From 835725ca9d8943899a3dd79a800f15a183edde66 Mon Sep 17 00:00:00 2001 From: Colin DAMON Date: Sun, 23 Jul 2023 08:52:41 +0200 Subject: [PATCH] Spring boot upgrade --- .../resources/generator/dependencies/pom.xml | 2 +- .../SecurityConfiguration.java.mustache | 52 +++++++++++-------- .../SecurityConfiguration.java.mustache | 43 ++++++++------- 3 files changed, 57 insertions(+), 40 deletions(-) diff --git a/src/main/resources/generator/dependencies/pom.xml b/src/main/resources/generator/dependencies/pom.xml index 9473169951..03df95b53f 100644 --- a/src/main/resources/generator/dependencies/pom.xml +++ b/src/main/resources/generator/dependencies/pom.xml @@ -17,7 +17,7 @@ 3.24.2 5.4.0 7.4 - 3.1.1 + 3.1.2 2022.0.0 4.0.2 2.1.0 diff --git a/src/main/resources/generator/server/springboot/mvc/security/jwt/authentication/main/infrastructure/primary/SecurityConfiguration.java.mustache b/src/main/resources/generator/server/springboot/mvc/security/jwt/authentication/main/infrastructure/primary/SecurityConfiguration.java.mustache index f1522c88f0..b2ff20ff10 100644 --- a/src/main/resources/generator/server/springboot/mvc/security/jwt/authentication/main/infrastructure/primary/SecurityConfiguration.java.mustache +++ b/src/main/resources/generator/server/springboot/mvc/security/jwt/authentication/main/infrastructure/primary/SecurityConfiguration.java.mustache @@ -1,5 +1,7 @@ package {{packageName}}.authentication.infrastructure.primary; +import static org.springframework.security.web.util.matcher.AntPathRequestMatcher.*; + import {{packageName}}.authentication.domain.Role; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.security.Keys; @@ -22,7 +24,9 @@ import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter; +import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher; import org.springframework.web.filter.CorsFilter; +import org.springframework.web.servlet.handler.HandlerMappingIntrospector; @Configuration @EnableWebSecurity @@ -32,10 +36,16 @@ class SecurityConfiguration { private final JwtAuthenticationProperties properties; private final CorsFilter corsFilter; + private final HandlerMappingIntrospector introspector; - public SecurityConfiguration(JwtAuthenticationProperties properties, CorsFilter corsFilter) { + public SecurityConfiguration( + JwtAuthenticationProperties properties, + CorsFilter corsFilter, + HandlerMappingIntrospector introspector + ) { this.properties = properties; this.corsFilter = corsFilter; + this.introspector = introspector; } @Bean @@ -48,14 +58,14 @@ class SecurityConfiguration { return web -> web .ignoring() - .requestMatchers(HttpMethod.OPTIONS, "/**") - .requestMatchers("/app/**") - .requestMatchers("/i18n/**") - .requestMatchers("/content/**") - .requestMatchers("/swagger-ui/**") - .requestMatchers("/swagger-ui.html") - .requestMatchers("/v3/api-docs/**") - .requestMatchers("/test/**"); + .requestMatchers(antMatcher(HttpMethod.OPTIONS, "/**")) + .requestMatchers(antMatcher("/app/**")) + .requestMatchers(antMatcher("/i18n/**")) + .requestMatchers(antMatcher("/content/**")) + .requestMatchers(antMatcher("/swagger-ui/**")) + .requestMatchers(antMatcher("/swagger-ui.html")) + .requestMatchers(antMatcher("/v3/api-docs/**")) + .requestMatchers(antMatcher("/test/**")); } @Bean @@ -75,18 +85,18 @@ class SecurityConfiguration { .httpBasic(AbstractHttpConfigurer::disable) .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) .authorizeHttpRequests(authz -> authz - .requestMatchers("/api/authenticate").permitAll() - .requestMatchers("/api/register").permitAll() - .requestMatchers("/api/activate").permitAll() - .requestMatchers("/api/account/reset-password/init").permitAll() - .requestMatchers("/api/account/reset-password/finish").permitAll() - .requestMatchers("/api/admin/**").hasAuthority(Role.ADMIN.key()) - .requestMatchers("/api/**").authenticated() - .requestMatchers("/management/health").permitAll() - .requestMatchers("/management/health/**").permitAll() - .requestMatchers("/management/info").permitAll() - .requestMatchers("/management/prometheus").permitAll() - .requestMatchers("/management/**").hasAuthority(Role.ADMIN.key()) + .requestMatchers(new MvcRequestMatcher(introspector, "/api/authenticate")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/api/register")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/api/activate")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/api/account/reset-password/init")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/api/account/reset-password/finish")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/api/admin/**")).hasAuthority(Role.ADMIN.key()) + .requestMatchers(new MvcRequestMatcher(introspector, "/api/**")).authenticated() + .requestMatchers(new MvcRequestMatcher(introspector, "/management/health")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/management/health/**")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/management/info")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/management/prometheus")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/management/**")).hasAuthority(Role.ADMIN.key()) .anyRequest().authenticated() ); diff --git a/src/main/resources/generator/server/springboot/mvc/security/oauth2/core/main/infrastructure/primary/SecurityConfiguration.java.mustache b/src/main/resources/generator/server/springboot/mvc/security/oauth2/core/main/infrastructure/primary/SecurityConfiguration.java.mustache index bd48e71e34..542113efc3 100644 --- a/src/main/resources/generator/server/springboot/mvc/security/oauth2/core/main/infrastructure/primary/SecurityConfiguration.java.mustache +++ b/src/main/resources/generator/server/springboot/mvc/security/oauth2/core/main/infrastructure/primary/SecurityConfiguration.java.mustache @@ -1,5 +1,7 @@ package {{packageName}}.authentication.infrastructure.primary; +import static org.springframework.security.web.util.matcher.AntPathRequestMatcher.*; + import java.time.Duration; import java.util.HashSet; import java.util.Set; @@ -31,7 +33,9 @@ import org.springframework.security.oauth2.server.resource.authentication.JwtAut import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.csrf.CsrfFilter; import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter; +import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher; import org.springframework.web.filter.CorsFilter; +import org.springframework.web.servlet.handler.HandlerMappingIntrospector; import {{packageName}}.authentication.domain.Role; import {{packageName}}.common.domain.ExcludeFromGeneratedCodeCoverage; @@ -47,16 +51,19 @@ public class SecurityConfiguration { private final ApplicationSecurityProperties applicationSecurityProperties; private final CorsFilter corsFilter; + private final HandlerMappingIntrospector introspector; @Value("${spring.security.oauth2.client.provider.oidc.issuer-uri}") private String issuerUri; public SecurityConfiguration( CorsFilter corsFilter, - ApplicationSecurityProperties applicationSecurityProperties + ApplicationSecurityProperties applicationSecurityProperties, + HandlerMappingIntrospector introspector ) { this.corsFilter = corsFilter; this.applicationSecurityProperties = applicationSecurityProperties; + this.introspector = introspector; } @Bean @@ -64,14 +71,14 @@ public class SecurityConfiguration { return web -> web .ignoring() - .requestMatchers(HttpMethod.OPTIONS, "/**") - .requestMatchers("/app/**") - .requestMatchers("/i18n/**") - .requestMatchers("/content/**") - .requestMatchers("/swagger-ui/**") - .requestMatchers("/swagger-ui.html") - .requestMatchers("/v3/api-docs/**") - .requestMatchers("/test/**"); + .requestMatchers(antMatcher(HttpMethod.OPTIONS, "/**")) + .requestMatchers(antMatcher("/app/**")) + .requestMatchers(antMatcher("/i18n/**")) + .requestMatchers(antMatcher("/content/**")) + .requestMatchers(antMatcher("/swagger-ui/**")) + .requestMatchers(antMatcher("/swagger-ui.html")) + .requestMatchers(antMatcher("/v3/api-docs/**")) + .requestMatchers(antMatcher("/test/**")); } @Bean @@ -88,15 +95,15 @@ public class SecurityConfiguration { permissions.policy("camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()")) ) .authorizeHttpRequests(authz -> authz - .requestMatchers("/api/authenticate").permitAll() - .requestMatchers("/api/auth-info").permitAll() - .requestMatchers("/api/admin/**").hasAuthority(Role.ADMIN.key()) - .requestMatchers("/api/**").authenticated() - .requestMatchers("/management/health").permitAll() - .requestMatchers("/management/health/**").permitAll() - .requestMatchers("/management/info").permitAll() - .requestMatchers("/management/prometheus").permitAll() - .requestMatchers("/management/**").hasAuthority(Role.ADMIN.key()) + .requestMatchers(new MvcRequestMatcher(introspector, "/api/authenticate")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/api/auth-info")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/api/admin/**")).hasAuthority(Role.ADMIN.key()) + .requestMatchers(new MvcRequestMatcher(introspector, "/api/**")).authenticated() + .requestMatchers(new MvcRequestMatcher(introspector, "/management/health")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/management/health/**")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/management/info")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/management/prometheus")).permitAll() + .requestMatchers(new MvcRequestMatcher(introspector, "/management/**")).hasAuthority(Role.ADMIN.key()) .anyRequest().authenticated() ) .oauth2Login(withDefaults())