From 491b588d8827488811e721bbd803a7ac192fb782 Mon Sep 17 00:00:00 2001 From: timis1 <12120641+timis1@users.noreply.github.com> Date: Wed, 31 Jan 2024 22:19:18 +0200 Subject: [PATCH] JAVA-29287 Upgrade spring-security-azuread (#15747) * JAVA-29287 Upgrade spring-security-azuread * JAVA-29287 Remove commented code --------- Co-authored-by: timis1 --- .../spring-security-azuread/pom.xml | 7 +++-- .../security/azuread/Application.java | 2 +- .../config/JwtAuthorizationConfiguration.java | 30 ++++--------------- .../config/JwtAuthorizationProperties.java | 3 -- .../azuread/support/GroupsClaimMapper.java | 5 +--- .../main/resources/application-azuread.yml | 2 +- .../security/azuread/ApplicationLiveTest.java | 8 ++--- 7 files changed, 17 insertions(+), 40 deletions(-) diff --git a/spring-security-modules/spring-security-azuread/pom.xml b/spring-security-modules/spring-security-azuread/pom.xml index b32a1eb16a..c334bbba3e 100644 --- a/spring-security-modules/spring-security-azuread/pom.xml +++ b/spring-security-modules/spring-security-azuread/pom.xml @@ -2,14 +2,15 @@ - 4.0.0 + spring-security-azuread + com.baeldung - spring-security-modules + parent-boot-3 + ../../parent-boot-3 0.0.1-SNAPSHOT - spring-security-azuread diff --git a/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/Application.java b/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/Application.java index ac36bc1328..ada9b69df4 100644 --- a/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/Application.java +++ b/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/Application.java @@ -6,7 +6,7 @@ import org.springframework.boot.autoconfigure.SpringBootApplication; @SpringBootApplication public class Application { - + public static void main(String[] args) { SpringApplication.run(Application.class, args); } diff --git a/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/config/JwtAuthorizationConfiguration.java b/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/config/JwtAuthorizationConfiguration.java index 4d82e930ae..9945ad44fa 100644 --- a/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/config/JwtAuthorizationConfiguration.java +++ b/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/config/JwtAuthorizationConfiguration.java @@ -10,9 +10,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest; import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService; -import org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails; import org.springframework.security.oauth2.client.userinfo.OAuth2UserService; -import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser; import org.springframework.security.oauth2.core.oidc.user.OidcUser; import org.springframework.security.web.SecurityFilterChain; @@ -22,18 +20,14 @@ import com.baeldung.security.azuread.support.NamedOidcUser; @Configuration @EnableConfigurationProperties(JwtAuthorizationProperties.class) public class JwtAuthorizationConfiguration { - - - + @Bean SecurityFilterChain customJwtSecurityChain(HttpSecurity http, JwtAuthorizationProperties props) throws Exception { // @formatter:off return http - .authorizeRequests( r -> r.anyRequest().authenticated()) - .oauth2Login(oauth2 -> { - oauth2.userInfoEndpoint(ep -> - ep.oidcUserService(customOidcUserService(props))); - }) + .authorizeHttpRequests( r -> r.anyRequest().authenticated()) + .oauth2Login(oauth2 -> oauth2.userInfoEndpoint(ep -> + ep.oidcUserService(customOidcUserService(props)))) .build(); // @formatter:on } @@ -45,28 +39,16 @@ public class JwtAuthorizationConfiguration { props.getGroupsClaim(), props.getGroupToAuthorities()); - return (userRequest) -> { + return userRequest -> { OidcUser oidcUser = delegate.loadUser(userRequest); // Enrich standard authorities with groups Set mappedAuthorities = new HashSet<>(); mappedAuthorities.addAll(oidcUser.getAuthorities()); mappedAuthorities.addAll(mapper.mapAuthorities(oidcUser)); - + oidcUser = new NamedOidcUser(mappedAuthorities, oidcUser.getIdToken(), oidcUser.getUserInfo(),oidcUser.getName()); return oidcUser; }; } - - - -// @Bean -// GrantedAuthoritiesMapper jwtAuthoritiesMapper(JwtAuthorizationProperties props) { -// return new MappingJwtGrantedAuthoritiesMapper( -// props.getAuthoritiesPrefix(), -// props.getGroupsClaim(), -// props.getGroupToAuthorities()); -// } - - } diff --git a/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/config/JwtAuthorizationProperties.java b/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/config/JwtAuthorizationProperties.java index 981be317a3..3520c4aa6d 100644 --- a/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/config/JwtAuthorizationProperties.java +++ b/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/config/JwtAuthorizationProperties.java @@ -62,7 +62,4 @@ public class JwtAuthorizationProperties { public void setAuthoritiesPrefix(String authoritiesPrefix) { this.authoritiesPrefix = authoritiesPrefix; } - - - } diff --git a/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/support/GroupsClaimMapper.java b/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/support/GroupsClaimMapper.java index 2487cd9db3..74f92d96d8 100644 --- a/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/support/GroupsClaimMapper.java +++ b/spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/support/GroupsClaimMapper.java @@ -10,19 +10,16 @@ import java.util.List; import java.util.Map; import java.util.stream.Collectors; -import org.springframework.core.convert.converter.Converter; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper; import org.springframework.security.oauth2.core.ClaimAccessor; -import org.springframework.security.oauth2.jwt.Jwt; /** * @author Baeldung * */ public class GroupsClaimMapper { - + private final String authoritiesPrefix; private final String groupsClaim; private final Map> groupToAuthorities; diff --git a/spring-security-modules/spring-security-azuread/src/main/resources/application-azuread.yml b/spring-security-modules/spring-security-azuread/src/main/resources/application-azuread.yml index 5e65c381c8..fec11b84c7 100644 --- a/spring-security-modules/spring-security-azuread/src/main/resources/application-azuread.yml +++ b/spring-security-modules/spring-security-azuread/src/main/resources/application-azuread.yml @@ -17,7 +17,7 @@ spring: - openid - email - profile - + # Group mapping baeldung: jwt: diff --git a/spring-security-modules/spring-security-azuread/src/test/java/com/baeldung/security/azuread/ApplicationLiveTest.java b/spring-security-modules/spring-security-azuread/src/test/java/com/baeldung/security/azuread/ApplicationLiveTest.java index 8c941aa787..2ffa9e9a6f 100644 --- a/spring-security-modules/spring-security-azuread/src/test/java/com/baeldung/security/azuread/ApplicationLiveTest.java +++ b/spring-security-modules/spring-security-azuread/src/test/java/com/baeldung/security/azuread/ApplicationLiveTest.java @@ -1,7 +1,6 @@ package com.baeldung.security.azuread; import static org.assertj.core.api.Assertions.assertThat; -import static org.junit.jupiter.api.Assertions.*; import java.net.URI; @@ -12,6 +11,7 @@ import org.springframework.boot.test.context.SpringBootTest.WebEnvironment; import org.springframework.boot.test.web.client.TestRestTemplate; import org.springframework.boot.test.web.server.LocalServerPort; import org.springframework.http.HttpStatus; +import org.springframework.http.HttpStatusCode; import org.springframework.http.ResponseEntity; import org.springframework.test.context.ActiveProfiles; @@ -27,9 +27,9 @@ class ApplicationLiveTest { @Test void testWhenAccessRootPath_thenRedirectToAzureAD() { - - ResponseEntity response = rest.getForEntity("http://localhost:" + port , String.class); - HttpStatus st = response.getStatusCode(); + + ResponseEntity response = rest.getForEntity("http://localhost:" + port , String.class); + HttpStatusCode st = response.getStatusCode(); assertThat(st) .isEqualTo(HttpStatus.FOUND);