From 49340885933bbb071c69b2b6fd164e7cc7e623ff Mon Sep 17 00:00:00 2001 From: Joe Grandja Date: Mon, 1 Aug 2022 10:45:50 -0400 Subject: [PATCH] Remove generic type from OAuth2AuthorizationServerConfigurer Closes gh-831 --- .../docs/asciidoc/configuration-model.adoc | 8 +- .../docs/asciidoc/core-model-components.adoc | 18 ++-- .../jwt/JwtUserInfoMapperSecurityConfig.java | 4 +- .../src/docs/asciidoc/protocol-endpoints.adoc | 32 +++--- ...Auth2AuthorizationServerConfiguration.java | 4 +- .../configurers/AbstractOAuth2Configurer.java | 6 +- ...OAuth2AuthorizationEndpointConfigurer.java | 26 ++--- .../OAuth2AuthorizationServerConfigurer.java | 50 +++++----- .../OAuth2ClientAuthenticationConfigurer.java | 24 ++--- .../configurers/OAuth2ConfigurerUtils.java | 98 +++++++++---------- .../OAuth2TokenEndpointConfigurer.java | 24 ++--- ...2TokenIntrospectionEndpointConfigurer.java | 24 ++--- ...uth2TokenRevocationEndpointConfigurer.java | 22 ++--- ...cClientRegistrationEndpointConfigurer.java | 22 ++--- .../web/configurers/OidcConfigurer.java | 18 ++-- .../OidcUserInfoEndpointConfigurer.java | 18 ++-- .../OAuth2AuthorizationCodeGrantTests.java | 16 +-- .../OAuth2ClientCredentialsGrantTests.java | 8 +- .../OAuth2TokenIntrospectionTests.java | 4 +- .../OAuth2TokenRevocationTests.java | 4 +- .../OidcClientRegistrationTests.java | 4 +- .../annotation/web/configurers/OidcTests.java | 4 +- .../web/configurers/OidcUserInfoTests.java | 12 +-- .../config/AuthorizationServerConfig.java | 4 +- 24 files changed, 227 insertions(+), 227 deletions(-) diff --git a/docs/src/docs/asciidoc/configuration-model.adoc b/docs/src/docs/asciidoc/configuration-model.adoc index 62a4dc6f..fac3f5d8 100644 --- a/docs/src/docs/asciidoc/configuration-model.adoc +++ b/docs/src/docs/asciidoc/configuration-model.adoc @@ -83,8 +83,8 @@ Furthermore, it lets you customize the request processing logic for the protocol ---- @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); authorizationServerConfigurer @@ -197,8 +197,8 @@ It defines extension points that let you customize the pre-processing, main proc ---- @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); authorizationServerConfigurer diff --git a/docs/src/docs/asciidoc/core-model-components.adoc b/docs/src/docs/asciidoc/core-model-components.adoc index 7a41f00d..2ce49089 100644 --- a/docs/src/docs/asciidoc/core-model-components.adoc +++ b/docs/src/docs/asciidoc/core-model-components.adoc @@ -120,8 +120,8 @@ Alternatively, you can configure the `RegisteredClientRepository` through the xr ---- @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); authorizationServerConfigurer @@ -213,8 +213,8 @@ Alternatively, you can configure the `OAuth2AuthorizationService` through the xr ---- @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); authorizationServerConfigurer @@ -285,8 +285,8 @@ Alternatively, you can configure the `OAuth2AuthorizationConsentService` through ---- @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); authorizationServerConfigurer @@ -396,8 +396,8 @@ Alternatively, you can configure the `OAuth2TokenGenerator` through the xref:con ---- @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); authorizationServerConfigurer @@ -488,4 +488,4 @@ public OAuth2TokenCustomizer jwtCustomizer() { If the `OAuth2TokenGenerator` is not provided as a `@Bean` or is not configured through the `OAuth2AuthorizationServerConfigurer`, an `OAuth2TokenCustomizer` `@Bean` will automatically be configured with a `JwtGenerator`. [TIP] -For an example showing how you can xref:guides/how-to-userinfo.adoc#customize-id-token[customize the ID token], see the guide xref:guides/how-to-userinfo.adoc#how-to-userinfo[How-to: Customize the OpenID Connect 1.0 UserInfo response]. \ No newline at end of file +For an example showing how you can xref:guides/how-to-userinfo.adoc#customize-id-token[customize the ID token], see the guide xref:guides/how-to-userinfo.adoc#how-to-userinfo[How-to: Customize the OpenID Connect 1.0 UserInfo response]. diff --git a/docs/src/docs/asciidoc/examples/src/main/java/sample/userinfo/jwt/JwtUserInfoMapperSecurityConfig.java b/docs/src/docs/asciidoc/examples/src/main/java/sample/userinfo/jwt/JwtUserInfoMapperSecurityConfig.java index 48b25efe..039258ba 100644 --- a/docs/src/docs/asciidoc/examples/src/main/java/sample/userinfo/jwt/JwtUserInfoMapperSecurityConfig.java +++ b/docs/src/docs/asciidoc/examples/src/main/java/sample/userinfo/jwt/JwtUserInfoMapperSecurityConfig.java @@ -63,8 +63,8 @@ public class JwtUserInfoMapperSecurityConfig { @Bean // <1> @Order(1) public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); RequestMatcher endpointsMatcher = authorizationServerConfigurer .getEndpointsMatcher(); diff --git a/docs/src/docs/asciidoc/protocol-endpoints.adoc b/docs/src/docs/asciidoc/protocol-endpoints.adoc index 83cd0fdc..c0f2f205 100644 --- a/docs/src/docs/asciidoc/protocol-endpoints.adoc +++ b/docs/src/docs/asciidoc/protocol-endpoints.adoc @@ -13,8 +13,8 @@ It defines extension points that let you customize the pre-processing, main proc ---- @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); authorizationServerConfigurer @@ -57,8 +57,8 @@ It defines extension points that let you customize the pre-processing, main proc ---- @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); authorizationServerConfigurer @@ -102,8 +102,8 @@ It defines extension points that let you customize the pre-processing, main proc ---- @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); authorizationServerConfigurer @@ -145,8 +145,8 @@ It defines extension points that let you customize the pre-processing, main proc ---- @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); authorizationServerConfigurer @@ -215,8 +215,8 @@ It defines extension points that let you customize the https://openid.net/specs/ ---- @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); authorizationServerConfigurer @@ -249,8 +249,8 @@ The following example shows how to enable the OAuth2 resource server configurati ---- @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); ... @@ -282,8 +282,8 @@ The following example shows how to enable (disabled by default) the OpenID Conne ---- @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); authorizationServerConfigurer @@ -323,8 +323,8 @@ The following example shows how to enable the OAuth2 resource server configurati ---- @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); ... diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configuration/OAuth2AuthorizationServerConfiguration.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configuration/OAuth2AuthorizationServerConfiguration.java index c623f3bd..324cdbb3 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configuration/OAuth2AuthorizationServerConfiguration.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configuration/OAuth2AuthorizationServerConfiguration.java @@ -57,8 +57,8 @@ public class OAuth2AuthorizationServerConfiguration { // @formatter:off public static void applyDefaultSecurity(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); RequestMatcher endpointsMatcher = authorizationServerConfigurer .getEndpointsMatcher(); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/AbstractOAuth2Configurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/AbstractOAuth2Configurer.java index 167e006c..56f128e0 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/AbstractOAuth2Configurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/AbstractOAuth2Configurer.java @@ -16,7 +16,7 @@ package org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers; import org.springframework.security.config.annotation.ObjectPostProcessor; -import org.springframework.security.config.annotation.web.HttpSecurityBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.web.util.matcher.RequestMatcher; /** @@ -32,9 +32,9 @@ abstract class AbstractOAuth2Configurer { this.objectPostProcessor = objectPostProcessor; } - abstract > void init(B builder); + abstract void init(HttpSecurity httpSecurity); - abstract > void configure(B builder); + abstract void configure(HttpSecurity httpSecurity); abstract RequestMatcher getRequestMatcher(); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationEndpointConfigurer.java index b0802d23..1516a779 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationEndpointConfigurer.java @@ -24,7 +24,7 @@ import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.config.annotation.ObjectPostProcessor; -import org.springframework.security.config.annotation.web.HttpSecurityBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.oauth2.core.OAuth2Error; import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationException; @@ -148,8 +148,8 @@ public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2C } @Override - > void init(B builder) { - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + void init(HttpSecurity httpSecurity) { + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); this.requestMatcher = new OrRequestMatcher( new AntPathRequestMatcher( providerSettings.getAuthorizationEndpoint(), @@ -161,15 +161,15 @@ public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2C List authenticationProviders = !this.authenticationProviders.isEmpty() ? this.authenticationProviders : - createDefaultAuthenticationProviders(builder); + createDefaultAuthenticationProviders(httpSecurity); authenticationProviders.forEach(authenticationProvider -> - builder.authenticationProvider(postProcess(authenticationProvider))); + httpSecurity.authenticationProvider(postProcess(authenticationProvider))); } @Override - > void configure(B builder) { - AuthenticationManager authenticationManager = builder.getSharedObject(AuthenticationManager.class); - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + void configure(HttpSecurity httpSecurity) { + AuthenticationManager authenticationManager = httpSecurity.getSharedObject(AuthenticationManager.class); + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); OAuth2AuthorizationEndpointFilter authorizationEndpointFilter = new OAuth2AuthorizationEndpointFilter( @@ -187,7 +187,7 @@ public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2C if (StringUtils.hasText(this.consentPage)) { authorizationEndpointFilter.setConsentPage(this.consentPage); } - builder.addFilterBefore(postProcess(authorizationEndpointFilter), AbstractPreAuthenticatedProcessingFilter.class); + httpSecurity.addFilterBefore(postProcess(authorizationEndpointFilter), AbstractPreAuthenticatedProcessingFilter.class); } @Override @@ -195,14 +195,14 @@ public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2C return this.requestMatcher; } - private > List createDefaultAuthenticationProviders(B builder) { + private List createDefaultAuthenticationProviders(HttpSecurity httpSecurity) { List authenticationProviders = new ArrayList<>(); OAuth2AuthorizationCodeRequestAuthenticationProvider authorizationCodeRequestAuthenticationProvider = new OAuth2AuthorizationCodeRequestAuthenticationProvider( - OAuth2ConfigurerUtils.getRegisteredClientRepository(builder), - OAuth2ConfigurerUtils.getAuthorizationService(builder), - OAuth2ConfigurerUtils.getAuthorizationConsentService(builder)); + OAuth2ConfigurerUtils.getRegisteredClientRepository(httpSecurity), + OAuth2ConfigurerUtils.getAuthorizationService(httpSecurity), + OAuth2ConfigurerUtils.getAuthorizationConsentService(httpSecurity)); authenticationProviders.add(authorizationCodeRequestAuthenticationProvider); return authenticationProviders; diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationServerConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationServerConfigurer.java index da3432c7..260a97f6 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationServerConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationServerConfigurer.java @@ -24,7 +24,7 @@ import com.nimbusds.jose.jwk.source.JWKSource; import org.springframework.http.HttpMethod; import org.springframework.http.HttpStatus; import org.springframework.security.config.Customizer; -import org.springframework.security.config.annotation.web.HttpSecurityBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer; import org.springframework.security.oauth2.core.OAuth2Token; @@ -66,8 +66,8 @@ import org.springframework.util.Assert; * @see NimbusJwkSetEndpointFilter * @see OAuth2AuthorizationServerMetadataEndpointFilter */ -public final class OAuth2AuthorizationServerConfigurer> - extends AbstractHttpConfigurer, B> { +public final class OAuth2AuthorizationServerConfigurer + extends AbstractHttpConfigurer { private final Map, AbstractOAuth2Configurer> configurers = createConfigurers(); private RequestMatcher jwkSetEndpointMatcher; @@ -87,7 +87,7 @@ public final class OAuth2AuthorizationServerConfigurer registeredClientRepository(RegisteredClientRepository registeredClientRepository) { + public OAuth2AuthorizationServerConfigurer registeredClientRepository(RegisteredClientRepository registeredClientRepository) { Assert.notNull(registeredClientRepository, "registeredClientRepository cannot be null"); getBuilder().setSharedObject(RegisteredClientRepository.class, registeredClientRepository); return this; @@ -99,7 +99,7 @@ public final class OAuth2AuthorizationServerConfigurer authorizationService(OAuth2AuthorizationService authorizationService) { + public OAuth2AuthorizationServerConfigurer authorizationService(OAuth2AuthorizationService authorizationService) { Assert.notNull(authorizationService, "authorizationService cannot be null"); getBuilder().setSharedObject(OAuth2AuthorizationService.class, authorizationService); return this; @@ -111,7 +111,7 @@ public final class OAuth2AuthorizationServerConfigurer authorizationConsentService(OAuth2AuthorizationConsentService authorizationConsentService) { + public OAuth2AuthorizationServerConfigurer authorizationConsentService(OAuth2AuthorizationConsentService authorizationConsentService) { Assert.notNull(authorizationConsentService, "authorizationConsentService cannot be null"); getBuilder().setSharedObject(OAuth2AuthorizationConsentService.class, authorizationConsentService); return this; @@ -123,7 +123,7 @@ public final class OAuth2AuthorizationServerConfigurer providerSettings(ProviderSettings providerSettings) { + public OAuth2AuthorizationServerConfigurer providerSettings(ProviderSettings providerSettings) { Assert.notNull(providerSettings, "providerSettings cannot be null"); getBuilder().setSharedObject(ProviderSettings.class, providerSettings); return this; @@ -136,7 +136,7 @@ public final class OAuth2AuthorizationServerConfigurer tokenGenerator(OAuth2TokenGenerator tokenGenerator) { + public OAuth2AuthorizationServerConfigurer tokenGenerator(OAuth2TokenGenerator tokenGenerator) { Assert.notNull(tokenGenerator, "tokenGenerator cannot be null"); getBuilder().setSharedObject(OAuth2TokenGenerator.class, tokenGenerator); return this; @@ -148,7 +148,7 @@ public final class OAuth2AuthorizationServerConfigurer clientAuthentication(Customizer clientAuthenticationCustomizer) { + public OAuth2AuthorizationServerConfigurer clientAuthentication(Customizer clientAuthenticationCustomizer) { clientAuthenticationCustomizer.customize(getConfigurer(OAuth2ClientAuthenticationConfigurer.class)); return this; } @@ -159,7 +159,7 @@ public final class OAuth2AuthorizationServerConfigurer authorizationEndpoint(Customizer authorizationEndpointCustomizer) { + public OAuth2AuthorizationServerConfigurer authorizationEndpoint(Customizer authorizationEndpointCustomizer) { authorizationEndpointCustomizer.customize(getConfigurer(OAuth2AuthorizationEndpointConfigurer.class)); return this; } @@ -170,7 +170,7 @@ public final class OAuth2AuthorizationServerConfigurer tokenEndpoint(Customizer tokenEndpointCustomizer) { + public OAuth2AuthorizationServerConfigurer tokenEndpoint(Customizer tokenEndpointCustomizer) { tokenEndpointCustomizer.customize(getConfigurer(OAuth2TokenEndpointConfigurer.class)); return this; } @@ -182,7 +182,7 @@ public final class OAuth2AuthorizationServerConfigurer tokenIntrospectionEndpoint(Customizer tokenIntrospectionEndpointCustomizer) { + public OAuth2AuthorizationServerConfigurer tokenIntrospectionEndpoint(Customizer tokenIntrospectionEndpointCustomizer) { tokenIntrospectionEndpointCustomizer.customize(getConfigurer(OAuth2TokenIntrospectionEndpointConfigurer.class)); return this; } @@ -194,7 +194,7 @@ public final class OAuth2AuthorizationServerConfigurer tokenRevocationEndpoint(Customizer tokenRevocationEndpointCustomizer) { + public OAuth2AuthorizationServerConfigurer tokenRevocationEndpoint(Customizer tokenRevocationEndpointCustomizer) { tokenRevocationEndpointCustomizer.customize(getConfigurer(OAuth2TokenRevocationEndpointConfigurer.class)); return this; } @@ -205,7 +205,7 @@ public final class OAuth2AuthorizationServerConfigurer oidc(Customizer oidcCustomizer) { + public OAuth2AuthorizationServerConfigurer oidc(Customizer oidcCustomizer) { oidcCustomizer.customize(getConfigurer(OidcConfigurer.class)); return this; } @@ -220,14 +220,14 @@ public final class OAuth2AuthorizationServerConfigurer configurer.init(builder)); + this.configurers.values().forEach(configurer -> configurer.init(httpSecurity)); - ExceptionHandlingConfigurer exceptionHandling = builder.getConfigurer(ExceptionHandlingConfigurer.class); + ExceptionHandlingConfigurer exceptionHandling = httpSecurity.getConfigurer(ExceptionHandlingConfigurer.class); if (exceptionHandling != null) { exceptionHandling.defaultAuthenticationEntryPointFor( new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED), @@ -240,24 +240,24 @@ public final class OAuth2AuthorizationServerConfigurer configurer.configure(builder)); + public void configure(HttpSecurity httpSecurity) { + this.configurers.values().forEach(configurer -> configurer.configure(httpSecurity)); - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); ProviderContextFilter providerContextFilter = new ProviderContextFilter(providerSettings); - builder.addFilterAfter(postProcess(providerContextFilter), SecurityContextPersistenceFilter.class); + httpSecurity.addFilterAfter(postProcess(providerContextFilter), SecurityContextPersistenceFilter.class); - JWKSource jwkSource = OAuth2ConfigurerUtils.getJwkSource(builder); + JWKSource jwkSource = OAuth2ConfigurerUtils.getJwkSource(httpSecurity); if (jwkSource != null) { NimbusJwkSetEndpointFilter jwkSetEndpointFilter = new NimbusJwkSetEndpointFilter( jwkSource, providerSettings.getJwkSetEndpoint()); - builder.addFilterBefore(postProcess(jwkSetEndpointFilter), AbstractPreAuthenticatedProcessingFilter.class); + httpSecurity.addFilterBefore(postProcess(jwkSetEndpointFilter), AbstractPreAuthenticatedProcessingFilter.class); } OAuth2AuthorizationServerMetadataEndpointFilter authorizationServerMetadataEndpointFilter = new OAuth2AuthorizationServerMetadataEndpointFilter(providerSettings); - builder.addFilterBefore(postProcess(authorizationServerMetadataEndpointFilter), AbstractPreAuthenticatedProcessingFilter.class); + httpSecurity.addFilterBefore(postProcess(authorizationServerMetadataEndpointFilter), AbstractPreAuthenticatedProcessingFilter.class); } private Map, AbstractOAuth2Configurer> createConfigurers() { diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientAuthenticationConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientAuthenticationConfigurer.java index 2b7a7d27..44083848 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientAuthenticationConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientAuthenticationConfigurer.java @@ -24,7 +24,7 @@ import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.config.annotation.ObjectPostProcessor; -import org.springframework.security.config.annotation.web.HttpSecurityBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.core.context.SecurityContext; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.oauth2.core.OAuth2Error; @@ -116,8 +116,8 @@ public final class OAuth2ClientAuthenticationConfigurer extends AbstractOAuth2Co } @Override - > void init(B builder) { - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + void init(HttpSecurity httpSecurity) { + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); this.requestMatcher = new OrRequestMatcher( new AntPathRequestMatcher( providerSettings.getTokenEndpoint(), @@ -132,14 +132,14 @@ public final class OAuth2ClientAuthenticationConfigurer extends AbstractOAuth2Co List authenticationProviders = !this.authenticationProviders.isEmpty() ? this.authenticationProviders : - createDefaultAuthenticationProviders(builder); + createDefaultAuthenticationProviders(httpSecurity); authenticationProviders.forEach(authenticationProvider -> - builder.authenticationProvider(postProcess(authenticationProvider))); + httpSecurity.authenticationProvider(postProcess(authenticationProvider))); } @Override - > void configure(B builder) { - AuthenticationManager authenticationManager = builder.getSharedObject(AuthenticationManager.class); + void configure(HttpSecurity httpSecurity) { + AuthenticationManager authenticationManager = httpSecurity.getSharedObject(AuthenticationManager.class); OAuth2ClientAuthenticationFilter clientAuthenticationFilter = new OAuth2ClientAuthenticationFilter( authenticationManager, this.requestMatcher); if (this.authenticationConverter != null) { @@ -151,7 +151,7 @@ public final class OAuth2ClientAuthenticationConfigurer extends AbstractOAuth2Co if (this.errorResponseHandler != null) { clientAuthenticationFilter.setAuthenticationFailureHandler(this.errorResponseHandler); } - builder.addFilterAfter(postProcess(clientAuthenticationFilter), AbstractPreAuthenticatedProcessingFilter.class); + httpSecurity.addFilterAfter(postProcess(clientAuthenticationFilter), AbstractPreAuthenticatedProcessingFilter.class); } @Override @@ -159,11 +159,11 @@ public final class OAuth2ClientAuthenticationConfigurer extends AbstractOAuth2Co return this.requestMatcher; } - private > List createDefaultAuthenticationProviders(B builder) { + private List createDefaultAuthenticationProviders(HttpSecurity httpSecurity) { List authenticationProviders = new ArrayList<>(); - RegisteredClientRepository registeredClientRepository = OAuth2ConfigurerUtils.getRegisteredClientRepository(builder); - OAuth2AuthorizationService authorizationService = OAuth2ConfigurerUtils.getAuthorizationService(builder); + RegisteredClientRepository registeredClientRepository = OAuth2ConfigurerUtils.getRegisteredClientRepository(httpSecurity); + OAuth2AuthorizationService authorizationService = OAuth2ConfigurerUtils.getAuthorizationService(httpSecurity); JwtClientAssertionAuthenticationProvider jwtClientAssertionAuthenticationProvider = new JwtClientAssertionAuthenticationProvider(registeredClientRepository, authorizationService); @@ -171,7 +171,7 @@ public final class OAuth2ClientAuthenticationConfigurer extends AbstractOAuth2Co ClientSecretAuthenticationProvider clientSecretAuthenticationProvider = new ClientSecretAuthenticationProvider(registeredClientRepository, authorizationService); - PasswordEncoder passwordEncoder = OAuth2ConfigurerUtils.getOptionalBean(builder, PasswordEncoder.class); + PasswordEncoder passwordEncoder = OAuth2ConfigurerUtils.getOptionalBean(httpSecurity, PasswordEncoder.class); if (passwordEncoder != null) { clientSecretAuthenticationProvider.setPasswordEncoder(passwordEncoder); } diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ConfigurerUtils.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ConfigurerUtils.java index c46d60d0..25185ddd 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ConfigurerUtils.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ConfigurerUtils.java @@ -25,7 +25,7 @@ import org.springframework.beans.factory.NoSuchBeanDefinitionException; import org.springframework.beans.factory.NoUniqueBeanDefinitionException; import org.springframework.context.ApplicationContext; import org.springframework.core.ResolvableType; -import org.springframework.security.config.annotation.web.HttpSecurityBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.oauth2.core.OAuth2Token; import org.springframework.security.oauth2.jwt.JwtEncoder; import org.springframework.security.oauth2.jwt.NimbusJwtEncoder; @@ -56,48 +56,48 @@ final class OAuth2ConfigurerUtils { private OAuth2ConfigurerUtils() { } - static > RegisteredClientRepository getRegisteredClientRepository(B builder) { - RegisteredClientRepository registeredClientRepository = builder.getSharedObject(RegisteredClientRepository.class); + static RegisteredClientRepository getRegisteredClientRepository(HttpSecurity httpSecurity) { + RegisteredClientRepository registeredClientRepository = httpSecurity.getSharedObject(RegisteredClientRepository.class); if (registeredClientRepository == null) { - registeredClientRepository = getBean(builder, RegisteredClientRepository.class); - builder.setSharedObject(RegisteredClientRepository.class, registeredClientRepository); + registeredClientRepository = getBean(httpSecurity, RegisteredClientRepository.class); + httpSecurity.setSharedObject(RegisteredClientRepository.class, registeredClientRepository); } return registeredClientRepository; } - static > OAuth2AuthorizationService getAuthorizationService(B builder) { - OAuth2AuthorizationService authorizationService = builder.getSharedObject(OAuth2AuthorizationService.class); + static OAuth2AuthorizationService getAuthorizationService(HttpSecurity httpSecurity) { + OAuth2AuthorizationService authorizationService = httpSecurity.getSharedObject(OAuth2AuthorizationService.class); if (authorizationService == null) { - authorizationService = getOptionalBean(builder, OAuth2AuthorizationService.class); + authorizationService = getOptionalBean(httpSecurity, OAuth2AuthorizationService.class); if (authorizationService == null) { authorizationService = new InMemoryOAuth2AuthorizationService(); } - builder.setSharedObject(OAuth2AuthorizationService.class, authorizationService); + httpSecurity.setSharedObject(OAuth2AuthorizationService.class, authorizationService); } return authorizationService; } - static > OAuth2AuthorizationConsentService getAuthorizationConsentService(B builder) { - OAuth2AuthorizationConsentService authorizationConsentService = builder.getSharedObject(OAuth2AuthorizationConsentService.class); + static OAuth2AuthorizationConsentService getAuthorizationConsentService(HttpSecurity httpSecurity) { + OAuth2AuthorizationConsentService authorizationConsentService = httpSecurity.getSharedObject(OAuth2AuthorizationConsentService.class); if (authorizationConsentService == null) { - authorizationConsentService = getOptionalBean(builder, OAuth2AuthorizationConsentService.class); + authorizationConsentService = getOptionalBean(httpSecurity, OAuth2AuthorizationConsentService.class); if (authorizationConsentService == null) { authorizationConsentService = new InMemoryOAuth2AuthorizationConsentService(); } - builder.setSharedObject(OAuth2AuthorizationConsentService.class, authorizationConsentService); + httpSecurity.setSharedObject(OAuth2AuthorizationConsentService.class, authorizationConsentService); } return authorizationConsentService; } @SuppressWarnings("unchecked") - static > OAuth2TokenGenerator getTokenGenerator(B builder) { - OAuth2TokenGenerator tokenGenerator = builder.getSharedObject(OAuth2TokenGenerator.class); + static OAuth2TokenGenerator getTokenGenerator(HttpSecurity httpSecurity) { + OAuth2TokenGenerator tokenGenerator = httpSecurity.getSharedObject(OAuth2TokenGenerator.class); if (tokenGenerator == null) { - tokenGenerator = getOptionalBean(builder, OAuth2TokenGenerator.class); + tokenGenerator = getOptionalBean(httpSecurity, OAuth2TokenGenerator.class); if (tokenGenerator == null) { - JwtGenerator jwtGenerator = getJwtGenerator(builder); + JwtGenerator jwtGenerator = getJwtGenerator(httpSecurity); OAuth2AccessTokenGenerator accessTokenGenerator = new OAuth2AccessTokenGenerator(); - OAuth2TokenCustomizer accessTokenCustomizer = getAccessTokenCustomizer(builder); + OAuth2TokenCustomizer accessTokenCustomizer = getAccessTokenCustomizer(httpSecurity); if (accessTokenCustomizer != null) { accessTokenGenerator.setAccessTokenCustomizer(accessTokenCustomizer); } @@ -110,83 +110,83 @@ final class OAuth2ConfigurerUtils { accessTokenGenerator, refreshTokenGenerator); } } - builder.setSharedObject(OAuth2TokenGenerator.class, tokenGenerator); + httpSecurity.setSharedObject(OAuth2TokenGenerator.class, tokenGenerator); } return tokenGenerator; } - private static > JwtGenerator getJwtGenerator(B builder) { - JwtGenerator jwtGenerator = builder.getSharedObject(JwtGenerator.class); + private static JwtGenerator getJwtGenerator(HttpSecurity httpSecurity) { + JwtGenerator jwtGenerator = httpSecurity.getSharedObject(JwtGenerator.class); if (jwtGenerator == null) { - JwtEncoder jwtEncoder = getJwtEncoder(builder); + JwtEncoder jwtEncoder = getJwtEncoder(httpSecurity); if (jwtEncoder != null) { jwtGenerator = new JwtGenerator(jwtEncoder); - OAuth2TokenCustomizer jwtCustomizer = getJwtCustomizer(builder); + OAuth2TokenCustomizer jwtCustomizer = getJwtCustomizer(httpSecurity); if (jwtCustomizer != null) { jwtGenerator.setJwtCustomizer(jwtCustomizer); } - builder.setSharedObject(JwtGenerator.class, jwtGenerator); + httpSecurity.setSharedObject(JwtGenerator.class, jwtGenerator); } } return jwtGenerator; } - private static > JwtEncoder getJwtEncoder(B builder) { - JwtEncoder jwtEncoder = builder.getSharedObject(JwtEncoder.class); + private static JwtEncoder getJwtEncoder(HttpSecurity httpSecurity) { + JwtEncoder jwtEncoder = httpSecurity.getSharedObject(JwtEncoder.class); if (jwtEncoder == null) { - jwtEncoder = getOptionalBean(builder, JwtEncoder.class); + jwtEncoder = getOptionalBean(httpSecurity, JwtEncoder.class); if (jwtEncoder == null) { - JWKSource jwkSource = getJwkSource(builder); + JWKSource jwkSource = getJwkSource(httpSecurity); if (jwkSource != null) { jwtEncoder = new NimbusJwtEncoder(jwkSource); } } if (jwtEncoder != null) { - builder.setSharedObject(JwtEncoder.class, jwtEncoder); + httpSecurity.setSharedObject(JwtEncoder.class, jwtEncoder); } } return jwtEncoder; } @SuppressWarnings("unchecked") - static > JWKSource getJwkSource(B builder) { - JWKSource jwkSource = builder.getSharedObject(JWKSource.class); + static JWKSource getJwkSource(HttpSecurity httpSecurity) { + JWKSource jwkSource = httpSecurity.getSharedObject(JWKSource.class); if (jwkSource == null) { ResolvableType type = ResolvableType.forClassWithGenerics(JWKSource.class, SecurityContext.class); - jwkSource = getOptionalBean(builder, type); + jwkSource = getOptionalBean(httpSecurity, type); if (jwkSource != null) { - builder.setSharedObject(JWKSource.class, jwkSource); + httpSecurity.setSharedObject(JWKSource.class, jwkSource); } } return jwkSource; } - private static > OAuth2TokenCustomizer getJwtCustomizer(B builder) { + private static OAuth2TokenCustomizer getJwtCustomizer(HttpSecurity httpSecurity) { ResolvableType type = ResolvableType.forClassWithGenerics(OAuth2TokenCustomizer.class, JwtEncodingContext.class); - return getOptionalBean(builder, type); + return getOptionalBean(httpSecurity, type); } - private static > OAuth2TokenCustomizer getAccessTokenCustomizer(B builder) { + private static OAuth2TokenCustomizer getAccessTokenCustomizer(HttpSecurity httpSecurity) { ResolvableType type = ResolvableType.forClassWithGenerics(OAuth2TokenCustomizer.class, OAuth2TokenClaimsContext.class); - return getOptionalBean(builder, type); + return getOptionalBean(httpSecurity, type); } - static > ProviderSettings getProviderSettings(B builder) { - ProviderSettings providerSettings = builder.getSharedObject(ProviderSettings.class); + static ProviderSettings getProviderSettings(HttpSecurity httpSecurity) { + ProviderSettings providerSettings = httpSecurity.getSharedObject(ProviderSettings.class); if (providerSettings == null) { - providerSettings = getBean(builder, ProviderSettings.class); - builder.setSharedObject(ProviderSettings.class, providerSettings); + providerSettings = getBean(httpSecurity, ProviderSettings.class); + httpSecurity.setSharedObject(ProviderSettings.class, providerSettings); } return providerSettings; } - static , T> T getBean(B builder, Class type) { - return builder.getSharedObject(ApplicationContext.class).getBean(type); + static T getBean(HttpSecurity httpSecurity, Class type) { + return httpSecurity.getSharedObject(ApplicationContext.class).getBean(type); } @SuppressWarnings("unchecked") - static , T> T getBean(B builder, ResolvableType type) { - ApplicationContext context = builder.getSharedObject(ApplicationContext.class); + static T getBean(HttpSecurity httpSecurity, ResolvableType type) { + ApplicationContext context = httpSecurity.getSharedObject(ApplicationContext.class); String[] names = context.getBeanNamesForType(type); if (names.length == 1) { return (T) context.getBean(names[0]); @@ -197,9 +197,9 @@ final class OAuth2ConfigurerUtils { throw new NoSuchBeanDefinitionException(type); } - static , T> T getOptionalBean(B builder, Class type) { + static T getOptionalBean(HttpSecurity httpSecurity, Class type) { Map beansMap = BeanFactoryUtils.beansOfTypeIncludingAncestors( - builder.getSharedObject(ApplicationContext.class), type); + httpSecurity.getSharedObject(ApplicationContext.class), type); if (beansMap.size() > 1) { throw new NoUniqueBeanDefinitionException(type, beansMap.size(), "Expected single matching bean of type '" + type.getName() + "' but found " + @@ -209,8 +209,8 @@ final class OAuth2ConfigurerUtils { } @SuppressWarnings("unchecked") - static , T> T getOptionalBean(B builder, ResolvableType type) { - ApplicationContext context = builder.getSharedObject(ApplicationContext.class); + static T getOptionalBean(HttpSecurity httpSecurity, ResolvableType type) { + ApplicationContext context = httpSecurity.getSharedObject(ApplicationContext.class); String[] names = context.getBeanNamesForType(type); if (names.length > 1) { throw new NoUniqueBeanDefinitionException(type, names); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenEndpointConfigurer.java index f3d1599d..43423dc5 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenEndpointConfigurer.java @@ -25,7 +25,7 @@ import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.config.annotation.ObjectPostProcessor; -import org.springframework.security.config.annotation.web.HttpSecurityBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.oauth2.core.OAuth2AuthenticationException; import org.springframework.security.oauth2.core.OAuth2Error; import org.springframework.security.oauth2.core.OAuth2Token; @@ -118,23 +118,23 @@ public final class OAuth2TokenEndpointConfigurer extends AbstractOAuth2Configure } @Override - > void init(B builder) { - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + void init(HttpSecurity httpSecurity) { + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); this.requestMatcher = new AntPathRequestMatcher( providerSettings.getTokenEndpoint(), HttpMethod.POST.name()); List authenticationProviders = !this.authenticationProviders.isEmpty() ? this.authenticationProviders : - createDefaultAuthenticationProviders(builder); + createDefaultAuthenticationProviders(httpSecurity); authenticationProviders.forEach(authenticationProvider -> - builder.authenticationProvider(postProcess(authenticationProvider))); + httpSecurity.authenticationProvider(postProcess(authenticationProvider))); } @Override - > void configure(B builder) { - AuthenticationManager authenticationManager = builder.getSharedObject(AuthenticationManager.class); - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + void configure(HttpSecurity httpSecurity) { + AuthenticationManager authenticationManager = httpSecurity.getSharedObject(AuthenticationManager.class); + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); OAuth2TokenEndpointFilter tokenEndpointFilter = new OAuth2TokenEndpointFilter( @@ -149,7 +149,7 @@ public final class OAuth2TokenEndpointConfigurer extends AbstractOAuth2Configure if (this.errorResponseHandler != null) { tokenEndpointFilter.setAuthenticationFailureHandler(this.errorResponseHandler); } - builder.addFilterAfter(postProcess(tokenEndpointFilter), FilterSecurityInterceptor.class); + httpSecurity.addFilterAfter(postProcess(tokenEndpointFilter), FilterSecurityInterceptor.class); } @Override @@ -157,11 +157,11 @@ public final class OAuth2TokenEndpointConfigurer extends AbstractOAuth2Configure return this.requestMatcher; } - private > List createDefaultAuthenticationProviders(B builder) { + private List createDefaultAuthenticationProviders(HttpSecurity httpSecurity) { List authenticationProviders = new ArrayList<>(); - OAuth2AuthorizationService authorizationService = OAuth2ConfigurerUtils.getAuthorizationService(builder); - OAuth2TokenGenerator tokenGenerator = OAuth2ConfigurerUtils.getTokenGenerator(builder); + OAuth2AuthorizationService authorizationService = OAuth2ConfigurerUtils.getAuthorizationService(httpSecurity); + OAuth2TokenGenerator tokenGenerator = OAuth2ConfigurerUtils.getTokenGenerator(httpSecurity); OAuth2AuthorizationCodeAuthenticationProvider authorizationCodeAuthenticationProvider = new OAuth2AuthorizationCodeAuthenticationProvider(authorizationService, tokenGenerator); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionEndpointConfigurer.java index 4a3fb423..3205d177 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionEndpointConfigurer.java @@ -26,7 +26,7 @@ import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.ObjectPostProcessor; -import org.springframework.security.config.annotation.web.HttpSecurityBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.oauth2.core.OAuth2AuthenticationException; import org.springframework.security.oauth2.core.OAuth2Error; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenIntrospectionAuthenticationProvider; @@ -111,23 +111,23 @@ public final class OAuth2TokenIntrospectionEndpointConfigurer extends AbstractOA } @Override - > void init(B builder) { - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + void init(HttpSecurity httpSecurity) { + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); this.requestMatcher = new AntPathRequestMatcher( providerSettings.getTokenIntrospectionEndpoint(), HttpMethod.POST.name()); List authenticationProviders = !this.authenticationProviders.isEmpty() ? this.authenticationProviders : - createDefaultAuthenticationProviders(builder); + createDefaultAuthenticationProviders(httpSecurity); authenticationProviders.forEach(authenticationProvider -> - builder.authenticationProvider(postProcess(authenticationProvider))); + httpSecurity.authenticationProvider(postProcess(authenticationProvider))); } @Override - > void configure(B builder) { - AuthenticationManager authenticationManager = builder.getSharedObject(AuthenticationManager.class); - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + void configure(HttpSecurity httpSecurity) { + AuthenticationManager authenticationManager = httpSecurity.getSharedObject(AuthenticationManager.class); + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); OAuth2TokenIntrospectionEndpointFilter introspectionEndpointFilter = new OAuth2TokenIntrospectionEndpointFilter( @@ -141,7 +141,7 @@ public final class OAuth2TokenIntrospectionEndpointConfigurer extends AbstractOA if (this.errorResponseHandler != null) { introspectionEndpointFilter.setAuthenticationFailureHandler(this.errorResponseHandler); } - builder.addFilterAfter(postProcess(introspectionEndpointFilter), FilterSecurityInterceptor.class); + httpSecurity.addFilterAfter(postProcess(introspectionEndpointFilter), FilterSecurityInterceptor.class); } @Override @@ -149,13 +149,13 @@ public final class OAuth2TokenIntrospectionEndpointConfigurer extends AbstractOA return this.requestMatcher; } - private > List createDefaultAuthenticationProviders(B builder) { + private List createDefaultAuthenticationProviders(HttpSecurity httpSecurity) { List authenticationProviders = new ArrayList<>(); OAuth2TokenIntrospectionAuthenticationProvider tokenIntrospectionAuthenticationProvider = new OAuth2TokenIntrospectionAuthenticationProvider( - OAuth2ConfigurerUtils.getRegisteredClientRepository(builder), - OAuth2ConfigurerUtils.getAuthorizationService(builder)); + OAuth2ConfigurerUtils.getRegisteredClientRepository(httpSecurity), + OAuth2ConfigurerUtils.getAuthorizationService(httpSecurity)); authenticationProviders.add(tokenIntrospectionAuthenticationProvider); return authenticationProviders; diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationEndpointConfigurer.java index c53c23e9..63ec8cc9 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationEndpointConfigurer.java @@ -25,7 +25,7 @@ import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.config.annotation.ObjectPostProcessor; -import org.springframework.security.config.annotation.web.HttpSecurityBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.oauth2.core.OAuth2AuthenticationException; import org.springframework.security.oauth2.core.OAuth2Error; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenRevocationAuthenticationProvider; @@ -110,23 +110,23 @@ public final class OAuth2TokenRevocationEndpointConfigurer extends AbstractOAuth } @Override - > void init(B builder) { - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + void init(HttpSecurity httpSecurity) { + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); this.requestMatcher = new AntPathRequestMatcher( providerSettings.getTokenRevocationEndpoint(), HttpMethod.POST.name()); List authenticationProviders = !this.authenticationProviders.isEmpty() ? this.authenticationProviders : - createDefaultAuthenticationProviders(builder); + createDefaultAuthenticationProviders(httpSecurity); authenticationProviders.forEach(authenticationProvider -> - builder.authenticationProvider(postProcess(authenticationProvider))); + httpSecurity.authenticationProvider(postProcess(authenticationProvider))); } @Override - > void configure(B builder) { - AuthenticationManager authenticationManager = builder.getSharedObject(AuthenticationManager.class); - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + void configure(HttpSecurity httpSecurity) { + AuthenticationManager authenticationManager = httpSecurity.getSharedObject(AuthenticationManager.class); + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); OAuth2TokenRevocationEndpointFilter revocationEndpointFilter = new OAuth2TokenRevocationEndpointFilter( @@ -140,7 +140,7 @@ public final class OAuth2TokenRevocationEndpointConfigurer extends AbstractOAuth if (this.errorResponseHandler != null) { revocationEndpointFilter.setAuthenticationFailureHandler(this.errorResponseHandler); } - builder.addFilterAfter(postProcess(revocationEndpointFilter), FilterSecurityInterceptor.class); + httpSecurity.addFilterAfter(postProcess(revocationEndpointFilter), FilterSecurityInterceptor.class); } @Override @@ -148,11 +148,11 @@ public final class OAuth2TokenRevocationEndpointConfigurer extends AbstractOAuth return this.requestMatcher; } - private > List createDefaultAuthenticationProviders(B builder) { + private List createDefaultAuthenticationProviders(HttpSecurity httpSecurity) { List authenticationProviders = new ArrayList<>(); OAuth2TokenRevocationAuthenticationProvider tokenRevocationAuthenticationProvider = - new OAuth2TokenRevocationAuthenticationProvider(OAuth2ConfigurerUtils.getAuthorizationService(builder)); + new OAuth2TokenRevocationAuthenticationProvider(OAuth2ConfigurerUtils.getAuthorizationService(httpSecurity)); authenticationProviders.add(tokenRevocationAuthenticationProvider); return authenticationProviders; diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationEndpointConfigurer.java index 40021572..73cd8451 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationEndpointConfigurer.java @@ -18,7 +18,7 @@ package org.springframework.security.oauth2.server.authorization.config.annotati import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.ObjectPostProcessor; -import org.springframework.security.config.annotation.web.HttpSecurityBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcClientRegistrationAuthenticationProvider; import org.springframework.security.oauth2.server.authorization.oidc.web.OidcClientRegistrationEndpointFilter; import org.springframework.security.oauth2.server.authorization.settings.ProviderSettings; @@ -46,8 +46,8 @@ public final class OidcClientRegistrationEndpointConfigurer extends AbstractOAut } @Override - > void init(B builder) { - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + void init(HttpSecurity httpSecurity) { + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); this.requestMatcher = new OrRequestMatcher( new AntPathRequestMatcher(providerSettings.getOidcClientRegistrationEndpoint(), HttpMethod.POST.name()), new AntPathRequestMatcher(providerSettings.getOidcClientRegistrationEndpoint(), HttpMethod.GET.name()) @@ -55,22 +55,22 @@ public final class OidcClientRegistrationEndpointConfigurer extends AbstractOAut OidcClientRegistrationAuthenticationProvider oidcClientRegistrationAuthenticationProvider = new OidcClientRegistrationAuthenticationProvider( - OAuth2ConfigurerUtils.getRegisteredClientRepository(builder), - OAuth2ConfigurerUtils.getAuthorizationService(builder), - OAuth2ConfigurerUtils.getTokenGenerator(builder)); - builder.authenticationProvider(postProcess(oidcClientRegistrationAuthenticationProvider)); + OAuth2ConfigurerUtils.getRegisteredClientRepository(httpSecurity), + OAuth2ConfigurerUtils.getAuthorizationService(httpSecurity), + OAuth2ConfigurerUtils.getTokenGenerator(httpSecurity)); + httpSecurity.authenticationProvider(postProcess(oidcClientRegistrationAuthenticationProvider)); } @Override - > void configure(B builder) { - AuthenticationManager authenticationManager = builder.getSharedObject(AuthenticationManager.class); - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + void configure(HttpSecurity httpSecurity) { + AuthenticationManager authenticationManager = httpSecurity.getSharedObject(AuthenticationManager.class); + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); OidcClientRegistrationEndpointFilter oidcClientRegistrationEndpointFilter = new OidcClientRegistrationEndpointFilter( authenticationManager, providerSettings.getOidcClientRegistrationEndpoint()); - builder.addFilterAfter(postProcess(oidcClientRegistrationEndpointFilter), FilterSecurityInterceptor.class); + httpSecurity.addFilterAfter(postProcess(oidcClientRegistrationEndpointFilter), FilterSecurityInterceptor.class); } @Override diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcConfigurer.java index b2cfc67d..d80225ba 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcConfigurer.java @@ -23,7 +23,7 @@ import java.util.Map; import org.springframework.http.HttpMethod; import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.ObjectPostProcessor; -import org.springframework.security.config.annotation.web.HttpSecurityBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.oauth2.server.authorization.oidc.web.OidcProviderConfigurationEndpointFilter; import org.springframework.security.oauth2.server.authorization.settings.ProviderSettings; import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter; @@ -83,14 +83,14 @@ public final class OidcConfigurer extends AbstractOAuth2Configurer { } @Override - > void init(B builder) { + void init(HttpSecurity httpSecurity) { OidcUserInfoEndpointConfigurer userInfoEndpointConfigurer = getConfigurer(OidcUserInfoEndpointConfigurer.class); - userInfoEndpointConfigurer.init(builder); + userInfoEndpointConfigurer.init(httpSecurity); OidcClientRegistrationEndpointConfigurer clientRegistrationEndpointConfigurer = getConfigurer(OidcClientRegistrationEndpointConfigurer.class); if (clientRegistrationEndpointConfigurer != null) { - clientRegistrationEndpointConfigurer.init(builder); + clientRegistrationEndpointConfigurer.init(httpSecurity); } List requestMatchers = new ArrayList<>(); @@ -104,20 +104,20 @@ public final class OidcConfigurer extends AbstractOAuth2Configurer { } @Override - > void configure(B builder) { + void configure(HttpSecurity httpSecurity) { OidcUserInfoEndpointConfigurer userInfoEndpointConfigurer = getConfigurer(OidcUserInfoEndpointConfigurer.class); - userInfoEndpointConfigurer.configure(builder); + userInfoEndpointConfigurer.configure(httpSecurity); OidcClientRegistrationEndpointConfigurer clientRegistrationEndpointConfigurer = getConfigurer(OidcClientRegistrationEndpointConfigurer.class); if (clientRegistrationEndpointConfigurer != null) { - clientRegistrationEndpointConfigurer.configure(builder); + clientRegistrationEndpointConfigurer.configure(httpSecurity); } - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); OidcProviderConfigurationEndpointFilter oidcProviderConfigurationEndpointFilter = new OidcProviderConfigurationEndpointFilter(providerSettings); - builder.addFilterBefore(postProcess(oidcProviderConfigurationEndpointFilter), AbstractPreAuthenticatedProcessingFilter.class); + httpSecurity.addFilterBefore(postProcess(oidcProviderConfigurationEndpointFilter), AbstractPreAuthenticatedProcessingFilter.class); } @Override diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoEndpointConfigurer.java index beb23faa..fbd7c806 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoEndpointConfigurer.java @@ -20,7 +20,7 @@ import java.util.function.Function; import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.ObjectPostProcessor; -import org.springframework.security.config.annotation.web.HttpSecurityBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.oidc.OidcIdToken; import org.springframework.security.oauth2.core.oidc.OidcUserInfo; @@ -75,8 +75,8 @@ public final class OidcUserInfoEndpointConfigurer extends AbstractOAuth2Configur } @Override - > void init(B builder) { - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + void init(HttpSecurity httpSecurity) { + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); String userInfoEndpointUri = providerSettings.getOidcUserInfoEndpoint(); this.requestMatcher = new OrRequestMatcher( new AntPathRequestMatcher(userInfoEndpointUri, HttpMethod.GET.name()), @@ -84,23 +84,23 @@ public final class OidcUserInfoEndpointConfigurer extends AbstractOAuth2Configur OidcUserInfoAuthenticationProvider oidcUserInfoAuthenticationProvider = new OidcUserInfoAuthenticationProvider( - OAuth2ConfigurerUtils.getAuthorizationService(builder)); + OAuth2ConfigurerUtils.getAuthorizationService(httpSecurity)); if (this.userInfoMapper != null) { oidcUserInfoAuthenticationProvider.setUserInfoMapper(this.userInfoMapper); } - builder.authenticationProvider(postProcess(oidcUserInfoAuthenticationProvider)); + httpSecurity.authenticationProvider(postProcess(oidcUserInfoAuthenticationProvider)); } @Override - > void configure(B builder) { - AuthenticationManager authenticationManager = builder.getSharedObject(AuthenticationManager.class); - ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder); + void configure(HttpSecurity httpSecurity) { + AuthenticationManager authenticationManager = httpSecurity.getSharedObject(AuthenticationManager.class); + ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(httpSecurity); OidcUserInfoEndpointFilter oidcUserInfoEndpointFilter = new OidcUserInfoEndpointFilter( authenticationManager, providerSettings.getOidcUserInfoEndpoint()); - builder.addFilterAfter(postProcess(oidcUserInfoEndpointFilter), FilterSecurityInterceptor.class); + httpSecurity.addFilterAfter(postProcess(oidcUserInfoEndpointFilter), FilterSecurityInterceptor.class); } @Override diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java index d5e7c8bb..5d6d65d6 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java @@ -815,8 +815,8 @@ public class OAuth2AuthorizationCodeGrantTests { // @formatter:off @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); RequestMatcher endpointsMatcher = authorizationServerConfigurer.getEndpointsMatcher(); http @@ -874,8 +874,8 @@ public class OAuth2AuthorizationCodeGrantTests { // @formatter:off @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); authorizationServerConfigurer .authorizationEndpoint(authorizationEndpoint -> authorizationEndpoint.consentPage(consentPage)); @@ -907,8 +907,8 @@ public class OAuth2AuthorizationCodeGrantTests { // @formatter:off @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); authorizationServerConfigurer .authorizationEndpoint(authorizationEndpoint -> authorizationEndpoint.authenticationProvider(createProvider())); @@ -993,8 +993,8 @@ public class OAuth2AuthorizationCodeGrantTests { // @formatter:off @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); authorizationServerConfigurer .authorizationEndpoint(authorizationEndpoint -> authorizationEndpoint diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientCredentialsGrantTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientCredentialsGrantTests.java index adf5065b..ccac2e2c 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientCredentialsGrantTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientCredentialsGrantTests.java @@ -335,8 +335,8 @@ public class OAuth2ClientCredentialsGrantTests { // @formatter:off @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); authorizationServerConfigurer .tokenEndpoint(tokenEndpoint -> tokenEndpoint @@ -365,8 +365,8 @@ public class OAuth2ClientCredentialsGrantTests { public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { authenticationSuccessHandler = spy(authenticationSuccessHandler()); - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); authorizationServerConfigurer .clientAuthentication(clientAuthentication -> clientAuthentication diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionTests.java index 88e69aba..e7efd8f3 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionTests.java @@ -480,8 +480,8 @@ public class OAuth2TokenIntrospectionTests { // @formatter:off @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); authorizationServerConfigurer .tokenIntrospectionEndpoint(tokenIntrospectionEndpoint -> tokenIntrospectionEndpoint diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationTests.java index c94a6590..7c2cadb3 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationTests.java @@ -298,8 +298,8 @@ public class OAuth2TokenRevocationTests { // @formatter:off @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); authorizationServerConfigurer .tokenRevocationEndpoint(tokenRevocationEndpoint -> tokenRevocationEndpoint diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationTests.java index aafa8d79..d73372a1 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationTests.java @@ -358,8 +358,8 @@ public class OidcClientRegistrationTests { // @formatter:off @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); authorizationServerConfigurer .oidc(oidc -> oidc.clientRegistrationEndpoint(Customizer.withDefaults())); diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcTests.java index 9a1e545c..e76d2243 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcTests.java @@ -427,8 +427,8 @@ public class OidcTests { // @formatter:off @Bean public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); http.apply(authorizationServerConfigurer); authorizationServerConfigurer diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoTests.java index eafc0d69..a1bfbf3d 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoTests.java @@ -266,8 +266,8 @@ public class OidcUserInfoTests { @Bean @Override SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); RequestMatcher endpointsMatcher = authorizationServerConfigurer .getEndpointsMatcher(); @@ -305,8 +305,8 @@ public class OidcUserInfoTests { @Bean @Override SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); RequestMatcher endpointsMatcher = authorizationServerConfigurer .getEndpointsMatcher(); @@ -332,8 +332,8 @@ public class OidcUserInfoTests { @Bean SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); RequestMatcher endpointsMatcher = authorizationServerConfigurer .getEndpointsMatcher(); diff --git a/samples/custom-consent-authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java b/samples/custom-consent-authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java index 755f08f1..e928607f 100644 --- a/samples/custom-consent-authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java +++ b/samples/custom-consent-authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java @@ -54,8 +54,8 @@ public class AuthorizationServerConfig { @Bean @Order(Ordered.HIGHEST_PRECEDENCE) public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { - OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = - new OAuth2AuthorizationServerConfigurer<>(); + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = + new OAuth2AuthorizationServerConfigurer(); authorizationServerConfigurer .authorizationEndpoint(authorizationEndpoint -> authorizationEndpoint.consentPage(CUSTOM_CONSENT_PAGE_URI));