diff --git a/src/main/java/fr/recia/ressourcesdiffusablesapi/SecurityConfiguration.java b/src/main/java/fr/recia/ressourcesdiffusablesapi/SecurityConfiguration.java index c1fe7a6..843dc40 100644 --- a/src/main/java/fr/recia/ressourcesdiffusablesapi/SecurityConfiguration.java +++ b/src/main/java/fr/recia/ressourcesdiffusablesapi/SecurityConfiguration.java @@ -11,9 +11,9 @@ import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; +import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.security.web.util.matcher.NegatedRequestMatcher; @@ -28,7 +28,7 @@ @Slf4j @Configuration @EnableWebSecurity -public class SecurityConfiguration extends WebSecurityConfigurerAdapter { +public class SecurityConfiguration { @Value("${security-configuration.soffit.jwt.signatureKey:Changeme}") private String signatureKey; @@ -51,34 +51,32 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { @Value("${security-configuration.cors.allowed-methods}") private List corsAllowedMethods; - @Override - public void configure(WebSecurity web) { + @Bean + public WebSecurityCustomizer webSecurityCustomizer() { final RequestMatcher pathMatcher = new AntPathRequestMatcher("/api/**"); final RequestMatcher inverseMatcher = new NegatedRequestMatcher(pathMatcher); - web.ignoring().requestMatchers(inverseMatcher); + + return web -> web.ignoring().requestMatchers(inverseMatcher); } - @Override - protected void configure(HttpSecurity http) throws Exception { + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { if(log.isDebugEnabled()) log.debug("configure signatureKey = {}", this.signatureKey); final AbstractPreAuthenticatedProcessingFilter filter = new SoffitApiPreAuthenticatedProcessingFilter(this.signatureKey); filter.setAuthenticationManager(authenticationManager()); - http - .addFilter(filter) - .authorizeRequests() - .antMatchers("/health-check").anonymous() - .antMatchers(HttpMethod.GET, "/api/**").authenticated() - .anyRequest().denyAll() - .and() - .cors() - .configurationSource(corsConfigurationSource()) - .and() - .sessionManagement() - .sessionFixation() - .none(); + http.addFilter(filter); + http.authorizeHttpRequests(authz -> authz + .antMatchers("/health-check").permitAll() + .antMatchers(HttpMethod.GET, "/api/**").authenticated() + .anyRequest().denyAll() + ); + http.cors().configurationSource(corsConfigurationSource()); + http.sessionManagement().sessionFixation().newSession(); + + return http.build(); } @Bean @@ -100,6 +98,7 @@ public FilterRegistrationBean disableSpringBootErrorFilter() { FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean<>(); filterRegistrationBean.setFilter(errorPageFilter()); filterRegistrationBean.setEnabled(false); + return filterRegistrationBean; }