JAVA-15686 Update spring-cloud-security module under spring-cloud-modules to remove usage of deprecated WebSecurityConfigurerAdapter (#12987)

spring-cloud-modules/spring-cloud-security/auth-client/pom.xml

@@ -65,6 +65,10 @@
             <groupId>org.springframework.security.oauth.boot</groupId>
             <artifactId>spring-security-oauth2-autoconfigure</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-oauth2-client</artifactId>
+        </dependency>
     </dependencies>
 
     <build>

spring-cloud-modules/spring-cloud-security/auth-client/src/main/java/com/baeldung/config/SiteSecurityConfigurer.java

@@ -1,27 +1,26 @@
 package com.baeldung.config;
 
-import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
+import org.springframework.boot.web.client.RestTemplateBuilder;
 import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.client.ClientHttpRequestInterceptor;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.oauth2.client.OAuth2ClientContext;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
-import org.springframework.security.oauth2.client.OAuth2RestOperations;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
-import org.springframework.security.oauth2.client.OAuth2RestTemplate;
+import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
-import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
+import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
+import org.springframework.web.client.RestOperations;
 
 @EnableZuulProxy
 @Configuration
-@EnableOAuth2Sso
+public class SiteSecurityConfigurer {
-public class SiteSecurityConfigurer
-    extends
-        WebSecurityConfigurerAdapter {
 
-    @Override
+    @Bean
-    protected void configure(HttpSecurity http)
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        throws Exception {
         http.antMatcher("/**")
             .authorizeRequests()
             .antMatchers("/", "/webjars/**")
@@ -34,16 +33,23 @@ public class SiteSecurityConfigurer
             .permitAll()
             .and()
             .csrf()
-            .csrfTokenRepository(
+            .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
-                CookieCsrfTokenRepository
+            .and()
-                    .withHttpOnlyFalse());
+            .oauth2Login();
+        return http.build();
     }
 
     @Bean
-    public OAuth2RestOperations restOperations(
+    public RestOperations restTemplate(OAuth2AuthorizedClientService clientService) {
-        OAuth2ProtectedResourceDetails resource,
+        return new RestTemplateBuilder().interceptors((ClientHttpRequestInterceptor) (httpRequest, bytes, execution) -> {
-        OAuth2ClientContext context) {
+            OAuth2AuthenticationToken token = OAuth2AuthenticationToken.class.cast(SecurityContextHolder.getContext()
-        return new OAuth2RestTemplate(resource, context);
+                .getAuthentication());
+            OAuth2AuthorizedClient client = clientService.loadAuthorizedClient(token.getAuthorizedClientRegistrationId(), token.getName());
+            httpRequest.getHeaders()
+                .add(HttpHeaders.AUTHORIZATION, "Bearer " + client.getAccessToken()
+                    .getTokenValue());
+            return execution.execute(httpRequest, bytes);
+        })
+            .build();
     }
-
 }

spring-cloud-modules/spring-cloud-security/auth-client/src/main/resources/application.yml

@@ -6,15 +6,21 @@ server:
     context-path: /
 
 # Configure the Authorization Server and User Info Resource Server details
-security:
+spring:
-  oauth2:
+  security:
-    client:
+    oauth2:
-      accessTokenUri: http://localhost:7070/authserver/oauth/token
+      client:
-      userAuthorizationUri: http://localhost:7070/authserver/oauth/authorize
+        registration:
-      clientId: authserver
+          baeldung:
-      clientSecret: passwordforauthserver
+            client-id: authserver
-    resource:
+            client-secret: passwordforauthserver
-      userInfoUri: http://localhost:9000/user
+            authorization-grant-type: authorization_code
+            redirect-uri: "{baseUrl}/login/oauth2/code/{registrationId}"
+        provider:
+          baeldung:
+            token-uri: http://localhost:7070/authserver/oauth/token
+            authorization-uri: http://localhost:7070/authserver/oauth/authorize
+            user-info-uri: http://localhost:9000/user
 
 person:
   url: http://localhost:9000/person