JAVA-29287 Upgrade spring-security-azuread (#15747)

* JAVA-29287 Upgrade spring-security-azuread * JAVA-29287 Remove commented code --------- Co-authored-by: timis1 <noreplay@yahoo.com>
2024-01-31 22:19:18 +02:00 · 2024-01-31 22:19:18 +02:00 · 491b588d88
parent 9c8cbf668c
commit 491b588d88
7 changed files with 17 additions and 40 deletions
--- a/spring-security-modules/spring-security-azuread/pom.xml
+++ b/spring-security-modules/spring-security-azuread/pom.xml
@ -2,14 +2,15 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
-
    <modelVersion>4.0.0</modelVersion>
+    <artifactId>spring-security-azuread</artifactId>
+
    <parent>
        <groupId>com.baeldung</groupId>
-        <artifactId>spring-security-modules</artifactId>
+        <artifactId>parent-boot-3</artifactId>
+        <relativePath>../../parent-boot-3</relativePath>
        <version>0.0.1-SNAPSHOT</version>
    </parent>
-    <artifactId>spring-security-azuread</artifactId>

    <dependencies>
        <dependency>
--- a/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/Application.java
+++ b/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/Application.java
@ -6,7 +6,7 @@ import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
 public class Application {
-    
+
    public static void main(String[] args) {
        SpringApplication.run(Application.class, args);
    }
--- a/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/config/JwtAuthorizationConfiguration.java
+++ b/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/config/JwtAuthorizationConfiguration.java
@ -10,9 +10,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest;
 import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService;
-import org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails;
 import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
-import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.security.web.SecurityFilterChain;

@ -22,18 +20,14 @@ import com.baeldung.security.azuread.support.NamedOidcUser;
@Configuration
@EnableConfigurationProperties(JwtAuthorizationProperties.class)
 public class JwtAuthorizationConfiguration {
-    
-    
-    
+
    @Bean
    SecurityFilterChain customJwtSecurityChain(HttpSecurity http, JwtAuthorizationProperties props) throws Exception {
        // @formatter:off
        return http
-          .authorizeRequests( r -> r.anyRequest().authenticated())
-          .oauth2Login(oauth2 -> {
-              oauth2.userInfoEndpoint(ep -> 
-                ep.oidcUserService(customOidcUserService(props)));
-          })
+          .authorizeHttpRequests( r -> r.anyRequest().authenticated())
+          .oauth2Login(oauth2 -> oauth2.userInfoEndpoint(ep ->
+            ep.oidcUserService(customOidcUserService(props))))
        .build();
        // @formatter:on
    }
@ -45,28 +39,16 @@ public class JwtAuthorizationConfiguration {
          props.getGroupsClaim(),
          props.getGroupToAuthorities());
        
-        return (userRequest) -> {
+        return userRequest -> {
            OidcUser oidcUser = delegate.loadUser(userRequest);
            // Enrich standard authorities with groups 
            Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
            mappedAuthorities.addAll(oidcUser.getAuthorities());
            mappedAuthorities.addAll(mapper.mapAuthorities(oidcUser));
-            
+
            oidcUser = new NamedOidcUser(mappedAuthorities, oidcUser.getIdToken(), oidcUser.getUserInfo(),oidcUser.getName());

            return oidcUser;
        };
    }
-
-    
-    
-//    @Bean
-//    GrantedAuthoritiesMapper jwtAuthoritiesMapper(JwtAuthorizationProperties props) {
-//        return new MappingJwtGrantedAuthoritiesMapper(
-//          props.getAuthoritiesPrefix(),
-//          props.getGroupsClaim(), 
-//          props.getGroupToAuthorities());
-//    }
-    
-
 }
--- a/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/config/JwtAuthorizationProperties.java
+++ b/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/config/JwtAuthorizationProperties.java
@ -62,7 +62,4 @@ public class JwtAuthorizationProperties {
    public void setAuthoritiesPrefix(String authoritiesPrefix) {
        this.authoritiesPrefix = authoritiesPrefix;
    }
-    
-    
-
 }
--- a/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/support/GroupsClaimMapper.java
+++ b/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/support/GroupsClaimMapper.java
@ -10,19 +10,16 @@ import java.util.List;
 import java.util.Map;
 import java.util.stream.Collectors;

-import org.springframework.core.convert.converter.Converter;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
 import org.springframework.security.oauth2.core.ClaimAccessor;
-import org.springframework.security.oauth2.jwt.Jwt;

 /**
 * @author Baeldung
 *
 */
 public class GroupsClaimMapper  {
-    
+
    private final String authoritiesPrefix;
    private final String groupsClaim;
    private final Map<String, List<String>> groupToAuthorities;
--- a/spring-security-modules/spring-security-azuread/src/main/resources/application-azuread.yml
+++ b/spring-security-modules/spring-security-azuread/src/main/resources/application-azuread.yml
@ -17,7 +17,7 @@ spring:
            - openid
            - email
            - profile
-                    
+
 # Group mapping
 baeldung:
  jwt:
--- a/spring-security-modules/spring-security-azuread/src/test/java/com/baeldung/security/azuread/ApplicationLiveTest.java
+++ b/spring-security-modules/spring-security-azuread/src/test/java/com/baeldung/security/azuread/ApplicationLiveTest.java
@ -1,7 +1,6 @@
 package com.baeldung.security.azuread;

 import static org.assertj.core.api.Assertions.assertThat;
-import static org.junit.jupiter.api.Assertions.*;

 import java.net.URI;

@ -12,6 +11,7 @@ import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
 import org.springframework.boot.test.web.client.TestRestTemplate;
 import org.springframework.boot.test.web.server.LocalServerPort;
 import org.springframework.http.HttpStatus;
+import org.springframework.http.HttpStatusCode;
 import org.springframework.http.ResponseEntity;
 import org.springframework.test.context.ActiveProfiles;

@ -27,9 +27,9 @@ class ApplicationLiveTest {

    @Test
    void testWhenAccessRootPath_thenRedirectToAzureAD() {
-                
-        ResponseEntity<String> response = rest.getForEntity("http://localhost:" + port , String.class);               
-        HttpStatus st = response.getStatusCode();
+
+        ResponseEntity<String> response = rest.getForEntity("http://localhost:" + port , String.class);
+        HttpStatusCode st = response.getStatusCode();
        assertThat(st)
           .isEqualTo(HttpStatus.FOUND);