From cf68c5c771fdc3a8d7ec057857ab83749e61f3ee Mon Sep 17 00:00:00 2001
From: DOHA <dohae243@gmail.com>
Date: Thu, 6 Jun 2019 14:46:56 +0200
Subject: [PATCH] upgrade spring security cloud

---
 .../spring-cloud-security/auth-client/pom.xml    | 16 ++++++++++------
 .../src/main/resources/application.properties    |  0
 .../src/main/resources/application.yml           |  4 +++-
 .../spring-cloud-security/auth-resource/pom.xml  |  8 +++++---
 .../com/baeldung/config/ResourceConfigurer.java  | 11 +++++++----
 .../src/main/resources/application.yml           |  1 -
 .../spring-cloud-security/auth-server/pom.xml    |  2 +-
 .../baeldung/config/AuthServerConfigurer.java    | 12 +++++++-----
 .../{WebMvcConfigurer.java => WebMvcConfig.java} |  4 ++--
 .../baeldung/config/WebSecurityConfigurer.java   |  8 ++++++--
 .../src/main/resources/application.yml           | 12 +++---------
 spring-cloud/spring-cloud-security/pom.xml       |  4 ++--
 12 files changed, 46 insertions(+), 36 deletions(-)
 delete mode 100644 spring-cloud/spring-cloud-security/auth-client/src/main/resources/application.properties
 rename spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/{WebMvcConfigurer.java => WebMvcConfig.java} (83%)

diff --git a/spring-cloud/spring-cloud-security/auth-client/pom.xml b/spring-cloud/spring-cloud-security/auth-client/pom.xml
index 4f64f470f043..415255264048 100644
--- a/spring-cloud/spring-cloud-security/auth-client/pom.xml
+++ b/spring-cloud/spring-cloud-security/auth-client/pom.xml
@@ -24,7 +24,7 @@
         </dependency>
         <dependency>
             <groupId>org.springframework.cloud</groupId>
-            <artifactId>spring-cloud-starter-zuul</artifactId>
+            <artifactId>spring-cloud-starter-netflix-zuul</artifactId>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -34,14 +34,16 @@
         <dependency>
             <groupId>org.webjars</groupId>
             <artifactId>jquery</artifactId>
+            <version>${jquery.version}</version>
         </dependency>
         <dependency>
             <groupId>org.webjars</groupId>
             <artifactId>bootstrap</artifactId>
+            <version>${bootstrap.version}</version>
         </dependency>
         <dependency>
             <groupId>org.webjars</groupId>
-            <artifactId>webjars-locator</artifactId>
+            <artifactId>webjars-locator-core</artifactId>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -62,8 +64,8 @@
             <artifactId>spring-boot-starter-thymeleaf</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.springframework.security.oauth</groupId>
-            <artifactId>spring-security-oauth2</artifactId>
+            <groupId>org.springframework.security.oauth.boot</groupId>
+            <artifactId>spring-security-oauth2-autoconfigure</artifactId>
         </dependency>
     </dependencies>
 
@@ -89,8 +91,10 @@
     </dependencyManagement>
 
     <properties>
-        <js-cookie.version>2.1.0</js-cookie.version>
-        <spring-cloud.version>Dalston.SR4</spring-cloud.version>
+        <js-cookie.version>2.2.0</js-cookie.version>
+        <spring-cloud.version>Greenwich.SR1</spring-cloud.version>
+        <jquery.version>3.4.1</jquery.version>
+        <bootstrap.version>4.3.1</bootstrap.version>
     </properties>
 
 </project>
diff --git a/spring-cloud/spring-cloud-security/auth-client/src/main/resources/application.properties b/spring-cloud/spring-cloud-security/auth-client/src/main/resources/application.properties
deleted file mode 100644
index e69de29bb2d1..000000000000
diff --git a/spring-cloud/spring-cloud-security/auth-client/src/main/resources/application.yml b/spring-cloud/spring-cloud-security/auth-client/src/main/resources/application.yml
index 2a758faeae97..69617555d9f4 100644
--- a/spring-cloud/spring-cloud-security/auth-client/src/main/resources/application.yml
+++ b/spring-cloud/spring-cloud-security/auth-client/src/main/resources/application.yml
@@ -2,7 +2,8 @@
 # These are default settings, but we add them for clarity.
 server:
   port: 8080
-  contextPath: /
+  servlet:
+    context-path: /
 
 # Configure the Authorization Server and User Info Resource Server details
 security:
@@ -21,6 +22,7 @@ person:
 # Proxies the calls to http://localhost:8080/api/* to our REST service at http://localhost:8081/*
 # and automatically includes our OAuth2 token in the request headers
 zuul:
+  sensitiveHeaders: Cookie,Set-Cookie  
   routes:
     resource:
       path: /api/**
diff --git a/spring-cloud/spring-cloud-security/auth-resource/pom.xml b/spring-cloud/spring-cloud-security/auth-resource/pom.xml
index 22ee0528c304..a60eca740cef 100644
--- a/spring-cloud/spring-cloud-security/auth-resource/pom.xml
+++ b/spring-cloud/spring-cloud-security/auth-resource/pom.xml
@@ -19,8 +19,8 @@
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.springframework.security.oauth</groupId>
-            <artifactId>spring-security-oauth2</artifactId>
+            <groupId>org.springframework.security.oauth.boot</groupId>
+            <artifactId>spring-security-oauth2-autoconfigure</artifactId>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -30,6 +30,7 @@
         <dependency>
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-jwt</artifactId>
+            <version>${spring-jwt.version}</version>
         </dependency>
     </dependencies>
 
@@ -55,7 +56,8 @@
     </build>
 
     <properties>
-        <spring-cloud.version>Edgware.RELEASE</spring-cloud.version>
+        <spring-cloud.version>Greenwich.SR1</spring-cloud.version>
+        <spring-jwt.version>1.0.10.RELEASE</spring-jwt.version>
     </properties>
 
 </project>
diff --git a/spring-cloud/spring-cloud-security/auth-resource/src/main/java/com/baeldung/config/ResourceConfigurer.java b/spring-cloud/spring-cloud-security/auth-resource/src/main/java/com/baeldung/config/ResourceConfigurer.java
index 977d74093ab6..abe942325fd5 100644
--- a/spring-cloud/spring-cloud-security/auth-resource/src/main/java/com/baeldung/config/ResourceConfigurer.java
+++ b/spring-cloud/spring-cloud-security/auth-resource/src/main/java/com/baeldung/config/ResourceConfigurer.java
@@ -3,7 +3,7 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 
@@ -11,15 +11,18 @@
  *  REST API Resource Server.
  */
 @Configuration
-@EnableWebSecurity
 @EnableResourceServer
 @EnableGlobalMethodSecurity(prePostEnabled = true) // Allow method annotations like @PreAuthorize
 public class ResourceConfigurer extends ResourceServerConfigurerAdapter {
 
     @Override
     public void configure(HttpSecurity http) throws Exception {
-        http.httpBasic().disable();
-        http.authorizeRequests().anyRequest().authenticated();
+        http.sessionManagement()
+            .sessionCreationPolicy(SessionCreationPolicy.NEVER)
+            .and()
+            .authorizeRequests()
+            .anyRequest().authenticated();
+
     }
 
 }
diff --git a/spring-cloud/spring-cloud-security/auth-resource/src/main/resources/application.yml b/spring-cloud/spring-cloud-security/auth-resource/src/main/resources/application.yml
index 52e02ba41b17..35063a787959 100644
--- a/spring-cloud/spring-cloud-security/auth-resource/src/main/resources/application.yml
+++ b/spring-cloud/spring-cloud-security/auth-resource/src/main/resources/application.yml
@@ -5,7 +5,6 @@ server:
 
 # Configure the public key to use for verifying the incoming JWT tokens
 security:
-  sessions: NEVER
   oauth2:
     resource:
       jwt:
diff --git a/spring-cloud/spring-cloud-security/auth-server/pom.xml b/spring-cloud/spring-cloud-security/auth-server/pom.xml
index 4b3f94b82586..afd8dbef4479 100644
--- a/spring-cloud/spring-cloud-security/auth-server/pom.xml
+++ b/spring-cloud/spring-cloud-security/auth-server/pom.xml
@@ -38,7 +38,7 @@
     </dependencies>
     
     <properties>
-        <spring-cloud-starter-oauth2.version>1.1.2.RELEASE</spring-cloud-starter-oauth2.version>
+        <spring-cloud-starter-oauth2.version>2.1.2.RELEASE</spring-cloud-starter-oauth2.version>
     </properties>
 
 </project>
\ No newline at end of file
diff --git a/spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/AuthServerConfigurer.java b/spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/AuthServerConfigurer.java
index 32e445f998db..7c9ee9ae1866 100644
--- a/spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/AuthServerConfigurer.java
+++ b/spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/AuthServerConfigurer.java
@@ -9,6 +9,7 @@
 import org.springframework.core.annotation.Order;
 import org.springframework.core.io.Resource;
 import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
@@ -19,9 +20,7 @@
 @Configuration
 @EnableAuthorizationServer
 @Order(6)
-public class AuthServerConfigurer
-    extends
-        AuthorizationServerConfigurerAdapter {
+public class AuthServerConfigurer extends AuthorizationServerConfigurerAdapter {
 
     @Value("${jwt.certificate.store.file}")
     private Resource keystore;
@@ -37,6 +36,9 @@ public class AuthServerConfigurer
 
     @Autowired
     private UserDetailsService userDetailsService;
+    
+    @Autowired
+    private BCryptPasswordEncoder passwordEncoder;
 
     @Override
     public void configure(
@@ -45,8 +47,8 @@ public void configure(
         clients
             .inMemory()
             .withClient("authserver")
-            .secret("passwordforauthserver")
-            .redirectUris("http://localhost:8080/")
+            .secret(passwordEncoder.encode("passwordforauthserver"))
+            .redirectUris("http://localhost:8080/login")
             .authorizedGrantTypes("authorization_code",
                 "refresh_token")
             .scopes("myscope")
diff --git a/spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/WebMvcConfigurer.java b/spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/WebMvcConfig.java
similarity index 83%
rename from spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/WebMvcConfigurer.java
rename to spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/WebMvcConfig.java
index 23b56151e71d..3cefd323b392 100644
--- a/spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/WebMvcConfigurer.java
+++ b/spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/WebMvcConfig.java
@@ -2,10 +2,10 @@
 
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 @Configuration
-public class WebMvcConfigurer extends WebMvcConfigurerAdapter {
+public class WebMvcConfig implements WebMvcConfigurer {
 
     @Override
     public void addViewControllers(ViewControllerRegistry registry) {
diff --git a/spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/WebSecurityConfigurer.java b/spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/WebSecurityConfigurer.java
index 44406b8fa09b..6a48c62097b0 100644
--- a/spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/WebSecurityConfigurer.java
+++ b/spring-cloud/spring-cloud-security/auth-server/src/main/java/com/baeldung/config/WebSecurityConfigurer.java
@@ -6,8 +6,8 @@
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-
 import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
 
 @Configuration
@@ -34,7 +34,7 @@ protected void configure(
         AuthenticationManagerBuilder auth) throws Exception {
         auth
             .inMemoryAuthentication()
-            .withUser("user").password("user")
+            .withUser("user").password(passwordEncoder().encode("user"))
             .roles("USER")
             .and()
             .withUser("admin").password("admin")
@@ -48,5 +48,9 @@ public UserDetailsService userDetailsServiceBean()
         return super.userDetailsServiceBean();
     }
 
+    @Bean
+    public BCryptPasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
 
 }
diff --git a/spring-cloud/spring-cloud-security/auth-server/src/main/resources/application.yml b/spring-cloud/spring-cloud-security/auth-server/src/main/resources/application.yml
index 1dc63d3f0ee7..b6e385e5c76d 100644
--- a/spring-cloud/spring-cloud-security/auth-server/src/main/resources/application.yml
+++ b/spring-cloud/spring-cloud-security/auth-server/src/main/resources/application.yml
@@ -1,7 +1,8 @@
 # Make the application available at http://localhost:7070/authserver
 server:
   port: 7070
-  contextPath: /authserver
+  servlet: 
+    context-path: /authserver
 
 # Our certificate settings for enabling JWT tokens
 jwt:
@@ -11,11 +12,4 @@ jwt:
       password: abirkhan04
     key:
       alias: myauthkey
-      password: abirkhan04
-
-      
-security:
-  oauth2:
-    resource: 
-      filter-order: 3
-      
\ No newline at end of file
+      password: abirkhan04       
\ No newline at end of file
diff --git a/spring-cloud/spring-cloud-security/pom.xml b/spring-cloud/spring-cloud-security/pom.xml
index 2eecf579a50d..d65fd6520bc0 100644
--- a/spring-cloud/spring-cloud-security/pom.xml
+++ b/spring-cloud/spring-cloud-security/pom.xml
@@ -8,10 +8,10 @@
     <packaging>pom</packaging>
 
    <parent>
-        <artifactId>parent-boot-1</artifactId>
+        <artifactId>parent-boot-2</artifactId>
         <groupId>com.baeldung</groupId>
         <version>0.0.1-SNAPSHOT</version>
-        <relativePath>../../parent-boot-1</relativePath>
+        <relativePath>../../parent-boot-2</relativePath>
     </parent>
     
     <modules>