JAVA-15686 Update spring-cloud-security module under spring-cloud-modules to remove usage of deprecated WebSecurityConfigurerAdapter (#12987)

2022-11-17 23:43:42 +05:30 · 2022-11-17 23:43:42 +05:30 · 8339687190
parent 2beab43784
commit 8339687190
3 changed files with 46 additions and 30 deletions
--- a/spring-cloud-modules/spring-cloud-security/auth-client/pom.xml
+++ b/spring-cloud-modules/spring-cloud-security/auth-client/pom.xml
@ -65,6 +65,10 @@
            <groupId>org.springframework.security.oauth.boot</groupId>
            <artifactId>spring-security-oauth2-autoconfigure</artifactId>
        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-oauth2-client</artifactId>
+        </dependency>
    </dependencies>

    <build>
--- a/spring-cloud-modules/spring-cloud-security/auth-client/src/main/java/com/baeldung/config/SiteSecurityConfigurer.java
+++ b/spring-cloud-modules/spring-cloud-security/auth-client/src/main/java/com/baeldung/config/SiteSecurityConfigurer.java
@ -1,27 +1,26 @@
 package com.baeldung.config;

-import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
+import org.springframework.boot.web.client.RestTemplateBuilder;
 import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.client.ClientHttpRequestInterceptor;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.oauth2.client.OAuth2ClientContext;
-import org.springframework.security.oauth2.client.OAuth2RestOperations;
-import org.springframework.security.oauth2.client.OAuth2RestTemplate;
-import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
+import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
+import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
+import org.springframework.web.client.RestOperations;

@EnableZuulProxy
@Configuration
-@EnableOAuth2Sso
-public class SiteSecurityConfigurer
-    extends
-        WebSecurityConfigurerAdapter {
+public class SiteSecurityConfigurer {

-    @Override
-    protected void configure(HttpSecurity http)
-        throws Exception {
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http.antMatcher("/**")
            .authorizeRequests()
            .antMatchers("/", "/webjars/**")
@ -34,16 +33,23 @@ public class SiteSecurityConfigurer
            .permitAll()
            .and()
            .csrf()
-            .csrfTokenRepository(
-                CookieCsrfTokenRepository
-                    .withHttpOnlyFalse());
+            .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+            .and()
+            .oauth2Login();
+        return http.build();
    }

    @Bean
-    public OAuth2RestOperations restOperations(
-        OAuth2ProtectedResourceDetails resource,
-        OAuth2ClientContext context) {
-        return new OAuth2RestTemplate(resource, context);
+    public RestOperations restTemplate(OAuth2AuthorizedClientService clientService) {
+        return new RestTemplateBuilder().interceptors((ClientHttpRequestInterceptor) (httpRequest, bytes, execution) -> {
+            OAuth2AuthenticationToken token = OAuth2AuthenticationToken.class.cast(SecurityContextHolder.getContext()
+                .getAuthentication());
+            OAuth2AuthorizedClient client = clientService.loadAuthorizedClient(token.getAuthorizedClientRegistrationId(), token.getName());
+            httpRequest.getHeaders()
+                .add(HttpHeaders.AUTHORIZATION, "Bearer " + client.getAccessToken()
+                    .getTokenValue());
+            return execution.execute(httpRequest, bytes);
+        })
+            .build();
    }
-
 }
--- a/spring-cloud-modules/spring-cloud-security/auth-client/src/main/resources/application.yml
+++ b/spring-cloud-modules/spring-cloud-security/auth-client/src/main/resources/application.yml
@ -6,15 +6,21 @@ server:
    context-path: /

 # Configure the Authorization Server and User Info Resource Server details
-security:
-  oauth2:
-    client:
-      accessTokenUri: http://localhost:7070/authserver/oauth/token
-      userAuthorizationUri: http://localhost:7070/authserver/oauth/authorize
-      clientId: authserver
-      clientSecret: passwordforauthserver
-    resource:
-      userInfoUri: http://localhost:9000/user
+spring:
+  security:
+    oauth2:
+      client:
+        registration:
+          baeldung:
+            client-id: authserver
+            client-secret: passwordforauthserver
+            authorization-grant-type: authorization_code
+            redirect-uri: "{baseUrl}/login/oauth2/code/{registrationId}"
+        provider:
+          baeldung:
+            token-uri: http://localhost:7070/authserver/oauth/token
+            authorization-uri: http://localhost:7070/authserver/oauth/authorize
+            user-info-uri: http://localhost:9000/user

 person:
  url: http://localhost:9000/person