8 年前 · 1cec497a50
--- a/config/src/main/java/org/springframework/security/config/web/server/AuthorizeExchangeBuilder.java
+++ b/config/src/main/java/org/springframework/security/config/web/server/AuthorizeExchangeBuilder.java
@@ -63,29 +63,30 @@ public class AuthorizeExchangeBuilder extends AbstractServerWebExchangeMatcherRe
 
				 
			
 
				 	public final class Access {
			
 
				 
			
 
				-		public void permitAll() {
			
 
				-			access( (a,e) -> Mono.just(new AuthorizationDecision(true)));
			
 
				+		public AuthorizeExchangeBuilder permitAll() {
			
 
				+			return access( (a,e) -> Mono.just(new AuthorizationDecision(true)));
			
 
				 		}
			
 
				 
			
 
				-		public void denyAll() {
			
 
				-			access( (a,e) -> Mono.just(new AuthorizationDecision(false)));
			
 
				+		public AuthorizeExchangeBuilder denyAll() {
			
 
				+			return access( (a,e) -> Mono.just(new AuthorizationDecision(false)));
			
 
				 		}
			
 
				 
			
 
				-		public void hasRole(String role) {
			
 
				-			access(AuthorityAuthorizationManager.hasRole(role));
			
 
				+		public AuthorizeExchangeBuilder hasRole(String role) {
			
 
				+			return access(AuthorityAuthorizationManager.hasRole(role));
			
 
				 		}
			
 
				 
			
 
				-		public void hasAuthority(String authority) {
			
 
				-			access(AuthorityAuthorizationManager.hasAuthority(authority));
			
 
				+		public AuthorizeExchangeBuilder hasAuthority(String authority) {
			
 
				+			return access(AuthorityAuthorizationManager.hasAuthority(authority));
			
 
				 		}
			
 
				 
			
 
				-		public void authenticated() {
			
 
				-			access(AuthenticatedAuthorizationManager.authenticated());
			
 
				+		public AuthorizeExchangeBuilder authenticated() {
			
 
				+			return access(AuthenticatedAuthorizationManager.authenticated());
			
 
				 		}
			
 
				 
			
 
				-		public void access(ReactiveAuthorizationManager<AuthorizationContext> manager) {
			
 
				+		public AuthorizeExchangeBuilder access(ReactiveAuthorizationManager<AuthorizationContext> manager) {
			
 
				 			managerBldr.add(matcher, manager);
			
 
				 			matcher = null;
			
 
				+			return AuthorizeExchangeBuilder.this;
			
 
				 		}
			
 
				 	}
			
 
				 }
			
--- a/samples/javaconfig/hellowebflux/src/main/java/sample/SecurityConfig.java
+++ b/samples/javaconfig/hellowebflux/src/main/java/sample/SecurityConfig.java
@@ -21,7 +21,6 @@ package sample;
 
				 import org.springframework.context.annotation.Bean;
			
 
				 import org.springframework.security.authorization.AuthorizationDecision;
			
 
				 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
			
 
				-import org.springframework.security.config.web.server.AuthorizeExchangeBuilder;
			
 
				 import org.springframework.security.config.web.server.HttpSecurity;
			
 
				 import org.springframework.security.core.Authentication;
			
 
				 import org.springframework.security.web.server.authorization.AuthorizationContext;
			
@@ -39,10 +38,11 @@ public class SecurityConfig {
 
				 	WebFilter springSecurityFilterChain(HttpSecurity http) throws Exception {
			
 
				 		http.httpBasic();
			
 
				 
			
 
				-		AuthorizeExchangeBuilder authorize = http.authorizeExchange();
			
 
				-		authorize.antMatchers("/admin/**").hasRole("ADMIN");
			
 
				-		authorize.antMatchers("/users/{user}/**").access(this::currentUserMatchesPath);
			
 
				-		authorize.anyExchange().authenticated();
			
 
				+		http.authorizeExchange()
			
 
				+			.antMatchers("/admin/**").hasRole("ADMIN")
			
 
				+			.antMatchers("/users/{user}/**").access(this::currentUserMatchesPath)
			
 
				+			.anyExchange().authenticated();
			
 
				+
			
 
				 		return http.build();
			
 
				 	}
			
 
				 
			
--- a/samples/javaconfig/hellowebfluxfn/src/main/java/sample/SecurityConfig.java
+++ b/samples/javaconfig/hellowebfluxfn/src/main/java/sample/SecurityConfig.java
@@ -21,7 +21,6 @@ package sample;
 
				 import org.springframework.context.annotation.Bean;
			
 
				 import org.springframework.security.authorization.AuthorizationDecision;
			
 
				 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
			
 
				-import org.springframework.security.config.web.server.AuthorizeExchangeBuilder;
			
 
				 import org.springframework.security.config.web.server.HttpSecurity;
			
 
				 import org.springframework.security.core.Authentication;
			
 
				 import org.springframework.security.web.server.authorization.AuthorizationContext;
			
@@ -39,10 +38,11 @@ public class SecurityConfig {
 
				 	WebFilter springSecurityFilterChain(HttpSecurity http) throws Exception {
			
 
				 		http.httpBasic();
			
 
				 
			
 
				-		AuthorizeExchangeBuilder authorize = http.authorizeExchange();
			
 
				-		authorize.antMatchers("/admin/**").hasRole("ADMIN");
			
 
				-		authorize.antMatchers("/users/{user}/**").access(this::currentUserMatchesPath);
			
 
				-		authorize.anyExchange().authenticated();
			
 
				+		http.authorizeExchange()
			
 
				+			.antMatchers("/admin/**").hasRole("ADMIN")
			
 
				+			.antMatchers("/users/{user}/**").access(this::currentUserMatchesPath)
			
 
				+			.anyExchange().authenticated();
			
 
				+
			
 
				 		return http.build();
			
 
				 	}