Use lambda spring security config style

codecentric · Jan 12, 2020 · c380d4e · c380d4e
1 parent 6e64eb7
commit c380d4e
Show file tree

Hide file tree

Showing 8 changed files with 155 additions and 165 deletions.
diff --git a/...mple-consul/src/main/java/de/codecentric/boot/admin/SpringBootAdminConsulApplication.java b/...mple-consul/src/main/java/de/codecentric/boot/admin/SpringBootAdminConsulApplication.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2019 the original author or authors.
+ * Copyright 2014-2020 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -22,6 +22,7 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
@@ -53,12 +54,14 @@ public SecurityPermitAllConfig(AdminServerProperties adminServerProperties) {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
-			http.authorizeRequests().anyRequest().permitAll().and().csrf()
-					.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(
-							new AntPathRequestMatcher(this.adminContextPath + "/instances", HttpMethod.POST.toString()),
-							new AntPathRequestMatcher(this.adminContextPath + "/instances/*",
-									HttpMethod.DELETE.toString()),
-							new AntPathRequestMatcher(this.adminContextPath + "/actuator/**"));
+			http.authorizeRequests((authorizeRequests) -> authorizeRequests.anyRequest().permitAll())
+					.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+							.ignoringRequestMatchers(
+									new AntPathRequestMatcher(this.adminContextPath + "/instances",
+											HttpMethod.POST.toString()),
+									new AntPathRequestMatcher(this.adminContextPath + "/instances/*",
+											HttpMethod.DELETE.toString()),
+									new AntPathRequestMatcher(this.adminContextPath + "/actuator/**")));
 		}
 
 	}
@@ -75,27 +78,24 @@ public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
-			// @formatter:off
 			SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
 			successHandler.setTargetUrlParameter("redirectTo");
 			successHandler.setDefaultTargetUrl(this.adminContextPath + "/");
 
-			http.authorizeRequests()
-				.antMatchers(this.adminContextPath + "/assets/**").permitAll()
-				.antMatchers(this.adminContextPath + "/login").permitAll()
-				.anyRequest().authenticated()
-				.and()
-			.formLogin().loginPage(this.adminContextPath + "/login").successHandler(successHandler).and()
-			.logout().logoutUrl(this.adminContextPath + "/logout").and()
-			.httpBasic().and()
-			.csrf()
-				.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
-				.ignoringRequestMatchers(
-					new AntPathRequestMatcher(this.adminContextPath + "/instances", HttpMethod.POST.toString()),
-					new AntPathRequestMatcher(this.adminContextPath + "/instances/*", HttpMethod.DELETE.toString()),
-					new AntPathRequestMatcher(this.adminContextPath + "/actuator/**")
-				);
-			// @formatter:on
+			http.authorizeRequests((authorizeRequests) -> authorizeRequests
+					.antMatchers(this.adminContextPath + "/assets/**").permitAll()
+					.antMatchers(this.adminContextPath + "/login").permitAll().anyRequest().authenticated())
+					.formLogin((formLogin) -> formLogin.loginPage(this.adminContextPath + "/login")
+							.successHandler(successHandler))
+					.logout((logout) -> logout.logoutUrl(this.adminContextPath + "/logout"))
+					.httpBasic(Customizer.withDefaults())
+					.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+							.ignoringRequestMatchers(
+									new AntPathRequestMatcher(this.adminContextPath + "/instances",
+											HttpMethod.POST.toString()),
+									new AntPathRequestMatcher(this.adminContextPath + "/instances/*",
+											HttpMethod.DELETE.toString()),
+									new AntPathRequestMatcher(this.adminContextPath + "/actuator/**")));
 		}
 
 	}

diff --git a/...mple-eureka/src/main/java/de/codecentric/boot/admin/SpringBootAdminEurekaApplication.java b/...mple-eureka/src/main/java/de/codecentric/boot/admin/SpringBootAdminEurekaApplication.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2019 the original author or authors.
+ * Copyright 2014-2020 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -22,6 +22,7 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
@@ -53,12 +54,15 @@ public SecurityPermitAllConfig(AdminServerProperties adminServerProperties) {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
-			http.authorizeRequests().anyRequest().permitAll().and().csrf()
-					.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(
-							new AntPathRequestMatcher(this.adminContextPath + "/instances", HttpMethod.POST.toString()),
-							new AntPathRequestMatcher(this.adminContextPath + "/instances/*",
-									HttpMethod.DELETE.toString()),
-							new AntPathRequestMatcher(this.adminContextPath + "/actuator/**"));
+			http.authorizeRequests((authorizeRequests) -> authorizeRequests.anyRequest().permitAll())
+					.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+							.ignoringRequestMatchers(
+									new AntPathRequestMatcher(this.adminContextPath + "/instances",
+											HttpMethod.POST.toString()),
+									new AntPathRequestMatcher(this.adminContextPath + "/instances/*",
+											HttpMethod.DELETE.toString()),
+									new AntPathRequestMatcher(this.adminContextPath + "/actuator/**")));
+
 		}
 
 	}
@@ -75,27 +79,24 @@ public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
-			// @formatter:off
 			SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
 			successHandler.setTargetUrlParameter("redirectTo");
 			successHandler.setDefaultTargetUrl(this.adminContextPath + "/");
 
-			http.authorizeRequests()
-				.antMatchers(this.adminContextPath + "/assets/**").permitAll()
-				.antMatchers(this.adminContextPath + "/login").permitAll()
-				.anyRequest().authenticated()
-				.and()
-			.formLogin().loginPage(this.adminContextPath + "/login").successHandler(successHandler).and()
-			.logout().logoutUrl(this.adminContextPath + "/logout").and()
-			.httpBasic().and()
-			.csrf()
-				.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
-				.ignoringRequestMatchers(
-					new AntPathRequestMatcher(this.adminContextPath + "/instances", HttpMethod.POST.toString()),
-					new AntPathRequestMatcher(this.adminContextPath + "/instances/*", HttpMethod.DELETE.toString()),
-					new AntPathRequestMatcher(this.adminContextPath + "/actuator/**")
-				);
-			// @formatter:on
+			http.authorizeRequests((authorizeRequests) -> authorizeRequests
+					.antMatchers(this.adminContextPath + "/assets/**").permitAll()
+					.antMatchers(this.adminContextPath + "/login").permitAll().anyRequest().authenticated())
+					.formLogin((formLogin) -> formLogin.loginPage(this.adminContextPath + "/login")
+							.successHandler(successHandler))
+					.logout((logout) -> logout.logoutUrl(this.adminContextPath + "/logout"))
+					.httpBasic(Customizer.withDefaults())
+					.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+							.ignoringRequestMatchers(
+									new AntPathRequestMatcher(this.adminContextPath + "/instances",
+											HttpMethod.POST.toString()),
+									new AntPathRequestMatcher(this.adminContextPath + "/instances/*",
+											HttpMethod.DELETE.toString()),
+									new AntPathRequestMatcher(this.adminContextPath + "/actuator/**")));
 		}
 
 	}

diff --git a/...azelcast/src/main/java/de/codecentric/boot/admin/SpringBootAdminHazelcastApplication.java b/...azelcast/src/main/java/de/codecentric/boot/admin/SpringBootAdminHazelcastApplication.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2019 the original author or authors.
+ * Copyright 2014-2020 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -31,6 +31,7 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
@@ -41,10 +42,8 @@
 import de.codecentric.boot.admin.server.config.AdminServerProperties;
 import de.codecentric.boot.admin.server.config.EnableAdminServer;
 import de.codecentric.boot.admin.server.notify.Notifier;
-
-import static de.codecentric.boot.admin.server.config.AdminServerHazelcastAutoConfiguration.DEFAULT_NAME_EVENT_STORE_MAP;
-import static de.codecentric.boot.admin.server.config.AdminServerHazelcastAutoConfiguration.DEFAULT_NAME_SENT_NOTIFICATIONS_MAP;
-import static java.util.Collections.singletonList;
+import static de.codecentric.boot.admin.server.config.AdminServerHazelcastAutoConfiguration.*;
+import static java.util.Collections.*;
 
 @Configuration(proxyBeanMethods = false)
 @EnableAutoConfiguration
@@ -106,13 +105,14 @@ public SecurityPermitAllConfig(AdminServerProperties adminServer) {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
-			http.authorizeRequests().anyRequest().permitAll().and().csrf()
-					.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
-					.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(
-							new AntPathRequestMatcher(this.adminServer.path("/instances"), HttpMethod.POST.toString()),
-							new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
-									HttpMethod.DELETE.toString()),
-							new AntPathRequestMatcher(this.adminServer.path("/actuator/**")));
+			http.authorizeRequests((authorizeRequests) -> authorizeRequests.anyRequest().permitAll())
+					.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+							.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(
+									new AntPathRequestMatcher(this.adminServer.path("/instances"),
+											HttpMethod.POST.toString()),
+									new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
+											HttpMethod.DELETE.toString()),
+									new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))));
 		}
 
 	}
@@ -129,28 +129,24 @@ public SecuritySecureConfig(AdminServerProperties adminServer) {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
-			// @formatter:off
 			SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
 			successHandler.setTargetUrlParameter("redirectTo");
 			successHandler.setDefaultTargetUrl(this.adminServer.path("/"));
 
-			http.authorizeRequests()
-				.antMatchers(this.adminServer.path("/assets/**")).permitAll()
-				.antMatchers(this.adminServer.path("/login")).permitAll()
-				.anyRequest().authenticated()
-				.and()
-			.formLogin().loginPage(this.adminServer.path("/login")).successHandler(successHandler).and()
-			.logout().logoutUrl(this.adminServer.path("/logout")).and()
-			.httpBasic().and()
-			.csrf()
-				.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
-								.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
-				.ignoringRequestMatchers(
-					new AntPathRequestMatcher(this.adminServer.path("/instances"), HttpMethod.POST.toString()),
-					new AntPathRequestMatcher(this.adminServer.path("/instances/*"), HttpMethod.DELETE.toString()),
-					new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))
-				);
-			// @formatter:on
+			http.authorizeRequests((authorizeRequests) -> authorizeRequests
+					.antMatchers(this.adminServer.path("/assets/**")).permitAll()
+					.antMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated())
+					.formLogin((formLogin) -> formLogin.loginPage(this.adminServer.path("/login"))
+							.successHandler(successHandler))
+					.logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout")))
+					.httpBasic(Customizer.withDefaults())
+					.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+							.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(
+									new AntPathRequestMatcher(this.adminServer.path("/instances"),
+											HttpMethod.POST.toString()),
+									new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
+											HttpMethod.DELETE.toString()),
+									new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))));
 		}
 
 	}

diff --git a/...-reactive/src/main/java/de/codecentric/boot/admin/SpringBootAdminReactiveApplication.java b/...-reactive/src/main/java/de/codecentric/boot/admin/SpringBootAdminReactiveApplication.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2019 the original author or authors.
+ * Copyright 2014-2020 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -21,6 +21,7 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 
@@ -47,26 +48,20 @@ public static void main(String[] args) {
 	@Bean
 	@Profile("insecure")
 	public SecurityWebFilterChain securityWebFilterChainPermitAll(ServerHttpSecurity http) {
-		return http.authorizeExchange().anyExchange().permitAll()//
-				.and().csrf().disable()//
-				.build();
+		return http.authorizeExchange((authorizeExchange) -> authorizeExchange.anyExchange().permitAll())
+				.csrf(ServerHttpSecurity.CsrfSpec::disable).build();
 	}
 
 	@Bean
 	@Profile("secure")
 	public SecurityWebFilterChain securityWebFilterChainSecure(ServerHttpSecurity http) {
-		// @formatter:off
-		return http.authorizeExchange()
-				.pathMatchers(this.adminServer.path("/assets/**")).permitAll()
-				.pathMatchers(this.adminServer.path("/login")).permitAll()
-				.anyExchange().authenticated()
-				.and()
-			.formLogin().loginPage(this.adminServer.path("/login")).and()
-			.logout().logoutUrl(this.adminServer.path("/logout")).and()
-			.httpBasic().and()
-			.csrf().disable()
-			.build();
-		// @formatter:on
+		return http
+				.authorizeExchange((authorizeExchange) -> authorizeExchange
+						.pathMatchers(this.adminServer.path("/assets/**")).permitAll()
+						.pathMatchers(this.adminServer.path("/login")).permitAll().anyExchange().authenticated())
+				.formLogin((formLogin) -> formLogin.loginPage(this.adminServer.path("/login")))
+				.logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout")))
+				.httpBasic(Customizer.withDefaults()).csrf(ServerHttpSecurity.CsrfSpec::disable).build();
 	}
 
 	@Bean

diff --git a/...admin-sample-servlet/src/main/java/de/codecentric/boot/admin/SecurityPermitAllConfig.java b/...admin-sample-servlet/src/main/java/de/codecentric/boot/admin/SecurityPermitAllConfig.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2019 the original author or authors.
+ * Copyright 2014-2020 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -38,11 +38,11 @@ public SecurityPermitAllConfig(AdminServerProperties adminServer) {
 
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
-		http.authorizeRequests().anyRequest().permitAll().and().csrf()
+		http.authorizeRequests((authorizeRequest) -> authorizeRequest.anyRequest().permitAll()).csrf((csrf) -> csrf
 				.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(
 						new AntPathRequestMatcher(this.adminServer.path("/instances"), HttpMethod.POST.toString()),
 						new AntPathRequestMatcher(this.adminServer.path("/instances/*"), HttpMethod.DELETE.toString()),
-						new AntPathRequestMatcher(this.adminServer.path("/actuator/**")));
+						new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))));
 	}
 
 }
diff --git a/...ot-admin-sample-servlet/src/main/java/de/codecentric/boot/admin/SecuritySecureConfig.java b/...ot-admin-sample-servlet/src/main/java/de/codecentric/boot/admin/SecuritySecureConfig.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2019 the original author or authors.
+ * Copyright 2014-2020 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -21,6 +21,7 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@@ -43,29 +44,25 @@ public SecuritySecureConfig(AdminServerProperties adminServer) {
 
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
-		// @formatter:off
 		SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
 		successHandler.setTargetUrlParameter("redirectTo");
 		successHandler.setDefaultTargetUrl(this.adminServer.path("/"));
 
-		http.authorizeRequests()
-			.antMatchers(this.adminServer.path("/assets/**")).permitAll() // <1>
-			.antMatchers(this.adminServer.path("/login")).permitAll()
-			.anyRequest().authenticated() // <2>
-			.and()
-		.formLogin().loginPage(this.adminServer.path("/login")).successHandler(successHandler).and() // <3>
-		.logout().logoutUrl(this.adminServer.path("/logout")).and()
-		.httpBasic().and() // <4>
-		.csrf()
-			.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) // <5>
-			.ignoringRequestMatchers(
-				new AntPathRequestMatcher(this.adminServer.path("/instances"), HttpMethod.POST.toString()),  // <6>
-				new AntPathRequestMatcher(this.adminServer.path("/instances/*"), HttpMethod.DELETE.toString()),  // <6>
-				new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))  // <7>
-			)
-		.and()
-		.rememberMe().key(UUID.randomUUID().toString()).tokenValiditySeconds(1209600);
-		// @formatter:on
+		http.authorizeRequests(
+				(authorizeRequests) -> authorizeRequests.antMatchers(this.adminServer.path("/assets/**")).permitAll() // <1>
+						.antMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated() // <2>
+		).formLogin(
+				(formLogin) -> formLogin.loginPage(this.adminServer.path("/login")).successHandler(successHandler).and() // <3>
+		).logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout"))).httpBasic(Customizer.withDefaults()) // <4>
+				.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) // <5>
+						.ignoringRequestMatchers(
+								new AntPathRequestMatcher(this.adminServer.path("/instances"),
+										HttpMethod.POST.toString()), // <6>
+								new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
+										HttpMethod.DELETE.toString()), // <6>
+								new AntPathRequestMatcher(this.adminServer.path("/actuator/**")) // <7>
+						))
+				.rememberMe((rememberMe) -> rememberMe.key(UUID.randomUUID().toString()).tokenValiditySeconds(1209600));
 	}
 
 	// Required to provide UserDetailsService for "remember functionality"