• Home
• io.gitlab.simpay-artefactory.payu
• ms-auth-client
• 0.0.18
• source code
• SecurityConfig.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.payu.auth.client.configuration.security.SecurityConfig Maven / Gradle / Ivy

package com.payu.auth.client.configuration.security;

import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
import org.springframework.security.web.SecurityFilterChain;

/** Paramètres de configuration de la sécurité du module. */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true, jsr250Enabled = true, prePostEnabled = true)
@RequiredArgsConstructor
@ComponentScan("com.payu")
public class SecurityConfig {

  private static final String[] WHITE_LIST = {
    "/eureka/**",
    "/actuator/health/**",
    "/actuator/info/**",
    "/actuator/**",
    "/swagger-ui.html",
    "/swagger-ui/**",
    "/v3/api-docs/**",
    "/v3/api-docs/auth",
    "/v3/api-docs/ms-auth",
    "/webjars/**",
    "/swagger-resources/**",
    "favicon.ico",
    "/api/auth/**"
  };

  private final FirebaseJwtRolesConverter firebaseJwtRolesConverter;

  @Bean
  public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
    http.csrf(AbstractHttpConfigurer::disable);
    http.headers(hsConfig -> hsConfig.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable));
    http.authorizeHttpRequests(
            authz ->
                authz
                    .requestMatchers(WHITE_LIST)
                    .permitAll()
                    .requestMatchers(HttpMethod.GET, "/api/repas/**")
                    .permitAll()
                    .requestMatchers(HttpMethod.GET, "/api/menu/**")
                    .permitAll()
                    .requestMatchers(HttpMethod.GET, "/api/nutritionalValue/**")
                    .permitAll()
                    .requestMatchers(HttpMethod.GET, "/api/cookingStep/**")
                    .permitAll()
                    .requestMatchers(HttpMethod.GET, "/api/ingredient/**")
                    .permitAll()
                    .requestMatchers(HttpMethod.GET, "/api/partner/**")
                    .permitAll()
                    .requestMatchers(HttpMethod.GET, "/api/country/**")
                    .permitAll()
                    .anyRequest()
                    .authenticated())
        .oauth2ResourceServer(
            oauth2 ->
                oauth2.jwt(jwtc -> jwtc.jwtAuthenticationConverter(firebaseJwtRolesConverter)));

    return http.build();
  }

  @Bean
  public WebSecurityCustomizer webSecurityCustomizer() {
    return (web) -> web.ignoring().requestMatchers("/v3/api-docs/**");
  }
}