JAVA-14885 Update spring-security-oidc module under spring-security-modules to remove usage of deprecated WebSecurityConfigurerAdapter (#12826)
This commit is contained in:
parent
25a1270d7c
commit
991e0673b2
@ -3,16 +3,17 @@ package com.baeldung.openid.oidc.login.config;
|
|||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService;
|
import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService;
|
||||||
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {// @formatter:off
|
public class OAuth2LoginSecurityConfig {
|
||||||
|
|
||||||
@Override
|
@Bean
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
Set<String> googleScopes = new HashSet<>();
|
Set<String> googleScopes = new HashSet<>();
|
||||||
googleScopes.add("https://www.googleapis.com/auth/userinfo.email");
|
googleScopes.add("https://www.googleapis.com/auth/userinfo.email");
|
||||||
googleScopes.add("https://www.googleapis.com/auth/userinfo.profile");
|
googleScopes.add("https://www.googleapis.com/auth/userinfo.profile");
|
||||||
@ -21,8 +22,9 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {//
|
|||||||
googleUserService.setAccessibleScopes(googleScopes);
|
googleUserService.setAccessibleScopes(googleScopes);
|
||||||
|
|
||||||
http.authorizeRequests(authorizeRequests -> authorizeRequests.anyRequest()
|
http.authorizeRequests(authorizeRequests -> authorizeRequests.anyRequest()
|
||||||
.authenticated())
|
.authenticated())
|
||||||
.oauth2Login(oauthLogin -> oauthLogin.userInfoEndpoint()
|
.oauth2Login(oauthLogin -> oauthLogin.userInfoEndpoint()
|
||||||
.oidcUserService(googleUserService));
|
.oidcUserService(googleUserService));
|
||||||
}// @formatter:on
|
return http.build();
|
||||||
|
}
|
||||||
}
|
}
|
@ -3,29 +3,30 @@ package com.baeldung.openid.oidc.sessionmanagement.config;
|
|||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.oauth2.client.oidc.web.logout.OidcClientInitiatedLogoutSuccessHandler;
|
import org.springframework.security.oauth2.client.oidc.web.logout.OidcClientInitiatedLogoutSuccessHandler;
|
||||||
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
|
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
|
||||||
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
|
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
public class OAuth2SessionManagementSecurityConfig extends WebSecurityConfigurerAdapter {
|
public class OAuth2SessionManagementSecurityConfig {
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
private ClientRegistrationRepository clientRegistrationRepository;
|
private ClientRegistrationRepository clientRegistrationRepository;
|
||||||
|
|
||||||
@Override
|
@Bean
|
||||||
protected void configure(HttpSecurity http) throws Exception { // @formatter:off
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
http.authorizeRequests(authorizeRequests -> authorizeRequests.mvcMatchers("/home")
|
http.authorizeRequests(authorizeRequests -> authorizeRequests.mvcMatchers("/home")
|
||||||
.permitAll()
|
.permitAll()
|
||||||
.anyRequest()
|
.anyRequest()
|
||||||
.authenticated())
|
.authenticated())
|
||||||
.oauth2Login(oauthLogin -> oauthLogin.permitAll())
|
.oauth2Login(oauthLogin -> oauthLogin.permitAll())
|
||||||
.logout(logout -> logout.logoutSuccessHandler(oidcLogoutSuccessHandler()));
|
.logout(logout -> logout.logoutSuccessHandler(oidcLogoutSuccessHandler()));
|
||||||
} // @formatter:on
|
return http.build();
|
||||||
|
}
|
||||||
|
|
||||||
private LogoutSuccessHandler oidcLogoutSuccessHandler() {
|
private LogoutSuccessHandler oidcLogoutSuccessHandler() {
|
||||||
OidcClientInitiatedLogoutSuccessHandler oidcLogoutSuccessHandler = new OidcClientInitiatedLogoutSuccessHandler(this.clientRegistrationRepository);
|
OidcClientInitiatedLogoutSuccessHandler oidcLogoutSuccessHandler = new OidcClientInitiatedLogoutSuccessHandler(this.clientRegistrationRepository);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user