|
|
|
|
@ -1,5 +1,5 @@
@@ -1,5 +1,5 @@
|
|
|
|
|
/* |
|
|
|
|
* Copyright 2012-2024 the original author or authors. |
|
|
|
|
* Copyright 2012-2025 the original author or authors. |
|
|
|
|
* |
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License"); |
|
|
|
|
* you may not use this file except in compliance with the License. |
|
|
|
|
@ -28,7 +28,6 @@ import org.springframework.context.annotation.Configuration;
@@ -28,7 +28,6 @@ import org.springframework.context.annotation.Configuration;
|
|
|
|
|
import org.springframework.context.annotation.Import; |
|
|
|
|
import org.springframework.core.annotation.Order; |
|
|
|
|
import org.springframework.security.config.BeanIds; |
|
|
|
|
import org.springframework.security.config.Customizer; |
|
|
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity; |
|
|
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; |
|
|
|
|
import org.springframework.security.oauth2.core.AuthorizationGrantType; |
|
|
|
|
@ -36,7 +35,7 @@ import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
@@ -36,7 +35,7 @@ import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
|
|
|
|
|
import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository; |
|
|
|
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; |
|
|
|
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository; |
|
|
|
|
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer; |
|
|
|
|
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration; |
|
|
|
|
import org.springframework.security.oauth2.server.authorization.oidc.web.OidcClientRegistrationEndpointFilter; |
|
|
|
|
import org.springframework.security.oauth2.server.authorization.oidc.web.OidcProviderConfigurationEndpointFilter; |
|
|
|
|
import org.springframework.security.oauth2.server.authorization.oidc.web.OidcUserInfoEndpointFilter; |
|
|
|
|
@ -164,11 +163,7 @@ class OAuth2AuthorizationServerWebSecurityConfigurationTests {
@@ -164,11 +163,7 @@ class OAuth2AuthorizationServerWebSecurityConfigurationTests {
|
|
|
|
|
@Bean |
|
|
|
|
@Order(1) |
|
|
|
|
SecurityFilterChain authServerSecurityFilterChain(HttpSecurity http) throws Exception { |
|
|
|
|
OAuth2AuthorizationServerConfigurer authorizationServer = OAuth2AuthorizationServerConfigurer |
|
|
|
|
.authorizationServer(); |
|
|
|
|
http.securityMatcher(authorizationServer.getEndpointsMatcher()) |
|
|
|
|
.with(authorizationServer, Customizer.withDefaults()); |
|
|
|
|
http.authorizeHttpRequests((authorize) -> authorize.anyRequest().authenticated()); |
|
|
|
|
OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http); |
|
|
|
|
return http.build(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
Moritz Halbritter
10 months ago