Add Gradle Enterprise plugin

Issue gh-94
Accept gradle Terms of Service
2022-09-16 08:55:56 -03:00 · 2022-09-16 08:55:56 -03:00 · 2022-09-16 08:55:55 -03:00 · 2022-05-11 16:05:42 -03:00 · 2021-12-20 13:53:33 -06:00 · 2021-12-20 13:53:22 -06:00
113 changed files with 327 additions and 201 deletions
@@ -20,4 +20,26 @@ allprojects {
 			}
 		}
 	}
-}
+}
+
+if (hasProperty('buildScan')) {
+	buildScan {
+		termsOfServiceUrl = 'https://gradle.com/terms-of-service'
+		termsOfServiceAgree = 'yes'
+	}
+}
+
+repositories {
+	mavenCentral()
+}
+
+tasks.register('runAllTests') {
+	var allTasks = rootProject.getAllTasks(true)
+	var allTestsTasks = allTasks.values().collect { t ->
+		t.findAll { it.name == 'test' || it.name == 'integrationTest' }
+	}.flatten()
+	it.dependsOn {
+		allTestsTasks
+	}
+}
+
@@ -1,5 +1,5 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
 org.gradle.jvmargs=-Xmx3g -XX:MaxPermSize=2048m -XX:+HeapDumpOnOutOfMemoryError
 org.gradle.parallel=true
 org.gradle.caching=true
@@ -21,4 +21,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -21,4 +21,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -28,7 +28,7 @@ import org.springframework.test.web.reactive.server.WebTestClient;
 * @since 5.0
 */
@SpringBootTest
-@AutoConfigureWebTestClient
+@AutoConfigureWebTestClient(timeout = "36000")
 public class HelloTests {

 	@Autowired
@@ -19,4 +19,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -27,7 +27,7 @@ import org.springframework.test.web.reactive.server.WebTestClient;
 * @since 5.0
 */
@SpringBootTest
-@AutoConfigureWebTestClient
+@AutoConfigureWebTestClient(timeout = "36000")
 public class HelloTests {

 	@Autowired
@@ -25,4 +25,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -21,4 +21,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -23,4 +23,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -28,7 +28,7 @@ import org.springframework.test.web.reactive.server.WebTestClient;
 * @since 5.0
 */
@SpringBootTest
-@AutoConfigureWebTestClient
+@AutoConfigureWebTestClient(timeout = "36000")
 public class HelloSecurityTests {

 	@Autowired
@@ -21,4 +21,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -28,7 +28,7 @@ import org.springframework.test.web.reactive.server.WebTestClient;
 * @since 5.0
 */
@SpringBootTest
-@AutoConfigureWebTestClient
+@AutoConfigureWebTestClient(timeout = "36000")
 public class HelloSecurityTests {

 	@Autowired
@@ -19,4 +19,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -27,7 +27,7 @@ import org.springframework.test.web.reactive.server.WebTestClient;
 * @since 5.0
 */
@SpringBootTest
-@AutoConfigureWebTestClient
+@AutoConfigureWebTestClient(timeout = "36000")
 public class HelloTests {

 	@Autowired
@@ -21,4 +21,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -28,7 +28,7 @@ import org.springframework.test.web.reactive.server.WebTestClient;
 * @since 5.0
 */
@SpringBootTest
-@AutoConfigureWebTestClient
+@AutoConfigureWebTestClient(timeout = "36000")
 public class HelloMethodApplicationTests {

 	@Autowired
@@ -24,4 +24,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -36,7 +36,7 @@ import static org.springframework.security.test.web.reactive.server.SecurityMock
 * @author Rob Winch
 */
@SpringBootTest
-@AutoConfigureWebTestClient
+@AutoConfigureWebTestClient(timeout = "36000")
 public class OAuth2LoginApplicationTests {

 	@Autowired
@@ -21,4 +21,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -36,7 +36,7 @@ import static org.hamcrest.Matchers.containsString;
 * @since 5.1
 */
@SpringBootTest
-@AutoConfigureWebTestClient
+@AutoConfigureWebTestClient(timeout = "36000")
@ActiveProfiles("test")
 public class ServerOAuth2ResourceServerApplicationITests {

@@ -24,4 +24,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -39,7 +39,7 @@ import static org.springframework.security.test.web.reactive.server.SecurityMock

@WebFluxTest
@Import({ SecurityConfiguration.class, OAuth2WebClientController.class })
-@AutoConfigureWebTestClient
+@AutoConfigureWebTestClient(timeout = "36000")
 public class OAuth2WebClientControllerTests {

 	private static MockWebServer web = new MockWebServer();
@@ -27,7 +27,7 @@ import org.springframework.test.web.reactive.server.WebTestClient;
 * @author Rob Winch
 */
@SpringBootTest
-@AutoConfigureWebTestClient
+@AutoConfigureWebTestClient(timeout = "36000")
 public class OAuth2WebClientWebFluxApplicationTests {

 	@Autowired
@@ -39,7 +39,7 @@ import static org.springframework.security.test.web.reactive.server.SecurityMock

@WebFluxTest
@Import({ SecurityConfiguration.class, RegisteredOAuth2AuthorizedClientController.class })
-@AutoConfigureWebTestClient
+@AutoConfigureWebTestClient(timeout = "36000")
 public class RegisteredOAuth2AuthorizedClientControllerTests {

 	private static MockWebServer web = new MockWebServer();
@@ -1 +1 @@
-spring-security.version=5.6.0-SNAPSHOT
+spring-security.version=5.6.0
@@ -14,7 +14,7 @@ dependencies {
 	aspect "org.springframework.security:spring-security-aspects"

 	implementation platform("org.springframework:spring-framework-bom:5.3.0")
-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
+	implementation platform("org.springframework.security:spring-security-bom:5.6.0")
 	implementation platform("org.junit:junit-bom:5.7.0")

 	implementation "org.springframework.security:spring-security-config"
@@ -31,6 +31,7 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }


@@ -14,7 +14,7 @@ repositories {

 dependencies {
 	implementation platform("org.springframework:spring-framework-bom:5.3.0")
-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
+	implementation platform("org.springframework.security:spring-security-bom:5.6.0")
 	implementation platform("org.junit:junit-bom:5.7.0")

 	implementation "org.springframework.security:spring-security-config"
@@ -34,4 +34,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -14,7 +14,7 @@ repositories {

 dependencies {
 	implementation platform("org.springframework:spring-framework-bom:5.3.0")
-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
+	implementation platform("org.springframework.security:spring-security-bom:5.6.0")
 	implementation platform("org.junit:junit-bom:5.7.0")

 	implementation "org.springframework.security:spring-security-config"
@@ -34,4 +34,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -14,7 +14,7 @@ repositories {

 dependencies {
 	implementation platform("org.springframework:spring-framework-bom:5.3.0")
-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
+	implementation platform("org.springframework.security:spring-security-bom:5.6.0")
 	implementation platform("org.junit:junit-bom:5.7.0")

 	implementation "org.springframework.security:spring-security-config"
@@ -34,4 +34,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -14,7 +14,7 @@ repositories {

 dependencies {
 	implementation platform("org.springframework:spring-framework-bom:5.3.0")
-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
+	implementation platform("org.springframework.security:spring-security-bom:5.6.0")
 	implementation platform("org.junit:junit-bom:5.7.0")

 	implementation "org.springframework.security:spring-security-config"
@@ -34,4 +34,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -14,7 +14,7 @@ repositories {

 dependencies {
 	implementation platform("org.springframework:spring-framework-bom:5.3.0")
-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
+	implementation platform("org.springframework.security:spring-security-bom:5.6.0")
 	implementation platform("org.junit:junit-bom:5.7.0")

 	implementation "org.hsqldb:hsqldb:2.5.1"
@@ -36,4 +36,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -14,7 +14,7 @@ repositories {

 dependencies {
 	implementation platform("org.springframework:spring-framework-bom:5.3.0")
-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
+	implementation platform("org.springframework.security:spring-security-bom:5.6.0")
 	implementation platform("org.junit:junit-bom:5.7.0")

 	implementation "org.springframework.security:spring-security-config"
@@ -37,4 +37,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -14,7 +14,7 @@ repositories {

 dependencies {
 	implementation platform("org.springframework:spring-framework-bom:5.3.0")
-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
+	implementation platform("org.springframework.security:spring-security-bom:5.6.0")
 	implementation platform("org.junit:junit-bom:5.7.0")

 	implementation "org.springframework.security:spring-security-config"
@@ -32,4 +32,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -9,9 +9,9 @@ repositories {
 }

 dependencies {
-	implementation platform("org.springframework:spring-framework-bom:5.3.0")
-	implementation platform("org.springframework.data:spring-data-releasetrain:Neumann-SR5")
-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
+	implementation platform("org.springframework:spring-framework-bom:5.3.11")
+	implementation platform("org.springframework.data:spring-data-releasetrain:Neumann-SR9")
+	implementation platform("org.springframework.security:spring-security-bom:5.6.0")
 	implementation platform("org.junit:junit-bom:5.7.0")

 	implementation "org.springframework.security:spring-security-config"
@@ -34,4 +34,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -14,7 +14,7 @@ repositories {

 dependencies {
 	implementation platform("org.springframework:spring-framework-bom:5.3.0")
-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
+	implementation platform("org.springframework.security:spring-security-bom:5.6.0")
 	implementation platform("org.junit:junit-bom:5.7.0")

 	implementation "org.springframework.security:spring-security-config"
@@ -34,4 +34,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -14,7 +14,7 @@ repositories {

 dependencies {
 	implementation platform("org.springframework:spring-framework-bom:5.3.0")
-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
+	implementation platform("org.springframework.security:spring-security-bom:5.6.0")
 	implementation platform("org.junit:junit-bom:5.7.0")

 	implementation "org.springframework.security:spring-security-config"
@@ -37,4 +37,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -14,7 +14,7 @@ repositories {

 dependencies {
 	implementation platform("org.springframework:spring-framework-bom:5.3.0")
-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
+	implementation platform("org.springframework.security:spring-security-bom:5.6.0")
 	implementation platform("org.junit:junit-bom:5.7.0")

 	implementation "org.springframework.security:spring-security-config"
@@ -37,4 +37,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -14,7 +14,7 @@ repositories {

 dependencies {
 	implementation platform("org.springframework:spring-framework-bom:5.3.0")
-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
+	implementation platform("org.springframework.security:spring-security-bom:5.6.0")
 	implementation platform("org.junit:junit-bom:5.7.0")

 	implementation "org.springframework.security:spring-security-config"
@@ -34,4 +34,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -36,7 +36,7 @@ dependencies {
 		implementation "org.opensaml:opensaml-saml-impl:4.1.1"
 	}
 	implementation platform("org.springframework:spring-framework-bom:5.3.11")
-	implementation platform("org.springframework.security:spring-security-bom:5.6.0-SNAPSHOT")
+	implementation platform("org.springframework.security:spring-security-bom:5.6.0")
 	implementation platform("org.junit:junit-bom:5.7.0")

 	implementation "org.springframework.security:spring-security-config"
@@ -63,4 +63,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -24,4 +24,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -20,4 +20,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -23,4 +23,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -20,10 +20,10 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;

 import static org.springframework.security.config.Customizer.withDefaults;

@@ -34,19 +34,20 @@ import static org.springframework.security.config.Customizer.withDefaults;
 */
@Configuration
@EnableWebSecurity
-public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+public class SecurityConfiguration {

-	@Override
-	// @formatter:off
-	protected void configure(HttpSecurity http) throws Exception {
+	@Bean
+	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+		// @formatter:off
 		http
-			.authorizeHttpRequests((authorize) -> authorize
-				.anyRequest().authenticated()
-			)
-			.httpBasic(withDefaults())
-			.formLogin(withDefaults());
+				.authorizeHttpRequests((authorize) -> authorize
+						.anyRequest().authenticated()
+				)
+				.httpBasic(withDefaults())
+				.formLogin(withDefaults());
+		// @formatter:on
+		return http.build();
 	}
-	// @formatter:on

 	// @formatter:off
 	@Bean
@@ -21,4 +21,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -19,4 +19,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -19,4 +19,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -31,7 +31,6 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.userdetails.User;
@@ -43,6 +42,7 @@ import org.springframework.security.oauth2.jwt.NimbusJwtEncoder;
 import org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationEntryPoint;
 import org.springframework.security.oauth2.server.resource.web.access.BearerTokenAccessDeniedHandler;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;

 /**
 * Security configuration for the main application.
@@ -50,7 +50,7 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 * @author Josh Cummings
 */
@Configuration
-public class RestConfig extends WebSecurityConfigurerAdapter {
+public class RestConfig {

 	@Value("${jwt.public.key}")
 	RSAPublicKey key;
@@ -58,22 +58,23 @@ public class RestConfig extends WebSecurityConfigurerAdapter {
 	@Value("${jwt.private.key}")
 	RSAPrivateKey priv;

-	@Override
-	protected void configure(HttpSecurity http) throws Exception {
+	@Bean
+	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 		// @formatter:off
 		http
-			.authorizeHttpRequests((authorize) -> authorize
-				.anyRequest().authenticated()
-			)
-			.csrf((csrf) -> csrf.ignoringAntMatchers("/token"))
-			.httpBasic(Customizer.withDefaults())
-			.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt)
-			.sessionManagement((session) -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-			.exceptionHandling((exceptions) -> exceptions
-				.authenticationEntryPoint(new BearerTokenAuthenticationEntryPoint())
-				.accessDeniedHandler(new BearerTokenAccessDeniedHandler())
-			);
+				.authorizeHttpRequests((authorize) -> authorize
+						.anyRequest().authenticated()
+				)
+				.csrf((csrf) -> csrf.ignoringAntMatchers("/token"))
+				.httpBasic(Customizer.withDefaults())
+				.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt)
+				.sessionManagement((session) -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+				.exceptionHandling((exceptions) -> exceptions
+						.authenticationEntryPoint(new BearerTokenAuthenticationEntryPoint())
+						.accessDeniedHandler(new BearerTokenAccessDeniedHandler())
+				);
 		// @formatter:on
+		return http.build();
 	}

 	@Bean
@@ -16,10 +16,12 @@

 package example.web;

+import example.RestConfig;
 import org.junit.jupiter.api.Test;

 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.context.annotation.Import;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.MvcResult;

@@ -35,6 +37,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 * @author Josh Cummings
 */
@WebMvcTest({ HelloController.class, TokenController.class })
+@Import(RestConfig.class)
 public class HelloControllerTests {

 	@Autowired
@@ -21,4 +21,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -22,4 +22,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -24,4 +24,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -44,7 +44,6 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient;
 import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest;
@@ -63,6 +62,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
 import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
+import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.web.util.UriComponents;
 import org.springframework.web.util.UriComponentsBuilder;
@@ -328,21 +328,22 @@ public class OAuth2LoginApplicationTests {
 	}

 	@EnableWebSecurity
-	public static class SecurityTestConfig extends WebSecurityConfigurerAdapter {
+	public static class SecurityTestConfig {

-		// @formatter:off
-		@Override
-		protected void configure(HttpSecurity http) throws Exception {
+		@Bean
+		public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
-				.authorizeHttpRequests((authorize) -> authorize
-					.anyRequest().authenticated()
-				)
-				.oauth2Login((oauth2) -> oauth2
-					.tokenEndpoint((token) -> token.accessTokenResponseClient(mockAccessTokenResponseClient()))
-					.userInfoEndpoint((userInfo) -> userInfo.userService(mockUserService()))
-				);
+					.authorizeHttpRequests((authorize) -> authorize
+							.anyRequest().authenticated()
+					)
+					.oauth2Login((oauth2) -> oauth2
+							.tokenEndpoint((token) -> token.accessTokenResponseClient(mockAccessTokenResponseClient()))
+							.userInfoEndpoint((userInfo) -> userInfo.userService(mockUserService()))
+					);
+			// @formatter:on
+			return http.build();
 		}
-		// @formatter:on

 		private OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> mockAccessTokenResponseClient() {
 			OAuth2AccessTokenResponse accessTokenResponse = OAuth2AccessTokenResponse.withToken("access-token-1234")
@@ -21,4 +21,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -20,10 +20,10 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
 import org.springframework.security.oauth2.jwt.JwtDecoder;
 import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
+import org.springframework.security.web.SecurityFilterChain;

 /**
 * OAuth resource configuration.
@@ -31,22 +31,23 @@ import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
 * @author Josh Cummings
 */
@EnableWebSecurity
-public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfigurerAdapter {
+public class OAuth2ResourceServerSecurityConfiguration {

 	@Value("${spring.security.oauth2.resourceserver.jwt.jwk-set-uri}")
 	String jwkSetUri;

-	@Override
-	protected void configure(HttpSecurity http) throws Exception {
+	@Bean
+	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 		// @formatter:off
 		http
-			.authorizeHttpRequests((authorize) -> authorize
-				.antMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
-				.antMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
-				.anyRequest().authenticated()
-			)
-			.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
+				.authorizeHttpRequests((authorize) -> authorize
+						.antMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
+						.antMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
+						.anyRequest().authenticated()
+				)
+				.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
 		// @formatter:on
+		return http.build();
 	}

 	@Bean
@@ -19,6 +19,7 @@ import org.junit.jupiter.api.Test;

 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.context.annotation.Import;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.test.web.servlet.MockMvc;

@@ -36,6 +37,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 *
 */
@WebMvcTest(OAuth2ResourceServerController.class)
+@Import(OAuth2ResourceServerSecurityConfiguration.class)
 public class OAuth2ResourceServerControllerTests {

 	@Autowired
@@ -37,4 +37,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -42,9 +42,9 @@ import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.oauth2.jwt.JwtDecoder;
 import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
+import org.springframework.security.web.SecurityFilterChain;

 import static org.springframework.security.config.Customizer.withDefaults;

@@ -54,7 +54,7 @@ import static org.springframework.security.config.Customizer.withDefaults;
 * @author Josh Cummings
 */
@EnableWebSecurity
-public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfigurerAdapter {
+public class OAuth2ResourceServerSecurityConfiguration {

 	private final JWSAlgorithm jwsAlgorithm = JWSAlgorithm.RS256;

@@ -68,16 +68,17 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
 	@Value("${sample.jwe-key-value}")
 	RSAPrivateKey key;

-	@Override
-	protected void configure(HttpSecurity http) throws Exception {
+	@Bean
+	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 		// @formatter:off
 		http
-			.authorizeHttpRequests((authorize) -> authorize
-				.antMatchers("/message/**").hasAuthority("SCOPE_message:read")
-				.anyRequest().authenticated()
-			)
-			.oauth2ResourceServer((oauth2) -> oauth2.jwt(withDefaults()));
+				.authorizeHttpRequests((authorize) -> authorize
+						.antMatchers("/message/**").hasAuthority("SCOPE_message:read")
+						.anyRequest().authenticated()
+				)
+				.oauth2ResourceServer((oauth2) -> oauth2.jwt(withDefaults()));
 		// @formatter:on
+		return http.build();
 	}

 	@Bean
@@ -38,4 +38,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -38,4 +38,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -16,10 +16,11 @@
 package example;

 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.SecurityFilterChain;

 /**
 * OAuth2 Security Configuration.
@@ -27,7 +28,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 * @author Josh Cummings
 */
@EnableWebSecurity
-public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfigurerAdapter {
+public class OAuth2ResourceServerSecurityConfiguration {

 	@Value("${spring.security.oauth2.resourceserver.opaque.introspection-uri}")
 	String introspectionUri;
@@ -38,22 +39,23 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
 	@Value("${spring.security.oauth2.resourceserver.opaque.introspection-client-secret}")
 	String clientSecret;

-	@Override
-	protected void configure(HttpSecurity http) throws Exception {
+	@Bean
+	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 		// @formatter:off
 		http
-			.authorizeHttpRequests((authorize) -> authorize
-				.mvcMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
-				.mvcMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
-				.anyRequest().authenticated()
-			)
-			.oauth2ResourceServer((oauth2) -> oauth2
-				.opaqueToken((opaque) -> opaque
-					.introspectionUri(this.introspectionUri)
-					.introspectionClientCredentials(this.clientId, this.clientSecret)
+				.authorizeHttpRequests((authorize) -> authorize
+						.mvcMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
+						.mvcMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
+						.anyRequest().authenticated()
 				)
-			);
+				.oauth2ResourceServer((oauth2) -> oauth2
+						.opaqueToken((opaque) -> opaque
+								.introspectionUri(this.introspectionUri)
+								.introspectionClientCredentials(this.clientId, this.clientSecret)
+						)
+				);
 		// @formatter:on
+		return http.build();
 	}

 }
@@ -19,6 +19,7 @@ import org.junit.jupiter.api.Test;

 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.context.annotation.Import;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors;
 import org.springframework.test.web.servlet.MockMvc;
@@ -36,6 +37,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 * @since 5.3
 */
@WebMvcTest(OAuth2ResourceServerController.class)
+@Import(OAuth2ResourceServerSecurityConfiguration.class)
 public class OAuth2ResourceServerControllerTests {

 	@Autowired
@@ -37,4 +37,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -42,4 +42,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -18,11 +18,11 @@ package example;
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;

 import static org.springframework.security.config.Customizer.withDefaults;

@@ -32,20 +32,21 @@ import static org.springframework.security.config.Customizer.withDefaults;
 * @author Joe Grandja
 */
@EnableWebSecurity
-public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+public class SecurityConfiguration {

-	@Override
-	protected void configure(HttpSecurity http) throws Exception {
+	@Bean
+	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 		// @formatter:off
 		http
-			.authorizeHttpRequests((authorize) -> authorize
-				.mvcMatchers("/", "/public/**").permitAll()
-				.anyRequest().authenticated()
-			)
-			.formLogin(withDefaults())
-			.oauth2Login(withDefaults())
-			.oauth2Client(withDefaults());
+				.authorizeHttpRequests((authorize) -> authorize
+						.mvcMatchers("/", "/public/**").permitAll()
+						.anyRequest().authenticated()
+				)
+				.formLogin(withDefaults())
+				.oauth2Login(withDefaults())
+				.oauth2Client(withDefaults());
 		// @formatter:on
+		return http.build();
 	}

 	@Bean
@@ -6,7 +6,7 @@ It uses https://simplesamlphp.org/[SimpleSAMLphp] as its asserting party.
 The sample application uses Spring Boot and the `spring-security-saml2-service-provider`
 module which is new in Spring Security 5.2.

-The https://docs.spring.io/spring-security/site/docs/5.6.0-SNAPSHOT/reference/html5/#servlet-saml2login-logout[SAML 2.0 Logout feature] is new in Spring Security 5.6.
+The https://docs.spring.io/spring-security/reference/servlet/saml2/logout.html[SAML 2.0 Logout feature] is new in Spring Security 5.6.

 == Goals

@@ -27,7 +27,7 @@ The following features are implemented in the MVP:

 On this sample, the SAML 2.0 Logout is using the HTTP-POST binding.

-You can refer to the https://docs.spring.io/spring-security/site/docs/5.6.0-SNAPSHOT/reference/html5/#servlet-saml2login-logout[reference documentation] for more details about the RP- and AP-initiated SAML 2.0 Logout.
+You can refer to the https://docs.spring.io/spring-security/reference/servlet/saml2/logout.html[reference documentation] for more details about the RP- and AP-initiated SAML 2.0 Logout.

 == Run the Sample

@@ -30,4 +30,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -6,7 +6,7 @@ It uses https://simplesamlphp.org/[SimpleSAMLphp] as its asserting party.
 The sample application uses Spring Boot and the `spring-security-saml2-service-provider`
 module which is new in Spring Security 5.2.

-The https://docs.spring.io/spring-security/site/docs/5.6.0-SNAPSHOT/reference/html5/#servlet-saml2login-logout[SAML 2.0 Logout feature] is new in Spring Security 5.6.
+The https://docs.spring.io/spring-security/reference/servlet/saml2/logout.html[SAML 2.0 Logout feature] is new in Spring Security 5.6.

 == Goals

@@ -27,7 +27,7 @@ The following features are implemented in the MVP:

 On this sample, the SAML 2.0 Logout is using the HTTP-POST binding.

-You can refer to the https://docs.spring.io/spring-security/site/docs/5.6.0-SNAPSHOT/reference/html5/#servlet-saml2login-logout[reference documentation] for more details about the RP- and AP-initiated SAML 2.0 Logout.
+You can refer to the https://docs.spring.io/spring-security/reference/servlet/saml2/logout.html[reference documentation] for more details about the RP- and AP-initiated SAML 2.0 Logout.

 == Run the Sample

@@ -30,4 +30,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
@@ -1,2 +1,2 @@
-version=5.6.0-SNAPSHOT
-spring-security.version=5.6.0-SNAPSHOT
+version=5.6.0
+spring-security.version=5.6.0
@@ -6,7 +6,7 @@ It uses https://simplesamlphp.org/[SimpleSAMLphp] as its asserting party.
 The sample application uses Spring Boot and the `spring-security-saml2-service-provider`
 module which is new in Spring Security 5.2.

-The https://docs.spring.io/spring-security/site/docs/5.6.0-SNAPSHOT/reference/html5/#servlet-saml2login-logout[SAML 2.0 Logout feature] is new in Spring Security 5.6.
+The https://docs.spring.io/spring-security/reference/servlet/saml2/logout.html[SAML 2.0 Logout feature] is new in Spring Security 5.6.

 == Goals

@@ -27,7 +27,7 @@ The following features are implemented in the MVP:

 On this sample, the SAML 2.0 Logout is using the HTTP-POST binding.

-You can refer to the https://docs.spring.io/spring-security/site/docs/5.6.0-SNAPSHOT/reference/html5/#servlet-saml2login-logout[reference documentation] for more details about the RP- and AP-initiated SAML 2.0 Logout.
+You can refer to the https://docs.spring.io/spring-security/reference/servlet/saml2/logout.html[reference documentation] for more details about the RP- and AP-initiated SAML 2.0 Logout.

 === Refreshable Asserting Party Metadata

@@ -30,4 +30,5 @@ dependencies {

 tasks.withType(Test).configureEach {
 	useJUnitPlatform()
+	outputs.upToDateWhen { false }
 }
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Marcus Da Coregio	7d9bf3ecd4	Add Gradle Enterprise plugin Issue gh-94	2022-09-16 08:55:56 -03:00
Marcus Da Coregio	46b4e25e7a	Accept gradle Terms of Service Issue gh-94	2022-09-16 08:55:56 -03:00
Marcus Da Coregio	fb1a0e96c0	Add new task that runs all subproject's tests	2022-09-16 08:55:55 -03:00
Marcus Da Coregio	bb7b822ada	Add init script to be used in Spring Security CI Issue https://github.com/spring-projects/spring-security/issues/10344	2022-05-11 16:05:42 -03:00
Eleftheria Stein	23b80ce2d8	Prevent gradle cache on tests Closes gh-54	2021-12-20 13:53:33 -06:00
Eleftheria Stein	9d13cfee7b	Temporarily disable tests on SAML2 samples Issue gh-55	2021-12-20 13:53:22 -06:00
Marcus Da Coregio	5db444a305	Remove remaining usage of WebSecurityConfigurerAdapter	2021-12-15 09:31:22 -03:00
Marcus Da Coregio	90e38e4670	Increase timeout for WebTestClient Sometimes the tests fail with the message Timeout on blocking read for 5000000000 NANOSECONDS	2021-12-10 14:29:36 -03:00
Marcus Da Coregio	f3d83b373c	Fix broken links Issue gh-53	2021-12-10 14:13:06 -03:00
Marcus Da Coregio	e78a1f73ef	Use Spring Security 5.6.0	2021-12-10 14:12:11 -03:00