Fix Spring Security deprecations after Spring Boot 3.3.8 upgrade (#740)

Author: jbern0rd

CHANGELOG.md

@@ -14,6 +14,7 @@ All notable changes to this project will be documented in this file.
 - Improve switch statements after Java 17 migration. (#729)
 - Remove redundant blockchain calls to diminish pressure on Ethereum JSON-RPC API. (#734)
 - Compute alive workers metrics in `WorkerService#updateMetrics` scheduled job. (#739)
+- Fix Spring Security deprecations after Spring Boot 3.3.8 upgrade. (#740)
 
 ### Breaking API changes
 

src/main/java/com/iexec/core/security/WebSecurityConfig.java

@@ -20,6 +20,7 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 
@@ -30,13 +31,10 @@ public class WebSecurityConfig {
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         // Disable CSRF (cross site request forgery)
-        http.csrf().disable();
-
+        http.csrf(AbstractHttpConfigurer::disable);
         // No session will be created or used by spring security
-        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
-
-        http.authorizeHttpRequests()
-                .anyRequest().permitAll();
+        http.sessionManagement(sessionMgt -> sessionMgt.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
+        http.authorizeHttpRequests(request -> request.anyRequest().permitAll());
         return http.build();
     }
 }