iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

JAVA-29295 :- Upgrade to Boot 3 is done do some code cleanup. (#15931)

This commit is contained in:
Amit Pandey 2024-02-29 05:44:57 +05:30 committed by GitHub
parent 7682698e49
commit 05a20c1d6c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 29 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
spring-security-modules/spring-security-oauth2-testing/pom.xml
View File

@ -32,6 +32,7 @@
<properties> <properties>
<spring-addons.version>7.1.10</spring-addons.version> <spring-addons.version>7.1.10</spring-addons.version>
<maven.compiler.release>17</maven.compiler.release>
</properties> </properties>
</project> </project>

3
spring-security-modules/spring-security-oauth2-testing/reactive-resource-server/src/main/java/com/baeldung/ReactiveResourceServerApplication.java
View File

@ -22,6 +22,7 @@ import org.springframework.security.authentication.AuthenticationCredentialsNotF
import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity; import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity; import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity; import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.ReactiveSecurityContextHolder; import org.springframework.security.core.context.ReactiveSecurityContextHolder;
@ -54,7 +55,7 @@ public class ReactiveResourceServerApplication {
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http.oauth2ResourceServer(resourceServer -> resourceServer.jwt(withDefaults())); http.oauth2ResourceServer(resourceServer -> resourceServer.jwt(withDefaults()));
http.securityContextRepository(NoOpServerSecurityContextRepository.getInstance()); http.securityContextRepository(NoOpServerSecurityContextRepository.getInstance());
http.csrf(csrf -> csrf.disable()); http.csrf(CsrfSpec::disable);
http.exceptionHandling(eh -> eh http.exceptionHandling(eh -> eh
.accessDeniedHandler((var exchange, var ex) -> exchange.getPrincipal().flatMap(principal -> { .accessDeniedHandler((var exchange, var ex) -> exchange.getPrincipal().flatMap(principal -> {
final var response = exchange.getResponse(); final var response = exchange.getResponse();

16
spring-security-modules/spring-security-oauth2-testing/reactive-resource-server/src/test/java/com/baeldung/ReactiveResourceServerApplicationIntegrationTest.java
View File

@ -24,7 +24,7 @@ class ReactiveResourceServerApplicationIntegrationTest {
@Test @Test
@WithAnonymousUser @WithAnonymousUser
void givenRequestIsAnonymous_whenGetGreet_thenUnauthorized() throws Exception { void givenRequestIsAnonymous_whenGetGreet_thenUnauthorized() {
api.get() api.get()
.uri("/greet") .uri("/greet")
.exchange() .exchange()
@ -34,7 +34,7 @@ class ReactiveResourceServerApplicationIntegrationTest {
@Test @Test
@WithJwt("ch4mpy.json") @WithJwt("ch4mpy.json")
void givenUserIsAuthenticated_whenGetGreet_thenOk() throws Exception { void givenUserIsAuthenticated_whenGetGreet_thenOk() {
api.get() api.get()
.uri("/greet") .uri("/greet")
.exchange() .exchange()
@ -51,7 +51,7 @@ class ReactiveResourceServerApplicationIntegrationTest {
@Test @Test
@WithAnonymousUser @WithAnonymousUser
void givenRequestIsAnonymous_whenGetSecuredRoute_thenUnauthorized() throws Exception { void givenRequestIsAnonymous_whenGetSecuredRoute_thenUnauthorized() {
api.get() api.get()
.uri("/secured-route") .uri("/secured-route")
.exchange() .exchange()
@ -61,7 +61,7 @@ class ReactiveResourceServerApplicationIntegrationTest {
@Test @Test
@WithMockAuthentication("ROLE_AUTHORIZED_PERSONNEL") @WithMockAuthentication("ROLE_AUTHORIZED_PERSONNEL")
void givenUserIsGrantedWithRoleAuthorizedPersonnel_whenGetSecuredRoute_thenOk() throws Exception { void givenUserIsGrantedWithRoleAuthorizedPersonnel_whenGetSecuredRoute_thenOk() {
api.get() api.get()
.uri("/secured-route") .uri("/secured-route")
.exchange() .exchange()
@ -73,7 +73,7 @@ class ReactiveResourceServerApplicationIntegrationTest {
@Test @Test
@WithMockAuthentication("admin") @WithMockAuthentication("admin")
void givenUserIsNotGrantedWithRoleAuthorizedPersonnel_whenGetSecuredRoute_thenForbidden() throws Exception { void givenUserIsNotGrantedWithRoleAuthorizedPersonnel_whenGetSecuredRoute_thenForbidden() {
api.get() api.get()
.uri("/secured-route") .uri("/secured-route")
.exchange() .exchange()
@ -88,7 +88,7 @@ class ReactiveResourceServerApplicationIntegrationTest {
@Test @Test
@WithAnonymousUser @WithAnonymousUser
void givenRequestIsAnonymous_whenGetSecuredMethod_thenUnauthorized() throws Exception { void givenRequestIsAnonymous_whenGetSecuredMethod_thenUnauthorized() {
api.get() api.get()
.uri("/secured-method") .uri("/secured-method")
.exchange() .exchange()
@ -98,7 +98,7 @@ class ReactiveResourceServerApplicationIntegrationTest {
@Test @Test
@WithMockAuthentication("ROLE_AUTHORIZED_PERSONNEL") @WithMockAuthentication("ROLE_AUTHORIZED_PERSONNEL")
void givenUserIsGrantedWithRoleAuthorizedPersonnel_whenGetSecuredMethod_thenOk() throws Exception { void givenUserIsGrantedWithRoleAuthorizedPersonnel_whenGetSecuredMethod_thenOk() {
api.get() api.get()
.uri("/secured-method") .uri("/secured-method")
.exchange() .exchange()
@ -110,7 +110,7 @@ class ReactiveResourceServerApplicationIntegrationTest {
@Test @Test
@WithMockAuthentication("admin") @WithMockAuthentication("admin")
void givenUserIsNotGrantedWithRoleAuthorizedPersonnel_whenGetSecuredMethod_thenForbidden() throws Exception { void givenUserIsNotGrantedWithRoleAuthorizedPersonnel_whenGetSecuredMethod_thenForbidden() {
api.get() api.get()
.uri("/secured-method") .uri("/secured-method")
.exchange() .exchange()

16
spring-security-modules/spring-security-oauth2-testing/reactive-resource-server/src/test/java/com/baeldung/SpringAddonsGreetingControllerUnitTest.java
View File

@ -39,7 +39,7 @@ class SpringAddonsGreetingControllerUnitTest {
@Test @Test
@WithAnonymousUser @WithAnonymousUser
void givenRequestIsAnonymous_whenGetGreet_thenUnauthorized() throws Exception { void givenRequestIsAnonymous_whenGetGreet_thenUnauthorized() {
api.get().uri("/greet").exchange().expectStatus().isUnauthorized(); api.get().uri("/greet").exchange().expectStatus().isUnauthorized();
} }
@ -47,7 +47,7 @@ class SpringAddonsGreetingControllerUnitTest {
@AuthenticationSource({ @AuthenticationSource({
@WithMockAuthentication(authorities = { "admin", "ROLE_AUTHORIZED_PERSONNEL" }, name = "ch4mpy"), @WithMockAuthentication(authorities = { "admin", "ROLE_AUTHORIZED_PERSONNEL" }, name = "ch4mpy"),
@WithMockAuthentication(authorities = { "uncle", "PIRATE" }, name = "tonton-pirate") }) @WithMockAuthentication(authorities = { "uncle", "PIRATE" }, name = "tonton-pirate") })
void givenUserIsAuthenticated_whenGetGreet_thenOk(@ParameterizedAuthentication Authentication auth) throws Exception { void givenUserIsAuthenticated_whenGetGreet_thenOk(@ParameterizedAuthentication Authentication auth) {
final var greeting = "Whatever the service returns"; final var greeting = "Whatever the service returns";
when(messageService.greet()).thenReturn(Mono.just(greeting)); when(messageService.greet()).thenReturn(Mono.just(greeting));
@ -67,13 +67,13 @@ class SpringAddonsGreetingControllerUnitTest {
@Test @Test
@WithAnonymousUser @WithAnonymousUser
void givenRequestIsAnonymous_whenGetSecuredRoute_thenUnauthorized() throws Exception { void givenRequestIsAnonymous_whenGetSecuredRoute_thenUnauthorized() {
api.get().uri("/secured-route").exchange().expectStatus().isUnauthorized(); api.get().uri("/secured-route").exchange().expectStatus().isUnauthorized();
} }
@Test @Test
@WithMockAuthentication("ROLE_AUTHORIZED_PERSONNEL") @WithMockAuthentication("ROLE_AUTHORIZED_PERSONNEL")
void givenUserIsGrantedWithRoleAuthorizedPersonnel_whenGetSecuredRoute_thenOk() throws Exception { void givenUserIsGrantedWithRoleAuthorizedPersonnel_whenGetSecuredRoute_thenOk() {
final var secret = "Secret!"; final var secret = "Secret!";
when(messageService.getSecret()).thenReturn(Mono.just(secret)); when(messageService.getSecret()).thenReturn(Mono.just(secret));
@ -82,7 +82,7 @@ class SpringAddonsGreetingControllerUnitTest {
@Test @Test
@WithMockAuthentication("admin") @WithMockAuthentication("admin")
void givenUserIsNotGrantedWithRoleAuthorizedPersonnel_whenGetSecuredRoute_thenForbidden() throws Exception { void givenUserIsNotGrantedWithRoleAuthorizedPersonnel_whenGetSecuredRoute_thenForbidden() {
api.get().uri("/secured-route").exchange().expectStatus().isForbidden(); api.get().uri("/secured-route").exchange().expectStatus().isForbidden();
} }
@ -96,13 +96,13 @@ class SpringAddonsGreetingControllerUnitTest {
@Test @Test
@WithAnonymousUser @WithAnonymousUser
void givenRequestIsAnonymous_whenGetSecuredMethod_thenUnauthorized() throws Exception { void givenRequestIsAnonymous_whenGetSecuredMethod_thenUnauthorized() {
api.get().uri("/secured-method").exchange().expectStatus().isUnauthorized(); api.get().uri("/secured-method").exchange().expectStatus().isUnauthorized();
} }
@Test @Test
@WithMockAuthentication("ROLE_AUTHORIZED_PERSONNEL") @WithMockAuthentication("ROLE_AUTHORIZED_PERSONNEL")
void givenUserIsGrantedWithRoleAuthorizedPersonnel_whenGetSecuredMethod_thenOk() throws Exception { void givenUserIsGrantedWithRoleAuthorizedPersonnel_whenGetSecuredMethod_thenOk() {
final var secret = "Secret!"; final var secret = "Secret!";
when(messageService.getSecret()).thenReturn(Mono.just(secret)); when(messageService.getSecret()).thenReturn(Mono.just(secret));
@ -111,7 +111,7 @@ class SpringAddonsGreetingControllerUnitTest {
@Test @Test
@WithMockAuthentication("admin") @WithMockAuthentication("admin")
void givenUserIsNotGrantedWithRoleAuthorizedPersonnel_whenGetSecuredMethod_thenForbidden() throws Exception { void givenUserIsNotGrantedWithRoleAuthorizedPersonnel_whenGetSecuredMethod_thenForbidden() {
api.get().uri("/secured-method").exchange().expectStatus().isForbidden(); api.get().uri("/secured-method").exchange().expectStatus().isForbidden();
} }

16
spring-security-modules/spring-security-oauth2-testing/reactive-resource-server/src/test/java/com/baeldung/SpringSecurityTestGreetingControllerUnitTest.java
View File

@ -39,7 +39,7 @@ class SpringSecurityTestGreetingControllerUnitTest {
/*-----------------------------------------------------------------------------*/ /*-----------------------------------------------------------------------------*/
@Test @Test
void givenRequestIsAnonymous_whenGetGreet_thenUnauthorized() throws Exception { void givenRequestIsAnonymous_whenGetGreet_thenUnauthorized() {
api.mutateWith(mockAuthentication(ANONYMOUS_AUTHENTICATION)) api.mutateWith(mockAuthentication(ANONYMOUS_AUTHENTICATION))
.get() .get()
.uri("/greet") .uri("/greet")
@ -49,7 +49,7 @@ class SpringSecurityTestGreetingControllerUnitTest {
} }
@Test @Test
void givenUserIsAuthenticated_whenGetGreet_thenOk() throws Exception { void givenUserIsAuthenticated_whenGetGreet_thenOk() {
final var greeting = "Whatever the service returns"; final var greeting = "Whatever the service returns";
when(messageService.greet()).thenReturn(Mono.just(greeting)); when(messageService.greet()).thenReturn(Mono.just(greeting));
@ -72,7 +72,7 @@ class SpringSecurityTestGreetingControllerUnitTest {
/*---------------------------------------------------------------------------------------------------------------------*/ /*---------------------------------------------------------------------------------------------------------------------*/
@Test @Test
void givenRequestIsAnonymous_whenGetSecuredRoute_thenUnauthorized() throws Exception { void givenRequestIsAnonymous_whenGetSecuredRoute_thenUnauthorized() {
api.mutateWith(mockAuthentication(ANONYMOUS_AUTHENTICATION)) api.mutateWith(mockAuthentication(ANONYMOUS_AUTHENTICATION))
.get() .get()
.uri("/secured-route") .uri("/secured-route")
@ -82,7 +82,7 @@ class SpringSecurityTestGreetingControllerUnitTest {
} }
@Test @Test
void givenUserIsGrantedWithRoleAuthorizedPersonnel_whenGetSecuredRoute_thenOk() throws Exception { void givenUserIsGrantedWithRoleAuthorizedPersonnel_whenGetSecuredRoute_thenOk() {
final var secret = "Secret!"; final var secret = "Secret!";
when(messageService.getSecret()).thenReturn(Mono.just(secret)); when(messageService.getSecret()).thenReturn(Mono.just(secret));
@ -97,7 +97,7 @@ class SpringSecurityTestGreetingControllerUnitTest {
} }
@Test @Test
void givenUserIsNotGrantedWithRoleAuthorizedPersonnel_whenGetSecuredRoute_thenForbidden() throws Exception { void givenUserIsNotGrantedWithRoleAuthorizedPersonnel_whenGetSecuredRoute_thenForbidden() {
api.mutateWith(mockJwt().authorities(new SimpleGrantedAuthority("admin"))) api.mutateWith(mockJwt().authorities(new SimpleGrantedAuthority("admin")))
.get() .get()
.uri("/secured-route") .uri("/secured-route")
@ -112,7 +112,7 @@ class SpringSecurityTestGreetingControllerUnitTest {
/*---------------------------------------------------------------------------------------------------------*/ /*---------------------------------------------------------------------------------------------------------*/
@Test @Test
void givenRequestIsAnonymous_whenGetSecuredMethod_thenUnauthorized() throws Exception { void givenRequestIsAnonymous_whenGetSecuredMethod_thenUnauthorized() {
api.mutateWith(mockAuthentication(ANONYMOUS_AUTHENTICATION)) api.mutateWith(mockAuthentication(ANONYMOUS_AUTHENTICATION))
.get() .get()
.uri("/secured-method") .uri("/secured-method")
@ -122,7 +122,7 @@ class SpringSecurityTestGreetingControllerUnitTest {
} }
@Test @Test
void givenUserIsGrantedWithRoleAuthorizedPersonnel_whenGetSecuredMethod_thenOk() throws Exception { void givenUserIsGrantedWithRoleAuthorizedPersonnel_whenGetSecuredMethod_thenOk() {
final var secret = "Secret!"; final var secret = "Secret!";
when(messageService.getSecret()).thenReturn(Mono.just(secret)); when(messageService.getSecret()).thenReturn(Mono.just(secret));
@ -137,7 +137,7 @@ class SpringSecurityTestGreetingControllerUnitTest {
} }
@Test @Test
void givenUserIsNotGrantedWithRoleAuthorizedPersonnel_whenGetSecuredMethod_thenForbidden() throws Exception { void givenUserIsNotGrantedWithRoleAuthorizedPersonnel_whenGetSecuredMethod_thenForbidden() {
api.mutateWith(mockJwt().authorities(new SimpleGrantedAuthority("admin"))) api.mutateWith(mockJwt().authorities(new SimpleGrantedAuthority("admin")))
.get() .get()
.uri("/secured-method") .uri("/secured-method")

3
spring-security-modules/spring-security-oauth2-testing/servlet-resource-server/src/main/java/com/baeldung/ServletResourceServerApplication.java
View File

@ -19,6 +19,7 @@ import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority;
@ -50,7 +51,7 @@ public class ServletResourceServerApplication {
SecurityFilterChain filterChain(HttpSecurity http) throws Exception { SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.oauth2ResourceServer(resourceServer -> resourceServer.jwt(withDefaults())); http.oauth2ResourceServer(resourceServer -> resourceServer.jwt(withDefaults()));
http.sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS)); http.sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
http.csrf(csrf -> csrf.disable()); http.csrf(AbstractHttpConfigurer::disable);
http.exceptionHandling(eh -> eh.authenticationEntryPoint((request, response, authException) -> { http.exceptionHandling(eh -> eh.authenticationEntryPoint((request, response, authException) -> {
response.addHeader(HttpHeaders.WWW_AUTHENTICATE, "Bearer realm=\"Restricted Content\""); response.addHeader(HttpHeaders.WWW_AUTHENTICATE, "Bearer realm=\"Restricted Content\"");
response.sendError(HttpStatus.UNAUTHORIZED.value(), HttpStatus.UNAUTHORIZED.getReasonPhrase()); response.sendError(HttpStatus.UNAUTHORIZED.value(), HttpStatus.UNAUTHORIZED.getReasonPhrase());