Use standard lambda syntax in documentation

Fixes: gh-7774

Author: eleftherias

docs/manual/src/docs/asciidoc/_includes/reactive/exploits/headers.adoc

@@ -23,12 +23,10 @@ You can easily do this with the following Java Configuration:
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers ->
-			headers
-				.frameOptions(frameOptions ->
-					frameOptions
-						.mode(Mode.SAMEORIGIN)
-				)
+		.headers(headers -> headers
+			.frameOptions(frameOptions -> frameOptions
+				.mode(Mode.SAMEORIGIN)
+			)
 		);
 	return http.build();
 }
@@ -46,10 +44,7 @@ An example for both Java configuration is provided below:
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers ->
-			headers
-				.disable()
-		);
+		.headers(headers -> headers.disable());
 	return http.build();
 }
 ----
@@ -76,9 +71,8 @@ If necessary, you can also disable Spring Security's cache control HTTP response
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers ->
-			headers
-				.cache(cache -> cache.disable())
+		.headers(headers -> headers
+			.cache(cache -> cache.disable())
 		);
 	return http.build();
 }
@@ -99,9 +93,8 @@ However, you can disable it in Java Configuration with:
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers ->
-			headers
-				.contentTypeOptions(contentTypeOptions -> contentTypeOptions.disable())
+		.headers(headers -> headers
+			.contentTypeOptions(contentTypeOptions -> contentTypeOptions.disable())
 		);
 	return http.build();
 }
@@ -122,14 +115,12 @@ For example, the following is an example of explicitly providing HSTS with Java
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers ->
-			headers
-				.hsts(hsts ->
-					hsts
-						.includeSubdomains(true)
-						.preload(true)
-						.maxAge(Duration.ofDays(365))
-				)
+		.headers(headers -> headers
+			.hsts(hsts -> hsts
+				.includeSubdomains(true)
+				.preload(true)
+				.maxAge(Duration.ofDays(365))
+			)
 		);
 	return http.build();
 }
@@ -150,12 +141,10 @@ You can customize frame options to use the same origin within Java Configuration
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers ->
-			headers
-				.frameOptions(frameOptions ->
-					frameOptions
-						.mode(SAMEORIGIN)
-				)
+		.headers(headers -> headers
+			.frameOptions(frameOptions -> frameOptions
+				.mode(SAMEORIGIN)
+			)
 		);
 	return http.build();
 }
@@ -175,9 +164,8 @@ You can disable `X-XSS-Protection` with the following Java Configuration:
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers ->
-			headers
-				.xssProtection(xssProtection -> xssProtection.disable())
+		.headers(headers -> headers
+			.xssProtection(xssProtection -> xssProtection.disable())
 		);
 	return http.build();
 }
@@ -209,12 +197,10 @@ You can enable the CSP header using Java configuration as shown below:
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers ->
-			headers
-				.contentSecurityPolicy(contentSecurityPolicy ->
-					contentSecurityPolicy
-						.policyDirectives("script-src 'self' https://trustedscripts.example.com; object-src https://trustedplugins.example.com; report-uri /csp-report-endpoint/")
-				)
+		.headers(headers -> headers
+			.contentSecurityPolicy(policy -> policy
+				.policyDirectives("script-src 'self' https://trustedscripts.example.com; object-src https://trustedplugins.example.com; report-uri /csp-report-endpoint/")
+			)
 		);
 	return http.build();
 }
@@ -231,13 +217,11 @@ To enable the CSP `report-only` header, provide the following Java configuration
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers ->
-			headers
-				.contentSecurityPolicy(contentSecurityPolicy ->
-					contentSecurityPolicy
-						.policyDirectives("script-src 'self' https://trustedscripts.example.com; object-src https://trustedplugins.example.com; report-uri /csp-report-endpoint/")
-						.reportOnly()
-				)
+		.headers(headers -> headers
+			.contentSecurityPolicy(policy -> policy
+				.policyDirectives("script-src 'self' https://trustedscripts.example.com; object-src https://trustedplugins.example.com; report-uri /csp-report-endpoint/")
+				.reportOnly()
+			)
 		);
 	return http.build();
 }
@@ -258,12 +242,10 @@ You can enable the Referrer Policy header using Java configuration as shown belo
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers ->
-			headers
-				.referrerPolicy(referrerPolicy ->
-					referrerPolicy
-						.policy(ReferrerPolicy.SAME_ORIGIN)
-				)
+		.headers(headers -> headers
+			.referrerPolicy(referrer -> referrer
+				.policy(ReferrerPolicy.SAME_ORIGIN)
+			)
 		);
 	return http.build();
 }
@@ -295,9 +277,8 @@ can enable the Feature Policy header using Java configuration as shown below:
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers ->
-			headers
-				.featurePolicy("geolocation 'self'")
+		.headers(headers -> headers
+			.featurePolicy("geolocation 'self'")
 		);
 	return http.build();
 }

docs/manual/src/docs/asciidoc/_includes/reactive/exploits/http.adoc

@@ -38,9 +38,8 @@ For example, if the production environment adds a header named `X-Forwarded-Prot
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.redirectToHttps(redirectToHttps ->
-			redirectToHttps
-				.httpsRedirectWhen(e -> e.getRequest().getHeaders().containsKey("X-Forwarded-Proto"))
+		.redirectToHttps(redirect -> redirect
+			.httpsRedirectWhen(e -> e.getRequest().getHeaders().containsKey("X-Forwarded-Proto"))
 		);
 	return http.build();
 }

docs/manual/src/docs/asciidoc/_includes/reactive/method.adoc

@@ -88,9 +88,8 @@ public class SecurityConfig {
 		return http
 			// Demonstrate that method security works
 			// Best practice to use both for defense in depth
-			.authorizeExchange(exchanges ->
-				exchanges
-					.anyExchange().permitAll()
+			.authorizeExchange(exchanges -> exchanges
+				.anyExchange().permitAll()
 			)
 			.httpBasic(withDefaults())
 			.build();

docs/manual/src/docs/asciidoc/_includes/reactive/oauth2/login.adoc

@@ -151,12 +151,11 @@ Additional configuration options can be seen below:
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.oauth2Login(oauth2Login ->
-			oauth2Login
-				.authenticationConverter(converter)
-				.authenticationManager(manager)
-				.authorizedClientRepository(authorizedClients)
-				.clientRegistrationRepository(clientRegistrations)
+		.oauth2Login(oauth2 -> oauth2
+			.authenticationConverter(converter)
+			.authenticationManager(manager)
+			.authorizedClientRepository(authorizedClients)
+			.clientRegistrationRepository(clientRegistrations)
 		);
 	return http.build();
 }