iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

JAVA-15686 Update spring-cloud-security module under spring-cloud-modules to remove usage of deprecated WebSecurityConfigurerAdapter (#12987)

Browse Source
This commit is contained in:
anuragkumawat 2022-11-17 23:43:42 +05:30 committed by GitHub
parent 2beab43784
commit 8339687190
3 changed files with 46 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
spring-cloud-modules/spring-cloud-security/auth-client/pom.xml
View File

@ -65,6 +65,10 @@
<groupId>org.springframework.security.oauth.boot</groupId> <groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId> <artifactId>spring-security-oauth2-autoconfigure</artifactId>
</dependency> </dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-client</artifactId>
</dependency>
</dependencies> </dependencies>
<build> <build>

48
spring-cloud-modules/spring-cloud-security/auth-client/src/main/java/com/baeldung/config/SiteSecurityConfigurer.java
View File

@ -1,27 +1,26 @@
package com.baeldung.config; package com.baeldung.config;
import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso; import org.springframework.boot.web.client.RestTemplateBuilder;
import org.springframework.cloud.netflix.zuul.EnableZuulProxy; import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpHeaders;
import org.springframework.http.client.ClientHttpRequestInterceptor;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.client.OAuth2ClientContext; import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
import org.springframework.security.oauth2.client.OAuth2RestOperations; import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.OAuth2RestTemplate; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails; import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository; import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
import org.springframework.web.client.RestOperations;
@EnableZuulProxy @EnableZuulProxy
@Configuration @Configuration
@EnableOAuth2Sso public class SiteSecurityConfigurer {
public class SiteSecurityConfigurer
extends
WebSecurityConfigurerAdapter {
@Override @Bean
protected void configure(HttpSecurity http) public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
throws Exception {
http.antMatcher("/**") http.antMatcher("/**")
.authorizeRequests() .authorizeRequests()
.antMatchers("/", "/webjars/**") .antMatchers("/", "/webjars/**")
@ -34,16 +33,23 @@ public class SiteSecurityConfigurer
.permitAll() .permitAll()
.and() .and()
.csrf() .csrf()
.csrfTokenRepository( .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
CookieCsrfTokenRepository .and()
.withHttpOnlyFalse()); .oauth2Login();
return http.build();
} }
@Bean @Bean
public OAuth2RestOperations restOperations( public RestOperations restTemplate(OAuth2AuthorizedClientService clientService) {
OAuth2ProtectedResourceDetails resource, return new RestTemplateBuilder().interceptors((ClientHttpRequestInterceptor) (httpRequest, bytes, execution) -> {
OAuth2ClientContext context) { OAuth2AuthenticationToken token = OAuth2AuthenticationToken.class.cast(SecurityContextHolder.getContext()
return new OAuth2RestTemplate(resource, context); .getAuthentication());
OAuth2AuthorizedClient client = clientService.loadAuthorizedClient(token.getAuthorizedClientRegistrationId(), token.getName());
httpRequest.getHeaders()
.add(HttpHeaders.AUTHORIZATION, "Bearer " + client.getAccessToken()
.getTokenValue());
return execution.execute(httpRequest, bytes);
})
.build();
} }
} }

18
spring-cloud-modules/spring-cloud-security/auth-client/src/main/resources/application.yml
View File

@ -6,15 +6,21 @@ server:
context-path: / context-path: /
# Configure the Authorization Server and User Info Resource Server details # Configure the Authorization Server and User Info Resource Server details
spring:
security: security:
oauth2: oauth2:
client: client:
accessTokenUri: http://localhost:7070/authserver/oauth/token registration:
userAuthorizationUri: http://localhost:7070/authserver/oauth/authorize baeldung:
clientId: authserver client-id: authserver
clientSecret: passwordforauthserver client-secret: passwordforauthserver
resource: authorization-grant-type: authorization_code
userInfoUri: http://localhost:9000/user redirect-uri: "{baseUrl}/login/oauth2/code/{registrationId}"
provider:
baeldung:
token-uri: http://localhost:7070/authserver/oauth/token
authorization-uri: http://localhost:7070/authserver/oauth/authorize
user-info-uri: http://localhost:9000/user
person: person:
url: http://localhost:9000/person url: http://localhost:9000/person