Spring Security Simplify Request Authorization Path Extraction

authorizeHttpRequests does not have direct expression support, this can create a slight issue when migrating expressions like the following:

.mvcMatchers("/resource/{id}").access("#id == authentication.name")

While it can be migrated using WebExpressionAuthorizationManager like so:

.mvcMatchers("/resource/{id}").access(new WebExpressionAuthorizationManager("#id == authentication.name"))

it would be nice to have something programmatic that does not require SpEL.

One way to do this already is a custom AuthorizationManager like this one:

.mvcMatchers("/resource/{id}").access((authentication, object) -> {
    String value = object.getVariables().get("id");
    return new AuthorizationDecision(authentication.get().getName().equals(value));
})

But this isn't as idiomatic as other Spring Security expressions like hasAuthority.

A possible improvement is:

.mvcMatchers("/resource/{id}").access(variable("id").isEqualTo(Authentication::getName))

Or another would be:

.mvcMatchers("/resource/{id}").hasVariable("id").equalTo(Authentication::getName)