Korjauksia

pom.xml

@@ -107,7 +107,7 @@
             <dependency>
                 <groupId>fi.vm.sade.java-utils</groupId>
                 <artifactId>httpclient</artifactId>
-                <version>0.4.1-SNAPSHOT</version>
+                <version>1.0.1-SNAPSHOT</version>
             </dependency>
             <dependency>
                 <groupId>org.asynchttpclient</groupId>
@@ -282,7 +282,7 @@
             <dependency>
                 <groupId>fi.vm.sade.java-utils</groupId>
                 <artifactId>opintopolku-cas-servlet-filter</artifactId>
-                <version>0.1.2-SNAPSHOT</version>
+                <version>1.0.1-SNAPSHOT</version>
             </dependency>
             <dependency>
                 <groupId>commons-io</groupId>

valintaperusteet-service/pom.xml

@@ -36,7 +36,7 @@
         <dependency>
             <groupId>fi.vm.sade.java-utils</groupId>
             <artifactId>java-properties</artifactId>
-            <version>0.1.0-SNAPSHOT</version>
+            <version>1.0.0-SNAPSHOT</version>
         </dependency>
         <dependency>
             <groupId>org.asynchttpclient</groupId>

valintaperusteet-service/src/main/java/fi/vm/sade/service/valintaperusteet/config/SecurityConfiguration.java

@@ -21,6 +21,7 @@
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.web.SecurityFilterChain;
 
 @Profile("!dev")
@@ -117,25 +118,35 @@ public CasAuthenticationEntryPoint casAuthenticationEntryPoint() {
   @Bean
   public SecurityFilterChain filterChain(
       HttpSecurity http, CasAuthenticationFilter casAuthenticationFilter) throws Exception {
-    http.headers(headers -> headers.disable())
-        .csrf(csrf -> csrf.disable())
-        .authorizeRequests()
-        .requestMatchers(
-            "/buildversion.txt",
-            "/actuator/health",
-            "/v3/api-docs",
-            "/v3/api-docs/**",
-            "/swagger",
-            "/swagger/**",
-            "/swagger-ui/**",
-            "/swagger-ui.html",
-            "/webjars/swagger-ui/**",
-            "/index.html",
-            "/")
-        .permitAll()
-        .anyRequest()
-        .authenticated()
-        .and()
+    http.headers(AbstractHttpConfigurer::disable)
+        .csrf(AbstractHttpConfigurer::disable)
+        .authorizeHttpRequests(
+            (authorizeHttpRequests) ->
+                authorizeHttpRequests
+                    .requestMatchers("/buildversion.txt")
+                    .permitAll()
+                    .requestMatchers("/actuator/health")
+                    .permitAll()
+                    .requestMatchers("/v3/api-docs")
+                    .permitAll()
+                    .requestMatchers("/v3/api-docs/**")
+                    .permitAll()
+                    .requestMatchers("/swagger")
+                    .permitAll()
+                    .requestMatchers("/swagger**")
+                    .permitAll()
+                    .requestMatchers("/swagger-ui/**")
+                    .permitAll()
+                    .requestMatchers("/swagger-ui.html")
+                    .permitAll()
+                    .requestMatchers("/webjars/swagger-ui/**")
+                    .permitAll()
+                    .requestMatchers("/index.html")
+                    .permitAll()
+                    .requestMatchers("/")
+                    .permitAll()
+                    .anyRequest()
+                    .authenticated())
         .addFilter(casAuthenticationFilter)
         .exceptionHandling(eh -> eh.authenticationEntryPoint(casAuthenticationEntryPoint()))
         .addFilterBefore(singleSignOutFilter(), CasAuthenticationFilter.class);