首頁 探索 說明
註冊 登入
github
/
spring-security
镜像来自 https://github.com/spring-projects/spring-security
2
0
複刻 0
檔案 問題管理 0 Wiki
瀏覽代碼

Merge branch '5.8.x'

Steve Riesenberg 3 年之前
父節點
00584327bd 5bdbc3f78d
當前提交
3eac274317
共有 5 個文件被更改,包括 416 次插入338 次删除
統一視圖 顯示文件統計
  1. 308 248
      config/src/main/kotlin/org/springframework/security/config/annotation/web/HttpSecurityDsl.kt
  2. 13 11
      config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDsl.kt
  3. 50 42
      config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDsl.kt
  4. 23 19
      config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDsl.kt
  5. 22 18
      config/src/main/kotlin/org/springframework/security/config/annotation/web/SessionManagementDsl.kt

+ 308 - 248
config/src/main/kotlin/org/springframework/security/config/annotation/web/HttpSecurityDsl.kt
查看文件 

@@ -34,19 +34,21 @@ import jakarta.servlet.http.HttpServletRequest
 
  * ```
 
  * ```
 
  * @Configuration
 
  * @Configuration
 
  * @EnableWebSecurity
 
  * @EnableWebSecurity
 
- * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+ * class SecurityConfig {
 
  *
 
  *
 
- *  override fun configure(http: HttpSecurity) {
 
- *      http {
 
- *          authorizeRequests {
 
- *              authorize("/public", permitAll)
 
- *              authorize(anyRequest, authenticated)
 
- *          }
 
- *          formLogin {
 
- *              loginPage = "/log-in"
 
- *          }
 
- *      }
 
- *  }
 
+ *     @Bean
 
+ *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+ *         http {
 
+ *             authorizeRequests {
 
+ *                 authorize("/public", permitAll)
 
+ *                 authorize(anyRequest, authenticated)
 
+ *             }
 
+ *             formLogin {
 
+ *                 loginPage = "/log-in"
 
+ *             }
 
+ *         }
 
+ *         return http.build()
 
+ *     }
 
  * }
 
  * }
 
  * ```
 
  * ```
 
  *
 
  *
 
@@ -85,16 +87,18 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          securityMatcher("/private/**")
 
-     *          formLogin {
 
-     *              loginPage = "/log-in"
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             securityMatcher("/private/**")
 
+     *             formLogin {
 
+     *                 loginPage = "/log-in"
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -126,16 +130,18 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          securityMatcher(AntPathRequestMatcher("/private/**"))
 
-     *          formLogin {
 
-     *              loginPage = "/log-in"
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             securityMatcher(AntPathRequestMatcher("/private/**"))
 
+     *             formLogin {
 
+     *                 loginPage = "/log-in"
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -156,15 +162,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          formLogin {
 
-     *              loginPage = "/log-in"
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             formLogin {
 
+     *                 loginPage = "/log-in"
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -185,16 +193,18 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          authorizeRequests {
 
-     *              authorize("/public", permitAll)
 
-     *              authorize(anyRequest, authenticated)
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             authorizeRequests {
 
+     *                 authorize("/public", permitAll)
 
+     *                 authorize(anyRequest, authenticated)
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -217,16 +227,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
      * class SecurityConfig {
 
      * class SecurityConfig {
 
      *
 
      *
 
-     *  @Bean
 
-     *  fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
-     *      http {
 
-     *          authorizeHttpRequests {
 
-     *              authorize("/public", permitAll)
 
-     *              authorize(anyRequest, authenticated)
 
-     *          }
 
-     *      }
 
-     *      return http.build()
 
-     *  }
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             authorizeHttpRequests {
 
+     *                 authorize("/public", permitAll)
 
+     *                 authorize(anyRequest, authenticated)
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -248,15 +258,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          httpBasic {
 
-     *              realmName = "Custom Realm"
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             httpBasic {
 
+     *                 realmName = "Custom Realm"
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -277,15 +289,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          passwordManagement {
 
-     *              changePasswordPage = "/custom-change-password-page"
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             passwordManagement {
 
+     *                 changePasswordPage = "/custom-change-password-page"
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -307,17 +321,19 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          headers {
 
-     *              referrerPolicy {
 
-     *                  policy = ReferrerPolicy.SAME_ORIGIN
 
-     *              }
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             headers {
 
+     *                 referrerPolicy {
 
+     *                     policy = ReferrerPolicy.SAME_ORIGIN
 
+     *                 }
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -338,15 +354,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          cors {
 
-     *              disable()
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             cors {
 
+     *                 disable()
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -367,18 +385,20 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          sessionManagement {
 
-     *              invalidSessionUrl = "/invalid-session"
 
-     *              sessionConcurrency {
 
-     *                  maximumSessions = 1
 
-     *              }
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             sessionManagement {
 
+     *                 invalidSessionUrl = "/invalid-session"
 
+     *                 sessionConcurrency {
 
+     *                     maximumSessions = 1
 
+     *                 }
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -399,15 +419,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          portMapper {
 
-     *              map(80, 443)
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             portMapper {
 
+     *                 map(80, 443)
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -428,16 +450,18 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          requiresChannel {
 
-     *              secure("/public", requiresInsecure)
 
-     *              secure(anyRequest, requiresSecure)
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             requiresChannel {
 
+     *                 secure("/public", requiresInsecure)
 
+     *                 secure(anyRequest, requiresSecure)
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -458,13 +482,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          x509 { }
 
-     *      }
 
-     *  }
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             x509 { }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -486,13 +512,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          requestCache { }
 
-     *      }
 
-     *  }
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             requestCache { }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -513,15 +541,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          exceptionHandling {
 
-     *              accessDeniedPage = "/access-denied"
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             exceptionHandling {
 
+     *                 accessDeniedPage = "/access-denied"
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -542,13 +572,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          csrf { }
 
-     *      }
 
-     *  }
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             csrf { }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -568,15 +600,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          logout {
 
-     *              logoutUrl = "/log-out"
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             logout {
 
+     *                 logoutUrl = "/log-out"
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -599,15 +633,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          saml2Login {
 
-     *              relyingPartyRegistration = getSaml2RelyingPartyRegistration()
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             saml2Login {
 
+     *                 relyingPartyRegistration = getSaml2RelyingPartyRegistration()
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -628,15 +664,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          anonymous {
 
-     *              authorities = listOf(SimpleGrantedAuthority("ROLE_ANON"))
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             anonymous {
 
+     *                 authorities = listOf(SimpleGrantedAuthority("ROLE_ANON"))
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -659,15 +697,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          oauth2Login {
 
-     *              clientRegistrationRepository = getClientRegistrationRepository()
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             oauth2Login {
 
+     *                 clientRegistrationRepository = getClientRegistrationRepository()
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -688,13 +728,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          oauth2Client { }
 
-     *      }
 
-     *  }
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             oauth2Client { }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -715,15 +757,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          oauth2ResourceServer {
 
-     *              jwt { }
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             oauth2ResourceServer {
 
+     *                 jwt { }
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -744,15 +788,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          rememberMe {
 
-     *              tokenValiditySeconds = 604800
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             rememberMe {
 
+     *                 tokenValiditySeconds = 604800
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -772,13 +818,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          addFilterAt(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
 
-     *      }
 
-     *  }
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             addFilterAt(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -800,12 +848,14 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *     override fun configure(http: HttpSecurity) {
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
      *         http {
 
      *         http {
 
      *             addFilterAt<UsernamePasswordAuthenticationFilter>(CustomFilter())
 
      *             addFilterAt<UsernamePasswordAuthenticationFilter>(CustomFilter())
 
      *         }
 
      *         }
 
+     *         return http.build()
 
      *     }
 
      *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
@@ -827,13 +877,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          addFilterAfter(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
 
-     *      }
 
-     *  }
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             addFilterAfter(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -855,12 +907,14 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *     override fun configure(http: HttpSecurity) {
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
      *         http {
 
      *         http {
 
      *             addFilterAfter<UsernamePasswordAuthenticationFilter>(CustomFilter())
 
      *             addFilterAfter<UsernamePasswordAuthenticationFilter>(CustomFilter())
 
      *         }
 
      *         }
 
+     *         return http.build()
 
      *     }
 
      *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
@@ -882,13 +936,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      http {
 
-     *          addFilterBefore(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
 
-     *      }
 
-     *  }
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             addFilterBefore(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -910,13 +966,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *    override fun configure(http: HttpSecurity) {
 
-     *        http {
 
-     *            addFilterBefore<UsernamePasswordAuthenticationFilter>(CustomFilter())
 
-     *        }
 
-     *    }
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             addFilterBefore<UsernamePasswordAuthenticationFilter>(CustomFilter())
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -945,15 +1003,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *  override fun configure(http: HttpSecurity) {
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
      *        http {
 
      *        http {
 
      *           securityContext {
 
      *           securityContext {
 
      *               securityContextRepository = SECURITY_CONTEXT_REPOSITORY
 
      *               securityContextRepository = SECURITY_CONTEXT_REPOSITORY
 
      *           }
 
      *           }
 
      *        }
 
      *        }
 
-     *  }
 
+     *        return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      * @author Norbert Nowak
 
      * @author Norbert Nowak

+ 13 - 11
config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDsl.kt
查看文件 

@@ -1,5 +1,5 @@
 
 /*
 
 /*
 
- * Copyright 2002-2020 the original author or authors.
 
+ * Copyright 2002-2022 the original author or authors.
 
  *
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
  * you may not use this file except in compliance with the License.
 
@@ -66,17 +66,19 @@ class OAuth2ClientDsl {
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      httpSecurity(http) {
 
-     *          oauth2Client {
 
-     *              authorizationCodeGrant {
 
-     *                  authorizationRequestResolver = getAuthorizationRequestResolver()
 
-     *              }
 
-     *          }
 
-     *      }
 
-     *  }
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             oauth2Client {
 
+     *                 authorizationCodeGrant {
 
+     *                     authorizationRequestResolver = getAuthorizationRequestResolver()
 
+     *                 }
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *

+ 50 - 42
config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDsl.kt
查看文件 

@@ -1,5 +1,5 @@
 
 /*
 
 /*
 
- * Copyright 2002-2020 the original author or authors.
 
+ * Copyright 2002-2022 the original author or authors.
 
  *
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
  * you may not use this file except in compliance with the License.
 
@@ -97,17 +97,19 @@ class OAuth2LoginDsl {
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      httpSecurity(http) {
 
-     *          oauth2Login {
 
-     *              authorizationEndpoint {
 
-     *                  baseUri = "/auth"
 
-     *              }
 
-     *          }
 
-     *      }
 
-     *  }
 
+     * class SecurityConfig {
 
+     *
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             oauth2Login {
 
+     *                 authorizationEndpoint {
 
+     *                     baseUri = "/auth"
 
+     *                 }
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -127,16 +129,18 @@ class OAuth2LoginDsl {
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      httpSecurity(http) {
 
-     *          oauth2Login {
 
-     *              tokenEndpoint {
 
-     *                  accessTokenResponseClient = getAccessTokenResponseClient()
 
-     *              }
 
-     *          }
 
-     *      }
 
+     * class SecurityConfig {
 
+     *
 
+     *  @Bean
 
+     *  fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             oauth2Login {
 
+     *                 tokenEndpoint {
 
+     *                     accessTokenResponseClient = getAccessTokenResponseClient()
 
+     *                 }
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
      *  }
 
      *  }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
@@ -157,16 +161,18 @@ class OAuth2LoginDsl {
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      httpSecurity(http) {
 
-     *          oauth2Login {
 
-     *              redirectionEndpoint {
 
-     *                  baseUri = "/home"
 
-     *              }
 
-     *          }
 
-     *      }
 
+     * class SecurityConfig {
 
+     *
 
+     *  @Bean
 
+     *  fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             oauth2Login {
 
+     *                 redirectionEndpoint {
 
+     *                     baseUri = "/home"
 
+     *                 }
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
      *  }
 
      *  }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
@@ -187,16 +193,18 @@ class OAuth2LoginDsl {
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
-     *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      httpSecurity(http) {
 
-     *          oauth2Login {
 
-     *              userInfoEndpoint {
 
-     *                  userService = getUserService()
 
-     *              }
 
-     *          }
 
-     *      }
 
+     * class SecurityConfig {
 
+     *
 
+     *  @Bean
 
+     *  fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             oauth2Login {
 
+     *                 userInfoEndpoint {
 
+     *                     userService = getUserService()
 
+     *                 }
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
      *  }
 
      *  }
 
      * }
 
      * }
 
      * ```
 
      * ```

+ 23 - 19
config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDsl.kt
查看文件 

@@ -1,5 +1,5 @@
 
 /*
 
 /*
 
- * Copyright 2002-2020 the original author or authors.
 
+ * Copyright 2002-2022 the original author or authors.
 
  *
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
  * you may not use this file except in compliance with the License.
 
@@ -57,17 +57,19 @@ class OAuth2ResourceServerDsl {
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      httpSecurity(http) {
 
-     *          oauth2ResourceServer {
 
-     *              jwt {
 
-     *                  jwkSetUri = "https://example.com/oauth2/jwk"
 
-     *              }
 
-     *          }
 
-     *      }
 
-     *  }
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             oauth2ResourceServer {
 
+     *                 jwt {
 
+     *                     jwkSetUri = "https://example.com/oauth2/jwk"
 
+     *                 }
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *
 
@@ -86,15 +88,17 @@ class OAuth2ResourceServerDsl {
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      httpSecurity(http) {
 
-     *          oauth2ResourceServer {
 
-     *              opaqueToken { }
 
-     *          }
 
-     *      }
 
-     *  }
 
+     *     @Bean
 
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             oauth2ResourceServer {
 
+     *                 opaqueToken { }
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
+     *     }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
      *
 
      *

+ 22 - 18
config/src/main/kotlin/org/springframework/security/config/annotation/web/SessionManagementDsl.kt
查看文件 

@@ -1,5 +1,5 @@
 
 /*
 
 /*
 
- * Copyright 2002-2020 the original author or authors.
 
+ * Copyright 2002-2022 the original author or authors.
 
  *
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
  * you may not use this file except in compliance with the License.
 
@@ -52,14 +52,16 @@ class SessionManagementDsl {
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      httpSecurity(http) {
 
-     *          sessionManagement {
 
-     *              sessionFixation { }
 
-     *          }
 
-     *      }
 
+     *  @Bean
 
+     *  fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             sessionManagement {
 
+     *                 sessionFixation { }
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
      *  }
 
      *  }
 
      * }
 
      * }
 
      * ```
 
      * ```
 
@@ -80,17 +82,19 @@ class SessionManagementDsl {
 
      * ```
 
      * ```
 
      * @Configuration
 
      * @Configuration
 
      * @EnableWebSecurity
 
      * @EnableWebSecurity
 
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
 
+     * class SecurityConfig {
 
      *
 
      *
 
-     *  override fun configure(http: HttpSecurity) {
 
-     *      httpSecurity(http) {
 
-     *          sessionManagement {
 
-     *              sessionConcurrency {
 
-     *                  maximumSessions = 1
 
-     *                  maxSessionsPreventsLogin = true
 
-     *              }
 
-     *          }
 
-     *      }
 
+     *  @Bean
 
+     *  fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
 
+     *         http {
 
+     *             sessionManagement {
 
+     *                 sessionConcurrency {
 
+     *                     maximumSessions = 1
 
+     *                     maxSessionsPreventsLogin = true
 
+     *                 }
 
+     *             }
 
+     *         }
 
+     *         return http.build()
 
      *  }
 
      *  }
 
      * }
 
      * }
 
      * ```
 
      * ```