From 0f0c9c974722b94e85688bb6572e092b06e07ed4 Mon Sep 17 00:00:00 2001
From: Joe Grandja <jgrandja@vmware.com>
Date: Thu, 11 May 2023 12:31:03 -0400
Subject: [PATCH] Remove FederatedIdentityConfigurer from demo sample

Issue gh-1208
---
 .../asciidoc/guides/how-to-social-login.adoc  | 35 --------
 .../config/AuthorizationServerConfig.java     |  6 +-
 .../sample/config/DefaultSecurityConfig.java  | 15 +++-
 .../FederatedIdentityConfigurer.java          | 84 -------------------
 4 files changed, 16 insertions(+), 124 deletions(-)
 delete mode 100644 samples/demo-authorizationserver/src/main/java/sample/federation/FederatedIdentityConfigurer.java

diff --git a/docs/src/docs/asciidoc/guides/how-to-social-login.adoc b/docs/src/docs/asciidoc/guides/how-to-social-login.adoc
index 4caeee53..8bd2c667 100644
--- a/docs/src/docs/asciidoc/guides/how-to-social-login.adoc
+++ b/docs/src/docs/asciidoc/guides/how-to-social-login.adoc
@@ -123,7 +123,6 @@ Select from the following use cases to see an example of each:
 
 * I want to <<advanced-use-cases-capture-users>>
 * I want to <<advanced-use-cases-map-claims>>
-* I want to <<advanced-use-cases-configurer>>
 
 [[advanced-use-cases-capture-users]]
 === Capture Users in a Database
@@ -166,37 +165,3 @@ public OAuth2TokenCustomizer<JwtEncodingContext> idTokenCustomizer() {
     return new FederatedIdentityIdTokenCustomizer();
 }
 ----
-
-[[advanced-use-cases-configurer]]
-=== Create My Own Configurer
-
-The following example `SecurityConfigurer` combines configuration for all of the above examples into a single reusable component:
-
-.`FederatedIdentityConfigurer`
-[source,java]
-----
-include::{samples-dir}/demo-authorizationserver/src/main/java/sample/federation/FederatedIdentityConfigurer.java[tags=imports;class]
-----
-
-The configurer can be applied using the Spring Security DSL as in the following example:
-
-.Apply Configurer
-[source,java]
-----
-http.apply(new FederatedIdentityConfigurer());
-----
-
-The configurer also has its own DSL to customize the defaults.
-Here's a full example:
-
-.Customize using Configurer
-[source,java]
-----
-http.apply(new FederatedIdentityConfigurer())
-	.oauth2UserHandler((oauth2User) -> {
-		// TODO: Handle login of an OAuth2 user...
-	})
-	.oidcUserHandler((oidcUser) -> {
-		// TODO: Handle login of an OIDC user...
-	});
-----
diff --git a/samples/demo-authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java b/samples/demo-authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java
index 4c010a8d..cd213373 100644
--- a/samples/demo-authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java
+++ b/samples/demo-authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java
@@ -22,9 +22,8 @@ import com.nimbusds.jose.jwk.RSAKey;
 import com.nimbusds.jose.jwk.source.JWKSource;
 import com.nimbusds.jose.proc.SecurityContext;
 import sample.authentication.DeviceClientAuthenticationProvider;
-import sample.jose.Jwks;
-import sample.federation.FederatedIdentityConfigurer;
 import sample.federation.FederatedIdentityIdTokenCustomizer;
+import sample.jose.Jwks;
 import sample.web.authentication.DeviceClientAuthenticationConverter;
 
 import org.springframework.context.annotation.Bean;
@@ -121,8 +120,7 @@ public class AuthorizationServerConfig {
 				exceptions.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login"))
 			)
 			.oauth2ResourceServer(oauth2ResourceServer ->
-				oauth2ResourceServer.jwt(Customizer.withDefaults()))
-			.apply(new FederatedIdentityConfigurer());
+				oauth2ResourceServer.jwt(Customizer.withDefaults()));
 		// @formatter:on
 		return http.build();
 	}
diff --git a/samples/demo-authorizationserver/src/main/java/sample/config/DefaultSecurityConfig.java b/samples/demo-authorizationserver/src/main/java/sample/config/DefaultSecurityConfig.java
index 49899da4..df2bd4c6 100644
--- a/samples/demo-authorizationserver/src/main/java/sample/config/DefaultSecurityConfig.java
+++ b/samples/demo-authorizationserver/src/main/java/sample/config/DefaultSecurityConfig.java
@@ -15,6 +15,8 @@
  */
 package sample.config;
 
+import sample.federation.FederatedIdentityAuthenticationSuccessHandler;
+
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -26,6 +28,7 @@ import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.session.HttpSessionEventPublisher;
 
 /**
@@ -47,13 +50,23 @@ public class DefaultSecurityConfig {
 					.anyRequest().authenticated()
 			)
 			.formLogin(formLogin ->
-				formLogin.loginPage("/login")
+				formLogin
+					.loginPage("/login")
+			)
+			.oauth2Login(oauth2Login ->
+				oauth2Login
+					.loginPage("/login")
+					.successHandler(authenticationSuccessHandler())
 			);
 
 		return http.build();
 	}
 	// @formatter:on
 
+	private AuthenticationSuccessHandler authenticationSuccessHandler() {
+		return new FederatedIdentityAuthenticationSuccessHandler();
+	}
+
 	// @formatter:off
 	@Bean
 	public UserDetailsService users() {
diff --git a/samples/demo-authorizationserver/src/main/java/sample/federation/FederatedIdentityConfigurer.java b/samples/demo-authorizationserver/src/main/java/sample/federation/FederatedIdentityConfigurer.java
deleted file mode 100644
index 96079a43..00000000
--- a/samples/demo-authorizationserver/src/main/java/sample/federation/FederatedIdentityConfigurer.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * Copyright 2020-2023 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package sample.federation;
-
-// tag::imports[]
-
-import java.util.function.Consumer;
-
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
-import org.springframework.security.oauth2.core.oidc.user.OidcUser;
-import org.springframework.security.oauth2.core.user.OAuth2User;
-import org.springframework.util.Assert;
-// end::imports[]
-
-/**
- * A configurer for setting up Federated Identity Management.
- *
- * @author Steve Riesenberg
- * @since 1.1
- */
-// tag::class[]
-public final class FederatedIdentityConfigurer extends AbstractHttpConfigurer<FederatedIdentityConfigurer, HttpSecurity> {
-
-	private Consumer<OAuth2User> oauth2UserHandler;
-
-	private Consumer<OidcUser> oidcUserHandler;
-
-	/**
-	 * @param oauth2UserHandler The {@link Consumer} for performing JIT account provisioning
-	 * with an OAuth 2.0 IDP
-	 * @return This configurer for additional configuration
-	 */
-	public FederatedIdentityConfigurer oauth2UserHandler(Consumer<OAuth2User> oauth2UserHandler) {
-		Assert.notNull(oauth2UserHandler, "oauth2UserHandler cannot be null");
-		this.oauth2UserHandler = oauth2UserHandler;
-		return this;
-	}
-
-	/**
-	 * @param oidcUserHandler The {@link Consumer} for performing JIT account provisioning
-	 * with an OpenID Connect 1.0 IDP
-	 * @return This configurer for additional configuration
-	 */
-	public FederatedIdentityConfigurer oidcUserHandler(Consumer<OidcUser> oidcUserHandler) {
-		Assert.notNull(oidcUserHandler, "oidcUserHandler cannot be null");
-		this.oidcUserHandler = oidcUserHandler;
-		return this;
-	}
-
-	// @formatter:off
-	@Override
-	public void init(HttpSecurity http) throws Exception {
-		FederatedIdentityAuthenticationSuccessHandler authenticationSuccessHandler =
-			new FederatedIdentityAuthenticationSuccessHandler();
-		if (this.oauth2UserHandler != null) {
-			authenticationSuccessHandler.setOAuth2UserHandler(this.oauth2UserHandler);
-		}
-		if (this.oidcUserHandler != null) {
-			authenticationSuccessHandler.setOidcUserHandler(this.oidcUserHandler);
-		}
-
-		http
-			.oauth2Login(oauth2Login ->
-					oauth2Login.successHandler(authenticationSuccessHandler)
-			);
-	}
-	// @formatter:on
-
-}
-// end::class[]