Use http security nested builder in samples
Issue: gh-5557
This commit is contained in:
Eleftheria Stein
parent
b004f9f677
commit
a0ca45e4b8
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -32,11 +32,16 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/css/**", "/index").permitAll()
|
||||
.antMatchers("/user/**").hasRole("USER")
|
||||
.and()
|
||||
.formLogin().loginPage("/login").failureUrl("/login-error");
|
||||
.authorizeRequests(authorizeRequests ->
|
||||
authorizeRequests
|
||||
.antMatchers("/css/**", "/index").permitAll()
|
||||
.antMatchers("/user/**").hasRole("USER")
|
||||
)
|
||||
.formLogin(formLogin ->
|
||||
formLogin
|
||||
.loginPage("/login")
|
||||
.failureUrl("/login-error")
|
||||
);
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2018 the original author or authors.
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -358,15 +358,21 @@ public class OAuth2LoginApplicationTests {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.oauth2Login()
|
||||
.tokenEndpoint()
|
||||
.accessTokenResponseClient(this.mockAccessTokenResponseClient())
|
||||
.and()
|
||||
.userInfoEndpoint()
|
||||
.userService(this.mockUserService());
|
||||
.authorizeRequests(authorizeRequests ->
|
||||
authorizeRequests
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2Login(oauth2Login ->
|
||||
oauth2Login
|
||||
.tokenEndpoint(tokenEndpoint ->
|
||||
tokenEndpoint
|
||||
.accessTokenResponseClient(this.mockAccessTokenResponseClient())
|
||||
)
|
||||
.userInfoEndpoint(userInfoEndpoint ->
|
||||
userInfoEndpoint
|
||||
.userService(this.mockUserService())
|
||||
)
|
||||
);
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2018 the original author or authors.
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -46,6 +46,8 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
|
|||
import org.springframework.security.oauth2.jwt.JwtDecoder;
|
||||
import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
|
||||
|
||||
import static org.springframework.security.config.Customizer.withDefaults;
|
||||
|
||||
/**
|
||||
* @author Josh Cummings
|
||||
*/
|
||||
|
|
@ -66,12 +68,15 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
|
|||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.oauth2ResourceServer()
|
||||
.jwt();
|
||||
.authorizeRequests(authorizeRequests ->
|
||||
authorizeRequests
|
||||
.antMatchers("/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(oauth2ResourceServer ->
|
||||
oauth2ResourceServer
|
||||
.jwt(withDefaults())
|
||||
);
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -51,12 +51,15 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
|
|||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/**/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.oauth2ResourceServer()
|
||||
.authenticationManagerResolver(multitenantAuthenticationManager());
|
||||
.authorizeRequests(authorizeRequests ->
|
||||
authorizeRequests
|
||||
.antMatchers("/**/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(oauth2ResourceServer ->
|
||||
oauth2ResourceServer
|
||||
.authenticationManagerResolver(multitenantAuthenticationManager())
|
||||
);
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -34,14 +34,19 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
|
|||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.mvcMatchers("/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.oauth2ResourceServer()
|
||||
.opaqueToken()
|
||||
.introspectionUri(this.introspectionUri)
|
||||
.introspectionClientCredentials(this.clientId, this.clientSecret);
|
||||
.authorizeRequests(authorizeRequests ->
|
||||
authorizeRequests
|
||||
.mvcMatchers("/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(oauth2ResourceServer ->
|
||||
oauth2ResourceServer
|
||||
.opaqueToken(opaqueToken ->
|
||||
opaqueToken
|
||||
.introspectionUri(this.introspectionUri)
|
||||
.introspectionClientCredentials(this.clientId, this.clientSecret)
|
||||
)
|
||||
);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -38,13 +38,17 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
|
|||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.oauth2ResourceServer()
|
||||
.jwt()
|
||||
.decoder(jwtDecoder());
|
||||
.authorizeRequests(authorizeRequests ->
|
||||
authorizeRequests
|
||||
.antMatchers("/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(oauth2ResourceServer ->
|
||||
oauth2ResourceServer
|
||||
.jwt(jwt ->
|
||||
jwt.decoder(jwtDecoder())
|
||||
)
|
||||
);
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2018 the original author or authors.
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -19,6 +19,8 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
|
||||
import static org.springframework.security.config.Customizer.withDefaults;
|
||||
|
||||
/**
|
||||
* @author Josh Cummings
|
||||
*/
|
||||
|
|
@ -29,12 +31,15 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
|
|||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.oauth2ResourceServer()
|
||||
.jwt();
|
||||
.authorizeRequests(authorizeRequests ->
|
||||
authorizeRequests
|
||||
.antMatchers("/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(oauth2ResourceServer ->
|
||||
oauth2ResourceServer
|
||||
.jwt(withDefaults())
|
||||
);
|
||||
// @formatter:on
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2018 the original author or authors.
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -24,6 +24,8 @@ import org.springframework.security.core.userdetails.UserDetails;
|
|||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||
|
||||
import static org.springframework.security.config.Customizer.withDefaults;
|
||||
|
||||
/**
|
||||
* @author Joe Grandja
|
||||
*/
|
||||
|
|
@ -33,15 +35,14 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.mvcMatchers("/", "/public/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.formLogin()
|
||||
.and()
|
||||
.oauth2Login()
|
||||
.and()
|
||||
.oauth2Client();
|
||||
.authorizeRequests(authorizeRequests ->
|
||||
authorizeRequests
|
||||
.mvcMatchers("/", "/public/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.formLogin(withDefaults())
|
||||
.oauth2Login(withDefaults())
|
||||
.oauth2Client(withDefaults());
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -22,6 +22,8 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
|
||||
import static org.springframework.security.config.Customizer.withDefaults;
|
||||
|
||||
@EnableWebSecurity
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
|
@ -40,14 +42,19 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
protected void configure(
|
||||
HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.formLogin()
|
||||
.and()
|
||||
.sessionManagement()
|
||||
.maximumSessions(1)
|
||||
.expiredUrl("/login?expired");
|
||||
.authorizeRequests(authorizeRequests ->
|
||||
authorizeRequests
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.formLogin(withDefaults())
|
||||
.sessionManagement(sessionManagement ->
|
||||
sessionManagement
|
||||
.sessionConcurrency(sessionConcurrency ->
|
||||
sessionConcurrency
|
||||
.maximumSessions(1)
|
||||
.expiredUrl("/login?expired")
|
||||
)
|
||||
);
|
||||
}
|
||||
// @formatter:on
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -29,16 +29,20 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/resources/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.formLogin()
|
||||
.loginPage("/login")
|
||||
.permitAll()
|
||||
.and()
|
||||
.logout()
|
||||
.permitAll();
|
||||
.authorizeRequests(authorizeRequests ->
|
||||
authorizeRequests
|
||||
.antMatchers("/resources/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.formLogin(formLogin ->
|
||||
formLogin
|
||||
.loginPage("/login")
|
||||
.permitAll()
|
||||
)
|
||||
.logout(logout ->
|
||||
logout
|
||||
.permitAll()
|
||||
);
|
||||
}
|
||||
// @formatter:on
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -26,46 +26,71 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/resources/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.openidLogin()
|
||||
.loginPage("/login")
|
||||
.permitAll()
|
||||
.authenticationUserDetailsService(new CustomUserDetailsService())
|
||||
.attributeExchange("https://www.google.com/.*")
|
||||
.attribute("email")
|
||||
.type("https://axschema.org/contact/email")
|
||||
.required(true)
|
||||
.and()
|
||||
.attribute("firstname")
|
||||
.type("https://axschema.org/namePerson/first")
|
||||
.required(true)
|
||||
.and()
|
||||
.attribute("lastname")
|
||||
.type("https://axschema.org/namePerson/last")
|
||||
.required(true)
|
||||
.and()
|
||||
.and()
|
||||
.attributeExchange(".*yahoo.com.*")
|
||||
.attribute("email")
|
||||
.type("https://axschema.org/contact/email")
|
||||
.required(true)
|
||||
.and()
|
||||
.attribute("fullname")
|
||||
.type("https://axschema.org/namePerson")
|
||||
.required(true)
|
||||
.and()
|
||||
.and()
|
||||
.attributeExchange(".*myopenid.com.*")
|
||||
.attribute("email")
|
||||
.type("https://schema.openid.net/contact/email")
|
||||
.required(true)
|
||||
.and()
|
||||
.attribute("fullname")
|
||||
.type("https://schema.openid.net/namePerson")
|
||||
.required(true);
|
||||
.authorizeRequests(authorizeRequests ->
|
||||
authorizeRequests
|
||||
.antMatchers("/resources/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.openidLogin(openidLogin ->
|
||||
openidLogin
|
||||
.loginPage("/login")
|
||||
.permitAll()
|
||||
.authenticationUserDetailsService(new CustomUserDetailsService())
|
||||
.attributeExchange(googleExchange ->
|
||||
googleExchange
|
||||
.identifierPattern("https://www.google.com/.*")
|
||||
.attribute(emailAttribute ->
|
||||
emailAttribute
|
||||
.name("email")
|
||||
.type("https://axschema.org/contact/email")
|
||||
.required(true)
|
||||
)
|
||||
.attribute(firstnameAttribute ->
|
||||
firstnameAttribute
|
||||
.name("firstname")
|
||||
.type("https://axschema.org/namePerson/first")
|
||||
.required(true)
|
||||
)
|
||||
.attribute(lastnameAttribute ->
|
||||
lastnameAttribute
|
||||
.name("lastname")
|
||||
.type("https://axschema.org/namePerson/last")
|
||||
.required(true)
|
||||
)
|
||||
)
|
||||
.attributeExchange(yahooExchange ->
|
||||
yahooExchange
|
||||
.identifierPattern(".*yahoo.com.*")
|
||||
.attribute(emailAttribute ->
|
||||
emailAttribute
|
||||
.name("email")
|
||||
.type("https://axschema.org/contact/email")
|
||||
.required(true)
|
||||
)
|
||||
.attribute(fullnameAttribute ->
|
||||
fullnameAttribute
|
||||
.name("fullname")
|
||||
.type("https://axschema.org/namePerson")
|
||||
.required(true)
|
||||
)
|
||||
)
|
||||
.attributeExchange(myopenidExchange ->
|
||||
myopenidExchange
|
||||
.identifierPattern(".*myopenid.com.*")
|
||||
.attribute(emailAttribute ->
|
||||
emailAttribute
|
||||
.name("email")
|
||||
.type("https://schema.openid.net/contact/email")
|
||||
.required(true)
|
||||
)
|
||||
.attribute(fullnameAttribute ->
|
||||
fullnameAttribute
|
||||
.name("fullname")
|
||||
.type("https://schema.openid.net/namePerson")
|
||||
.required(true)
|
||||
)
|
||||
)
|
||||
);
|
||||
}
|
||||
// @formatter:on
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -26,12 +26,15 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/login", "/resources/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.jee()
|
||||
.mappableRoles("USER", "ADMIN");
|
||||
.authorizeRequests(authorizeRequests ->
|
||||
authorizeRequests
|
||||
.antMatchers("/login", "/resources/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.jee(jee ->
|
||||
jee
|
||||
.mappableRoles("USER", "ADMIN")
|
||||
);
|
||||
}
|
||||
// @formatter:on
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -21,6 +21,8 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
|
||||
import static org.springframework.security.config.Customizer.withDefaults;
|
||||
|
||||
@EnableWebSecurity
|
||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
||||
|
|
@ -39,15 +41,17 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/resources/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.formLogin()
|
||||
.loginPage("/login")
|
||||
.permitAll()
|
||||
.and()
|
||||
.rememberMe();
|
||||
.authorizeRequests(authorizeRequests ->
|
||||
authorizeRequests
|
||||
.antMatchers("/resources/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.formLogin(formLogin ->
|
||||
formLogin
|
||||
.loginPage("/login")
|
||||
.permitAll()
|
||||
)
|
||||
.rememberMe(withDefaults());
|
||||
}
|
||||
// @formatter:on
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -21,6 +21,8 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
|
||||
import static org.springframework.security.config.Customizer.withDefaults;
|
||||
|
||||
@EnableWebSecurity
|
||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
||||
|
|
@ -40,10 +42,11 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.x509();
|
||||
.authorizeRequests(authorizeRequests ->
|
||||
authorizeRequests
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.x509(withDefaults());
|
||||
}
|
||||
// @formatter:on
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue