/** * Sets the repository of client registrations. * * @param clientRegistrationRepository the repository of client registrations * @return the {@link OAuth2LoginConfigurer} for further configuration */ public OAuth2LoginConfigurer<B> clientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository) { Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null"); this.getBuilder().setSharedObject(ClientRegistrationRepository.class, clientRegistrationRepository); return this; }
/** * Allows explicit configuration of the {@link RequestCache} to be used. Defaults to * try finding a {@link RequestCache} as a shared object. Then falls back to a * {@link HttpSessionRequestCache}. * * @param requestCache the explicit {@link RequestCache} to use * @return the {@link RequestCacheConfigurer} for further customization */ public RequestCacheConfigurer<H> requestCache(RequestCache requestCache) { getBuilder().setSharedObject(RequestCache.class, requestCache); return this; }
/** * Sets the repository of client registrations. * * @param clientRegistrationRepository the repository of client registrations * @return the {@link OAuth2ClientConfigurer} for further configuration */ public OAuth2ClientConfigurer<B> clientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository) { Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null"); this.getBuilder().setSharedObject(ClientRegistrationRepository.class, clientRegistrationRepository); return this; }
/** * Sets the repository for authorized client(s). * * @param authorizedClientRepository the authorized client repository * @return the {@link OAuth2ClientConfigurer} for further configuration */ public OAuth2ClientConfigurer<B> authorizedClientRepository(OAuth2AuthorizedClientRepository authorizedClientRepository) { Assert.notNull(authorizedClientRepository, "authorizedClientRepository cannot be null"); this.getBuilder().setSharedObject(OAuth2AuthorizedClientRepository.class, authorizedClientRepository); return this; }
/** * Sets the repository for authorized client(s). * * @since 5.1 * @param authorizedClientRepository the authorized client repository * @return the {@link OAuth2LoginConfigurer} for further configuration */ public OAuth2LoginConfigurer<B> authorizedClientRepository(OAuth2AuthorizedClientRepository authorizedClientRepository) { Assert.notNull(authorizedClientRepository, "authorizedClientRepository cannot be null"); this.getBuilder().setSharedObject(OAuth2AuthorizedClientRepository.class, authorizedClientRepository); return this; }
/** * Specifies the shared {@link SecurityContextRepository} that is to be used * @param securityContextRepository the {@link SecurityContextRepository} to use * @return the {@link HttpSecurity} for further customizations */ public SecurityContextConfigurer<H> securityContextRepository( SecurityContextRepository securityContextRepository) { getBuilder().setSharedObject(SecurityContextRepository.class, securityContextRepository); return this; }
/** * Sets the repository of client registrations. * * @param clientRegistrationRepository the repository of client registrations * @return the {@link ImplicitGrantConfigurer} for further configuration */ public ImplicitGrantConfigurer<B> clientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository) { Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null"); this.getBuilder().setSharedObject(ClientRegistrationRepository.class, clientRegistrationRepository); return this; }
@Override public void init(H http) throws Exception { http.setSharedObject(RequestCache.class, getRequestCache(http)); }
@Override public void init(H http) throws Exception { http.setSharedObject(PortMapper.class, getPortMapper()); }
static <B extends HttpSecurityBuilder<B>> ClientRegistrationRepository getClientRegistrationRepository(B builder) { ClientRegistrationRepository clientRegistrationRepository = builder.getSharedObject(ClientRegistrationRepository.class); if (clientRegistrationRepository == null) { clientRegistrationRepository = getClientRegistrationRepositoryBean(builder); builder.setSharedObject(ClientRegistrationRepository.class, clientRegistrationRepository); } return clientRegistrationRepository; }
@Override public void init(H http) throws Exception { Function<HttpServletRequest, Map<String, String>> hiddenInputs = request -> { CsrfToken token = (CsrfToken) request.getAttribute(CsrfToken.class.getName()); if (token == null) { return Collections.emptyMap(); } return Collections.singletonMap(token.getParameterName(), token.getToken()); }; this.loginPageGeneratingFilter.setResolveHiddenInputs(hiddenInputs); this.logoutPageGeneratingFilter.setResolveHiddenInputs(hiddenInputs); http.setSharedObject(DefaultLoginPageGeneratingFilter.class, loginPageGeneratingFilter); }
@Override public H disable() { getBuilder().setSharedObject(RequestCache.class, new NullRequestCache()); return super.disable(); }
static <B extends HttpSecurityBuilder<B>> OAuth2AuthorizedClientRepository getAuthorizedClientRepository(B builder) { OAuth2AuthorizedClientRepository authorizedClientRepository = builder.getSharedObject(OAuth2AuthorizedClientRepository.class); if (authorizedClientRepository == null) { authorizedClientRepository = getAuthorizedClientRepositoryBean(builder); if (authorizedClientRepository == null) { authorizedClientRepository = new AuthenticatedPrincipalOAuth2AuthorizedClientRepository( getAuthorizedClientService((builder))); } builder.setSharedObject(OAuth2AuthorizedClientRepository.class, authorizedClientRepository); } return authorizedClientRepository; }
private GrantedAuthoritiesMapper getGrantedAuthoritiesMapper() { GrantedAuthoritiesMapper grantedAuthoritiesMapper = this.getBuilder().getSharedObject(GrantedAuthoritiesMapper.class); if (grantedAuthoritiesMapper == null) { grantedAuthoritiesMapper = this.getGrantedAuthoritiesMapperBean(); if (grantedAuthoritiesMapper != null) { this.getBuilder().setSharedObject(GrantedAuthoritiesMapper.class, grantedAuthoritiesMapper); } } return grantedAuthoritiesMapper; }
http.setSharedObject(SecurityContextRepository.class, new NullSecurityContextRepository()); httpSecurityRepository.setTrustResolver(trustResolver); http.setSharedObject(SecurityContextRepository.class, httpSecurityRepository); if (requestCache == null) { if (stateless) { http.setSharedObject(RequestCache.class, new NullRequestCache()); http.setSharedObject(SessionAuthenticationStrategy.class, getSessionAuthenticationStrategy(http)); http.setSharedObject(InvalidSessionStrategy.class, getInvalidSessionStrategy());
@Override public void init(H http) throws Exception { PreAuthenticatedAuthenticationProvider authenticationProvider = new PreAuthenticatedAuthenticationProvider(); authenticationProvider.setPreAuthenticatedUserDetailsService(getAuthenticationUserDetailsService(http)); http .authenticationProvider(authenticationProvider) .setSharedObject(AuthenticationEntryPoint.class, new Http403ForbiddenEntryPoint()); } // @formatter:on
@Override public void configure(H http) throws Exception { FilterInvocationSecurityMetadataSource metadataSource = createMetadataSource(http); if (metadataSource == null) { return; } FilterSecurityInterceptor securityInterceptor = createFilterSecurityInterceptor( http, metadataSource, http.getSharedObject(AuthenticationManager.class)); if (filterSecurityInterceptorOncePerRequest != null) { securityInterceptor .setObserveOncePerRequest(filterSecurityInterceptorOncePerRequest); } securityInterceptor = postProcess(securityInterceptor); http.addFilter(securityInterceptor); http.setSharedObject(FilterSecurityInterceptor.class, securityInterceptor); }
/** * Populates a {@link PreAuthenticatedAuthenticationProvider} into * {@link HttpSecurity#authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)} * and a {@link Http403ForbiddenEntryPoint} into * {@link HttpSecurityBuilder#setSharedObject(Class, Object)} * * @see org.springframework.security.config.annotation.SecurityConfigurerAdapter#init(org.springframework.security.config.annotation.SecurityBuilder) */ @Override public void init(H http) throws Exception { PreAuthenticatedAuthenticationProvider authenticationProvider = new PreAuthenticatedAuthenticationProvider(); authenticationProvider .setPreAuthenticatedUserDetailsService(getUserDetailsService()); authenticationProvider = postProcess(authenticationProvider); // @formatter:off http .authenticationProvider(authenticationProvider) .setSharedObject(AuthenticationEntryPoint.class, new Http403ForbiddenEntryPoint()); // @formatter:on }
@SuppressWarnings("unchecked") @Override public void init(H http) throws Exception { validateInput(); String key = getKey(); RememberMeServices rememberMeServices = getRememberMeServices(http, key); http.setSharedObject(RememberMeServices.class, rememberMeServices); LogoutConfigurer<H> logoutConfigurer = http.getConfigurer(LogoutConfigurer.class); if (logoutConfigurer != null && this.logoutHandler != null) { logoutConfigurer.addLogoutHandler(this.logoutHandler); } RememberMeAuthenticationProvider authenticationProvider = new RememberMeAuthenticationProvider( key); authenticationProvider = postProcess(authenticationProvider); http.authenticationProvider(authenticationProvider); initDefaultLoginFilter(http); }
/** * Specifies the shared {@link SecurityContextRepository} that is to be used * @param securityContextRepository the {@link SecurityContextRepository} to use * @return the {@link HttpSecurity} for further customizations */ public SecurityContextConfigurer<H> securityContextRepository( SecurityContextRepository securityContextRepository) { getBuilder().setSharedObject(SecurityContextRepository.class, securityContextRepository); return this; }