sbueringer/SecurityConfig.kt

## SecurityConfig.kt
// With a little bit of Kotlin magic
class WebSecurityConfig(val jwtValidator: JWTValidator) : WebSecurityConfigurerAdapter() {
    override fun configure(http: HttpSecurity) = http {
        matchRequests { !EndpointRequest.toAnyEndpoint() }
        disable { csrf() }
        disable { cors() }
        authorizeRequests {
            authenticate { anyRequest() }
        }
        addFilterBefore(JWTFilter(jwtValidator), UsernamePasswordAuthenticationFilter::class.java)
    }
}

// Instead of
class WebSecurityConfig(val jwtValidator: JWTValidator) : WebSecurityConfigurerAdapter() {
    override fun configure(http: HttpSecurity) {
        http.requestMatcher(NegatedRequestMatcher(EndpointRequest.toAnyEndpoint()))
                .csrf().disable()
                .cors().disable()
                .authorizeRequests().anyRequest().authenticated()
                .and()
                .addFilterBefore(JWTFilter(jwtValidator), UsernamePasswordAuthenticationFilter::class.java)
    }
}

// Kotlin functions:
operator fun RequestMatcher.not() = NegatedRequestMatcher(this)

fun HttpSecurity.matchRequests(r: () -> RequestMatcher) = requestMatcher(r())

fun <T : AbstractHttpConfigurer<T, B>, B : HttpSecurityBuilder<B>> disable(r: () -> AbstractHttpConfigurer<T, B>) = r().disable()

fun authenticate(r: () -> ExpressionUrlAuthorizationConfigurer<HttpSecurity>.AuthorizedUrl) = r().authenticated()

fun HttpSecurity.authorizeRequests(body: ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry.() -> Unit) = authorizeRequests().body()

operator fun HttpSecurity.invoke(body: HttpSecurity.() -> Unit) = body()

operator fun ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry.invoke(body: ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry.() -> Unit) = this.body()
	// With a little bit of Kotlin magic
	class WebSecurityConfig(val jwtValidator: JWTValidator) : WebSecurityConfigurerAdapter() {
	override fun configure(http: HttpSecurity) = http {
	matchRequests { !EndpointRequest.toAnyEndpoint() }
	disable { csrf() }
	disable { cors() }
	authorizeRequests {
	authenticate { anyRequest() }
	}
	addFilterBefore(JWTFilter(jwtValidator), UsernamePasswordAuthenticationFilter::class.java)
	}
	}

	// Instead of
	class WebSecurityConfig(val jwtValidator: JWTValidator) : WebSecurityConfigurerAdapter() {
	override fun configure(http: HttpSecurity) {
	http.requestMatcher(NegatedRequestMatcher(EndpointRequest.toAnyEndpoint()))
	.csrf().disable()
	.cors().disable()
	.authorizeRequests().anyRequest().authenticated()
	.and()
	.addFilterBefore(JWTFilter(jwtValidator), UsernamePasswordAuthenticationFilter::class.java)
	}
	}

	// Kotlin functions:
	operator fun RequestMatcher.not() = NegatedRequestMatcher(this)

	fun HttpSecurity.matchRequests(r: () -> RequestMatcher) = requestMatcher(r())

	fun <T : AbstractHttpConfigurer<T, B>, B : HttpSecurityBuilder<B>> disable(r: () -> AbstractHttpConfigurer<T, B>) = r().disable()

	fun authenticate(r: () -> ExpressionUrlAuthorizationConfigurer<HttpSecurity>.AuthorizedUrl) = r().authenticated()

	fun HttpSecurity.authorizeRequests(body: ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry.() -> Unit) = authorizeRequests().body()

	operator fun HttpSecurity.invoke(body: HttpSecurity.() -> Unit) = body()

	operator fun ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry.invoke(body: ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry.() -> Unit) = this.body()