Upgrade to Spring Boot 2.0.0.RC1

...along with Spring Cloud Finchley.M6, and Spring Cloud Stream Elmhurst.M4

* Update Spring Security policy settings as well as default dummy accounts using new APIs, and new reactive APIs.
* Update custom Thymeleaf authorization processor to find SecurityContext inside the exchange. (Still no thymeleaf-extras-springsecurity5 WebFlux support)
* Replace custom Spring Cloud Gateway filter with comment because code was contributed to the project.
* Patch some unit tests that broke due to constructor settings for Selenium.

Author: gregturn

1/part1/build.gradle

@@ -1,7 +1,7 @@
 // tag::buildscript[]
 buildscript {
 	ext {
-		springBootVersion = '2.0.0.M5'
+		springBootVersion = '2.0.0.RC1'
 	}
 	repositories {
 		mavenCentral()

10/part1/chat/build.gradle

@@ -1,9 +1,9 @@
 // tag::propdeps-plugin-1[]
 buildscript {
 	ext {
-		springBootVersion = '2.0.0.M5'
-		springCloudVersion = 'Finchley.M3'
-		springCloudStreamVersion = 'Elmhurst.M2'
+		springBootVersion = '2.0.0.RC1'
+		springCloudVersion = 'Finchley.M6'
+		springCloudStreamVersion = 'Elmhurst.M4'
 	}
 	repositories {
 		mavenCentral()
@@ -71,7 +71,7 @@ dependencies {
 	compile('org.springframework.cloud:spring-cloud-starter-netflix-hystrix')
 	compile('org.springframework.cloud:spring-cloud-starter-config')
 
-	compile('org.springframework.boot:spring-boot-starter-security-reactive')
+	compile('org.springframework.boot:spring-boot-starter-security')
 
 	compile('org.springframework.boot:spring-boot-starter-data-mongodb-reactive')
 

10/part1/chat/src/main/java/com/greglturnquist/learningspringboot/chat/GatewayConfig.java

@@ -15,49 +15,17 @@
  */
 package com.greglturnquist.learningspringboot.chat;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.cloud.gateway.filter.GatewayFilter;
-import org.springframework.cloud.gateway.filter.factory.GatewayFilterFactory;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.tuple.Tuple;
-import org.springframework.web.server.WebSession;
-
 /**
  * @author Greg Turnquist
  */
 // tag::code[]
-@Configuration
 public class GatewayConfig {
 
-	private static final Logger log =
-		LoggerFactory.getLogger(GatewayConfig.class);
-
 	/**
-	 * Force the current WebSession to get saved
+	 * Code originally written here was contributed to
+	 * Spring Cloud Gateway via https://github.com/spring-cloud/spring-cloud-gateway/pull/166
+	 * and thus removed from this book.
 	 */
-	static class SaveSessionGatewayFilterFactory
-								implements GatewayFilterFactory {
-		@Override
-		public GatewayFilter apply(Tuple args) {
-			return (exchange, chain) -> exchange.getSession()
-				.map(webSession -> {
-					log.debug("Session id: " + webSession.getId());
-					webSession.getAttributes().entrySet()
-						.forEach(entry ->
-						log.debug(entry.getKey() + " => " +
-											entry.getValue()));
-					return webSession;
-				})
-				.map(WebSession::save)
-				.then(chain.filter(exchange));
-		}
-	}
 
-	@Bean
-	SaveSessionGatewayFilterFactory saveSessionWebFilterFactory() {
-		return new SaveSessionGatewayFilterFactory();
-	}
 }
 // end::code[]

10/part1/chat/src/main/java/com/greglturnquist/learningspringboot/chat/SecurityConfiguration.java

@@ -17,8 +17,9 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
-import org.springframework.security.config.web.server.HttpSecurity;
+import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.web.server.SecurityWebFilterChain;
+import org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository;
 
 /**
  * @author Greg Turnquist
@@ -29,11 +30,15 @@ public class SecurityConfiguration {
 
 	// tag::security-filter-chain[]
 	@Bean
-	SecurityWebFilterChain springWebFilterChain(HttpSecurity http) {
+	SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) {
 		return http
 			.authorizeExchange()
-			.pathMatchers("/**").authenticated()
-			.and()
+				.pathMatchers("/**").authenticated()
+				.and()
+			.httpBasic()
+				.securityContextRepository(new WebSessionServerSecurityContextRepository())
+				.and()
+			.csrf().disable()
 			.build();
 	}
 	// end::security-filter-chain[]

10/part1/chat/src/main/java/com/greglturnquist/learningspringboot/chat/SpringDataUserDetailsRepository.java

@@ -16,18 +16,17 @@
 package com.greglturnquist.learningspringboot.chat;
 
 import reactor.core.publisher.Mono;
-import org.springframework.security.core.authority.AuthorityUtils;
+import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsRepository;
 import org.springframework.stereotype.Component;
 
 /**
  * @author Greg Turnquist
  */
 // tag::code[]
 @Component
-public class SpringDataUserDetailsRepository implements UserDetailsRepository {
+public class SpringDataUserDetailsRepository implements ReactiveUserDetailsService {
 
 	private final UserRepository repository;
 
@@ -39,11 +38,11 @@ public SpringDataUserDetailsRepository(UserRepository repository)
 	@Override
 	public Mono<UserDetails> findByUsername(String username) {
 		return repository.findByUsername(username)
-			.map(user -> new User(
-				user.getUsername(),
-				user.getPassword(),
-				AuthorityUtils.createAuthorityList(user.getRoles())
-			));
+			.map(user -> User.withDefaultPasswordEncoder()
+				.username(user.getUsername())
+				.password(user.getPassword())
+				.authorities(user.getRoles())
+				.build());
 	}
 }
 // end::code[]

10/part1/comments/build.gradle

@@ -1,8 +1,8 @@
 buildscript {
 	ext {
-		springBootVersion = '2.0.0.M5'
-		springCloudVersion = 'Finchley.M3'
-		springCloudStreamVersion = 'Elmhurst.M2'
+		springBootVersion = '2.0.0.RC1'
+		springCloudVersion = 'Finchley.M6'
+		springCloudStreamVersion = 'Elmhurst.M4'
 	}
 	repositories {
 		mavenCentral()
@@ -57,7 +57,7 @@ dependencies {
 	compile('org.springframework.cloud:spring-cloud-starter-config')
 	compile('org.projectlombok:lombok')
 
-	compile('org.springframework.boot:spring-boot-starter-security-reactive')
+	compile('org.springframework.boot:spring-boot-starter-security')
 	compile('org.springframework.session:spring-session-data-mongodb')
 
 	testCompile('org.springframework.boot:spring-boot-starter-test')

10/part1/comments/src/main/java/com/greglturnquist/learningspringboot/comments/SecurityConfiguration.java

@@ -18,9 +18,9 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
-import org.springframework.security.config.web.server.HttpSecurity;
+import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.web.server.SecurityWebFilterChain;
-import org.springframework.security.web.server.context.WebSessionSecurityContextRepository;
+import org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository;
 
 /**
  * @author Greg Turnquist
@@ -31,12 +31,13 @@
 public class SecurityConfiguration {
 
 	@Bean
-	SecurityWebFilterChain springWebFilterChain() {
-		return HttpSecurity.http()
-			.securityContextRepository(new WebSessionSecurityContextRepository())
+	SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) {
+		return http
+			.securityContextRepository(new WebSessionServerSecurityContextRepository())
 			.authorizeExchange()
-			.anyExchange().authenticated()
-			.and()
+				.anyExchange().authenticated()
+				.and()
+			.csrf().disable()
 			.build();
 	}
 }

10/part1/config-server/build.gradle

@@ -1,7 +1,7 @@
 buildscript {
 	ext {
-		springBootVersion = '2.0.0.M5'
-		springCloudVersion = 'Finchley.M3'
+		springBootVersion = '2.0.0.RC1'
+		springCloudVersion = 'Finchley.M6'
 	}
 	repositories {
 		mavenCentral()

10/part1/config-server/src/main/java/com/greglturnquist/learningspringboot/LearningSpringBootConfigServer.java

@@ -39,8 +39,8 @@ public static void main(String[] args) {
 	@Bean
 	UserDetailsService userDetailsService() {
 		return new InMemoryUserDetailsManager(
-			User
-				.withUsername("user")
+			User.withDefaultPasswordEncoder()
+				.username("user")
 				.password("password")
 				.roles("USER").build());
 	}

10/part1/eureka-server/build.gradle

@@ -1,7 +1,7 @@
 buildscript {
 	ext {
-		springBootVersion = '2.0.0.M5'
-		springCloudVersion = 'Finchley.M3'
+		springBootVersion = '2.0.0.RC1'
+		springCloudVersion = 'Finchley.M6'
 	}
 	repositories {
 		mavenCentral()