Merge branch '6.2.x'

reactive/rsocket/hello-security/src/integTest/java/example/HelloRSocketApplicationITests.java

@@ -69,7 +69,7 @@ void messageWhenNotAuthenticatedThenError() {
 		RSocketRequester requester = this.requester.connectTcp("localhost", this.port).block();
 
 		assertThatThrownBy(() -> requester.route("message").data(Mono.empty()).retrieveMono(String.class).block())
-				.isNotNull();
+			.isNotNull();
 	}
 
 }

reactive/webflux/java/authentication/x509/src/integTest/java/example/WebfluxX509ApplicationITest.java

@@ -83,7 +83,7 @@ private WebTestClient createWebTestClientWithClientCertificate() throws KeyStore
 		// @formatter:on
 
 		HttpClient httpClient = HttpClient.create()
-				.secure((sslContextSpec) -> sslContextSpec.sslContext(sslContextBuilder));
+			.secure((sslContextSpec) -> sslContextSpec.sslContext(sslContextBuilder));
 		ClientHttpConnector httpConnector = new ReactorClientHttpConnector(httpClient);
 
 		// @formatter:off

reactive/webflux/java/authentication/x509/src/main/java/example/MeController.java

@@ -34,8 +34,9 @@ public class MeController {
 
 	@GetMapping("/me")
 	public Mono<String> me() {
-		return ReactiveSecurityContextHolder.getContext().map(SecurityContext::getAuthentication)
-				.map((authentication) -> "Hello, " + authentication.getName());
+		return ReactiveSecurityContextHolder.getContext()
+			.map(SecurityContext::getAuthentication)
+			.map((authentication) -> "Hello, " + authentication.getName());
 	}
 
 }

reactive/webflux/java/session-management/maximum-sessions/src/main/java/com/example/maximumsessions/SecurityConfig.java

@@ -63,12 +63,21 @@ SecurityWebFilterChain filterChain(ServerHttpSecurity http) {
 
 	@Bean
 	ReactiveUserDetailsService userDetailsService() {
-		UserDetails user = User.withDefaultPasswordEncoder().username("user").password("password").roles("USER")
-				.build();
-		UserDetails admin = User.withDefaultPasswordEncoder().username("admin").password("password").roles("ADMIN")
-				.build();
-		UserDetails unlimitedSessions = User.withDefaultPasswordEncoder().username("unlimited").password("password")
-				.roles("UNLIMITED_SESSIONS").build();
+		UserDetails user = User.withDefaultPasswordEncoder()
+			.username("user")
+			.password("password")
+			.roles("USER")
+			.build();
+		UserDetails admin = User.withDefaultPasswordEncoder()
+			.username("admin")
+			.password("password")
+			.roles("ADMIN")
+			.build();
+		UserDetails unlimitedSessions = User.withDefaultPasswordEncoder()
+			.username("unlimited")
+			.password("password")
+			.roles("UNLIMITED_SESSIONS")
+			.build();
 		return new MapReactiveUserDetailsService(user, admin, unlimitedSessions);
 	}
 

reactive/webflux/java/session-management/maximum-sessions/src/test/java/com/example/maximumsessions/MaximumSessionsApplicationPreventLoginTests.java

@@ -93,13 +93,20 @@ private WebTestClient.ResponseSpec performHello(ResponseCookie cookie) {
 	}
 
 	private ResponseCookie loginReturningCookie(MultiValueMap<String, String> data) {
-		return login(data).expectCookie().exists("SESSION").returnResult(Void.class).getResponseCookies()
-				.getFirst("SESSION");
+		return login(data).expectCookie()
+			.exists("SESSION")
+			.returnResult(Void.class)
+			.getResponseCookies()
+			.getFirst("SESSION");
 	}
 
 	private WebTestClient.ResponseSpec login(MultiValueMap<String, String> data) {
-		return this.client.mutateWith(csrf()).post().uri("/login").contentType(MediaType.MULTIPART_FORM_DATA)
-				.body(BodyInserters.fromFormData(data)).exchange();
+		return this.client.mutateWith(csrf())
+			.post()
+			.uri("/login")
+			.contentType(MediaType.MULTIPART_FORM_DATA)
+			.body(BodyInserters.fromFormData(data))
+			.exchange();
 	}
 
 }

reactive/webflux/java/session-management/maximum-sessions/src/test/java/com/example/maximumsessions/MaximumSessionsApplicationTests.java

@@ -94,13 +94,20 @@ private WebTestClient.ResponseSpec performHello(ResponseCookie cookie) {
 	}
 
 	private ResponseCookie loginReturningCookie(MultiValueMap<String, String> data) {
-		return login(data).expectCookie().exists("SESSION").returnResult(Void.class).getResponseCookies()
-				.getFirst("SESSION");
+		return login(data).expectCookie()
+			.exists("SESSION")
+			.returnResult(Void.class)
+			.getResponseCookies()
+			.getFirst("SESSION");
 	}
 
 	private WebTestClient.ResponseSpec login(MultiValueMap<String, String> data) {
-		return this.client.mutateWith(csrf()).post().uri("/login").contentType(MediaType.MULTIPART_FORM_DATA)
-				.body(BodyInserters.fromFormData(data)).exchange();
+		return this.client.mutateWith(csrf())
+			.post()
+			.uri("/login")
+			.contentType(MediaType.MULTIPART_FORM_DATA)
+			.body(BodyInserters.fromFormData(data))
+			.exchange();
 	}
 
 }

servlet/java-configuration/aspectj/src/test/java/sample/aspectj/AspectJInterceptorTests.java

@@ -51,7 +51,7 @@ void publicMethod() {
 	@Test
 	void securedMethodNotAuthenticated() {
 		assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class)
-				.isThrownBy(() -> this.service.secureMethod());
+			.isThrownBy(() -> this.service.secureMethod());
 	}
 
 	@Test
@@ -69,7 +69,7 @@ void securedMethodWrongRole() {
 	@Test
 	void securedClassNotAuthenticated() {
 		assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class)
-				.isThrownBy(() -> this.securedService.secureMethod());
+			.isThrownBy(() -> this.securedService.secureMethod());
 	}
 
 	@Test

servlet/java-configuration/authentication/username-password/jdbc/src/main/java/example/DataSourceConfiguration.java

@@ -35,7 +35,8 @@ public class DataSourceConfiguration {
 	public DataSource dataSource() {
 		EmbeddedDatabaseBuilder builder = new EmbeddedDatabaseBuilder();
 		return builder.setType(EmbeddedDatabaseType.HSQL)
-				.addScript("classpath:org/springframework/security/core/userdetails/jdbc/users.ddl").build();
+			.addScript("classpath:org/springframework/security/core/userdetails/jdbc/users.ddl")
+			.build();
 	}
 
 }

servlet/java-configuration/authentication/username-password/jdbc/src/main/java/example/SecurityConfiguration.java

@@ -31,11 +31,16 @@ public class SecurityConfiguration {
 
 	@Bean
 	UserDetailsManager users(DataSource dataSource) {
-		UserDetails user = User.builder().username("user")
-				.password("{bcrypt}$2a$10$AiyMWI4UBLozgXq6itzyVuxrtofjcPzn/WS3fOrcqgzdax9jB7Io.").roles("USER").build();
-		UserDetails admin = User.builder().username("admin")
-				.password("{bcrypt}$2a$10$AiyMWI4UBLozgXq6itzyVuxrtofjcPzn/WS3fOrcqgzdax9jB7Io.").roles("USER", "ADMIN")
-				.build();
+		UserDetails user = User.builder()
+			.username("user")
+			.password("{bcrypt}$2a$10$AiyMWI4UBLozgXq6itzyVuxrtofjcPzn/WS3fOrcqgzdax9jB7Io.")
+			.roles("USER")
+			.build();
+		UserDetails admin = User.builder()
+			.username("admin")
+			.password("{bcrypt}$2a$10$AiyMWI4UBLozgXq6itzyVuxrtofjcPzn/WS3fOrcqgzdax9jB7Io.")
+			.roles("USER", "ADMIN")
+			.build();
 		JdbcUserDetailsManager users = new JdbcUserDetailsManager(dataSource);
 		users.createUser(user);
 		users.createUser(admin);

servlet/java-configuration/authentication/x509/src/integTest/java/example/X509Tests.java

@@ -55,7 +55,7 @@ public class X509Tests {
 	void notCertificateThenSslHandshakeException() {
 		RestTemplate rest = new RestTemplate();
 		assertThatCode(() -> rest.getForEntity(getServerUrl(), String.class))
-				.hasCauseInstanceOf(SSLHandshakeException.class);
+			.hasCauseInstanceOf(SSLHandshakeException.class);
 	}
 
 	@Test

servlet/java-configuration/saml2/login/src/integTest/java/example/Saml2JavaConfigurationITests.java

@@ -64,9 +64,11 @@ public class Saml2JavaConfigurationITests {
 	@BeforeEach
 	void setup() {
 		this.mvc = MockMvcBuilders.webAppContextSetup(this.webApplicationContext)
-				.apply(SecurityMockMvcConfigurers.springSecurity()).build();
+			.apply(SecurityMockMvcConfigurers.springSecurity())
+			.build();
 		this.webClient = MockMvcWebClientBuilder.mockMvcSetup(this.mvc)
-				.withDelegate(new LocalHostWebClient(this.environment)).build();
+			.withDelegate(new LocalHostWebClient(this.environment))
+			.build();
 		this.webClient.getCookieManager().clearCookies();
 	}
 
@@ -114,7 +116,7 @@ private void performLogin() throws Exception {
 
 	private HtmlForm findForm(HtmlPage login) {
 		await().atMost(10, TimeUnit.SECONDS)
-				.until(() -> login.getForms().stream().map(HtmlForm::getId).anyMatch("form19"::equals));
+			.until(() -> login.getForms().stream().map(HtmlForm::getId).anyMatch("form19"::equals));
 		for (HtmlForm form : login.getForms()) {
 			try {
 				if (form.getId().equals("form19")) {

servlet/java-configuration/saml2/login/src/main/java/example/SecurityConfiguration.java

@@ -60,16 +60,17 @@ SecurityFilterChain app(HttpSecurity http) throws Exception {
 	@Bean
 	RelyingPartyRegistrationRepository relyingPartyRegistrationRepository() {
 		RelyingPartyRegistration relyingPartyRegistration = RelyingPartyRegistrations
-				.fromMetadataLocation("https://dev-05937739.okta.com/app/exk46xofd8NZvFCpS5d7/sso/saml/metadata")
-				.registrationId("one")
-				.decryptionX509Credentials(
-						(c) -> c.add(Saml2X509Credential.decryption(this.privateKey, relyingPartyCertificate())))
-				.signingX509Credentials(
-						(c) -> c.add(Saml2X509Credential.signing(this.privateKey, relyingPartyCertificate())))
-				.singleLogoutServiceLocation(
-						"https://dev-05937739.okta.com/app/dev-05937739_springgsecuritysaml2idp_1/exk46xofd8NZvFCpS5d7/slo/saml")
-				.singleLogoutServiceResponseLocation("http://localhost:8080/logout/saml2/slo")
-				.singleLogoutServiceBinding(Saml2MessageBinding.POST).build();
+			.fromMetadataLocation("https://dev-05937739.okta.com/app/exk46xofd8NZvFCpS5d7/sso/saml/metadata")
+			.registrationId("one")
+			.decryptionX509Credentials(
+					(c) -> c.add(Saml2X509Credential.decryption(this.privateKey, relyingPartyCertificate())))
+			.signingX509Credentials(
+					(c) -> c.add(Saml2X509Credential.signing(this.privateKey, relyingPartyCertificate())))
+			.singleLogoutServiceLocation(
+					"https://dev-05937739.okta.com/app/dev-05937739_springgsecuritysaml2idp_1/exk46xofd8NZvFCpS5d7/slo/saml")
+			.singleLogoutServiceResponseLocation("http://localhost:8080/logout/saml2/slo")
+			.singleLogoutServiceBinding(Saml2MessageBinding.POST)
+			.build();
 
 		return new InMemoryRelyingPartyRegistrationRepository(relyingPartyRegistration);
 	}

servlet/spring-boot/java/authentication/username-password/mfa/src/main/java/example/CustomUserRepositoryUserDetailsService.java

@@ -48,7 +48,7 @@ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundEx
 	static final class CustomUserDetails extends CustomUser implements UserDetails {
 
 		private static final List<GrantedAuthority> ROLE_USER = Collections
-				.unmodifiableList(AuthorityUtils.createAuthorityList("ROLE_USER"));
+			.unmodifiableList(AuthorityUtils.createAuthorityList("ROLE_USER"));
 
 		CustomUserDetails(CustomUser customUser) {
 			super(customUser);

servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/integTest/java/example/HelloSecurityExplicitITests.java

@@ -36,8 +36,8 @@ public class HelloSecurityExplicitITests {
 
 	@Test
 	void login() {
-		CustomUser result = this.rest.withBasicAuth("[email protected]", "password").getForObject("/user",
-				CustomUser.class);
+		CustomUser result = this.rest.withBasicAuth("[email protected]", "password")
+			.getForObject("/user", CustomUser.class);
 		assertThat(result.getEmail()).isEqualTo("[email protected]");
 	}
 

servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/CustomUserRepositoryUserDetailsService.java

@@ -48,7 +48,7 @@ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundEx
 	static final class CustomUserDetails extends CustomUser implements UserDetails {
 
 		private static final List<GrantedAuthority> ROLE_USER = Collections
-				.unmodifiableList(AuthorityUtils.createAuthorityList("ROLE_USER"));
+			.unmodifiableList(AuthorityUtils.createAuthorityList("ROLE_USER"));
 
 		CustomUserDetails(CustomUser customUser) {
 			super(customUser.getId(), customUser.getEmail(), customUser.getPassword());

servlet/spring-boot/java/cas/login/src/main/java/cas/example/SecurityConfig.java

@@ -98,8 +98,11 @@ private TicketValidator cas30ServiceTicketValidator() {
 
 	@Bean
 	public UserDetailsService userDetailsService() {
-		UserDetails user = User.withDefaultPasswordEncoder().username("casuser").password("Mellon").roles("USER")
-				.build();
+		UserDetails user = User.withDefaultPasswordEncoder()
+			.username("casuser")
+			.password("Mellon")
+			.roles("USER")
+			.build();
 		return new InMemoryUserDetailsManager(user);
 	}
 

servlet/spring-boot/java/cas/login/src/test/java/cas/example/CasLoginApplicationTests.java

@@ -50,13 +50,14 @@ class CasLoginApplicationTests {
 
 	@Container
 	static GenericContainer<?> casServer = new GenericContainer<>(DockerImageName.parse("apereo/cas:6.6.6"))
-			.withCommand("--cas.standalone.configuration-directory=/etc/cas/config", "--server.ssl.enabled=false",
-					"--server.port=8080", "--cas.service-registry.core.init-from-json=true",
-					"--cas.service-registry.json.location=file:/etc/cas/services", "--cas.tgc.secure=false",
-					"--cas.tgc.sameSitePolicy=Lax")
-			.withExposedPorts(8080).withClasspathResourceMapping("cas/services/https-1.json",
-					"/etc/cas/services/https-1.json", BindMode.READ_WRITE)
-			.waitingFor(Wait.forLogMessage(".*Ready to process requests.*", 1));
+		.withCommand("--cas.standalone.configuration-directory=/etc/cas/config", "--server.ssl.enabled=false",
+				"--server.port=8080", "--cas.service-registry.core.init-from-json=true",
+				"--cas.service-registry.json.location=file:/etc/cas/services", "--cas.tgc.secure=false",
+				"--cas.tgc.sameSitePolicy=Lax")
+		.withExposedPorts(8080)
+		.withClasspathResourceMapping("cas/services/https-1.json", "/etc/cas/services/https-1.json",
+				BindMode.READ_WRITE)
+		.waitingFor(Wait.forLogMessage(".*Ready to process requests.*", 1));
 
 	@DynamicPropertySource
 	static void casProperties(DynamicPropertyRegistry registry) {