iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

JAVA-29287 Upgrade spring-security-azuread (#15747) 

* JAVA-29287 Upgrade spring-security-azuread

* JAVA-29287 Remove commented code

---------

Co-authored-by: timis1 <noreplay@yahoo.com>
This commit is contained in:
timis1 2024-01-31 22:19:18 +02:00 committed by GitHub
parent 9c8cbf668c
commit 491b588d88
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 17 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
spring-security-modules/spring-security-azuread/pom.xml
View File

@ -2,14 +2,15 @@
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>spring-security-azuread</artifactId>
<parent>
<groupId>com.baeldung</groupId>
<artifactId>spring-security-modules</artifactId>
<artifactId>parent-boot-3</artifactId>
<relativePath>../../parent-boot-3</relativePath>
<version>0.0.1-SNAPSHOT</version>
</parent>
<artifactId>spring-security-azuread</artifactId>
<dependencies>
<dependency>

26
spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/config/JwtAuthorizationConfiguration.java
View File

@ -10,9 +10,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest;
import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService;
import org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails;
import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.security.web.SecurityFilterChain;
@ -23,17 +21,13 @@ import com.baeldung.security.azuread.support.NamedOidcUser;
@EnableConfigurationProperties(JwtAuthorizationProperties.class)
public class JwtAuthorizationConfiguration {
@Bean
SecurityFilterChain customJwtSecurityChain(HttpSecurity http, JwtAuthorizationProperties props) throws Exception {
// @formatter:off
return http
.authorizeRequests( r -> r.anyRequest().authenticated())
.oauth2Login(oauth2 -> {
oauth2.userInfoEndpoint(ep ->
ep.oidcUserService(customOidcUserService(props)));
})
.authorizeHttpRequests( r -> r.anyRequest().authenticated())
.oauth2Login(oauth2 -> oauth2.userInfoEndpoint(ep ->
ep.oidcUserService(customOidcUserService(props))))
.build();
// @formatter:on
}
@ -45,7 +39,7 @@ public class JwtAuthorizationConfiguration {
props.getGroupsClaim(),
props.getGroupToAuthorities());
return (userRequest) -> {
return userRequest -> {
OidcUser oidcUser = delegate.loadUser(userRequest);
// Enrich standard authorities with groups
Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
@ -57,16 +51,4 @@ public class JwtAuthorizationConfiguration {
return oidcUser;
};
}
// @Bean
// GrantedAuthoritiesMapper jwtAuthoritiesMapper(JwtAuthorizationProperties props) {
// return new MappingJwtGrantedAuthoritiesMapper(
// props.getAuthoritiesPrefix(),
// props.getGroupsClaim(),
// props.getGroupToAuthorities());
// }
}

3
spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/config/JwtAuthorizationProperties.java
View File

@ -62,7 +62,4 @@ public class JwtAuthorizationProperties {
public void setAuthoritiesPrefix(String authoritiesPrefix) {
this.authoritiesPrefix = authoritiesPrefix;
}
}

3
spring-security-modules/spring-security-azuread/src/main/java/com/baeldung/security/azuread/support/GroupsClaimMapper.java
View File

@ -10,12 +10,9 @@ import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import org.springframework.core.convert.converter.Converter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.security.oauth2.core.ClaimAccessor;
import org.springframework.security.oauth2.jwt.Jwt;
/**
* @author Baeldung

4
spring-security-modules/spring-security-azuread/src/test/java/com/baeldung/security/azuread/ApplicationLiveTest.java
View File

@ -1,7 +1,6 @@
package com.baeldung.security.azuread;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.jupiter.api.Assertions.*;
import java.net.URI;
@ -12,6 +11,7 @@ import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
import org.springframework.boot.test.web.client.TestRestTemplate;
import org.springframework.boot.test.web.server.LocalServerPort;
import org.springframework.http.HttpStatus;
import org.springframework.http.HttpStatusCode;
import org.springframework.http.ResponseEntity;
import org.springframework.test.context.ActiveProfiles;
@ -29,7 +29,7 @@ class ApplicationLiveTest {
void testWhenAccessRootPath_thenRedirectToAzureAD() {
ResponseEntity<String> response = rest.getForEntity("http://localhost:" + port , String.class);
HttpStatus st = response.getStatusCode();
HttpStatusCode st = response.getStatusCode();
assertThat(st)
.isEqualTo(HttpStatus.FOUND);