From 84dd60e287d475e67c297019fafe608d7da45cbe Mon Sep 17 00:00:00 2001
From: anuragkumawat <anuragkumawat7@gmail.com>
Date: Sat, 29 Oct 2022 13:39:24 +0530
Subject: [PATCH] JAVA-14894 Update spring-security-web-react module under
 spring-security-modules to remove usage of deprecated
 WebSecurityConfigurerAdapter (#12916)

---
 .../baeldung/spring/SecSecurityConfig.java    | 88 ++++++++++---------
 1 file changed, 48 insertions(+), 40 deletions(-)

diff --git a/spring-security-modules/spring-security-web-react/src/main/java/com/baeldung/spring/SecSecurityConfig.java b/spring-security-modules/spring-security-web-react/src/main/java/com/baeldung/spring/SecSecurityConfig.java
index d560589cce..7e588f4d97 100644
--- a/spring-security-modules/spring-security-web-react/src/main/java/com/baeldung/spring/SecSecurityConfig.java
+++ b/spring-security-modules/spring-security-web-react/src/main/java/com/baeldung/spring/SecSecurityConfig.java
@@ -1,57 +1,65 @@
 package com.baeldung.spring;
 
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.http.HttpMethod;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
 
 @Configuration
 @EnableWebSecurity
 @Profile("!https")
-public class SecSecurityConfig extends WebSecurityConfigurerAdapter {
+public class SecSecurityConfig {
 
-    public SecSecurityConfig() {
-        super();
+    @Bean
+    public InMemoryUserDetailsManager userDetailsService() throws Exception {
+        UserDetails user1 = User.withUsername("user1")
+            .password("{noop}user1Pass")
+            .roles("USER")
+            .build();
+
+        UserDetails user2 = User.withUsername("user2")
+            .password("{noop}user2Pass")
+            .roles("USER")
+            .build();
+
+        UserDetails admin = User.withUsername("admin")
+            .password("{noop}admin0Pass")
+            .roles("ADMIN")
+            .build();
+        return new InMemoryUserDetailsManager(user1, user2, admin);
     }
 
-    @Override
-    protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
-        // @formatter:off
-        auth.inMemoryAuthentication()
-        .withUser("user1").password("{noop}user1Pass").roles("USER")
-        .and()
-        .withUser("user2").password("{noop}user2Pass").roles("USER")
-        .and()
-        .withUser("admin").password("{noop}admin0Pass").roles("ADMIN");
-        // @formatter:on
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http.csrf()
+            .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+            .and()
+            .authorizeRequests()
+            .antMatchers("/admin/**")
+            .hasRole("ADMIN")
+            .antMatchers("/anonymous*")
+            .anonymous()
+            .antMatchers(HttpMethod.GET, "/index*", "/static/**", "/*.js", "/*.json", "/*.ico", "/rest")
+            .permitAll()
+            .anyRequest()
+            .authenticated()
+            .and()
+            .formLogin()
+            .loginPage("/index.html")
+            .loginProcessingUrl("/perform_login")
+            .defaultSuccessUrl("/homepage.html", true)
+            .failureUrl("/index.html?error=true")
+            .and()
+            .logout()
+            .logoutUrl("/perform_logout")
+            .deleteCookies("JSESSIONID");
+        return http.build();
     }
-
-    @Override
-    protected void configure(final HttpSecurity http) throws Exception {
-        // @formatter:off
-        http
-        .csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()
-        .authorizeRequests()
-        .antMatchers("/admin/**").hasRole("ADMIN")
-        .antMatchers("/anonymous*").anonymous()
-        .antMatchers(HttpMethod.GET, "/index*", "/static/**", "/*.js", "/*.json", "/*.ico", "/rest").permitAll()
-        .anyRequest().authenticated()
-        .and()
-        .formLogin()
-        .loginPage("/index.html")
-        .loginProcessingUrl("/perform_login")
-        .defaultSuccessUrl("/homepage.html",true)
-        .failureUrl("/index.html?error=true")
-        .and()
-        .logout()
-        .logoutUrl("/perform_logout")
-        .deleteCookies("JSESSIONID");
-        // @formatter:on
-    }
-
-
 }