From c43afbf5e1a1c7789411fbdf927a2ce733dff6a9 Mon Sep 17 00:00:00 2001 From: Josh Cummings <3627351+jzheaux@users.noreply.github.com> Date: Thu, 19 Jun 2025 14:34:48 -0600 Subject: [PATCH] Format Lambda Expressions This commit updats lambda expressions so that their variable is surrounded in parentheses. Issue gh-13067 --- .../ManagementConfigurationPlugin.java | 4 +- .../CheckExpectedBranchVersionPlugin.java | 2 +- .../authentication/password-storage.adoc | 2 +- .../authorize-http-requests.adoc | 2 +- .../pages/reactive/authorization/method.adoc | 2 +- .../pages/reactive/configuration/webflux.adoc | 2 +- .../ROOT/pages/reactive/exploits/csrf.adoc | 12 ++-- .../ROOT/pages/reactive/exploits/headers.adoc | 48 +++++++-------- .../ROOT/pages/reactive/exploits/http.adoc | 4 +- .../pages/reactive/integrations/cors.adoc | 2 +- .../pages/reactive/integrations/rsocket.adoc | 2 +- .../oauth2/client/authorization-grants.adoc | 18 +++--- .../pages/reactive/oauth2/client/index.adoc | 2 +- .../pages/reactive/oauth2/login/advanced.adoc | 10 ++-- .../pages/reactive/oauth2/login/core.adoc | 6 +- .../oauth2/resource-server/bearer-tokens.adoc | 4 +- .../reactive/oauth2/resource-server/jwt.adoc | 26 ++++----- .../oauth2/resource-server/multitenancy.adoc | 10 ++-- .../oauth2/resource-server/opaque-token.adoc | 28 ++++----- .../ROOT/pages/reactive/test/web/oauth2.adoc | 10 ++-- .../ROOT/pages/servlet/architecture.adoc | 2 +- .../authentication/passwords/digest.adoc | 2 +- .../authentication/passwords/form.adoc | 2 +- .../authentication/session-management.adoc | 14 ++--- .../authorize-http-requests.adoc | 6 +- .../pages/servlet/configuration/java.adoc | 28 ++++----- .../ROOT/pages/servlet/exploits/headers.adoc | 58 +++++++++---------- .../pages/servlet/integrations/websocket.adoc | 14 ++--- .../oauth2/client/authorization-grants.adoc | 28 ++++----- .../pages/servlet/oauth2/client/index.adoc | 4 +- .../pages/servlet/oauth2/login/advanced.adoc | 46 +++++++-------- .../ROOT/pages/servlet/oauth2/login/core.adoc | 6 +- .../pages/servlet/oauth2/login/logout.adoc | 4 +- .../oauth2/resource-server/bearer-tokens.adoc | 4 +- .../servlet/oauth2/resource-server/jwt.adoc | 30 +++++----- .../oauth2/resource-server/multitenancy.adoc | 14 ++--- .../oauth2/resource-server/opaque-token.adoc | 26 ++++----- .../saml2/login/authentication-requests.adoc | 4 +- .../servlet/saml2/login/authentication.adoc | 16 ++--- .../pages/servlet/saml2/login/overview.adoc | 20 +++---- .../pages/servlet/test/mockmvc/oauth2.adoc | 10 ++-- ...b-client-access-token-response-client.adoc | 2 +- .../reactivex509/CustomX509Configuration.java | 4 +- .../DefaultX509Configuration.java | 2 +- .../DefaultX509Configuration.java | 2 +- 45 files changed, 272 insertions(+), 272 deletions(-) diff --git a/buildSrc/src/main/groovy/io/spring/gradle/convention/ManagementConfigurationPlugin.java b/buildSrc/src/main/groovy/io/spring/gradle/convention/ManagementConfigurationPlugin.java index 8db6fd970b..fcc8c06fb9 100644 --- a/buildSrc/src/main/groovy/io/spring/gradle/convention/ManagementConfigurationPlugin.java +++ b/buildSrc/src/main/groovy/io/spring/gradle/convention/ManagementConfigurationPlugin.java @@ -61,7 +61,7 @@ public class ManagementConfigurationPlugin implements Plugin { PublishingExtension publishing = project.getExtensions().getByType(PublishingExtension.class); publishing.getPublications().withType(MavenPublication.class, (mavenPublication -> { mavenPublication.versionMapping((versions) -> - versions.allVariants(versionMapping -> versionMapping.fromResolutionResult()) + versions.allVariants((versionMapping) -> versionMapping.fromResolutionResult()) ); })); }); @@ -71,4 +71,4 @@ public class ManagementConfigurationPlugin implements Plugin { })); }); } -} \ No newline at end of file +} diff --git a/buildSrc/src/main/java/org/springframework/security/CheckExpectedBranchVersionPlugin.java b/buildSrc/src/main/java/org/springframework/security/CheckExpectedBranchVersionPlugin.java index bcff3306f0..346257aad3 100644 --- a/buildSrc/src/main/java/org/springframework/security/CheckExpectedBranchVersionPlugin.java +++ b/buildSrc/src/main/java/org/springframework/security/CheckExpectedBranchVersionPlugin.java @@ -46,7 +46,7 @@ public class CheckExpectedBranchVersionPlugin implements Plugin { task.setDescription("Check if the project version matches the branch version"); task.onlyIf("skipCheckExpectedBranchVersion property is false or not present", CheckExpectedBranchVersionPlugin::skipPropertyFalseOrNotPresent); task.getVersion().convention(project.provider(() -> project.getVersion().toString())); - task.getBranchName().convention(project.getProviders().exec(execSpec -> execSpec.setCommandLine("git", "symbolic-ref", "--short", "HEAD")).getStandardOutput().getAsText()); + task.getBranchName().convention(project.getProviders().exec((execSpec) -> execSpec.setCommandLine("git", "symbolic-ref", "--short", "HEAD")).getStandardOutput().getAsText()); task.getOutputFile().convention(project.getLayout().getBuildDirectory().file("check-expected-branch-version")); }); project.getTasks().named(JavaBasePlugin.CHECK_TASK_NAME, checkTask -> checkTask.dependsOn(checkExpectedBranchVersionTask)); diff --git a/docs/modules/ROOT/pages/features/authentication/password-storage.adoc b/docs/modules/ROOT/pages/features/authentication/password-storage.adoc index 94e2cf21e0..2ea6d68bab 100644 --- a/docs/modules/ROOT/pages/features/authentication/password-storage.adoc +++ b/docs/modules/ROOT/pages/features/authentication/password-storage.adoc @@ -615,7 +615,7 @@ Java:: @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) .formLogin((login) -> login diff --git a/docs/modules/ROOT/pages/reactive/authorization/authorize-http-requests.adoc b/docs/modules/ROOT/pages/reactive/authorization/authorize-http-requests.adoc index c1e27d2309..21f678acf0 100644 --- a/docs/modules/ROOT/pages/reactive/authorization/authorize-http-requests.adoc +++ b/docs/modules/ROOT/pages/reactive/authorization/authorize-http-requests.adoc @@ -15,7 +15,7 @@ Java:: @Bean SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .anyExchange().authenticated() ) .httpBasic(withDefaults()) diff --git a/docs/modules/ROOT/pages/reactive/authorization/method.adoc b/docs/modules/ROOT/pages/reactive/authorization/method.adoc index 42a68da609..ebc83eef0a 100644 --- a/docs/modules/ROOT/pages/reactive/authorization/method.adoc +++ b/docs/modules/ROOT/pages/reactive/authorization/method.adoc @@ -614,7 +614,7 @@ public class SecurityConfig { return http // Demonstrate that method security works // Best practice to use both for defense in depth - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .anyExchange().permitAll() ) .httpBasic(withDefaults()) diff --git a/docs/modules/ROOT/pages/reactive/configuration/webflux.adoc b/docs/modules/ROOT/pages/reactive/configuration/webflux.adoc index 9c9575965b..158605ec42 100644 --- a/docs/modules/ROOT/pages/reactive/configuration/webflux.adoc +++ b/docs/modules/ROOT/pages/reactive/configuration/webflux.adoc @@ -87,7 +87,7 @@ public class HelloWebfluxSecurityConfig { @Bean public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .anyExchange().authenticated() ) .httpBasic(withDefaults()) diff --git a/docs/modules/ROOT/pages/reactive/exploits/csrf.adoc b/docs/modules/ROOT/pages/reactive/exploits/csrf.adoc index 5ec50d98a0..f4a1ca0d1e 100644 --- a/docs/modules/ROOT/pages/reactive/exploits/csrf.adoc +++ b/docs/modules/ROOT/pages/reactive/exploits/csrf.adoc @@ -45,7 +45,7 @@ Java:: public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .csrf(csrf -> csrf.csrfTokenRepository(CookieServerCsrfTokenRepository.withHttpOnlyFalse())) + .csrf((csrf) -> csrf.csrfTokenRepository(CookieServerCsrfTokenRepository.withHttpOnlyFalse())) return http.build(); } ----- @@ -91,7 +91,7 @@ Java:: public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .csrf(csrf -> csrf.disable())) + .csrf((csrf) -> csrf.disable())) return http.build(); } ---- @@ -133,7 +133,7 @@ Java:: public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .csrf(csrf -> csrf + .csrf((csrf) -> csrf .csrfTokenRequestHandler(new ServerCsrfTokenRequestAttributeHandler()) ) return http.build(); @@ -181,7 +181,7 @@ public class SecurityControllerAdvice { @ModelAttribute Mono csrfToken(ServerWebExchange exchange) { Mono csrfToken = exchange.getAttribute(CsrfToken.class.getName()); - return csrfToken.doOnSuccess(token -> exchange.getAttributes() + return csrfToken.doOnSuccess((token) -> token.getAttributes() .put(CsrfRequestDataValueProcessor.DEFAULT_CSRF_ATTR_NAME, token)); } } @@ -351,7 +351,7 @@ Java:: public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .logout(logout -> logout.requiresLogout(new PathPatternParserServerWebExchangeMatcher("/logout"))) + .logout((logout) -> logout.requiresLogout(new PathPatternParserServerWebExchangeMatcher("/logout"))) return http.build(); } ---- @@ -416,7 +416,7 @@ Java:: public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .csrf(csrf -> csrf.tokenFromMultipartDataEnabled(true)) + .csrf((csrf) -> csrf.tokenFromMultipartDataEnabled(true)) return http.build(); } ---- diff --git a/docs/modules/ROOT/pages/reactive/exploits/headers.adoc b/docs/modules/ROOT/pages/reactive/exploits/headers.adoc index e272b66d54..aed6658032 100644 --- a/docs/modules/ROOT/pages/reactive/exploits/headers.adoc +++ b/docs/modules/ROOT/pages/reactive/exploits/headers.adoc @@ -26,8 +26,8 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .headers(headers -> headers - .frameOptions(frameOptions -> frameOptions + .headers((headers) -> headers + .frameOptions((frameOptions) -> frameOptions .mode(Mode.SAMEORIGIN) ) ); @@ -67,7 +67,7 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .headers(headers -> headers.disable()); + .headers((headers) -> headers.disable()); return http.build(); } ---- @@ -112,8 +112,8 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .headers(headers -> headers - .cache(cache -> cache.disable()) + .headers((headers) -> headers + .cache((cache) -> cache.disable()) ); return http.build(); } @@ -154,8 +154,8 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .headers(headers -> headers - .contentTypeOptions(contentTypeOptions -> contentTypeOptions.disable()) + .headers((headers) -> headers + .contentTypeOptions((contentTypeOptions) -> contentTypeOptions.disable()) ); return http.build(); } @@ -196,8 +196,8 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .headers(headers -> headers - .hsts(hsts -> hsts + .headers((headers) -> headers + .hsts((hsts) -> hsts .includeSubdomains(true) .preload(true) .maxAge(Duration.ofDays(365)) @@ -244,8 +244,8 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .headers(headers -> headers - .frameOptions(frameOptions -> frameOptions + .headers((headers) -> headers + .frameOptions((frameOptions) -> frameOptions .mode(SAMEORIGIN) ) ); @@ -287,8 +287,8 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .headers(headers -> headers - .xssProtection(xssProtection -> xssProtection.disable()) + .headers((headers) -> headers + .xssProtection((xssProtection) -> xssProtection.disable()) ); return http.build(); } @@ -325,8 +325,8 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .headers(headers -> headers - .xssProtection(xssProtection -> xssProtection.headerValue(XXssProtectionServerHttpHeadersWriter.HeaderValue.ENABLED_MODE_BLOCK)) + .headers((headers) -> headers + .xssProtection((xssProtection) -> xssProtection.headerValue(XXssProtectionServerHttpHeadersWriter.HeaderValue.ENABLED_MODE_BLOCK)) ); return http.build(); } @@ -376,8 +376,8 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .headers(headers -> headers - .contentSecurityPolicy(policy -> policy + .headers((headers) -> headers + .contentSecurityPolicy((policy) -> policy .policyDirectives("script-src 'self' https://trustedscripts.example.com; object-src https://trustedplugins.example.com; report-uri /csp-report-endpoint/") ) ); @@ -416,8 +416,8 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .headers(headers -> headers - .contentSecurityPolicy(policy -> policy + .headers((headers) -> headers + .contentSecurityPolicy((policy) -> policy .policyDirectives("script-src 'self' https://trustedscripts.example.com; object-src https://trustedplugins.example.com; report-uri /csp-report-endpoint/") .reportOnly() ) @@ -462,8 +462,8 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .headers(headers -> headers - .referrerPolicy(referrer -> referrer + .headers((headers) -> headers + .referrerPolicy((referrer) -> referrer .policy(ReferrerPolicy.SAME_ORIGIN) ) ); @@ -515,7 +515,7 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .headers(headers -> headers + .headers((headers) -> headers .featurePolicy("geolocation 'self'") ); return http.build(); @@ -564,8 +564,8 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .headers(headers -> headers - .permissionsPolicy(permissions -> permissions + .headers((headers) -> headers + .permissionsPolicy((permissions) -> permissions .policy("geolocation=(self)") ) ); diff --git a/docs/modules/ROOT/pages/reactive/exploits/http.adoc b/docs/modules/ROOT/pages/reactive/exploits/http.adoc index 68cf4db5cd..db4f3e57c7 100644 --- a/docs/modules/ROOT/pages/reactive/exploits/http.adoc +++ b/docs/modules/ROOT/pages/reactive/exploits/http.adoc @@ -57,8 +57,8 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .redirectToHttps(redirect -> redirect - .httpsRedirectWhen(e -> e.getRequest().getHeaders().containsKey("X-Forwarded-Proto")) + .redirectToHttps((redirect) -> redirect + .httpsRedirectWhen((e) -> e.getRequest().getHeaders().containsKey("X-Forwarded-Proto")) ); return http.build(); } diff --git a/docs/modules/ROOT/pages/reactive/integrations/cors.adoc b/docs/modules/ROOT/pages/reactive/integrations/cors.adoc index 84b3a6faf0..125ae4d70f 100644 --- a/docs/modules/ROOT/pages/reactive/integrations/cors.adoc +++ b/docs/modules/ROOT/pages/reactive/integrations/cors.adoc @@ -55,7 +55,7 @@ Java:: SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http // ... - .cors(cors -> cors.disable()); + .cors((cors) -> cors.disable()); return http.build(); } ---- diff --git a/docs/modules/ROOT/pages/reactive/integrations/rsocket.adoc b/docs/modules/ROOT/pages/reactive/integrations/rsocket.adoc index afd07b21be..4046db7103 100644 --- a/docs/modules/ROOT/pages/reactive/integrations/rsocket.adoc +++ b/docs/modules/ROOT/pages/reactive/integrations/rsocket.adoc @@ -426,7 +426,7 @@ rsocket authz .setup().hasRole("SETUP") // <1> .route("fetch.profile.me").authenticated() // <2> - .matcher(payloadExchange -> isMatch(payloadExchange)) // <3> + .matcher((payloadExchange) -> payloadExchange(payloadExchange)) // <3> .hasRole("CUSTOM") .route("fetch.profile.{username}") // <4> .access((authentication, context) -> checkFriends(authentication, context)) diff --git a/docs/modules/ROOT/pages/reactive/oauth2/client/authorization-grants.adoc b/docs/modules/ROOT/pages/reactive/oauth2/client/authorization-grants.adoc index 59def321a4..15ea7789e0 100644 --- a/docs/modules/ROOT/pages/reactive/oauth2/client/authorization-grants.adoc +++ b/docs/modules/ROOT/pages/reactive/oauth2/client/authorization-grants.adoc @@ -145,10 +145,10 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(authorize -> authorize + .authorizeExchange((authorize) -> authorize .anyExchange().authenticated() ) - .oauth2Login(oauth2 -> oauth2 + .oauth2Login((oauth2) -> oauth2 .authorizationRequestResolver( authorizationRequestResolver(this.clientRegistrationRepository) ) @@ -170,7 +170,7 @@ public class OAuth2LoginSecurityConfig { private Consumer authorizationRequestCustomizer() { return customizer -> customizer - .additionalParameters(params -> params.put("prompt", "consent")); + .additionalParameters((params) -> params.put("prompt", "consent")); } } ---- @@ -252,7 +252,7 @@ Java:: ---- private Consumer authorizationRequestCustomizer() { return customizer -> customizer - .authorizationRequestUri(uriBuilder -> uriBuilder + .authorizationRequestUri((uriBuilder) -> uriBuilder .queryParam("prompt", "consent").build()); } ---- @@ -301,7 +301,7 @@ public class OAuth2ClientSecurityConfig { @Bean public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { http - .oauth2Client(oauth2 -> oauth2 + .oauth2Client((oauth2) -> oauth2 .authorizationRequestRepository(this.authorizationRequestRepository()) // ... ); @@ -370,7 +370,7 @@ public class OAuth2ClientSecurityConfig { @Bean public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { http - .oauth2Client(oauth2 -> oauth2 + .oauth2Client((oauth2) -> oauth2 .authenticationManager(this.authorizationCodeAuthenticationManager()) // ... ); @@ -461,7 +461,7 @@ ReactiveOAuth2AccessTokenResponseClient refreshT ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider = ReactiveOAuth2AuthorizedClientProviderBuilder.builder() .authorizationCode() - .refreshToken(configurer -> configurer.accessTokenResponseClient(refreshTokenTokenResponseClient)) + .refreshToken((configurer) -> configurer.accessTokenResponseClient(refreshTokenTokenResponseClient)) .build(); // ... @@ -540,7 +540,7 @@ ReactiveOAuth2AccessTokenResponseClient cli ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider = ReactiveOAuth2AuthorizedClientProviderBuilder.builder() - .clientCredentials(configurer -> configurer.accessTokenResponseClient(clientCredentialsTokenResponseClient)) + .clientCredentials((configurer) -> configurer.accessTokenResponseClient(clientCredentialsTokenResponseClient)) .build(); // ... @@ -748,7 +748,7 @@ ReactiveOAuth2AccessTokenResponseClient passwordToke ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider = ReactiveOAuth2AuthorizedClientProviderBuilder.builder() - .password(configurer -> configurer.accessTokenResponseClient(passwordTokenResponseClient)) + .password((configurer) -> configurer.accessTokenResponseClient(passwordTokenResponseClient)) .refreshToken() .build(); diff --git a/docs/modules/ROOT/pages/reactive/oauth2/client/index.adoc b/docs/modules/ROOT/pages/reactive/oauth2/client/index.adoc index 52b81363e1..2260f7d5ae 100644 --- a/docs/modules/ROOT/pages/reactive/oauth2/client/index.adoc +++ b/docs/modules/ROOT/pages/reactive/oauth2/client/index.adoc @@ -38,7 +38,7 @@ public class OAuth2ClientSecurityConfig { @Bean public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { http - .oauth2Client(oauth2 -> oauth2 + .oauth2Client((oauth2) -> oauth2 .clientRegistrationRepository(this.clientRegistrationRepository()) .authorizedClientRepository(this.authorizedClientRepository()) .authorizationRequestRepository(this.authorizationRequestRepository()) diff --git a/docs/modules/ROOT/pages/reactive/oauth2/login/advanced.adoc b/docs/modules/ROOT/pages/reactive/oauth2/login/advanced.adoc index 4b6391eeda..1386480e09 100644 --- a/docs/modules/ROOT/pages/reactive/oauth2/login/advanced.adoc +++ b/docs/modules/ROOT/pages/reactive/oauth2/login/advanced.adoc @@ -36,7 +36,7 @@ public class OAuth2LoginSecurityConfig { @Bean SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http - .oauth2Login(oauth2 -> oauth2 + .oauth2Login((oauth2) -> oauth2 .authenticationConverter(this.authenticationConverter()) .authenticationMatcher(this.authenticationMatcher()) .authenticationManager(this.authenticationManager()) @@ -135,10 +135,10 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { http - .exceptionHandling(exceptionHandling -> exceptionHandling + .exceptionHandling((exceptionHandling) -> exceptionHandling .authenticationEntryPoint(new RedirectServerAuthenticationEntryPoint("/login/oauth2")) ) - .oauth2Login(oauth2 -> oauth2 + .oauth2Login((oauth2) -> oauth2 .authorizationRequestResolver(this.authorizationRequestResolver()) ); @@ -239,7 +239,7 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { http - .oauth2Login(oauth2 -> oauth2 + .oauth2Login((oauth2) -> oauth2 .authenticationMatcher(new PathPatternParserServerWebExchangeMatcher("/login/oauth2/callback/{registrationId}")) ); @@ -688,7 +688,7 @@ Java:: @Bean public ReactiveJwtDecoderFactory idTokenDecoderFactory() { ReactiveOidcIdTokenDecoderFactory idTokenDecoderFactory = new ReactiveOidcIdTokenDecoderFactory(); - idTokenDecoderFactory.setJwsAlgorithmResolver(clientRegistration -> MacAlgorithm.HS256); + idTokenDecoderFactory.setJwsAlgorithmResolver((clientRegistration) -> clientRegistration.HS256); return idTokenDecoderFactory; } ---- diff --git a/docs/modules/ROOT/pages/reactive/oauth2/login/core.adoc b/docs/modules/ROOT/pages/reactive/oauth2/login/core.adoc index a98676f846..c08a60e078 100644 --- a/docs/modules/ROOT/pages/reactive/oauth2/login/core.adoc +++ b/docs/modules/ROOT/pages/reactive/oauth2/login/core.adoc @@ -337,7 +337,7 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(authorize -> authorize + .authorizeExchange((authorize) -> authorize .anyExchange().authenticated() ) .oauth2Login(withDefaults()); @@ -390,7 +390,7 @@ public class OAuth2LoginConfig { @Bean public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(authorize -> authorize + .authorizeExchange((authorize) -> authorize .anyExchange().authenticated() ) .oauth2Login(withDefaults()); @@ -487,7 +487,7 @@ public class OAuth2LoginConfig { @Bean public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(authorize -> authorize + .authorizeExchange((authorize) -> authorize .anyExchange().authenticated() ) .oauth2Login(withDefaults()); diff --git a/docs/modules/ROOT/pages/reactive/oauth2/resource-server/bearer-tokens.adoc b/docs/modules/ROOT/pages/reactive/oauth2/resource-server/bearer-tokens.adoc index 7fd0b4cc04..496f5d9108 100644 --- a/docs/modules/ROOT/pages/reactive/oauth2/resource-server/bearer-tokens.adoc +++ b/docs/modules/ROOT/pages/reactive/oauth2/resource-server/bearer-tokens.adoc @@ -19,7 +19,7 @@ Java:: ServerBearerTokenAuthenticationConverter converter = new ServerBearerTokenAuthenticationConverter(); converter.setBearerTokenHeaderName(HttpHeaders.PROXY_AUTHORIZATION); http - .oauth2ResourceServer(oauth2 -> oauth2 + .oauth2ResourceServer((oauth2) -> oauth2 .bearerTokenConverter(converter) ); ---- @@ -108,7 +108,7 @@ Java:: ---- this.rest.get() .uri("https://other-service.example.com/endpoint") - .headers(headers -> headers.setBearerAuth(overridingToken)) + .headers((headers) -> headers.setBearerAuth(overridingToken)) .retrieve() .bodyToMono(String.class) ---- diff --git a/docs/modules/ROOT/pages/reactive/oauth2/resource-server/jwt.adoc b/docs/modules/ROOT/pages/reactive/oauth2/resource-server/jwt.adoc index bc9d827f22..0d404deb79 100644 --- a/docs/modules/ROOT/pages/reactive/oauth2/resource-server/jwt.adoc +++ b/docs/modules/ROOT/pages/reactive/oauth2/resource-server/jwt.adoc @@ -128,7 +128,7 @@ Java:: @Bean SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .anyExchange().authenticated() ) .oauth2ResourceServer(OAuth2ResourceServerSpec::jwt) @@ -170,11 +170,11 @@ import static org.springframework.security.oauth2.core.authorization.OAuth2React @Bean SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .pathMatchers("/message/**").access(hasScope("message:read")) .anyExchange().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 + .oauth2ResourceServer((oauth2) -> oauth2 .jwt(withDefaults()) ); return http.build(); @@ -254,11 +254,11 @@ Java:: @Bean SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .anyExchange().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 - .jwt(jwt -> jwt + .oauth2ResourceServer((oauth2) -> oauth2 + .jwt((jwt) -> jwt .jwkSetUri("https://idp.example.com/.well-known/jwks.json") ) ); @@ -302,11 +302,11 @@ Java:: @Bean SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .anyExchange().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 - .jwt(jwt -> jwt + .oauth2ResourceServer((oauth2) -> oauth2 + .jwt((jwt) -> jwt .decoder(myCustomDecoder()) ) ); @@ -691,7 +691,7 @@ import static org.springframework.security.oauth2.core.authorization.OAuth2React @Bean SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .mvcMatchers("/contacts/**").access(hasScope("contacts")) .mvcMatchers("/messages/**").access(hasScope("messages")) .anyExchange().authenticated() @@ -762,11 +762,11 @@ Java:: @Bean SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .anyExchange().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 - .jwt(jwt -> jwt + .oauth2ResourceServer((oauth2) -> oauth2 + .jwt((jwt) -> jwt .jwtAuthenticationConverter(grantedAuthoritiesExtractor()) ) ); diff --git a/docs/modules/ROOT/pages/reactive/oauth2/resource-server/multitenancy.adoc b/docs/modules/ROOT/pages/reactive/oauth2/resource-server/multitenancy.adoc index 7dd3c6b5a1..b1353c8cf9 100644 --- a/docs/modules/ROOT/pages/reactive/oauth2/resource-server/multitenancy.adoc +++ b/docs/modules/ROOT/pages/reactive/oauth2/resource-server/multitenancy.adoc @@ -27,10 +27,10 @@ JwtIssuerReactiveAuthenticationManagerResolver authenticationManagerResolver = J .fromTrustedIssuers("https://idp.example.org/issuerOne", "https://idp.example.org/issuerTwo"); http - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .anyExchange().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 + .oauth2ResourceServer((oauth2) -> oauth2 .authenticationManagerResolver(authenticationManagerResolver) ); ---- @@ -74,7 +74,7 @@ private Mono addManager( return Mono.fromCallable(() -> ReactiveJwtDecoders.fromIssuerLocation(issuer)) .subscribeOn(Schedulers.boundedElastic()) .map(JwtReactiveAuthenticationManager::new) - .doOnNext(authenticationManager -> authenticationManagers.put(issuer, authenticationManager)); + .doOnNext((authenticationManager) -> authenticationManager.put(issuer, authenticationManager)); } // ... @@ -83,10 +83,10 @@ JwtIssuerReactiveAuthenticationManagerResolver authenticationManagerResolver = new JwtIssuerReactiveAuthenticationManagerResolver(authenticationManagers::get); http - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .anyExchange().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 + .oauth2ResourceServer((oauth2) -> oauth2 .authenticationManagerResolver(authenticationManagerResolver) ); ---- diff --git a/docs/modules/ROOT/pages/reactive/oauth2/resource-server/opaque-token.adoc b/docs/modules/ROOT/pages/reactive/oauth2/resource-server/opaque-token.adoc index 57496f2ebb..1293acf8ae 100644 --- a/docs/modules/ROOT/pages/reactive/oauth2/resource-server/opaque-token.adoc +++ b/docs/modules/ROOT/pages/reactive/oauth2/resource-server/opaque-token.adoc @@ -176,7 +176,7 @@ Java:: @Bean SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .anyExchange().authenticated() ) .oauth2ResourceServer(ServerHttpSecurity.OAuth2ResourceServerSpec::opaqueToken) @@ -221,12 +221,12 @@ public class MyCustomSecurityConfiguration { @Bean SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .pathMatchers("/messages/**").access(hasScope("message:read")) .anyExchange().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 - .opaqueToken(opaqueToken -> opaqueToken + .oauth2ResourceServer((oauth2) -> oauth2 + .opaqueToken((opaqueToken) -> opaqueToken .introspector(myIntrospector()) ) ); @@ -310,11 +310,11 @@ public class DirectlyConfiguredIntrospectionUri { @Bean SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .anyExchange().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 - .opaqueToken(opaqueToken -> opaqueToken + .oauth2ResourceServer((oauth2) -> oauth2 + .opaqueToken((opaqueToken) -> opaqueToken .introspectionUri("https://idp.example.com/introspect") .introspectionClientCredentials("client", "secret") ) @@ -364,11 +364,11 @@ public class DirectlyConfiguredIntrospector { @Bean SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .anyExchange().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 - .opaqueToken(opaqueToken -> opaqueToken + .oauth2ResourceServer((oauth2) -> oauth2 + .opaqueToken((opaqueToken) -> opaqueToken .introspector(myCustomIntrospector()) ) ); @@ -457,7 +457,7 @@ public class MappedAuthorities { @Bean SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http - .authorizeExchange(exchange -> exchange + .authorizeExchange((exchange) -> exchange .pathMatchers("/contacts/**").access(hasScope("contacts")) .pathMatchers("/messages/**").access(hasScope("messages")) .anyExchange().authenticated() @@ -543,7 +543,7 @@ public class CustomAuthoritiesOpaqueTokenIntrospector implements ReactiveOpaqueT public Mono introspect(String token) { return this.delegate.introspect(token) - .map(principal -> new DefaultOAuth2AuthenticatedPrincipal( + .map((principal) -> principal DefaultOAuth2AuthenticatedPrincipal( principal.getName(), principal.getAttributes(), extractAuthorities(principal))); } @@ -650,8 +650,8 @@ public class JwtOpaqueTokenIntrospector implements ReactiveOpaqueTokenIntrospect public Mono introspect(String token) { return this.delegate.introspect(token) - .flatMap(principal -> this.jwtDecoder.decode(token)) - .map(jwt -> new DefaultOAuth2AuthenticatedPrincipal(jwt.getClaims(), NO_AUTHORITIES)); + .flatMap((principal) -> principal.jwtDecoder.decode(token)) + .map((jwt) -> jwt DefaultOAuth2AuthenticatedPrincipal(jwt.getClaims(), NO_AUTHORITIES)); } private static class ParseOnlyJWTProcessor implements Converter> { diff --git a/docs/modules/ROOT/pages/reactive/test/web/oauth2.adoc b/docs/modules/ROOT/pages/reactive/test/web/oauth2.adoc index 2548d96cf5..c37d85e189 100644 --- a/docs/modules/ROOT/pages/reactive/test/web/oauth2.adoc +++ b/docs/modules/ROOT/pages/reactive/test/web/oauth2.adoc @@ -227,7 +227,7 @@ Java:: ---- client .mutateWith(mockOidcLogin() - .idToken(token -> token.claim("user_id", "1234")) + .idToken((token) -> token.claim("user_id", "1234")) ) .get().uri("/endpoint").exchange(); ---- @@ -470,7 +470,7 @@ Java:: ---- client .mutateWith(mockOAuth2Login() - .attributes(attrs -> attrs.put("user_id", "1234")) + .attributes((attrs) -> attrs.put("user_id", "1234")) ) .get().uri("/endpoint").exchange(); ---- @@ -869,7 +869,7 @@ Java:: [source,java,role="primary"] ---- client - .mutateWith(mockJwt().jwt(jwt -> jwt.header("kid", "one") + .mutateWith(mockJwt().jwt((jwt) -> jwt.header("kid", "one") .claim("iss", "https://idp.example.org"))) .get().uri("/endpoint").exchange(); ---- @@ -893,7 +893,7 @@ Java:: [source,java,role="primary"] ---- client - .mutateWith(mockJwt().jwt(jwt -> jwt.claims(claims -> claims.remove("scope")))) + .mutateWith(mockJwt().jwt((jwt) -> jwt.claims((claims) -> claims.remove("scope")))) .get().uri("/endpoint").exchange(); ---- @@ -1206,7 +1206,7 @@ Java:: ---- client .mutateWith(mockOpaqueToken() - .attributes(attrs -> attrs.put("user_id", "1234")) + .attributes((attrs) -> attrs.put("user_id", "1234")) ) .get().uri("/endpoint").exchange(); ---- diff --git a/docs/modules/ROOT/pages/servlet/architecture.adoc b/docs/modules/ROOT/pages/servlet/architecture.adoc index 7bba33945d..bba7f2357c 100644 --- a/docs/modules/ROOT/pages/servlet/architecture.adoc +++ b/docs/modules/ROOT/pages/servlet/architecture.adoc @@ -171,7 +171,7 @@ public class SecurityConfig { .csrf(Customizer.withDefaults()) .httpBasic(Customizer.withDefaults()) .formLogin(Customizer.withDefaults()) - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ); diff --git a/docs/modules/ROOT/pages/servlet/authentication/passwords/digest.adoc b/docs/modules/ROOT/pages/servlet/authentication/passwords/digest.adoc index e4af5ebeaf..0beb794cf0 100644 --- a/docs/modules/ROOT/pages/servlet/authentication/passwords/digest.adoc +++ b/docs/modules/ROOT/pages/servlet/authentication/passwords/digest.adoc @@ -64,7 +64,7 @@ DigestAuthenticationFilter digestAuthenticationFilter() { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .exceptionHandling(e -> e.authenticationEntryPoint(authenticationEntryPoint())) + .exceptionHandling((e) -> e.authenticationEntryPoint(authenticationEntryPoint())) .addFilter(digestAuthenticationFilter()); return http.build(); } diff --git a/docs/modules/ROOT/pages/servlet/authentication/passwords/form.adoc b/docs/modules/ROOT/pages/servlet/authentication/passwords/form.adoc index bead43bdcc..afb1c30046 100644 --- a/docs/modules/ROOT/pages/servlet/authentication/passwords/form.adoc +++ b/docs/modules/ROOT/pages/servlet/authentication/passwords/form.adoc @@ -120,7 +120,7 @@ Java:: ---- public SecurityFilterChain filterChain(HttpSecurity http) { http - .formLogin(form -> form + .formLogin((form) -> form .loginPage("/login") .permitAll() ); diff --git a/docs/modules/ROOT/pages/servlet/authentication/session-management.adoc b/docs/modules/ROOT/pages/servlet/authentication/session-management.adoc index 0eb0f05f0d..1022e738c2 100644 --- a/docs/modules/ROOT/pages/servlet/authentication/session-management.adoc +++ b/docs/modules/ROOT/pages/servlet/authentication/session-management.adoc @@ -359,7 +359,7 @@ Java:: @Bean public SecurityFilterChain filterChain(HttpSecurity http) { http - .sessionManagement(session -> session + .sessionManagement((session) -> session .maximumSessions(1) ); return http.build(); @@ -412,7 +412,7 @@ Java:: public SecurityFilterChain filterChain(HttpSecurity http) { AuthorizationManager isAdmin = AuthorityAuthorizationManager.hasRole("ADMIN"); http - .sessionManagement(session -> session + .sessionManagement((session) -> session .maximumSessions((authentication) -> isAdmin.authorize(() -> authentication, null).isGranted() ? -1 : 1) ); return http.build(); @@ -504,7 +504,7 @@ Java:: @Bean public SecurityFilterChain filterChain(HttpSecurity http) { http - .sessionManagement(session -> session + .sessionManagement((session) -> session .maximumSessions(1) .maxSessionsPreventsLogin(true) ); @@ -612,7 +612,7 @@ Java:: @Bean public SecurityFilterChain filterChain(HttpSecurity http) { http - .sessionManagement(session -> session + .sessionManagement((session) -> session .invalidSessionUrl("/invalidSession") ); return http.build(); @@ -663,7 +663,7 @@ Java:: @Bean public SecurityFilterChain filterChain(HttpSecurity http) { http - .sessionManagement(session -> session + .sessionManagement((session) -> session .invalidSessionStrategy(new MyCustomInvalidSessionStrategy()) ); return http.build(); @@ -767,7 +767,7 @@ Java:: @Bean public SecurityFilterChain filterChain(HttpSecurity http) { http - .logout(logout -> logout + .logout((logout) -> logout .deleteCookies("JSESSIONID") ); return http.build(); @@ -971,7 +971,7 @@ Java:: @Bean public SecurityFilterChain filterChain(HttpSecurity http) { http - .sessionManagement(session -> session + .sessionManagement((session) -> session .sessionCreationPolicy(SessionCreationPolicy.ALWAYS) ); return http.build(); diff --git a/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc b/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc index ca3fd6b2bf..2d435ff36c 100644 --- a/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc +++ b/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc @@ -741,7 +741,7 @@ import static org.springframework.security.authorization.AuthorityAuthorizationM SecurityFilterChain web(HttpSecurity http) throws Exception { http // ... - .authorizeHttpRequests(authorize -> authorize // <1> + .authorizeHttpRequests((authorize) -> authorize // <1> .dispatcherTypeMatchers(FORWARD, ERROR).permitAll() // <2> .requestMatchers("/static/**", "/signup", "/about").permitAll() // <3> .requestMatchers("/admin/**").hasRole("ADMIN") // <4> @@ -1043,7 +1043,7 @@ public class SecurityConfig { public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http .securityMatcher("/api/**") <1> - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .requestMatchers("/api/user/**").hasRole("USER") <2> .requestMatchers("/api/admin/**").hasRole("ADMIN") <3> .anyRequest().authenticated() <4> @@ -1106,7 +1106,7 @@ public class SecurityConfig { public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http .securityMatcher(antMatcher("/api/**")) <2> - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .requestMatchers(antMatcher("/api/user/**")).hasRole("USER") <3> .requestMatchers(regexMatcher("/api/admin/.*")).hasRole("ADMIN") <4> .requestMatchers(new MyCustomRequestMatcher()).hasRole("SUPERVISOR") <5> diff --git a/docs/modules/ROOT/pages/servlet/configuration/java.adoc b/docs/modules/ROOT/pages/servlet/configuration/java.adoc index f72abe73d7..a3c09f5732 100644 --- a/docs/modules/ROOT/pages/servlet/configuration/java.adoc +++ b/docs/modules/ROOT/pages/servlet/configuration/java.adoc @@ -173,7 +173,7 @@ It is configured with the following default implementation: @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) .formLogin(Customizer.withDefaults()) @@ -228,7 +228,7 @@ public class MultiHttpSecurityConfig { public SecurityFilterChain apiFilterChain(HttpSecurity http) throws Exception { http .securityMatcher("/api/**") <3> - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().hasRole("ADMIN") ) .httpBasic(Customizer.withDefaults()); @@ -238,7 +238,7 @@ public class MultiHttpSecurityConfig { @Bean <4> public SecurityFilterChain formLoginFilterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) .formLogin(Customizer.withDefaults()); @@ -297,7 +297,7 @@ public class PartialSecurityConfig { public SecurityFilterChain securedFilterChain(HttpSecurity http) throws Exception { http .securityMatcher("/secured/**") <1> - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .requestMatchers("/secured/user").hasRole("USER") <2> .requestMatchers("/secured/admin").hasRole("ADMIN") <3> .anyRequest().authenticated() <4> @@ -357,15 +357,15 @@ public class SecuredSecurityConfig { public SecurityFilterChain securedFilterChain(HttpSecurity http) throws Exception { http .securityMatcher("/secured/**") <1> - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() <2> ) - .formLogin(formLogin -> formLogin <3> + .formLogin((formLogin) -> formLogin <3> .loginPage("/secured/login") .loginProcessingUrl("/secured/login") .permitAll() ) - .logout(logout -> logout <4> + .logout((logout) -> logout <4> .logoutUrl("/secured/logout") .logoutSuccessUrl("/secured/login?logout") .permitAll() @@ -377,7 +377,7 @@ public class SecuredSecurityConfig { @Bean public SecurityFilterChain defaultFilterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().denyAll() <5> ); return http.build(); @@ -424,7 +424,7 @@ public class BankingSecurityConfig { String[] approvalsPaths = { "/accounts/approvals/**", "/loans/approvals/**", "/credit-cards/approvals/**" }; http .securityMatcher(approvalsPaths) - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().hasRole("ADMIN") ) .httpBasic(Customizer.withDefaults()); @@ -438,7 +438,7 @@ public class BankingSecurityConfig { String[] viewBalancePaths = { "/balances/**" }; http .securityMatcher(bankingPaths) - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .requestMatchers(viewBalancePaths).hasRole("VIEW_BALANCE") .anyRequest().hasRole("USER") ); @@ -449,15 +449,15 @@ public class BankingSecurityConfig { public SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception { String[] allowedPaths = { "/", "/user-login", "/user-logout", "/notices", "/contact", "/register" }; http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .requestMatchers(allowedPaths).permitAll() .anyRequest().authenticated() ) - .formLogin(formLogin -> formLogin + .formLogin((formLogin) -> formLogin .loginPage("/user-login") .loginProcessingUrl("/user-login") ) - .logout(logout -> logout + .logout((logout) -> logout .logoutUrl("/user-logout") .logoutSuccessUrl("/?logout") ); @@ -680,7 +680,7 @@ For example, to configure the `filterSecurityPublishAuthorizationSuccess` proper @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() .withObjectPostProcessor(new ObjectPostProcessor() { public O postProcess( diff --git a/docs/modules/ROOT/pages/servlet/exploits/headers.adoc b/docs/modules/ROOT/pages/servlet/exploits/headers.adoc index ac3f341ac1..5b12c92f74 100644 --- a/docs/modules/ROOT/pages/servlet/exploits/headers.adoc +++ b/docs/modules/ROOT/pages/servlet/exploits/headers.adoc @@ -30,8 +30,8 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers - .frameOptions(frameOptions -> frameOptions + .headers((headers) -> headers + .frameOptions((frameOptions) -> frameOptions .sameOrigin() ) ); @@ -96,7 +96,7 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers + .headers((headers) -> headers // do not use any default headers unless explicitly listed .defaultsDisabled() .cacheControl(withDefaults()) @@ -160,7 +160,7 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers.disable()); + .headers((headers) -> headers.disable()); return http.build(); } } @@ -226,8 +226,8 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers - .cacheControl(cache -> cache.disable()) + .headers((headers) -> headers + .cacheControl((cache) -> cache.disable()) ); return http.build(); } @@ -291,8 +291,8 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers - .contentTypeOptions(contentTypeOptions -> contentTypeOptions.disable()) + .headers((headers) -> headers + .contentTypeOptions((contentTypeOptions) -> contentTypeOptions.disable()) ); return http.build(); } @@ -357,8 +357,8 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers - .httpStrictTransportSecurity(hsts -> hsts + .headers((headers) -> headers + .httpStrictTransportSecurity((hsts) -> hsts .includeSubDomains(true) .preload(true) .maxAgeInSeconds(31536000) @@ -431,8 +431,8 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers - .httpPublicKeyPinning(hpkp -> hpkp + .headers((headers) -> headers + .httpPublicKeyPinning((hpkp) -> hpkp .includeSubDomains(true) .reportUri("https://example.net/pkp-report") .addSha256Pins("d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM=", "E9CZ9INDbd+2eRQozYqqbQ2yXLVKB9+xcprMF+44U1g=") @@ -511,8 +511,8 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers - .frameOptions(frameOptions -> frameOptions + .headers((headers) -> headers + .frameOptions((frameOptions) -> frameOptions .sameOrigin() ) ); @@ -582,8 +582,8 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers - .xssProtection(xss -> xss + .headers((headers) -> headers + .xssProtection((xss) -> xss .headerValue(XXssProtectionHeaderWriter.HeaderValue.ENABLED_MODE_BLOCK) ) ); @@ -660,8 +660,8 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers - .contentSecurityPolicy(csp -> csp + .headers((headers) -> headers + .contentSecurityPolicy((csp) -> csp .policyDirectives("script-src 'self' https://trustedscripts.example.com; object-src https://trustedplugins.example.com; report-uri /csp-report-endpoint/") ) ); @@ -725,8 +725,8 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers - .contentSecurityPolicy(csp -> csp + .headers((headers) -> headers + .contentSecurityPolicy((csp) -> csp .policyDirectives("script-src 'self' https://trustedscripts.example.com; object-src https://trustedplugins.example.com; report-uri /csp-report-endpoint/") .reportOnly() ) @@ -797,8 +797,8 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers - .referrerPolicy(referrer -> referrer + .headers((headers) -> headers + .referrerPolicy((referrer) -> referrer .policy(ReferrerPolicy.SAME_ORIGIN) ) ); @@ -873,7 +873,7 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers + .headers((headers) -> headers .featurePolicy("geolocation 'self'") ); return http.build(); @@ -945,8 +945,8 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers - .permissionsPolicy(permissions -> permissions + .headers((headers) -> headers + .permissionsPolicy((permissions) -> permissions .policy("geolocation=(self)") ) ); @@ -1082,7 +1082,7 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers + .headers((headers) -> headers .addHeaderWriter(new StaticHeadersWriter("X-Custom-Security-Header","header-value")) ); return http.build(); @@ -1147,7 +1147,7 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers + .headers((headers) -> headers .addHeaderWriter(new XFrameOptionsHeaderWriter(XFrameOptionsMode.SAMEORIGIN)) ); return http.build(); @@ -1223,8 +1223,8 @@ public class WebSecurityConfig { new DelegatingRequestMatcherHeaderWriter(matcher,new XFrameOptionsHeaderWriter()); http // ... - .headers(headers -> headers - .frameOptions(frameOptions -> frameOptions.disable()) + .headers((headers) -> headers + .frameOptions((frameOptions) -> frameOptions.disable()) .addHeaderWriter(headerWriter) ); return http.build(); diff --git a/docs/modules/ROOT/pages/servlet/integrations/websocket.adoc b/docs/modules/ROOT/pages/servlet/integrations/websocket.adoc index 9513600dd2..736e5b15f4 100644 --- a/docs/modules/ROOT/pages/servlet/integrations/websocket.adoc +++ b/docs/modules/ROOT/pages/servlet/integrations/websocket.adoc @@ -440,7 +440,7 @@ public class WebSocketSecurityConfig implements WebSocketMessageBrokerConfigurer private final ApplicationContext applicationContext; private final AuthorizationManager> authorizationManager; - + public WebSocketSecurityConfig(ApplicationContext applicationContext, AuthorizationManager> authorizationManager) { this.applicationContext = applicationContext; this.authorizationManager = authorizationManager; @@ -607,8 +607,8 @@ public class WebSecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http // ... - .headers(headers -> headers - .frameOptions(frameOptions -> frameOptions + .headers((headers) -> headers + .frameOptions((frameOptions) -> frameOptions .sameOrigin() ) ); @@ -670,17 +670,17 @@ public class WebSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .csrf(csrf -> csrf + .csrf((csrf) -> csrf // ignore our stomp endpoints since they are protected using Stomp headers .ignoringRequestMatchers("/chat/**") ) - .headers(headers -> headers + .headers((headers) -> headers // allow same origin to frame our site to support iframe SockJS - .frameOptions(frameOptions -> frameOptions + .frameOptions((frameOptions) -> frameOptions .sameOrigin() ) ) - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize ... ) ... diff --git a/docs/modules/ROOT/pages/servlet/oauth2/client/authorization-grants.adoc b/docs/modules/ROOT/pages/servlet/oauth2/client/authorization-grants.adoc index f2f14be45e..ce0323c123 100644 --- a/docs/modules/ROOT/pages/servlet/oauth2/client/authorization-grants.adoc +++ b/docs/modules/ROOT/pages/servlet/oauth2/client/authorization-grants.adoc @@ -147,11 +147,11 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) - .oauth2Login(oauth2 -> oauth2 - .authorizationEndpoint(authorization -> authorization + .oauth2Login((oauth2) -> oauth2 + .authorizationEndpoint((authorization) -> authorization .authorizationRequestResolver( authorizationRequestResolver(this.clientRegistrationRepository) ) @@ -174,7 +174,7 @@ public class OAuth2LoginSecurityConfig { private Consumer authorizationRequestCustomizer() { return customizer -> customizer - .additionalParameters(params -> params.put("prompt", "consent")); + .additionalParameters((params) -> params.put("prompt", "consent")); } } ---- @@ -257,7 +257,7 @@ Java:: ---- private Consumer authorizationRequestCustomizer() { return customizer -> customizer - .authorizationRequestUri(uriBuilder -> uriBuilder + .authorizationRequestUri((uriBuilder) -> uriBuilder .queryParam("prompt", "consent").build()); } ---- @@ -306,14 +306,14 @@ public class OAuth2ClientSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .oauth2Client(oauth2 -> oauth2 - .authorizationCodeGrant(codeGrant -> codeGrant + .oauth2Client((oauth2) -> oauth2 + .authorizationCodeGrant((codeGrant) -> codeGrant .authorizationRequestRepository(this.authorizationRequestRepository()) // ... ) ) - .oauth2Login(oauth2 -> oauth2 - .authorizationEndpoint(endpoint -> endpoint + .oauth2Login((oauth2) -> oauth2 + .authorizationEndpoint((endpoint) -> endpoint .authorizationRequestRepository(this.authorizationRequestRepository()) // ... ) @@ -412,8 +412,8 @@ public class OAuth2ClientSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .oauth2Client(oauth2 -> oauth2 - .authorizationCodeGrant(codeGrant -> codeGrant + .oauth2Client((oauth2) -> oauth2 + .authorizationCodeGrant((codeGrant) -> codeGrant .accessTokenResponseClient(this.accessTokenResponseClient()) // ... ) @@ -514,7 +514,7 @@ OAuth2AccessTokenResponseClient refreshTokenToke OAuth2AuthorizedClientProvider authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder.builder() .authorizationCode() - .refreshToken(configurer -> configurer.accessTokenResponseClient(refreshTokenTokenResponseClient)) + .refreshToken((configurer) -> configurer.accessTokenResponseClient(refreshTokenTokenResponseClient)) .build(); // ... @@ -605,7 +605,7 @@ OAuth2AccessTokenResponseClient clientCrede OAuth2AuthorizedClientProvider authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder.builder() - .clientCredentials(configurer -> configurer.accessTokenResponseClient(clientCredentialsTokenResponseClient)) + .clientCredentials((configurer) -> configurer.accessTokenResponseClient(clientCredentialsTokenResponseClient)) .build(); // ... @@ -882,7 +882,7 @@ OAuth2AccessTokenResponseClient passwordTokenRespons OAuth2AuthorizedClientProvider authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder.builder() - .password(configurer -> configurer.accessTokenResponseClient(passwordTokenResponseClient)) + .password((configurer) -> configurer.accessTokenResponseClient(passwordTokenResponseClient)) .refreshToken() .build(); diff --git a/docs/modules/ROOT/pages/servlet/oauth2/client/index.adoc b/docs/modules/ROOT/pages/servlet/oauth2/client/index.adoc index bec08cf2ef..3ef66f0fef 100644 --- a/docs/modules/ROOT/pages/servlet/oauth2/client/index.adoc +++ b/docs/modules/ROOT/pages/servlet/oauth2/client/index.adoc @@ -40,11 +40,11 @@ public class OAuth2ClientSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .oauth2Client(oauth2 -> oauth2 + .oauth2Client((oauth2) -> oauth2 .clientRegistrationRepository(this.clientRegistrationRepository()) .authorizedClientRepository(this.authorizedClientRepository()) .authorizedClientService(this.authorizedClientService()) - .authorizationCodeGrant(codeGrant -> codeGrant + .authorizationCodeGrant((codeGrant) -> codeGrant .authorizationRequestRepository(this.authorizationRequestRepository()) .authorizationRequestResolver(this.authorizationRequestResolver()) .accessTokenResponseClient(this.accessTokenResponseClient()) diff --git a/docs/modules/ROOT/pages/servlet/oauth2/login/advanced.adoc b/docs/modules/ROOT/pages/servlet/oauth2/login/advanced.adoc index 53c9381026..2162be9d28 100644 --- a/docs/modules/ROOT/pages/servlet/oauth2/login/advanced.adoc +++ b/docs/modules/ROOT/pages/servlet/oauth2/login/advanced.adoc @@ -22,17 +22,17 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .oauth2Login(oauth2 -> oauth2 - .authorizationEndpoint(authorization -> authorization + .oauth2Login((oauth2) -> oauth2 + .authorizationEndpoint((authorization) -> authorization ... ) - .redirectionEndpoint(redirection -> redirection + .redirectionEndpoint((redirection) -> redirection ... ) - .tokenEndpoint(token -> token + .tokenEndpoint((token) -> token ... ) - .userInfoEndpoint(userInfo -> userInfo + .userInfoEndpoint((userInfo) -> userInfo ... ) ); @@ -108,23 +108,23 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .oauth2Login(oauth2 -> oauth2 + .oauth2Login((oauth2) -> oauth2 .clientRegistrationRepository(this.clientRegistrationRepository()) .authorizedClientRepository(this.authorizedClientRepository()) .authorizedClientService(this.authorizedClientService()) .loginPage("/login") - .authorizationEndpoint(authorization -> authorization + .authorizationEndpoint((authorization) -> authorization .baseUri(this.authorizationRequestBaseUri()) .authorizationRequestRepository(this.authorizationRequestRepository()) .authorizationRequestResolver(this.authorizationRequestResolver()) ) - .redirectionEndpoint(redirection -> redirection + .redirectionEndpoint((redirection) -> redirection .baseUri(this.authorizationResponseBaseUri()) ) - .tokenEndpoint(token -> token + .tokenEndpoint((token) -> token .accessTokenResponseClient(this.accessTokenResponseClient()) ) - .userInfoEndpoint(userInfo -> userInfo + .userInfoEndpoint((userInfo) -> userInfo .userAuthoritiesMapper(this.userAuthoritiesMapper()) .userService(this.oauth2UserService()) .oidcUserService(this.oidcUserService()) @@ -250,10 +250,10 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .oauth2Login(oauth2 -> oauth2 + .oauth2Login((oauth2) -> oauth2 .loginPage("/login/oauth2") ... - .authorizationEndpoint(authorization -> authorization + .authorizationEndpoint((authorization) -> authorization .baseUri("/login/oauth2/authorization") ... ) @@ -345,8 +345,8 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .oauth2Login(oauth2 -> oauth2 - .redirectionEndpoint(redirection -> redirection + .oauth2Login((oauth2) -> oauth2 + .redirectionEndpoint((redirection) -> redirection .baseUri("/login/oauth2/callback/*") ... ) @@ -469,8 +469,8 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .oauth2Login(oauth2 -> oauth2 - .userInfoEndpoint(userInfo -> userInfo + .oauth2Login((oauth2) -> oauth2 + .userInfoEndpoint((userInfo) -> userInfo .userAuthoritiesMapper(this.userAuthoritiesMapper()) ... ) @@ -636,8 +636,8 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .oauth2Login(oauth2 -> oauth2 - .userInfoEndpoint(userInfo -> userInfo + .oauth2Login((oauth2) -> oauth2 + .userInfoEndpoint((userInfo) -> userInfo .oidcUserService(this.oidcUserService()) ... ) @@ -776,8 +776,8 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .oauth2Login(oauth2 -> oauth2 - .userInfoEndpoint(userInfo -> userInfo + .oauth2Login((oauth2) -> oauth2 + .userInfoEndpoint((userInfo) -> userInfo .userService(this.oauth2UserService()) ... ) @@ -844,8 +844,8 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .oauth2Login(oauth2 -> oauth2 - .userInfoEndpoint(userInfo -> userInfo + .oauth2Login((oauth2) -> oauth2 + .userInfoEndpoint((userInfo) -> userInfo .oidcUserService(this.oidcUserService()) ... ) @@ -911,7 +911,7 @@ Java:: @Bean public JwtDecoderFactory idTokenDecoderFactory() { OidcIdTokenDecoderFactory idTokenDecoderFactory = new OidcIdTokenDecoderFactory(); - idTokenDecoderFactory.setJwsAlgorithmResolver(clientRegistration -> MacAlgorithm.HS256); + idTokenDecoderFactory.setJwsAlgorithmResolver((clientRegistration) -> clientRegistration.HS256); return idTokenDecoderFactory; } ---- diff --git a/docs/modules/ROOT/pages/servlet/oauth2/login/core.adoc b/docs/modules/ROOT/pages/servlet/oauth2/login/core.adoc index 4c179cc62a..b77ca2ce66 100644 --- a/docs/modules/ROOT/pages/servlet/oauth2/login/core.adoc +++ b/docs/modules/ROOT/pages/servlet/oauth2/login/core.adoc @@ -332,7 +332,7 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) .oauth2Login(withDefaults()); @@ -381,7 +381,7 @@ public class OAuth2LoginConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) .oauth2Login(withDefaults()); @@ -475,7 +475,7 @@ public class OAuth2LoginConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) .oauth2Login(withDefaults()); diff --git a/docs/modules/ROOT/pages/servlet/oauth2/login/logout.adoc b/docs/modules/ROOT/pages/servlet/oauth2/login/logout.adoc index 4230cd2c24..2b0190bf31 100644 --- a/docs/modules/ROOT/pages/servlet/oauth2/login/logout.adoc +++ b/docs/modules/ROOT/pages/servlet/oauth2/login/logout.adoc @@ -57,11 +57,11 @@ public class OAuth2LoginSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) .oauth2Login(withDefaults()) - .logout(logout -> logout + .logout((logout) -> logout .logoutSuccessHandler(oidcLogoutSuccessHandler()) ); return http.build(); diff --git a/docs/modules/ROOT/pages/servlet/oauth2/resource-server/bearer-tokens.adoc b/docs/modules/ROOT/pages/servlet/oauth2/resource-server/bearer-tokens.adoc index aea9d358fc..c9e47f14a2 100644 --- a/docs/modules/ROOT/pages/servlet/oauth2/resource-server/bearer-tokens.adoc +++ b/docs/modules/ROOT/pages/servlet/oauth2/resource-server/bearer-tokens.adoc @@ -69,7 +69,7 @@ Java:: DefaultBearerTokenResolver resolver = new DefaultBearerTokenResolver(); resolver.setAllowFormEncodedBodyParameter(true); http - .oauth2ResourceServer(oauth2 -> oauth2 + .oauth2ResourceServer((oauth2) -> oauth2 .bearerTokenResolver(resolver) ); ---- @@ -176,7 +176,7 @@ Java:: ---- this.rest.get() .uri("https://other-service.example.com/endpoint") - .headers(headers -> headers.setBearerAuth(overridingToken)) + .headers((headers) -> headers.setBearerAuth(overridingToken)) .retrieve() .bodyToMono(String.class) .block() diff --git a/docs/modules/ROOT/pages/servlet/oauth2/resource-server/jwt.adoc b/docs/modules/ROOT/pages/servlet/oauth2/resource-server/jwt.adoc index d5e10dbf83..56fd683ec9 100644 --- a/docs/modules/ROOT/pages/servlet/oauth2/resource-server/jwt.adoc +++ b/docs/modules/ROOT/pages/servlet/oauth2/resource-server/jwt.adoc @@ -174,7 +174,7 @@ Java:: @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) .oauth2ResourceServer((oauth2) -> oauth2.jwt(Customizer.withDefaults())); @@ -220,12 +220,12 @@ public class MyCustomSecurityConfiguration { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .requestMatchers("/messages/**").access(hasScope("message:read")) .anyRequest().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 - .jwt(jwt -> jwt + .oauth2ResourceServer((oauth2) -> oauth2 + .jwt((jwt) -> jwt .jwtAuthenticationConverter(myConverter()) ) ); @@ -355,11 +355,11 @@ public class DirectlyConfiguredJwkSetUri { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 - .jwt(jwt -> jwt + .oauth2ResourceServer((oauth2) -> oauth2 + .jwt((jwt) -> jwt .jwkSetUri("https://idp.example.com/.well-known/jwks.json") ) ); @@ -425,11 +425,11 @@ public class DirectlyConfiguredJwtDecoder { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 - .jwt(jwt -> jwt + .oauth2ResourceServer((oauth2) -> oauth2 + .jwt((jwt) -> jwt .decoder(myCustomDecoder()) ) ); @@ -875,12 +875,12 @@ public class DirectlyConfiguredJwkSetUri { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .requestMatchers("/contacts/**").access(hasScope("contacts")) .requestMatchers("/messages/**").access(hasScope("messages")) .anyRequest().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 + .oauth2ResourceServer((oauth2) -> oauth2 .jwt(Customizer.withDefaults()) ); return http.build(); @@ -1107,11 +1107,11 @@ public class CustomAuthenticationConverterConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 - .jwt(jwt -> jwt + .oauth2ResourceServer((oauth2) -> oauth2 + .jwt((jwt) -> jwt .jwtAuthenticationConverter(new CustomAuthenticationConverter()) ) ); diff --git a/docs/modules/ROOT/pages/servlet/oauth2/resource-server/multitenancy.adoc b/docs/modules/ROOT/pages/servlet/oauth2/resource-server/multitenancy.adoc index 8b1aec78e2..3dd75fe2ed 100644 --- a/docs/modules/ROOT/pages/servlet/oauth2/resource-server/multitenancy.adoc +++ b/docs/modules/ROOT/pages/servlet/oauth2/resource-server/multitenancy.adoc @@ -58,10 +58,10 @@ Java:: [source,java,role="primary"] ---- http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 + .oauth2ResourceServer((oauth2) -> oauth2 .authenticationManagerResolver(this.tokenAuthenticationManagerResolver) ); ---- @@ -118,10 +118,10 @@ JwtIssuerAuthenticationManagerResolver authenticationManagerResolver = JwtIssuer .fromTrustedIssuers("https://idp.example.org/issuerOne", "https://idp.example.org/issuerTwo"); http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 + .oauth2ResourceServer((oauth2) -> oauth2 .authenticationManagerResolver(authenticationManagerResolver) ); ---- @@ -189,10 +189,10 @@ JwtIssuerAuthenticationManagerResolver authenticationManagerResolver = new JwtIssuerAuthenticationManagerResolver(authenticationManagers::get); http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 + .oauth2ResourceServer((oauth2) -> oauth2 .authenticationManagerResolver(authenticationManagerResolver) ); ---- @@ -265,7 +265,7 @@ public class TenantJWSKeySelector private JWSKeySelector fromTenant(String tenant) { return Optional.ofNullable(this.tenants.findById(tenant)) <3> - .map(t -> t.getAttrbute("jwks_uri")) + .map((t) -> t.getAttrbute("jwks_uri")) .map(this::fromUri) .orElseThrow(() -> new IllegalArgumentException("unknown tenant")); } diff --git a/docs/modules/ROOT/pages/servlet/oauth2/resource-server/opaque-token.adoc b/docs/modules/ROOT/pages/servlet/oauth2/resource-server/opaque-token.adoc index a143fe423b..c8df5b4b52 100644 --- a/docs/modules/ROOT/pages/servlet/oauth2/resource-server/opaque-token.adoc +++ b/docs/modules/ROOT/pages/servlet/oauth2/resource-server/opaque-token.adoc @@ -201,10 +201,10 @@ Java:: @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 + .oauth2ResourceServer((oauth2) -> oauth2 .opaqueToken(Customizer.withDefaults()) ); return http.build(); @@ -249,12 +249,12 @@ public class MyCustomSecurityConfiguration { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .requestMatchers("/messages/**").access(hasScope("message:read")) .anyRequest().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 - .opaqueToken(opaqueToken -> opaqueToken + .oauth2ResourceServer((oauth2) -> oauth2 + .opaqueToken((opaqueToken) -> opaqueToken .introspector(myIntrospector()) ) ); @@ -400,11 +400,11 @@ public class DirectlyConfiguredIntrospectionUri { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 - .opaqueToken(opaqueToken -> opaqueToken + .oauth2ResourceServer((oauth2) -> oauth2 + .opaqueToken((opaqueToken) -> opaqueToken .introspectionUri("https://idp.example.com/introspect") .introspectionClientCredentials("client", "secret") ) @@ -472,11 +472,11 @@ public class DirectlyConfiguredIntrospector { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 - .opaqueToken(opaqueToken -> opaqueToken + .oauth2ResourceServer((oauth2) -> oauth2 + .opaqueToken((opaqueToken) -> opaqueToken .introspector(myCustomIntrospector()) ) ); @@ -564,12 +564,12 @@ public class MappedAuthorities { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorizeRequests -> authorizeRequests + .authorizeHttpRequests((authorizeRequests) -> authorizeRequests .requestMatchers("/contacts/**").access(hasScope("contacts")) .requestMatchers("/messages/**").access(hasScope("messages")) .anyRequest().authenticated() ) - .oauth2ResourceServer(oauth2 -> oauth2 + .oauth2ResourceServer((oauth2) -> oauth2 .opaqueToken(Customizer.withDefaults()) ); return http.build(); diff --git a/docs/modules/ROOT/pages/servlet/saml2/login/authentication-requests.adoc b/docs/modules/ROOT/pages/servlet/saml2/login/authentication-requests.adoc index 4558b7a4ec..ccce691c04 100644 --- a/docs/modules/ROOT/pages/servlet/saml2/login/authentication-requests.adoc +++ b/docs/modules/ROOT/pages/servlet/saml2/login/authentication-requests.adoc @@ -156,7 +156,7 @@ Java:: ---- RelyingPartyRegistration relyingPartyRegistration = RelyingPartyRegistration.withRegistrationId("okta") // ... - .assertingPartyMetadata(party -> party + .assertingPartyMetadata((party) -> party // ... .wantAuthnRequestsSigned(false) ) @@ -239,7 +239,7 @@ Java:: ---- RelyingPartyRegistration relyingPartyRegistration = RelyingPartyRegistration.withRegistrationId("okta") // ... - .assertingPartyMetadata(party -> party + .assertingPartyMetadata((party) -> party // ... .singleSignOnServiceBinding(Saml2MessageBinding.POST) ) diff --git a/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc b/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc index 400a66ad3a..cf794fe100 100644 --- a/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc +++ b/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc @@ -148,10 +148,10 @@ public class SecurityConfig { ); http - .authorizeHttpRequests(authz -> authz + .authorizeHttpRequests((authz) -> authz .anyRequest().authenticated() ) - .saml2Login(saml2 -> saml2 + .saml2Login((saml2) -> saml2 .authenticationManager(new ProviderManager(authenticationProvider)) ); return http.build(); @@ -211,10 +211,10 @@ public class SecurityConfig { .clockSkew(Duration.ofMinutes(10)).build(); authenticationProvider.setAssertionValidator(assertionValidator); http - .authorizeHttpRequests(authz -> authz + .authorizeHttpRequests((authz) -> authz .anyRequest().authenticated() ) - .saml2Login(saml2 -> saml2 + .saml2Login((saml2) -> saml2 .authenticationManager(new ProviderManager(authenticationProvider)) ); return http.build(); @@ -409,10 +409,10 @@ public class SecurityConfig { }); http - .authorizeHttpRequests(authz -> authz + .authorizeHttpRequests((authz) -> authz .anyRequest().authenticated() ) - .saml2Login(saml2 -> saml2 + .saml2Login((saml2) -> saml2 .authenticationManager(new ProviderManager(authenticationProvider)) ); return http.build(); @@ -780,10 +780,10 @@ public class SecurityConfig { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { AuthenticationManager authenticationManager = new MySaml2AuthenticationManager(...); http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) - .saml2Login(saml2 -> saml2 + .saml2Login((saml2) -> saml2 .authenticationManager(authenticationManager) ) ; diff --git a/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc b/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc index a67244d05b..7356b74fce 100644 --- a/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc +++ b/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc @@ -342,7 +342,7 @@ Java:: @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) .saml2Login(withDefaults()); @@ -384,7 +384,7 @@ public class MyCustomSecurityConfiguration { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .requestMatchers("/messages/**").hasAuthority("ROLE_USER") .anyRequest().authenticated() ) @@ -486,11 +486,11 @@ public RelyingPartyRegistrationRepository relyingPartyRegistrations() throws Exc Saml2X509Credential credential = Saml2X509Credential.verification(certificate); RelyingPartyRegistration registration = RelyingPartyRegistration .withRegistrationId("example") - .assertingPartyMetadata(party -> party + .assertingPartyMetadata((party) -> party .entityId("https://idp.example.com/issuer") .singleSignOnServiceLocation("https://idp.example.com/SSO.saml2") .wantAuthnRequestsSigned(false) - .verificationX509Credentials(c -> c.add(credential)) + .verificationX509Credentials((c) -> c.add(credential)) ) .build(); return new InMemoryRelyingPartyRegistrationRepository(registration); @@ -549,11 +549,11 @@ public class MyCustomSecurityConfiguration { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(authorize -> authorize + .authorizeHttpRequests((authorize) -> authorize .requestMatchers("/messages/**").hasAuthority("ROLE_USER") .anyRequest().authenticated() ) - .saml2Login(saml2 -> saml2 + .saml2Login((saml2) -> saml2 .relyingPartyRegistrationRepository(relyingPartyRegistrations()) ); return http.build(); @@ -699,11 +699,11 @@ Java:: ---- RelyingPartyRegistration relyingPartyRegistration = RelyingPartyRegistration.withRegistrationId("my-id") .entityId("{baseUrl}/{registrationId}") - .decryptionX509Credentials(c -> c.add(relyingPartyDecryptingCredential())) + .decryptionX509Credentials((c) -> c.add(relyingPartyDecryptingCredential())) .assertionConsumerServiceLocation("/my-login-endpoint/{registrationId}") - .assertingPartyMetadata(party -> party + .assertingPartyMetadata((party) -> party .entityId("https://ap.example.org") - .verificationX509Credentials(c -> c.add(assertingPartyVerifyingCredential())) + .verificationX509Credentials((c) -> c.add(assertingPartyVerifyingCredential())) .singleSignOnServiceLocation("https://ap.example.org/SSO.saml2") ) .build(); @@ -913,7 +913,7 @@ private RelyingPartyRegistration.Builder addRelyingPartyDetails(RelyingPartyRegistration.Builder builder) { Saml2X509Credential signingCredential = ... - builder.signingX509Credentials(c -> c.addAll(signingCredential)); + builder.signingX509Credentials((c) -> c.addAll(signingCredential)); // ... other relying party configurations } diff --git a/docs/modules/ROOT/pages/servlet/test/mockmvc/oauth2.adoc b/docs/modules/ROOT/pages/servlet/test/mockmvc/oauth2.adoc index 581f49adef..8c4db2fb0b 100644 --- a/docs/modules/ROOT/pages/servlet/test/mockmvc/oauth2.adoc +++ b/docs/modules/ROOT/pages/servlet/test/mockmvc/oauth2.adoc @@ -228,7 +228,7 @@ Java:: mvc .perform(get("/endpoint") .with(oidcLogin() - .idToken(token -> token.claim("user_id", "1234")) + .idToken((token) -> token.claim("user_id", "1234")) ) ); ---- @@ -475,7 +475,7 @@ Java:: mvc .perform(get("/endpoint") .with(oauth2Login() - .attributes(attrs -> attrs.put("user_id", "1234")) + .attributes((attrs) -> attrs.put("user_id", "1234")) ) ); ---- @@ -875,7 +875,7 @@ Java:: ---- mvc .perform(get("/endpoint") - .with(jwt().jwt(jwt -> jwt.header("kid", "one").claim("iss", "https://idp.example.org")))); + .with(jwt().jwt((jwt) -> jwt.header("kid", "one").claim("iss", "https://idp.example.org")))); ---- Kotlin:: @@ -898,7 +898,7 @@ Java:: ---- mvc .perform(get("/endpoint") - .with(jwt().jwt(jwt -> jwt.claims(claims -> claims.remove("scope"))))); + .with(jwt().jwt((jwt) -> jwt.claims((claims) -> claims.remove("scope"))))); ---- Kotlin:: @@ -1219,7 +1219,7 @@ Java:: mvc .perform(get("/endpoint") .with(opaqueToken() - .attributes(attrs -> attrs.put("user_id", "1234")) + .attributes((attrs) -> attrs.put("user_id", "1234")) ) ); ---- diff --git a/docs/modules/ROOT/partials/reactive/oauth2/client/web-client-access-token-response-client.adoc b/docs/modules/ROOT/partials/reactive/oauth2/client/web-client-access-token-response-client.adoc index 49c28aa603..2de8bae3ff 100644 --- a/docs/modules/ROOT/partials/reactive/oauth2/client/web-client-access-token-response-client.adoc +++ b/docs/modules/ROOT/partials/reactive/oauth2/client/web-client-access-token-response-client.adoc @@ -270,7 +270,7 @@ BodyExtractor>, ReactiveHttpInputMessage> bodyExtractor BodyExtractors.toMono(new ParameterizedTypeReference<>() {}); accessTokenResponseClient.setBodyExtractor((inputMessage, context) -> bodyExtractor.extract(inputMessage, context) - .map(parameters -> OAuth2AccessTokenResponse.withToken("custom-token") + .map((parameters) -> parameters.withToken("custom-token") // ... .build() ) diff --git a/docs/src/test/java/org/springframework/security/docs/reactive/authentication/reactivex509/CustomX509Configuration.java b/docs/src/test/java/org/springframework/security/docs/reactive/authentication/reactivex509/CustomX509Configuration.java index 8f7f8c8278..45679a2ab9 100644 --- a/docs/src/test/java/org/springframework/security/docs/reactive/authentication/reactivex509/CustomX509Configuration.java +++ b/docs/src/test/java/org/springframework/security/docs/reactive/authentication/reactivex509/CustomX509Configuration.java @@ -59,11 +59,11 @@ public class CustomX509Configuration { // @formatter:off http - .x509(x509 -> x509 + .x509((x509) -> x509 .principalExtractor(principalExtractor) .authenticationManager(authenticationManager) ) - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .anyExchange().authenticated() ); // @formatter:on diff --git a/docs/src/test/java/org/springframework/security/docs/reactive/authentication/reactivex509/DefaultX509Configuration.java b/docs/src/test/java/org/springframework/security/docs/reactive/authentication/reactivex509/DefaultX509Configuration.java index 0fd17fa1d8..ea0f34ddc3 100644 --- a/docs/src/test/java/org/springframework/security/docs/reactive/authentication/reactivex509/DefaultX509Configuration.java +++ b/docs/src/test/java/org/springframework/security/docs/reactive/authentication/reactivex509/DefaultX509Configuration.java @@ -44,7 +44,7 @@ public class DefaultX509Configuration { // @formatter:off http .x509(Customizer.withDefaults()) - .authorizeExchange(exchanges -> exchanges + .authorizeExchange((exchanges) -> exchanges .anyExchange().authenticated() ); // @formatter:on diff --git a/docs/src/test/java/org/springframework/security/docs/servlet/authentication/servletx509config/DefaultX509Configuration.java b/docs/src/test/java/org/springframework/security/docs/servlet/authentication/servletx509config/DefaultX509Configuration.java index a347235386..12f02ad2f1 100644 --- a/docs/src/test/java/org/springframework/security/docs/servlet/authentication/servletx509config/DefaultX509Configuration.java +++ b/docs/src/test/java/org/springframework/security/docs/servlet/authentication/servletx509config/DefaultX509Configuration.java @@ -44,7 +44,7 @@ public class DefaultX509Configuration { // @formatter:off http .x509(Customizer.withDefaults()) - .authorizeHttpRequests(exchanges -> exchanges + .authorizeHttpRequests((exchanges) -> exchanges .anyRequest().authenticated() ); // @formatter:on