Skip to content

Commit

Permalink
Update formLogin() sample
Browse files Browse the repository at this point in the history
  • Loading branch information
jgrandja committed Dec 21, 2023
1 parent 7f0a3a4 commit b06aac9
Show file tree
Hide file tree
Showing 6 changed files with 84 additions and 14 deletions.
1 change: 1 addition & 0 deletions samples/form-login/samples-form-login.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ dependencies {
implementation "org.springframework.boot:spring-boot-starter-web"
implementation "org.springframework.boot:spring-boot-starter-security"
implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
implementation project(':spring-security-config-feature')

testImplementation "org.springframework.boot:spring-boot-starter-test"
testImplementation "org.springframework.security:spring-security-test"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package sample;

import org.springframework.boot.SpringApplication;
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
/*
* Copyright 2002-2023 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package sample.config;

import java.util.Arrays;
import java.util.List;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.feature.configure.AuthenticationFeatureConfigurer;
import org.springframework.security.config.feature.configure.AuthorizationFeatureConfigurer;
import org.springframework.security.config.feature.configure.Configurable;
import org.springframework.security.config.feature.configure.FeatureConfigurationContext;
import org.springframework.security.config.feature.configure.FeatureConfigurer;
import org.springframework.security.config.feature.model.Feature;
import org.springframework.security.config.feature.model.SecurityProfile;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
public class FeatureConfiguration {

@Bean
public List<FeatureConfigurer> featureConfigurers() {
return Arrays.asList(
new AuthenticationFeatureConfigurer(),
new AuthorizationFeatureConfigurer());
}

@Bean
public SecurityFilterChain securityFilterChain(SecurityProfile securityProfile, List<FeatureConfigurer> featureConfigurers,
HttpSecurity httpSecurity) throws Exception {

Configurable<HttpSecurity> configurable = () -> httpSecurity;

for (Feature feature : securityProfile.getFeatures()) {
for (FeatureConfigurer featureConfigurer : featureConfigurers) {
featureConfigurer.configure(new FeatureConfigurationContextImpl(feature, configurable));
}
}

return httpSecurity.build();
}

private record FeatureConfigurationContextImpl(Feature feature, Configurable<?> configurable) implements FeatureConfigurationContext {
}

}
32 changes: 18 additions & 14 deletions samples/form-login/src/main/java/sample/config/SecurityConfig.java
Original file line number Diff line number Diff line change
Expand Up @@ -16,34 +16,38 @@

package sample.config;

import java.util.List;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.context.annotation.Import;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.feature.dsl.DefaultSecurityProfileDsl;
import org.springframework.security.config.feature.model.SecurityProfile;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;

@Import(FeatureConfiguration.class)
@Configuration
@EnableWebSecurity
public class SecurityConfig {

// @formatter:off
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests((authorize) -> authorize
.requestMatchers("/assets/**", "/login", "/login-error").permitAll()
.anyRequest().authenticated()
)
.formLogin((formLogin) -> formLogin
.loginPage("/login")
.defaultSuccessUrl("/index", true)
.failureUrl("/login-error")
);
return http.build();
public SecurityProfile securityProfile() {
return new DefaultSecurityProfileDsl()
.formAuthentication((configurationOptions) -> {
configurationOptions.setLoginPage("/login");
configurationOptions.setDefaultSuccessUrl("/index");
configurationOptions.setDefaultSuccessUrlAlwaysUse(true);
configurationOptions.setFailureUrl("/login-error");
})
.urlAuthorization((configurationOptions) -> {
configurationOptions.setAllowed(List.of("/assets/**", "/login", "/login-error"));
})
.build();
}
// @formatter:on

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package sample.web;

import org.springframework.stereotype.Controller;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package sample.web;

import org.springframework.stereotype.Controller;
Expand Down

0 comments on commit b06aac9

Please sign in to comment.