Skip to content

Commit

Permalink
convert away from deprecated API
Browse files Browse the repository at this point in the history
  • Loading branch information
@hknots
hknots committed May 24, 2024
1 parent e582987 commit 14cd892
Showing 1 changed file with 18 additions and 17 deletions.
35 changes: 18 additions & 17 deletions src/main/java/no/fint/portal/ApplicationSecurity.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package no.fint.portal;

import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import no.fint.portal.security.SecureUrlAccessDecisionVoter;
import no.fint.portal.security.UserService;
Expand All @@ -8,54 +9,54 @@
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.vote.UnanimousBased;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider;
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter;

import java.util.Collections;

@Configuration
@Slf4j
public class ApplicationSecurity extends WebSecurityConfigurerAdapter {

@Autowired
SecureUrlAccessDecisionVoter voter;
@Configuration
@RequiredArgsConstructor
public class ApplicationSecurity {

@Autowired
UserService userService;
private final SecureUrlAccessDecisionVoter voter;
private final UserService userService;

@Bean
RequestHeaderAuthenticationFilter requestHeaderAuthenticationFilter() throws Exception {
public RequestHeaderAuthenticationFilter requestHeaderAuthenticationFilter(PreAuthenticatedAuthenticationProvider preAuthenticatedAuthenticationProvider) {
RequestHeaderAuthenticationFilter requestHeaderAuthenticationFilter = new RequestHeaderAuthenticationFilter();
requestHeaderAuthenticationFilter.setPrincipalRequestHeader("x-nin");
requestHeaderAuthenticationFilter.setAuthenticationManager(authenticationManager());
requestHeaderAuthenticationFilter.setAuthenticationManager(new ProviderManager(Collections.singletonList(preAuthenticatedAuthenticationProvider)));
return requestHeaderAuthenticationFilter;
}

@Bean
PreAuthenticatedAuthenticationProvider preAuthenticatedAuthenticationProvider() {
PreAuthenticatedAuthenticationProvider preAuthenticatedAuthenticationProvider = new PreAuthenticatedAuthenticationProvider();
preAuthenticatedAuthenticationProvider.setPreAuthenticatedUserDetailsService(new UserDetailsByNameServiceWrapper<>(userService));
return preAuthenticatedAuthenticationProvider;
public PreAuthenticatedAuthenticationProvider preAuthenticatedAuthenticationProvider() {
PreAuthenticatedAuthenticationProvider provider = new PreAuthenticatedAuthenticationProvider();
provider.setPreAuthenticatedUserDetailsService(new UserDetailsByNameServiceWrapper<>(userService));
return provider;
}

@Bean
public AccessDecisionManager accessDecisionManager() {
return new UnanimousBased(Collections.singletonList(voter));
}

@Override
protected void configure(HttpSecurity http) throws Exception {
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
.csrf().disable()
.sessionManagement().disable()
.addFilter(requestHeaderAuthenticationFilter())
.addFilter(requestHeaderAuthenticationFilter(preAuthenticatedAuthenticationProvider()))
.authenticationProvider(preAuthenticatedAuthenticationProvider())
.authorizeRequests()
.anyRequest()
.fullyAuthenticated()
.accessDecisionManager(accessDecisionManager());
return http.build();
}
}

0 comments on commit 14cd892

Please sign in to comment.