diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/CacheControlDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/CacheControlDsl.kt index 7525348bd0..316015b016 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/CacheControlDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/CacheControlDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker /** * A Kotlin DSL to configure the [HttpSecurity] cache control headers using idiomatic @@ -27,7 +26,7 @@ import org.springframework.security.config.web.servlet.SecurityMarker * @author Eleftheria Stein * @since 5.3 */ -@SecurityMarker +@HeadersSecurityMarker class CacheControlDsl { private var disabled = false diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ContentSecurityPolicyDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ContentSecurityPolicyDsl.kt index 1a27e5c197..270b1d14b4 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ContentSecurityPolicyDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ContentSecurityPolicyDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker /** * A Kotlin DSL to configure the [HttpSecurity] Content-Security-Policy header using @@ -29,7 +28,7 @@ import org.springframework.security.config.web.servlet.SecurityMarker * @property policyDirectives the security policy directive(s) to be used in the response header. * @property reportOnly includes the Content-Security-Policy-Report-Only header in the response. */ -@SecurityMarker +@HeadersSecurityMarker class ContentSecurityPolicyDsl { var policyDirectives: String? = null var reportOnly: Boolean? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ContentTypeOptionsDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ContentTypeOptionsDsl.kt index 5ef495a2c5..92014ae406 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ContentTypeOptionsDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ContentTypeOptionsDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker /** * A Kotlin DSL to configure [HttpSecurity] X-Content-Type-Options header using idiomatic @@ -27,7 +26,7 @@ import org.springframework.security.config.web.servlet.SecurityMarker * @author Eleftheria Stein * @since 5.3 */ -@SecurityMarker +@HeadersSecurityMarker class ContentTypeOptionsDsl { private var disabled = false diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/FrameOptionsDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/FrameOptionsDsl.kt index b16f2d0b23..3bf766ca98 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/FrameOptionsDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/FrameOptionsDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker /** * A Kotlin DSL to configure the [HttpSecurity] X-Frame-Options header using @@ -30,7 +29,7 @@ import org.springframework.security.config.web.servlet.SecurityMarker * application. * @property deny deny framing any content from this application. */ -@SecurityMarker +@HeadersSecurityMarker class FrameOptionsDsl { var sameOrigin: Boolean? = null var deny: Boolean? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/HeadersSecurityMarker.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/HeadersSecurityMarker.kt new file mode 100644 index 0000000000..67a97f56c0 --- /dev/null +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/HeadersSecurityMarker.kt @@ -0,0 +1,26 @@ +/* + * Copyright 2002-2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.springframework.security.config.web.servlet.headers + +/** + * Marker annotation indicating that the annotated class is part of the headers security DSL. + * + * @author Eleftheria Stein + * @since 5.4 + */ +@DslMarker +annotation class HeadersSecurityMarker diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/HttpPublicKeyPinningDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/HttpPublicKeyPinningDsl.kt index 5307351781..74fbb6272a 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/HttpPublicKeyPinningDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/HttpPublicKeyPinningDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker /** * A Kotlin DSL to configure the [HttpSecurity] HTTP Public Key Pinning header using @@ -35,7 +34,7 @@ import org.springframework.security.config.web.servlet.SecurityMarker * the server. * @property reportUri the URI to which the browser should report pin validation failures. */ -@SecurityMarker +@HeadersSecurityMarker class HttpPublicKeyPinningDsl { var pins: Map? = null var maxAgeInSeconds: Long? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/HttpStrictTransportSecurityDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/HttpStrictTransportSecurityDsl.kt index a1e109f94e..e23e6d36b8 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/HttpStrictTransportSecurityDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/HttpStrictTransportSecurityDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker import org.springframework.security.web.util.matcher.RequestMatcher /** @@ -35,7 +34,7 @@ import org.springframework.security.web.util.matcher.RequestMatcher * @property includeSubDomains if true, subdomains should be considered HSTS Hosts too. * @property preload if true, preload will be included in HSTS Header. */ -@SecurityMarker +@HeadersSecurityMarker class HttpStrictTransportSecurityDsl { var maxAgeInSeconds: Long? = null var requestMatcher: RequestMatcher? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ReferrerPolicyDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ReferrerPolicyDsl.kt index 944407dc12..1ac54d94c0 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ReferrerPolicyDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/ReferrerPolicyDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter /** @@ -29,7 +28,7 @@ import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWrite * @since 5.3 * @property policy the policy to be used in the response header. */ -@SecurityMarker +@HeadersSecurityMarker class ReferrerPolicyDsl { var policy: ReferrerPolicyHeaderWriter.ReferrerPolicy? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/XssProtectionConfigDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/XssProtectionConfigDsl.kt index b023e8db35..a48a30af10 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/XssProtectionConfigDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/headers/XssProtectionConfigDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.headers import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker /** * A Kotlin DSL to configure the [HttpSecurity] XSS protection header using @@ -30,7 +29,7 @@ import org.springframework.security.config.web.servlet.SecurityMarker * @property xssProtectionEnabled if true, the header value will contain a value of 1. * If false, will explicitly disable specify that X-XSS-Protection is disabled. */ -@SecurityMarker +@HeadersSecurityMarker class XssProtectionConfigDsl { var block: Boolean? = null var xssProtectionEnabled: Boolean? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/client/AuthorizationCodeGrantDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/client/AuthorizationCodeGrantDsl.kt index 6e04aae818..b1ab6eca61 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/client/AuthorizationCodeGrantDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/client/AuthorizationCodeGrantDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.oauth2.client import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2ClientConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository @@ -35,7 +34,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ * @property accessTokenResponseClient the client used for requesting the access token credential * from the Token Endpoint. */ -@SecurityMarker +@OAuth2ClientSecurityMarker class AuthorizationCodeGrantDsl { var authorizationRequestResolver: OAuth2AuthorizationRequestResolver? = null var authorizationRequestRepository: AuthorizationRequestRepository? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/client/OAuth2ClientSecurityMarker.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/client/OAuth2ClientSecurityMarker.kt new file mode 100644 index 0000000000..3b6722a259 --- /dev/null +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/client/OAuth2ClientSecurityMarker.kt @@ -0,0 +1,26 @@ +/* + * Copyright 2002-2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.springframework.security.config.web.servlet.oauth2.client + +/** + * Marker annotation indicating that the annotated class is part of the OAuth 2.0 client security DSL. + * + * @author Eleftheria Stein + * @since 5.4 + */ +@DslMarker +annotation class OAuth2ClientSecurityMarker diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/AuthorizationEndpointDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/AuthorizationEndpointDsl.kt index c416adea91..27c7982c6d 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/AuthorizationEndpointDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/AuthorizationEndpointDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.oauth2.login import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest @@ -33,7 +32,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ * @property authorizationRequestResolver the resolver used for resolving [OAuth2AuthorizationRequest]'s. * @property authorizationRequestRepository the repository used for storing [OAuth2AuthorizationRequest]'s. */ -@SecurityMarker +@OAuth2LoginSecurityMarker class AuthorizationEndpointDsl { var baseUri: String? = null var authorizationRequestResolver: OAuth2AuthorizationRequestResolver? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/OAuth2LoginSecurityMarker.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/OAuth2LoginSecurityMarker.kt new file mode 100644 index 0000000000..24ab0807d9 --- /dev/null +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/OAuth2LoginSecurityMarker.kt @@ -0,0 +1,26 @@ +/* + * Copyright 2002-2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.springframework.security.config.web.servlet.oauth2.login + +/** + * Marker annotation indicating that the annotated class is part of the OAuth 2.0 login security DSL. + * + * @author Eleftheria Stein + * @since 5.4 + */ +@DslMarker +annotation class OAuth2LoginSecurityMarker diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/RedirectionEndpointDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/RedirectionEndpointDsl.kt index a15d6e419e..ac63d88c9c 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/RedirectionEndpointDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/RedirectionEndpointDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.oauth2.login import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker /** * A Kotlin DSL to configure the Authorization Server's Redirection Endpoint using @@ -28,7 +27,7 @@ import org.springframework.security.config.web.servlet.SecurityMarker * @since 5.3 * @property baseUri the URI where the authorization response will be processed. */ -@SecurityMarker +@OAuth2LoginSecurityMarker class RedirectionEndpointDsl { var baseUri: String? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/TokenEndpointDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/TokenEndpointDsl.kt index 0997c15e87..ddba776d55 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/TokenEndpointDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/TokenEndpointDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.oauth2.login import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest @@ -31,7 +30,7 @@ import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCo * @property accessTokenResponseClient the client used for requesting the access token credential * from the Token Endpoint. */ -@SecurityMarker +@OAuth2LoginSecurityMarker class TokenEndpointDsl { var accessTokenResponseClient: OAuth2AccessTokenResponseClient? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/UserInfoEndpointDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/UserInfoEndpointDsl.kt index f2e30083d6..edddc41d79 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/UserInfoEndpointDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/login/UserInfoEndpointDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.oauth2.login import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest import org.springframework.security.oauth2.client.registration.ClientRegistration @@ -39,7 +38,7 @@ import org.springframework.security.oauth2.core.user.OAuth2User * End-User from the UserInfo Endpoint. * @property userAuthoritiesMapper the [GrantedAuthoritiesMapper] used for mapping [OAuth2User.getAuthorities] */ -@SecurityMarker +@OAuth2LoginSecurityMarker class UserInfoEndpointDsl { var userService: OAuth2UserService? = null var oidcUserService: OAuth2UserService? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/resourceserver/JwtDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/resourceserver/JwtDsl.kt index 2236aa4d10..e8d8008a97 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/resourceserver/JwtDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/resourceserver/JwtDsl.kt @@ -20,7 +20,6 @@ import org.springframework.core.convert.converter.Converter import org.springframework.security.authentication.AbstractAuthenticationToken import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker import org.springframework.security.oauth2.jwt.Jwt import org.springframework.security.oauth2.jwt.JwtDecoder @@ -35,7 +34,7 @@ import org.springframework.security.oauth2.jwt.JwtDecoder * @property jwkSetUri configures a [JwtDecoder] using a * JSON Web Key (JWK) URL */ -@SecurityMarker +@OAuth2ResourceServerSecurityMarker class JwtDsl { private var _jwtDecoder: JwtDecoder? = null private var _jwkSetUri: String? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/resourceserver/OAuth2ResourceServerSecurityMarker.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/resourceserver/OAuth2ResourceServerSecurityMarker.kt new file mode 100644 index 0000000000..c561531ae9 --- /dev/null +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/resourceserver/OAuth2ResourceServerSecurityMarker.kt @@ -0,0 +1,26 @@ +/* + * Copyright 2002-2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.springframework.security.config.web.servlet.oauth2.resourceserver + +/** + * Marker annotation indicating that the annotated class is part of the OAuth 2.0 resource server security DSL. + * + * @author Eleftheria Stein + * @since 5.4 + */ +@DslMarker +annotation class OAuth2ResourceServerSecurityMarker diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/resourceserver/OpaqueTokenDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/resourceserver/OpaqueTokenDsl.kt index 062509cb0e..f912379654 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/resourceserver/OpaqueTokenDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/oauth2/resourceserver/OpaqueTokenDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.oauth2.resourceserver import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector /** @@ -29,7 +28,7 @@ import org.springframework.security.oauth2.server.resource.introspection.OpaqueT * @property introspectionUri the URI of the Introspection endpoint. * @property introspector the [OpaqueTokenIntrospector] to use. */ -@SecurityMarker +@OAuth2ResourceServerSecurityMarker class OpaqueTokenDsl { private var _introspectionUri: String? = null private var _introspector: OpaqueTokenIntrospector? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/session/SessionConcurrencyDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/session/SessionConcurrencyDsl.kt index d673cccb69..e0af442a9c 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/session/SessionConcurrencyDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/session/SessionConcurrencyDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.session import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker import org.springframework.security.core.session.SessionRegistry import org.springframework.security.web.session.SessionInformationExpiredStrategy @@ -38,7 +37,7 @@ import org.springframework.security.web.session.SessionInformationExpiredStrateg * is allowed access and an existing user's session is expired. * @property sessionRegistry the [SessionRegistry] implementation used. */ -@SecurityMarker +@SessionSecurityMarker class SessionConcurrencyDsl { var maximumSessions: Int? = null var expiredUrl: String? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/session/SessionFixationDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/session/SessionFixationDsl.kt index a5ee7188a0..b02a7d5274 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/session/SessionFixationDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/session/SessionFixationDsl.kt @@ -18,7 +18,6 @@ package org.springframework.security.config.web.servlet.session import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer -import org.springframework.security.config.web.servlet.SecurityMarker import javax.servlet.http.HttpServletRequest import javax.servlet.http.HttpSession @@ -29,7 +28,7 @@ import javax.servlet.http.HttpSession * @author Eleftheria Stein * @since 5.3 */ -@SecurityMarker +@SessionSecurityMarker class SessionFixationDsl { private var strategy: SessionFixationStrategy? = null diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/session/SessionSecurityMarker.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/session/SessionSecurityMarker.kt new file mode 100644 index 0000000000..6e5ef671b7 --- /dev/null +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/session/SessionSecurityMarker.kt @@ -0,0 +1,26 @@ +/* + * Copyright 2002-2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.springframework.security.config.web.servlet.session + +/** + * Marker annotation indicating that the annotated class is part of the session security DSL. + * + * @author Eleftheria Stein + * @since 5.4 + */ +@DslMarker +annotation class SessionSecurityMarker