From 8cfd0050085d652a7ef99cb0ecfeb12e559b96d9 Mon Sep 17 00:00:00 2001
From: Robert Goldmann <deadlocker@gmx.de>
Date: Thu, 22 Jun 2023 22:27:31 +0200
Subject: [PATCH] fixed deprecated spring security config

---
 .../authentication/WebSecurityConfig.java     | 45 +++++++++----------
 1 file changed, 21 insertions(+), 24 deletions(-)

diff --git a/BudgetMasterServer/src/main/java/de/deadlocker8/budgetmaster/authentication/WebSecurityConfig.java b/BudgetMasterServer/src/main/java/de/deadlocker8/budgetmaster/authentication/WebSecurityConfig.java
index 8e189f734..c2fa6bfa6 100644
--- a/BudgetMasterServer/src/main/java/de/deadlocker8/budgetmaster/authentication/WebSecurityConfig.java
+++ b/BudgetMasterServer/src/main/java/de/deadlocker8/budgetmaster/authentication/WebSecurityConfig.java
@@ -3,6 +3,7 @@ package de.deadlocker8.budgetmaster.authentication;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.web.DefaultRedirectStrategy;
 import org.springframework.security.web.RedirectStrategy;
@@ -20,34 +21,30 @@ public class WebSecurityConfig
 		return new BCryptPasswordEncoder();
 	}
 
-
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception
 	{
 		http
-				.csrf()
-				.and()
-
-				.authorizeHttpRequests()
-				.requestMatchers("/css/**", "/js/**", "/images/**", "/webjars/**", "/favicon.ico", "/touch_icon.png").permitAll()
-				.requestMatchers("/login").permitAll()
-				.requestMatchers("/**").authenticated()
-				.and()
-				.formLogin()
-				.loginPage("/login")
-				.successHandler((req, res, auth) -> {
-					Object preLoginURL = req.getSession().getAttribute("preLoginURL");
-					if(preLoginURL == null || preLoginUrlBlacklist.isBlacklisted(preLoginURL.toString()))
-					{
-						preLoginURL = "/";
-					}
-					redirectStrategy.sendRedirect(req, res, preLoginURL.toString());
-				})
-				.permitAll()
-				.and()
-
-				.logout()
-				.permitAll();
+				.csrf(csrf -> csrf.configure(http))
+				.authorizeHttpRequests(authorization -> authorization
+						.requestMatchers("/css/**", "/js/**", "/images/**", "/webjars/**", "/favicon.ico", "/touch_icon.png").permitAll()
+						.requestMatchers("/login").permitAll()
+						.requestMatchers("/**").authenticated())
+				.formLogin(formLogin -> formLogin
+						.loginPage("/login")
+						.permitAll()
+						.successHandler((req, res, auth) -> {
+							Object preLoginURL = req.getSession().getAttribute("preLoginURL");
+							if(preLoginURL == null || preLoginUrlBlacklist.isBlacklisted(preLoginURL.toString()))
+							{
+								preLoginURL = "/";
+							}
+							redirectStrategy.sendRedirect(req, res, preLoginURL.toString());
+						})
+						.permitAll()
+				)
+				.logout(LogoutConfigurer::permitAll
+				);
 
 		return http.build();
 	}
-- 
GitLab