fix usage of Spring Security deprecated code

jonathanlermitage · Jul 11, 2023 · 86a8eaf · 86a8eaf
1 parent 9e3ad27
commit 86a8eaf
Showing 1 changed file with 14 additions and 11 deletions.
diff --git a/src/main/java/manon/app/config/SecurityConfig.java b/src/main/java/manon/app/config/SecurityConfig.java
@@ -7,13 +7,13 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.config.annotation.ObjectPostProcessor;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
+import org.springframework.security.config.annotation.authentication.configuration.EnableGlobalAuthentication;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
-import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.web.cors.CorsConfiguration;
@@ -35,24 +35,27 @@
 // Migrated to Spring Security 5.7: WebSecurityConfigurerAdapter has been deprecated.
 // See https://spring.io/blog/2022/02/21/spring-security-without-the-websecurityconfigureradapter for help with migration.
 @Configuration
+@EnableGlobalAuthentication
+@EnableMethodSecurity
 @EnableWebSecurity
 @Order(HIGHEST_PRECEDENCE)
-@EnableMethodSecurity
 @RequiredArgsConstructor
 public class SecurityConfig {
 
     private static final String ACTUATOR = UserRole.ACTUATOR.name();
     private static final String ADMIN = UserRole.ADMIN.name();
     private static final String PLAYER = UserRole.PLAYER.name();
 
+    private final AuthenticationConfiguration authenticationConfiguration;
+
+    @Bean
+    public AuthenticationManager authenticationManager() throws Exception {
+        return authenticationConfiguration.getAuthenticationManager();
+    }
+
     @Bean
-    public AuthenticationManager globalAuthenticationManagerBean(ObjectPostProcessor<Object> objectPostProcessor,
-                                                                 UserDetailsService userDetailsService,
-                                                                 PasswordEncoderService passwordEncoderService) throws Exception {
-        return new AuthenticationManagerBuilder(objectPostProcessor)
-            .userDetailsService(userDetailsService)
-            .passwordEncoder(passwordEncoderService.getEncoder())
-            .and().build();
+    public PasswordEncoder passwordEncoder(PasswordEncoderService passwordEncoderService) {
+        return passwordEncoderService.getEncoder();
     }
 
     @Bean