Merge pull request #6960 from DamnClin/upgrade-spring-boot

Spring boot upgrade

src/main/resources/generator/dependencies/pom.xml

@@ -17,7 +17,7 @@
     <assertj.version>3.24.2</assertj.version>
     <mockito.version>5.4.0</mockito.version>
     <logstash-logback-encoder.version>7.4</logstash-logback-encoder.version>
-    <spring-boot.version>3.1.1</spring-boot.version>
+    <spring-boot.version>3.1.2</spring-boot.version>
     <spring-cloud.version>2022.0.0</spring-cloud.version>
     <spring-cloud-netflix-eureka-client.version>4.0.2</spring-cloud-netflix-eureka-client.version>
     <springdoc-openapi-starter-webmvc.version>2.1.0</springdoc-openapi-starter-webmvc.version>

src/main/resources/generator/server/springboot/mvc/security/jwt/authentication/main/infrastructure/primary/SecurityConfiguration.java.mustache

@@ -1,5 +1,7 @@
 package {{packageName}}.authentication.infrastructure.primary;
 
+import static org.springframework.security.web.util.matcher.AntPathRequestMatcher.*;
+
 import {{packageName}}.authentication.domain.Role;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.security.Keys;
@@ -22,7 +24,9 @@ import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter;
+import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
 import org.springframework.web.filter.CorsFilter;
+import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
 
 @Configuration
 @EnableWebSecurity
@@ -32,10 +36,16 @@ class SecurityConfiguration {
 
   private final JwtAuthenticationProperties properties;
   private final CorsFilter corsFilter;
+  private final HandlerMappingIntrospector introspector;
 
-  public SecurityConfiguration(JwtAuthenticationProperties properties, CorsFilter corsFilter) {
+  public SecurityConfiguration(
+    JwtAuthenticationProperties properties,
+    CorsFilter corsFilter,
+    HandlerMappingIntrospector introspector
+  ) {
     this.properties = properties;
     this.corsFilter = corsFilter;
+    this.introspector = introspector;
   }
 
   @Bean
@@ -48,14 +58,14 @@ class SecurityConfiguration {
     return web ->
       web
         .ignoring()
-        .requestMatchers(HttpMethod.OPTIONS, "/**")
-        .requestMatchers("/app/**")
-        .requestMatchers("/i18n/**")
-        .requestMatchers("/content/**")
-        .requestMatchers("/swagger-ui/**")
-        .requestMatchers("/swagger-ui.html")
-        .requestMatchers("/v3/api-docs/**")
-        .requestMatchers("/test/**");
+        .requestMatchers(antMatcher(HttpMethod.OPTIONS, "/**"))
+        .requestMatchers(antMatcher("/app/**"))
+        .requestMatchers(antMatcher("/i18n/**"))
+        .requestMatchers(antMatcher("/content/**"))
+        .requestMatchers(antMatcher("/swagger-ui/**"))
+        .requestMatchers(antMatcher("/swagger-ui.html"))
+        .requestMatchers(antMatcher("/v3/api-docs/**"))
+        .requestMatchers(antMatcher("/test/**"));
   }
 
   @Bean
@@ -75,18 +85,18 @@ class SecurityConfiguration {
       .httpBasic(AbstractHttpConfigurer::disable)
       .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
       .authorizeHttpRequests(authz -> authz
-        .requestMatchers("/api/authenticate").permitAll()
-        .requestMatchers("/api/register").permitAll()
-        .requestMatchers("/api/activate").permitAll()
-        .requestMatchers("/api/account/reset-password/init").permitAll()
-        .requestMatchers("/api/account/reset-password/finish").permitAll()
-        .requestMatchers("/api/admin/**").hasAuthority(Role.ADMIN.key())
-        .requestMatchers("/api/**").authenticated()
-        .requestMatchers("/management/health").permitAll()
-        .requestMatchers("/management/health/**").permitAll()
-        .requestMatchers("/management/info").permitAll()
-        .requestMatchers("/management/prometheus").permitAll()
-        .requestMatchers("/management/**").hasAuthority(Role.ADMIN.key())
+        .requestMatchers(new MvcRequestMatcher(introspector, "/api/authenticate")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/api/register")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/api/activate")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/api/account/reset-password/init")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/api/account/reset-password/finish")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/api/admin/**")).hasAuthority(Role.ADMIN.key())
+        .requestMatchers(new MvcRequestMatcher(introspector, "/api/**")).authenticated()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/management/health")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/management/health/**")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/management/info")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/management/prometheus")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/management/**")).hasAuthority(Role.ADMIN.key())
         .anyRequest().authenticated()
       );
 

src/main/resources/generator/server/springboot/mvc/security/oauth2/core/main/infrastructure/primary/SecurityConfiguration.java.mustache

@@ -1,5 +1,7 @@
 package {{packageName}}.authentication.infrastructure.primary;
 
+import static org.springframework.security.web.util.matcher.AntPathRequestMatcher.*;
+
 import java.time.Duration;
 import java.util.HashSet;
 import java.util.Set;
@@ -31,7 +33,9 @@ import org.springframework.security.oauth2.server.resource.authentication.JwtAut
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.csrf.CsrfFilter;
 import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter;
+import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
 import org.springframework.web.filter.CorsFilter;
+import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
 
 import {{packageName}}.authentication.domain.Role;
 import {{packageName}}.common.domain.ExcludeFromGeneratedCodeCoverage;
@@ -47,31 +51,34 @@ public class SecurityConfiguration {
 
   private final ApplicationSecurityProperties applicationSecurityProperties;
   private final CorsFilter corsFilter;
+  private final HandlerMappingIntrospector introspector;
 
   @Value("${spring.security.oauth2.client.provider.oidc.issuer-uri}")
   private String issuerUri;
 
   public SecurityConfiguration(
     CorsFilter corsFilter,
-    ApplicationSecurityProperties applicationSecurityProperties
+    ApplicationSecurityProperties applicationSecurityProperties, 
+    HandlerMappingIntrospector introspector
   ) {
     this.corsFilter = corsFilter;
     this.applicationSecurityProperties = applicationSecurityProperties;
+    this.introspector = introspector;
   }
 
   @Bean
   public WebSecurityCustomizer webSecurityCustomizer() {
     return web ->
       web
         .ignoring()
-        .requestMatchers(HttpMethod.OPTIONS, "/**")
-        .requestMatchers("/app/**")
-        .requestMatchers("/i18n/**")
-        .requestMatchers("/content/**")
-        .requestMatchers("/swagger-ui/**")
-        .requestMatchers("/swagger-ui.html")
-        .requestMatchers("/v3/api-docs/**")
-        .requestMatchers("/test/**");
+        .requestMatchers(antMatcher(HttpMethod.OPTIONS, "/**"))
+        .requestMatchers(antMatcher("/app/**"))
+        .requestMatchers(antMatcher("/i18n/**"))
+        .requestMatchers(antMatcher("/content/**"))
+        .requestMatchers(antMatcher("/swagger-ui/**"))
+        .requestMatchers(antMatcher("/swagger-ui.html"))
+        .requestMatchers(antMatcher("/v3/api-docs/**"))
+        .requestMatchers(antMatcher("/test/**"));
   }
 
   @Bean
@@ -88,15 +95,15 @@ public class SecurityConfiguration {
           permissions.policy("camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()"))
       )
       .authorizeHttpRequests(authz -> authz
-        .requestMatchers("/api/authenticate").permitAll()
-        .requestMatchers("/api/auth-info").permitAll()
-        .requestMatchers("/api/admin/**").hasAuthority(Role.ADMIN.key())
-        .requestMatchers("/api/**").authenticated()
-        .requestMatchers("/management/health").permitAll()
-        .requestMatchers("/management/health/**").permitAll()
-        .requestMatchers("/management/info").permitAll()
-        .requestMatchers("/management/prometheus").permitAll()
-        .requestMatchers("/management/**").hasAuthority(Role.ADMIN.key())
+        .requestMatchers(new MvcRequestMatcher(introspector, "/api/authenticate")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/api/auth-info")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/api/admin/**")).hasAuthority(Role.ADMIN.key())
+        .requestMatchers(new MvcRequestMatcher(introspector, "/api/**")).authenticated()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/management/health")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/management/health/**")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/management/info")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/management/prometheus")).permitAll()
+        .requestMatchers(new MvcRequestMatcher(introspector, "/management/**")).hasAuthority(Role.ADMIN.key())
         .anyRequest().authenticated()
       )
       .oauth2Login(withDefaults())