iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

JAVA-14885 Update spring-security-oidc module under spring-security-modules to remove usage of deprecated WebSecurityConfigurerAdapter (#12826)

This commit is contained in:
anuragkumawat 2022-10-10 23:18:19 +05:30 committed by GitHub
parent 25a1270d7c
commit 991e0673b2
2 changed files with 19 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
spring-security-modules/spring-security-oidc/src/main/java/com/baeldung/openid/oidc/login/config/OAuth2LoginSecurityConfig.java
View File

@ -3,16 +3,17 @@ package com.baeldung.openid.oidc.login.config;
import java.util.HashSet; import java.util.HashSet;
import java.util.Set; import java.util.Set;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService; import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService;
import org.springframework.security.web.SecurityFilterChain;
@Configuration @Configuration
public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {// @formatter:off public class OAuth2LoginSecurityConfig {
@Override @Bean
protected void configure(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
Set<String> googleScopes = new HashSet<>(); Set<String> googleScopes = new HashSet<>();
googleScopes.add("https://www.googleapis.com/auth/userinfo.email"); googleScopes.add("https://www.googleapis.com/auth/userinfo.email");
googleScopes.add("https://www.googleapis.com/auth/userinfo.profile"); googleScopes.add("https://www.googleapis.com/auth/userinfo.profile");
@ -24,5 +25,6 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {//
.authenticated()) .authenticated())
.oauth2Login(oauthLogin -> oauthLogin.userInfoEndpoint() .oauth2Login(oauthLogin -> oauthLogin.userInfoEndpoint()
.oidcUserService(googleUserService)); .oidcUserService(googleUserService));
}// @formatter:on return http.build();
}
} }

13
spring-security-modules/spring-security-oidc/src/main/java/com/baeldung/openid/oidc/sessionmanagement/config/OAuth2SessionManagementSecurityConfig.java
View File

@ -3,29 +3,30 @@ package com.baeldung.openid.oidc.sessionmanagement.config;
import java.net.URI; import java.net.URI;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.client.oidc.web.logout.OidcClientInitiatedLogoutSuccessHandler; import org.springframework.security.oauth2.client.oidc.web.logout.OidcClientInitiatedLogoutSuccessHandler;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
@Configuration @Configuration
public class OAuth2SessionManagementSecurityConfig extends WebSecurityConfigurerAdapter { public class OAuth2SessionManagementSecurityConfig {
@Autowired @Autowired
private ClientRegistrationRepository clientRegistrationRepository; private ClientRegistrationRepository clientRegistrationRepository;
@Override @Bean
protected void configure(HttpSecurity http) throws Exception { // @formatter:off public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.authorizeRequests(authorizeRequests -> authorizeRequests.mvcMatchers("/home") http.authorizeRequests(authorizeRequests -> authorizeRequests.mvcMatchers("/home")
.permitAll() .permitAll()
.anyRequest() .anyRequest()
.authenticated()) .authenticated())
.oauth2Login(oauthLogin -> oauthLogin.permitAll()) .oauth2Login(oauthLogin -> oauthLogin.permitAll())
.logout(logout -> logout.logoutSuccessHandler(oidcLogoutSuccessHandler())); .logout(logout -> logout.logoutSuccessHandler(oidcLogoutSuccessHandler()));
} // @formatter:on return http.build();
}
private LogoutSuccessHandler oidcLogoutSuccessHandler() { private LogoutSuccessHandler oidcLogoutSuccessHandler() {
OidcClientInitiatedLogoutSuccessHandler oidcLogoutSuccessHandler = new OidcClientInitiatedLogoutSuccessHandler(this.clientRegistrationRepository); OidcClientInitiatedLogoutSuccessHandler oidcLogoutSuccessHandler = new OidcClientInitiatedLogoutSuccessHandler(this.clientRegistrationRepository);