JAVA-29301: minor change to spring-security-saml2 (#15862)

harry9656 · web-flow · commit 9a7e33f5df8d · 2024-02-12T17:09:26.000+01:00
diff --git a/spring-security-modules/spring-security-saml2/src/main/java/com/baeldung/saml/SecurityConfig.java b/spring-security-modules/spring-security-saml2/src/main/java/com/baeldung/saml/SecurityConfig.java
@@ -2,7 +2,6 @@
 
 import static org.springframework.security.config.Customizer.withDefaults;
 
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -13,26 +12,30 @@
 import org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver;
 import org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter;
 import org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter;
-import org.springframework.security.web.DefaultSecurityFilterChain;
 import org.springframework.security.web.SecurityFilterChain;
 
 @Configuration
 @EnableWebSecurity
 public class SecurityConfig {
-    
-    @Autowired
-    private RelyingPartyRegistrationRepository relyingPartyRegistrationRepository;
+
+    private final RelyingPartyRegistrationRepository relyingPartyRegistrationRepository;
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        DefaultRelyingPartyRegistrationResolver relyingPartyRegistrationResolver = new DefaultRelyingPartyRegistrationResolver(this.relyingPartyRegistrationRepository);
+        DefaultRelyingPartyRegistrationResolver relyingPartyRegistrationResolver = new DefaultRelyingPartyRegistrationResolver(
+            this.relyingPartyRegistrationRepository);
         Saml2MetadataFilter filter = new Saml2MetadataFilter(relyingPartyRegistrationResolver, new OpenSamlMetadataResolver());
 
-        http.csrf(AbstractHttpConfigurer::disable).authorizeHttpRequests(authorize -> authorize.anyRequest().authenticated())
-          .saml2Login(withDefaults())
-          .saml2Logout(withDefaults())
-          .addFilterBefore(filter, Saml2WebSsoAuthenticationFilter.class);
-        DefaultSecurityFilterChain chain = http.build();
-        return chain;
+        http.csrf(AbstractHttpConfigurer::disable)
+            .authorizeHttpRequests(authorize -> authorize.anyRequest()
+                .authenticated())
+            .saml2Login(withDefaults())
+            .saml2Logout(withDefaults())
+            .addFilterBefore(filter, Saml2WebSsoAuthenticationFilter.class);
+        return http.build();
+    }
+
+    public SecurityConfig(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository) {
+        this.relyingPartyRegistrationRepository = relyingPartyRegistrationRepository;
     }
 }
