Add @configuration with @EnableWebSecurity

jgrandja · jgrandja · commit 79304d6fd99d · 2022-10-23T09:02:22.000-04:00
Closes gh-935
diff --git a/docs/src/docs/asciidoc/examples/src/main/java/sample/userinfo/EnableUserInfoSecurityConfig.java b/docs/src/docs/asciidoc/examples/src/main/java/sample/userinfo/EnableUserInfoSecurityConfig.java
@@ -50,7 +50,7 @@
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
 
-@Configuration
+@Configuration(proxyBeanMethods = false)
 public class EnableUserInfoSecurityConfig {
 
 	@Bean // <1>
diff --git a/docs/src/docs/asciidoc/examples/src/main/java/sample/userinfo/jwt/JwtUserInfoMapperSecurityConfig.java b/docs/src/docs/asciidoc/examples/src/main/java/sample/userinfo/jwt/JwtUserInfoMapperSecurityConfig.java
@@ -57,7 +57,7 @@
 import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
 import org.springframework.security.web.util.matcher.RequestMatcher;
 
-@Configuration
+@Configuration(proxyBeanMethods = false)
 public class JwtUserInfoMapperSecurityConfig {
 
 	@Bean // <1>
diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java
@@ -45,6 +45,7 @@
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
@@ -834,6 +835,7 @@ static class ParametersMapper extends JdbcOAuth2AuthorizationService.OAuth2Autho
 	}
 
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class AuthorizationServerConfigurationWithSecurityContextRepository extends AuthorizationServerConfiguration {
 		// @formatter:off
 		@Bean
@@ -893,6 +895,7 @@ AuthorizationServerSettings authorizationServerSettings() {
 	}
 
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class AuthorizationServerConfigurationCustomConsentPage extends AuthorizationServerConfiguration {
 		// @formatter:off
 		@Bean
@@ -917,6 +920,7 @@ public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity h
 	}
 
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class AuthorizationServerConfigurationCustomConsentRequest extends AuthorizationServerConfiguration {
 		@Autowired
 		private RegisteredClientRepository registeredClientRepository;
@@ -1011,6 +1015,7 @@ private static Set<String> authorities(String param) {
 	}
 
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class AuthorizationServerConfigurationCustomAuthorizationEndpoint extends AuthorizationServerConfiguration {
 		// @formatter:off
 		@Bean
diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationServerMetadataTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationServerMetadataTests.java
@@ -159,8 +159,8 @@ AuthorizationServerSettings authorizationServerSettings() {
 		}
 	}
 
-	@Configuration
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class AuthorizationServerConfigurationWithMetadataCustomizer extends AuthorizationServerConfiguration {
 
 		// @formatter:off
diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientCredentialsGrantTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientCredentialsGrantTests.java
@@ -41,6 +41,7 @@
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
 import org.springframework.http.HttpHeaders;
 import org.springframework.jdbc.core.JdbcOperations;
@@ -397,6 +398,7 @@ static class ParametersMapper extends JdbcOAuth2AuthorizationService.OAuth2Autho
 	}
 
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class AuthorizationServerConfigurationCustomTokenEndpoint extends AuthorizationServerConfiguration {
 		// @formatter:off
 		@Bean
@@ -427,6 +429,7 @@ public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity h
 	}
 
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class AuthorizationServerConfigurationCustomClientAuthentication extends AuthorizationServerConfiguration {
 		// @formatter:off
 		@Bean
diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionTests.java
@@ -36,6 +36,7 @@
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
@@ -500,6 +501,7 @@ static class ParametersMapper extends JdbcOAuth2AuthorizationService.OAuth2Autho
 	}
 
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class AuthorizationServerConfigurationCustomTokenIntrospectionEndpoint extends AuthorizationServerConfiguration {
 
 		// @formatter:off
diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationTests.java
@@ -33,6 +33,7 @@
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
 import org.springframework.http.HttpHeaders;
 import org.springframework.jdbc.core.JdbcOperations;
@@ -320,6 +321,7 @@ static class ParametersMapper extends JdbcOAuth2AuthorizationService.OAuth2Autho
 	}
 
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class AuthorizationServerConfigurationCustomTokenRevocationEndpoint extends AuthorizationServerConfiguration {
 
 		// @formatter:off
diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationTests.java
@@ -33,6 +33,7 @@
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
@@ -353,6 +354,7 @@ private static OidcClientRegistration readClientRegistrationResponse(MockHttpSer
 	}
 
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class AuthorizationServerConfiguration {
 
 		// @formatter:off
diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcProviderConfigurationTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcProviderConfigurationTests.java
@@ -215,8 +215,8 @@ AuthorizationServerSettings authorizationServerSettings() {
 
 	}
 
-	@Configuration
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class AuthorizationServerConfigurationWithProviderConfigurationCustomizer extends AuthorizationServerConfiguration {
 
 		// @formatter:off
@@ -252,8 +252,8 @@ private Consumer<OidcProviderConfiguration.Builder> providerConfigurationCustomi
 
 	}
 
-	@Configuration
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class AuthorizationServerConfigurationWithClientRegistrationEnabled extends AuthorizationServerConfiguration {
 
 		// @formatter:off
diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoTests.java
@@ -33,6 +33,7 @@
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpHeaders;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -260,6 +261,7 @@ private static OidcUserInfo createUserInfo() {
 	}
 
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class CustomUserInfoConfiguration extends AuthorizationServerConfiguration {
 
 		@Bean
@@ -299,6 +301,7 @@ SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	}
 
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class AuthorizationServerConfigurationWithSecurityContextRepository extends AuthorizationServerConfiguration {
 
 		@Bean
@@ -327,6 +330,7 @@ SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	}
 
 	@EnableWebSecurity
+	@Configuration(proxyBeanMethods = false)
 	static class AuthorizationServerConfiguration {
 
 		@Bean
diff --git a/samples/custom-consent-authorizationserver/src/main/java/sample/config/DefaultSecurityConfig.java b/samples/custom-consent-authorizationserver/src/main/java/sample/config/DefaultSecurityConfig.java
@@ -16,6 +16,7 @@
 package sample.config;
 
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.core.userdetails.User;
@@ -30,6 +31,7 @@
  * @author Joe Grandja
  */
 @EnableWebSecurity
+@Configuration(proxyBeanMethods = false)
 public class DefaultSecurityConfig {
 
 	// @formatter:off
diff --git a/samples/default-authorizationserver/src/main/java/sample/config/DefaultSecurityConfig.java b/samples/default-authorizationserver/src/main/java/sample/config/DefaultSecurityConfig.java
@@ -16,6 +16,7 @@
 package sample.config;
 
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.core.userdetails.User;
@@ -31,6 +32,7 @@
  * @since 0.1.0
  */
 @EnableWebSecurity
+@Configuration(proxyBeanMethods = false)
 public class DefaultSecurityConfig {
 
 	// @formatter:off
diff --git a/samples/federated-identity-authorizationserver/src/main/java/sample/config/DefaultSecurityConfig.java b/samples/federated-identity-authorizationserver/src/main/java/sample/config/DefaultSecurityConfig.java
@@ -19,6 +19,7 @@
 import sample.security.UserRepositoryOAuth2UserHandler;
 
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -33,6 +34,7 @@
  * @since 0.2.3
  */
 @EnableWebSecurity
+@Configuration(proxyBeanMethods = false)
 public class DefaultSecurityConfig {
 
 	// @formatter:off
diff --git a/samples/messages-client/src/main/java/sample/config/SecurityConfig.java b/samples/messages-client/src/main/java/sample/config/SecurityConfig.java
@@ -16,6 +16,7 @@
 package sample.config;
 
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
@@ -28,6 +29,7 @@
  * @since 0.0.1
  */
 @EnableWebSecurity
+@Configuration(proxyBeanMethods = false)
 public class SecurityConfig {
 
 	@Bean
diff --git a/samples/messages-resource/src/main/java/sample/config/ResourceServerConfig.java b/samples/messages-resource/src/main/java/sample/config/ResourceServerConfig.java
@@ -16,6 +16,7 @@
 package sample.config;
 
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.SecurityFilterChain;
@@ -25,6 +26,7 @@
  * @since 0.0.1
  */
 @EnableWebSecurity
+@Configuration(proxyBeanMethods = false)
 public class ResourceServerConfig {
 
 	// @formatter:off

Original file line number	Diff line number	Diff line change
`@@ -159,8 +159,8 @@ AuthorizationServerSettings authorizationServerSettings() {`
`159`	`159`	`}`
`160`	`160`	`}`
`161`	`161`
`162`		`- @Configuration`
`163`	`162`	`@EnableWebSecurity`
	`163`	`+ @Configuration(proxyBeanMethods = false)`
`164`	`164`	`static class AuthorizationServerConfigurationWithMetadataCustomizer extends AuthorizationServerConfiguration {`
`165`	`165`
`166`	`166`	`// @formatter:off`
Original file line number	Diff line number	Diff line change
`@@ -215,8 +215,8 @@ AuthorizationServerSettings authorizationServerSettings() {`
`215`	`215`
`216`	`216`	`}`
`217`	`217`
`218`		`- @Configuration`
`219`	`218`	`@EnableWebSecurity`
	`219`	`+ @Configuration(proxyBeanMethods = false)`
`220`	`220`	`static class AuthorizationServerConfigurationWithProviderConfigurationCustomizer extends AuthorizationServerConfiguration {`
`221`	`221`
`222`	`222`	`// @formatter:off`
`@@ -252,8 +252,8 @@ private Consumer<OidcProviderConfiguration.Builder> providerConfigurationCustomi`
`252`	`252`
`253`	`253`	`}`
`254`	`254`
`255`		`- @Configuration`
`256`	`255`	`@EnableWebSecurity`
	`256`	`+ @Configuration(proxyBeanMethods = false)`
`257`	`257`	`static class AuthorizationServerConfigurationWithClientRegistrationEnabled extends AuthorizationServerConfiguration {`
`258`	`258`
`259`	`259`	`// @formatter:off`