From d1a60989661070117649e88e32c03653031752ad Mon Sep 17 00:00:00 2001 From: RHJ5FE Date: Mon, 14 Aug 2023 12:31:33 +0200 Subject: [PATCH] corrected deprecated usages --- .../registry/security/OAuthSecurityConfig.java | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/backend/src/main/java/org/eclipse/tractusx/semantics/registry/security/OAuthSecurityConfig.java b/backend/src/main/java/org/eclipse/tractusx/semantics/registry/security/OAuthSecurityConfig.java index 95fa1e3d..cfb72159 100644 --- a/backend/src/main/java/org/eclipse/tractusx/semantics/registry/security/OAuthSecurityConfig.java +++ b/backend/src/main/java/org/eclipse/tractusx/semantics/registry/security/OAuthSecurityConfig.java @@ -25,6 +25,7 @@ import org.springframework.context.annotation.Profile; import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.CsrfConfigurer; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.web.SecurityFilterChain; @@ -65,11 +66,10 @@ protected SecurityFilterChain configure(HttpSecurity http) throws Exception { .requestMatchers( HttpMethod.PUT, "/**/lookup/**" ).access( "@authorizationEvaluator.hasRoleUpdateDigitalTwin()" ) .requestMatchers( HttpMethod.DELETE, "/**/lookup/**" ).access( "@authorizationEvaluator.hasRoleDeleteDigitalTwin()" ) ) - .csrf().disable() - .sessionManagement().sessionCreationPolicy( SessionCreationPolicy.STATELESS ) - .and() - .oauth2ResourceServer() - .jwt(); + .csrf(CsrfConfigurer::disable) + .sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .oauth2ResourceServer(oauth2ResourceServerConfigurer -> oauth2ResourceServerConfigurer.jwt()); + return http.build(); }