Skip to content

Commit d6a2851

Browse files
eleftheriaskostya05983
eleftherias
authored and
kostya05983
committed
Use http security nested builder in docs
Issue: spring-projectsgh-5557
1 parent 0ccef55 commit d6a2851

File tree

10 files changed

+507
-335
lines changed

10 files changed

+507
-335
lines changed

docs/manual/src/docs/asciidoc/_includes/servlet/additional-topics/mvc.adoc

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -104,8 +104,10 @@ If we wanted to restrict access to this controller method to admin users, a deve
104104
----
105105
protected configure(HttpSecurity http) throws Exception {
106106
http
107-
.authorizeRequests()
108-
.antMatchers("/admin").hasRole("ADMIN");
107+
.authorizeRequests(authorizeRequests ->
108+
authorizeRequests
109+
.antMatchers("/admin").hasRole("ADMIN")
110+
);
109111
}
110112
----
111113

@@ -133,8 +135,10 @@ The following configuration will protect the same URLs that Spring MVC will matc
133135
----
134136
protected configure(HttpSecurity http) throws Exception {
135137
http
136-
.authorizeRequests()
137-
.mvcMatchers("/admin").hasRole("ADMIN");
138+
.authorizeRequests(authorizeRequests ->
139+
authorizeRequests
140+
.mvcMatchers("/admin").hasRole("ADMIN")
141+
);
138142
}
139143
----
140144

docs/manual/src/docs/asciidoc/_includes/servlet/additional-topics/oauth2.adoc

Lines changed: 107 additions & 61 deletions
Original file line numberDiff line numberDiff line change
@@ -16,15 +16,25 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
1616
@Override
1717
protected void configure(HttpSecurity http) throws Exception {
1818
http
19-
.oauth2Login()
20-
.authorizationEndpoint()
21-
...
22-
.redirectionEndpoint()
23-
...
24-
.tokenEndpoint()
25-
...
26-
.userInfoEndpoint()
27-
...
19+
.oauth2Login(oauth2Login ->
20+
oauth2Login
21+
.authorizationEndpoint(authorizationEndpoint ->
22+
authorizationEndpoint
23+
...
24+
)
25+
.redirectionEndpoint(redirectionEndpoint ->
26+
redirectionEndpoint
27+
...
28+
)
29+
.tokenEndpoint(tokenEndpoint ->
30+
tokenEndpoint
31+
...
32+
)
33+
.userInfoEndpoint(userInfoEndpoint ->
34+
userInfoEndpoint
35+
...
36+
)
37+
);
2838
}
2939
}
3040
----
@@ -58,27 +68,34 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
5868
@Override
5969
protected void configure(HttpSecurity http) throws Exception {
6070
http
61-
.oauth2Login()
62-
.clientRegistrationRepository(this.clientRegistrationRepository())
63-
.authorizedClientRepository(this.authorizedClientRepository())
64-
.authorizedClientService(this.authorizedClientService())
65-
.loginPage("/login")
66-
.authorizationEndpoint()
67-
.baseUri(this.authorizationRequestBaseUri())
68-
.authorizationRequestRepository(this.authorizationRequestRepository())
69-
.authorizationRequestResolver(this.authorizationRequestResolver())
70-
.and()
71-
.redirectionEndpoint()
72-
.baseUri(this.authorizationResponseBaseUri())
73-
.and()
74-
.tokenEndpoint()
75-
.accessTokenResponseClient(this.accessTokenResponseClient())
76-
.and()
77-
.userInfoEndpoint()
78-
.userAuthoritiesMapper(this.userAuthoritiesMapper())
79-
.userService(this.oauth2UserService())
80-
.oidcUserService(this.oidcUserService())
81-
.customUserType(GitHubOAuth2User.class, "github");
71+
.oauth2Login(oauth2Login ->
72+
oauth2Login
73+
.clientRegistrationRepository(this.clientRegistrationRepository())
74+
.authorizedClientRepository(this.authorizedClientRepository())
75+
.authorizedClientService(this.authorizedClientService())
76+
.loginPage("/login")
77+
.authorizationEndpoint(authorizationEndpoint ->
78+
authorizationEndpoint
79+
.baseUri(this.authorizationRequestBaseUri())
80+
.authorizationRequestRepository(this.authorizationRequestRepository())
81+
.authorizationRequestResolver(this.authorizationRequestResolver())
82+
)
83+
.redirectionEndpoint(redirectionEndpoint ->
84+
redirectionEndpoint
85+
.baseUri(this.authorizationResponseBaseUri())
86+
)
87+
.tokenEndpoint(tokenEndpoint ->
88+
tokenEndpoint
89+
.accessTokenResponseClient(this.accessTokenResponseClient())
90+
)
91+
.userInfoEndpoint(userInfoEndpoint ->
92+
userInfoEndpoint
93+
.userAuthoritiesMapper(this.userAuthoritiesMapper())
94+
.userService(this.oauth2UserService())
95+
.oidcUserService(this.oidcUserService())
96+
.customUserType(GitHubOAuth2User.class, "github")
97+
)
98+
);
8299
}
83100
}
84101
----
@@ -123,12 +140,16 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
123140
@Override
124141
protected void configure(HttpSecurity http) throws Exception {
125142
http
126-
.oauth2Login()
127-
.loginPage("/login/oauth2")
128-
...
129-
.authorizationEndpoint()
130-
.baseUri("/login/oauth2/authorization")
131-
....
143+
.oauth2Login(oauth2Login ->
144+
oauth2Login
145+
.loginPage("/login/oauth2")
146+
...
147+
.authorizationEndpoint(authorizationEndpoint ->
148+
authorizationEndpoint
149+
.baseUri("/login/oauth2/authorization")
150+
...
151+
)
152+
);
132153
}
133154
}
134155
----
@@ -171,10 +192,14 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
171192
@Override
172193
protected void configure(HttpSecurity http) throws Exception {
173194
http
174-
.oauth2Login()
175-
.redirectionEndpoint()
176-
.baseUri("/login/oauth2/callback/*")
177-
....
195+
.oauth2Login(oauth2Login ->
196+
oauth2Login
197+
.redirectionEndpoint(redirectionEndpoint ->
198+
redirectionEndpoint
199+
.baseUri("/login/oauth2/callback/*")
200+
...
201+
)
202+
);
178203
}
179204
}
180205
----
@@ -234,10 +259,14 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
234259
@Override
235260
protected void configure(HttpSecurity http) throws Exception {
236261
http
237-
.oauth2Login()
238-
.userInfoEndpoint()
239-
.userAuthoritiesMapper(this.userAuthoritiesMapper())
240-
...
262+
.oauth2Login(oauth2Login ->
263+
oauth2Login
264+
.userInfoEndpoint(userInfoEndpoint ->
265+
userInfoEndpoint
266+
.userAuthoritiesMapper(this.userAuthoritiesMapper())
267+
...
268+
)
269+
);
241270
}
242271
243272
private GrantedAuthoritiesMapper userAuthoritiesMapper() {
@@ -280,7 +309,8 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
280309
281310
@Override
282311
protected void configure(HttpSecurity http) throws Exception {
283-
http.oauth2Login();
312+
http
313+
.oauth2Login(withDefaults());
284314
}
285315
286316
@Bean
@@ -308,10 +338,14 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
308338
@Override
309339
protected void configure(HttpSecurity http) throws Exception {
310340
http
311-
.oauth2Login()
312-
.userInfoEndpoint()
313-
.oidcUserService(this.oidcUserService())
314-
...
341+
.oauth2Login(oauth2Login ->
342+
oauth2Login
343+
.userInfoEndpoint(userInfoEndpoint ->
344+
userInfoEndpoint
345+
.oidcUserService(this.oidcUserService())
346+
...
347+
)
348+
);
315349
}
316350
317351
private OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService() {
@@ -355,10 +389,14 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
355389
@Override
356390
protected void configure(HttpSecurity http) throws Exception {
357391
http
358-
.oauth2Login()
359-
.userInfoEndpoint()
360-
.customUserType(GitHubOAuth2User.class, "github")
361-
...
392+
.oauth2Login(oauth2Login ->
393+
oauth2Login
394+
.userInfoEndpoint(userInfoEndpoint ->
395+
userInfoEndpoint
396+
.customUserType(GitHubOAuth2User.class, "github")
397+
...
398+
)
399+
);
362400
}
363401
}
364402
----
@@ -469,10 +507,14 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
469507
@Override
470508
protected void configure(HttpSecurity http) throws Exception {
471509
http
472-
.oauth2Login()
473-
.userInfoEndpoint()
474-
.userService(this.oauth2UserService())
475-
...
510+
.oauth2Login(oauth2Login ->
511+
oauth2Login
512+
.userInfoEndpoint(userInfoEndpoint ->
513+
userInfoEndpoint
514+
.userService(this.oauth2UserService())
515+
...
516+
)
517+
);
476518
}
477519
478520
private OAuth2UserService<OAuth2UserRequest, OAuth2User> oauth2UserService() {
@@ -501,10 +543,14 @@ public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
501543
@Override
502544
protected void configure(HttpSecurity http) throws Exception {
503545
http
504-
.oauth2Login()
505-
.userInfoEndpoint()
506-
.oidcUserService(this.oidcUserService())
507-
...
546+
.oauth2Login(oauth2Login ->
547+
oauth2Login
548+
.userInfoEndpoint(userInfoEndpoint ->
549+
userInfoEndpoint
550+
.oidcUserService(this.oidcUserService())
551+
...
552+
)
553+
);
508554
}
509555
510556
private OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService() {

docs/manual/src/docs/asciidoc/_includes/servlet/authorization/expression-based.adoc

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -169,9 +169,11 @@ or in Java configuration
169169
[source,java]
170170
----
171171
http
172-
.authorizeRequests()
173-
.antMatchers("/user/{userId}/**").access("@webSecurity.checkUserId(authentication,#userId)")
174-
...
172+
.authorizeRequests(authorizeRequests ->
173+
authorizeRequests
174+
.antMatchers("/user/{userId}/**").access("@webSecurity.checkUserId(authentication,#userId)")
175+
...
176+
);
175177
----
176178

177179
In both configurations URLs that match would pass in the path variable (and convert it) into checkUserId method.

0 commit comments

Comments
 (0)