JAVA-15686 Update spring-cloud-security module under spring-cloud-modules to remove usage of deprecated WebSecurityConfigurerAdapter (#12987)
This commit is contained in:
parent
2beab43784
commit
8339687190
|
@ -65,6 +65,10 @@
|
|||
<groupId>org.springframework.security.oauth.boot</groupId>
|
||||
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-oauth2-client</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
|
|
@ -1,27 +1,26 @@
|
|||
package com.baeldung.config;
|
||||
|
||||
import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
|
||||
import org.springframework.boot.web.client.RestTemplateBuilder;
|
||||
import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.client.ClientHttpRequestInterceptor;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.oauth2.client.OAuth2ClientContext;
|
||||
import org.springframework.security.oauth2.client.OAuth2RestOperations;
|
||||
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
|
||||
import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
|
||||
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
|
||||
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
|
||||
import org.springframework.web.client.RestOperations;
|
||||
|
||||
@EnableZuulProxy
|
||||
@Configuration
|
||||
@EnableOAuth2Sso
|
||||
public class SiteSecurityConfigurer
|
||||
extends
|
||||
WebSecurityConfigurerAdapter {
|
||||
public class SiteSecurityConfigurer {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http)
|
||||
throws Exception {
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
http.antMatcher("/**")
|
||||
.authorizeRequests()
|
||||
.antMatchers("/", "/webjars/**")
|
||||
|
@ -34,16 +33,23 @@ public class SiteSecurityConfigurer
|
|||
.permitAll()
|
||||
.and()
|
||||
.csrf()
|
||||
.csrfTokenRepository(
|
||||
CookieCsrfTokenRepository
|
||||
.withHttpOnlyFalse());
|
||||
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
|
||||
.and()
|
||||
.oauth2Login();
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public OAuth2RestOperations restOperations(
|
||||
OAuth2ProtectedResourceDetails resource,
|
||||
OAuth2ClientContext context) {
|
||||
return new OAuth2RestTemplate(resource, context);
|
||||
public RestOperations restTemplate(OAuth2AuthorizedClientService clientService) {
|
||||
return new RestTemplateBuilder().interceptors((ClientHttpRequestInterceptor) (httpRequest, bytes, execution) -> {
|
||||
OAuth2AuthenticationToken token = OAuth2AuthenticationToken.class.cast(SecurityContextHolder.getContext()
|
||||
.getAuthentication());
|
||||
OAuth2AuthorizedClient client = clientService.loadAuthorizedClient(token.getAuthorizedClientRegistrationId(), token.getName());
|
||||
httpRequest.getHeaders()
|
||||
.add(HttpHeaders.AUTHORIZATION, "Bearer " + client.getAccessToken()
|
||||
.getTokenValue());
|
||||
return execution.execute(httpRequest, bytes);
|
||||
})
|
||||
.build();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -6,15 +6,21 @@ server:
|
|||
context-path: /
|
||||
|
||||
# Configure the Authorization Server and User Info Resource Server details
|
||||
security:
|
||||
spring:
|
||||
security:
|
||||
oauth2:
|
||||
client:
|
||||
accessTokenUri: http://localhost:7070/authserver/oauth/token
|
||||
userAuthorizationUri: http://localhost:7070/authserver/oauth/authorize
|
||||
clientId: authserver
|
||||
clientSecret: passwordforauthserver
|
||||
resource:
|
||||
userInfoUri: http://localhost:9000/user
|
||||
registration:
|
||||
baeldung:
|
||||
client-id: authserver
|
||||
client-secret: passwordforauthserver
|
||||
authorization-grant-type: authorization_code
|
||||
redirect-uri: "{baseUrl}/login/oauth2/code/{registrationId}"
|
||||
provider:
|
||||
baeldung:
|
||||
token-uri: http://localhost:7070/authserver/oauth/token
|
||||
authorization-uri: http://localhost:7070/authserver/oauth/authorize
|
||||
user-info-uri: http://localhost:9000/user
|
||||
|
||||
person:
|
||||
url: http://localhost:9000/person
|
||||
|
|
Loading…
Reference in New Issue