttpSessionOAuth2AuthorizationRequestRepository() HttpSessionOAuth2AuthorizationRequestRepository()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
oauth2Login { oauth2Login {
authorizationEndpoint { authorizationEndpoint {
@ -148,6 +153,7 @@ class AuthorizationEndpointDslTests {
} }
} }
} }
return http.build()
} }
} }

10
config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/RedirectionEndpointDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -25,7 +25,6 @@ import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.oauth2.client.CommonOAuth2Provider
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
@ -47,6 +46,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
import org.springframework.security.oauth2.core.user.DefaultOAuth2User import org.springframework.security.oauth2.core.user.DefaultOAuth2User
import org.springframework.security.oauth2.core.user.OAuth2User import org.springframework.security.oauth2.core.user.OAuth2User
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -103,7 +103,7 @@ class RedirectionEndpointDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class UserServiceConfig : WebSecurityConfigurerAdapter() { open class UserServiceConfig {
companion object { companion object {
val REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> = val REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> =
@ -113,7 +113,8 @@ class RedirectionEndpointDslTests {
val USER_SERVICE: OAuth2UserService<OAuth2UserRequest, OAuth2User> = DefaultOAuth2UserService() val USER_SERVICE: OAuth2UserService<OAuth2UserRequest, OAuth2User> = DefaultOAuth2UserService()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -133,6 +134,7 @@ class RedirectionEndpointDslTests {
} }
} }
} }
return http.build()
} }
} }

10
config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/TokenEndpointDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -26,7 +26,6 @@ import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.oauth2.client.CommonOAuth2Provider
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
@ -42,6 +41,7 @@ import org.springframework.security.oauth2.core.OAuth2AccessToken
import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -94,7 +94,7 @@ class TokenEndpointDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class TokenConfig : WebSecurityConfigurerAdapter() { open class TokenConfig {
companion object { companion object {
val REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> = val REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> =
@ -103,7 +103,8 @@ class TokenEndpointDslTests {
DefaultAuthorizationCodeTokenResponseClient() DefaultAuthorizationCodeTokenResponseClient()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -117,6 +118,7 @@ class TokenEndpointDslTests {
} }
} }
} }
return http.build()
} }
} }

10
config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/UserInfoEndpointDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -27,7 +27,6 @@ import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.oauth2.client.CommonOAuth2Provider import org.springframework.security.config.oauth2.client.CommonOAuth2Provider
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
@ -46,6 +45,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
import org.springframework.security.oauth2.core.user.DefaultOAuth2User import org.springframework.security.oauth2.core.user.DefaultOAuth2User
import org.springframework.security.oauth2.core.user.OAuth2User import org.springframework.security.oauth2.core.user.OAuth2User
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
@ -102,7 +102,7 @@ class UserInfoEndpointDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class UserServiceConfig : WebSecurityConfigurerAdapter() { open class UserServiceConfig {
companion object { companion object {
val REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> = mockk() val REPOSITORY: AuthorizationRequestRepository<OAuth2AuthorizationRequest> = mockk()
@ -110,7 +110,8 @@ class UserInfoEndpointDslTests {
val USER_SERVICE: OAuth2UserService<OAuth2UserRequest, OAuth2User> = mockk() val USER_SERVICE: OAuth2UserService<OAuth2UserRequest, OAuth2User> = mockk()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -127,6 +128,7 @@ class UserInfoEndpointDslTests {
} }
} }
} }
return http.build()
} }
} }

34
config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/JwtDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -32,7 +32,6 @@ import org.springframework.security.authentication.TestingAuthenticationProvider
import org.springframework.security.authentication.TestingAuthenticationToken import org.springframework.security.authentication.TestingAuthenticationToken
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
@ -41,6 +40,7 @@ import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames
import org.springframework.security.oauth2.jwt.Jwt import org.springframework.security.oauth2.jwt.Jwt
import org.springframework.security.oauth2.jwt.JwtDecoder import org.springframework.security.oauth2.jwt.JwtDecoder
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
import org.springframework.web.bind.annotation.GetMapping import org.springframework.web.bind.annotation.GetMapping
@ -75,8 +75,9 @@ class JwtDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomJwtDecoderConfig : WebSecurityConfigurerAdapter() { open class CustomJwtDecoderConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
oauth2ResourceServer { oauth2ResourceServer {
jwt { jwt {
@ -84,6 +85,7 @@ class JwtDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -93,8 +95,9 @@ class JwtDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomJwkSetUriConfig : WebSecurityConfigurerAdapter() { open class CustomJwkSetUriConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
oauth2ResourceServer { oauth2ResourceServer {
jwt { jwt {
@ -102,6 +105,7 @@ class JwtDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -127,14 +131,15 @@ class JwtDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomJwtAuthenticationConverterConfig : WebSecurityConfigurerAdapter() { open class CustomJwtAuthenticationConverterConfig {
companion object { companion object {
val CONVERTER: Converter<Jwt, out AbstractAuthenticationToken> = MockConverter() val CONVERTER: Converter<Jwt, out AbstractAuthenticationToken> = MockConverter()
val DECODER: JwtDecoder = MockJwtDecoder() val DECODER: JwtDecoder = MockJwtDecoder()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -145,6 +150,7 @@ class JwtDslTests {
} }
} }
} }
return http.build()
} }
@Bean @Bean
@ -176,13 +182,14 @@ class JwtDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class JwtDecoderAfterJwkSetUriConfig : WebSecurityConfigurerAdapter() { open class JwtDecoderAfterJwkSetUriConfig {
companion object { companion object {
val DECODER: JwtDecoder = MockJwtDecoder() val DECODER: JwtDecoder = MockJwtDecoder()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -194,6 +201,7 @@ class JwtDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -222,13 +230,14 @@ class JwtDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class AuthenticationManagerConfig : WebSecurityConfigurerAdapter() { open class AuthenticationManagerConfig {
companion object { companion object {
val AUTHENTICATION_MANAGER: AuthenticationManager = ProviderManager(TestingAuthenticationProvider()) val AUTHENTICATION_MANAGER: AuthenticationManager = ProviderManager(TestingAuthenticationProvider())
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -239,6 +248,7 @@ class JwtDslTests {
} }
} }
} }
return http.build()
} }
} }

28
config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/resourceserver/OpaqueTokenDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -32,7 +32,6 @@ import org.springframework.security.authentication.ProviderManager
import org.springframework.security.authentication.TestingAuthenticationProvider import org.springframework.security.authentication.TestingAuthenticationProvider
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
@ -44,6 +43,7 @@ import org.springframework.security.oauth2.server.resource.authentication.Bearer
import org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector import org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector
import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector
import org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector import org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
import org.springframework.web.bind.annotation.GetMapping import org.springframework.web.bind.annotation.GetMapping
@ -102,13 +102,14 @@ class OpaqueTokenDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class DefaultOpaqueConfig : WebSecurityConfigurerAdapter() { open class DefaultOpaqueConfig {
companion object { companion object {
val REST: RestOperations = RestTemplate() val REST: RestOperations = RestTemplate()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -117,6 +118,7 @@ class OpaqueTokenDslTests {
opaqueToken { } opaqueToken { }
} }
} }
return http.build()
} }
@Bean @Bean
@ -145,13 +147,14 @@ class OpaqueTokenDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class CustomIntrospectorConfig : WebSecurityConfigurerAdapter() { open class CustomIntrospectorConfig {
companion object { companion object {
val INTROSPECTOR: OpaqueTokenIntrospector = SpringOpaqueTokenIntrospector("uri", "clientId", "clientSecret") val INTROSPECTOR: OpaqueTokenIntrospector = SpringOpaqueTokenIntrospector("uri", "clientId", "clientSecret")
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -162,6 +165,7 @@ class OpaqueTokenDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -181,13 +185,14 @@ class OpaqueTokenDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class IntrospectorAfterClientCredentialsConfig : WebSecurityConfigurerAdapter() { open class IntrospectorAfterClientCredentialsConfig {
companion object { companion object {
val INTROSPECTOR: OpaqueTokenIntrospector = SpringOpaqueTokenIntrospector("uri", "clientId", "clientSecret") val INTROSPECTOR: OpaqueTokenIntrospector = SpringOpaqueTokenIntrospector("uri", "clientId", "clientSecret")
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -200,6 +205,7 @@ class OpaqueTokenDslTests {
} }
} }
} }
return http.build()
} }
} }
@ -222,13 +228,14 @@ class OpaqueTokenDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class AuthenticationManagerConfig : WebSecurityConfigurerAdapter() { open class AuthenticationManagerConfig {
companion object { companion object {
val AUTHENTICATION_MANAGER: AuthenticationManager = ProviderManager(TestingAuthenticationProvider()) val AUTHENTICATION_MANAGER: AuthenticationManager = ProviderManager(TestingAuthenticationProvider())
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
authorizeRequests { authorizeRequests {
authorize(anyRequest, authenticated) authorize(anyRequest, authenticated)
@ -239,6 +246,7 @@ class OpaqueTokenDslTests {
} }
} }
} }
return http.build()
} }
} }

22
config/src/test/kotlin/org/springframework/security/config/annotation/web/session/SessionConcurrencyDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -27,7 +27,6 @@ import org.springframework.context.annotation.Configuration
import org.springframework.mock.web.MockHttpSession import org.springframework.mock.web.MockHttpSession
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
@ -38,6 +37,7 @@ import org.springframework.security.core.userdetails.User
import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.core.userdetails.UserDetailsService
import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.provisioning.InMemoryUserDetailsManager
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy import org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get import org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get
@ -76,8 +76,9 @@ class SessionConcurrencyDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class MaximumSessionsConfig : WebSecurityConfigurerAdapter() { open class MaximumSessionsConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
sessionManagement { sessionManagement {
sessionConcurrency { sessionConcurrency {
@ -87,6 +88,7 @@ class SessionConcurrencyDslTests {
} }
formLogin { } formLogin { }
} }
return http.build()
} }
} }
@ -105,13 +107,14 @@ class SessionConcurrencyDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ExpiredUrlConfig : WebSecurityConfigurerAdapter() { open class ExpiredUrlConfig {
companion object { companion object {
val SESSION_REGISTRY: SessionRegistry = SessionRegistryImpl() val SESSION_REGISTRY: SessionRegistry = SessionRegistryImpl()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
sessionManagement { sessionManagement {
sessionConcurrency { sessionConcurrency {
@ -121,6 +124,7 @@ class SessionConcurrencyDslTests {
} }
} }
} }
return http.build()
} }
@Bean @Bean
@ -142,13 +146,14 @@ class SessionConcurrencyDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ExpiredSessionStrategyConfig : WebSecurityConfigurerAdapter() { open class ExpiredSessionStrategyConfig {
companion object { companion object {
val SESSION_REGISTRY: SessionRegistry = SessionRegistryImpl() val SESSION_REGISTRY: SessionRegistry = SessionRegistryImpl()
} }
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
sessionManagement { sessionManagement {
sessionConcurrency { sessionConcurrency {
@ -158,6 +163,7 @@ class SessionConcurrencyDslTests {
} }
} }
} }
return http.build()
} }
@Bean @Bean

28
config/src/test/kotlin/org/springframework/security/config/annotation/web/session/SessionFixationDslTests.kt
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -25,7 +25,6 @@ import org.springframework.context.annotation.Configuration
import org.springframework.mock.web.MockHttpSession import org.springframework.mock.web.MockHttpSession
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.core.userdetails.User import org.springframework.security.core.userdetails.User
import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.core.userdetails.UserDetailsService
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
@ -33,6 +32,7 @@ import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.provisioning.InMemoryUserDetailsManager
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic
import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders import org.springframework.test.web.servlet.request.MockMvcRequestBuilders
@ -69,8 +69,9 @@ class SessionFixationDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class NewSessionConfig : WebSecurityConfigurerAdapter() { open class NewSessionConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
sessionManagement { sessionManagement {
sessionFixation { sessionFixation {
@ -79,6 +80,7 @@ class SessionFixationDslTests {
} }
httpBasic { } httpBasic { }
} }
return http.build()
} }
} }
@ -102,8 +104,9 @@ class SessionFixationDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class MigrateSessionConfig : WebSecurityConfigurerAdapter() { open class MigrateSessionConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
sessionManagement { sessionManagement {
sessionFixation { sessionFixation {
@ -112,6 +115,7 @@ class SessionFixationDslTests {
} }
httpBasic { } httpBasic { }
} }
return http.build()
} }
} }
@ -135,8 +139,9 @@ class SessionFixationDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class ChangeSessionIdConfig : WebSecurityConfigurerAdapter() { open class ChangeSessionIdConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
sessionManagement { sessionManagement {
sessionFixation { sessionFixation {
@ -145,6 +150,7 @@ class SessionFixationDslTests {
} }
httpBasic { } httpBasic { }
} }
return http.build()
} }
} }
@ -168,8 +174,9 @@ class SessionFixationDslTests {
} }
@EnableWebSecurity @EnableWebSecurity
open class NoneConfig : WebSecurityConfigurerAdapter() { open class NoneConfig {
override fun configure(http: HttpSecurity) { @Bean
open fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
sessionManagement { sessionManagement {
sessionFixation { sessionFixation {
@ -178,6 +185,7 @@ class SessionFixationDslTests {
} }
httpBasic { } httpBasic { }
} }
return http.build()
} }
} }