From 6b4cce5db2a47707b65eafbcb449fa39fcee7627 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=98=BF=E6=B2=90?= <babamu@126.com>
Date: Fri, 16 Jun 2023 13:26:05 +0800
Subject: [PATCH] =?UTF-8?q?=E9=80=82=E9=85=8Dspringsecurity6.1?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../net/maku/framework/security/config/SecurityConfig.java  | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/maku-framework/src/main/java/net/maku/framework/security/config/SecurityConfig.java b/maku-framework/src/main/java/net/maku/framework/security/config/SecurityConfig.java
index 8dd497d..86c9c22 100644
--- a/maku-framework/src/main/java/net/maku/framework/security/config/SecurityConfig.java
+++ b/maku-framework/src/main/java/net/maku/framework/security/config/SecurityConfig.java
@@ -18,6 +18,7 @@ import org.springframework.security.config.annotation.method.configuration.Enabl
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.password.PasswordEncoder;
@@ -81,17 +82,17 @@ public class SecurityConfig {
 
         http
                 .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
-                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
-                .and().authorizeHttpRequests(auth -> auth
+                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+                .authorizeHttpRequests(auth -> auth
                         .requestMatchers(permits).permitAll()
                         .requestMatchers(HttpMethod.OPTIONS).permitAll()
                         .anyRequest().authenticated()
                 )
-                .exceptionHandling().authenticationEntryPoint(new SecurityAuthenticationEntryPoint())
-                .and().headers().frameOptions().disable()
-                .and().csrf(AbstractHttpConfigurer::disable)
+                .exceptionHandling(exception -> exception.authenticationEntryPoint(new SecurityAuthenticationEntryPoint()))
+                .headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable))
+                .csrf(AbstractHttpConfigurer::disable)
         ;
-
+        
         return http.build();
     }
 }