68 lines
3.0 KiB
Java
Executable File
68 lines
3.0 KiB
Java
Executable File
package com.plannaplan.security;
|
|
|
|
import org.springframework.context.annotation.Bean;
|
|
import org.springframework.context.annotation.Configuration;
|
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
|
import org.springframework.security.web.AuthenticationEntryPoint;
|
|
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|
import org.springframework.security.web.util.matcher.OrRequestMatcher;
|
|
import org.springframework.security.web.util.matcher.RequestMatcher;
|
|
import org.springframework.http.HttpStatus;
|
|
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
|
|
import org.springframework.security.web.authentication.HttpStatusEntryPoint;
|
|
|
|
@Configuration
|
|
@EnableWebSecurity
|
|
|
|
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
|
|
|
private static final RequestMatcher PROTECTED_URLS = new OrRequestMatcher(new AntPathRequestMatcher("/api/**"));
|
|
|
|
AuthenticationProvider provider;
|
|
|
|
public WebSecurityConfig(final AuthenticationProvider authenticationProvider) {
|
|
super();
|
|
this.provider = authenticationProvider;
|
|
}
|
|
|
|
@Override
|
|
protected void configure(final AuthenticationManagerBuilder auth) {
|
|
auth.authenticationProvider(provider);
|
|
}
|
|
|
|
@Override
|
|
public void configure(final WebSecurity webSecurity) {
|
|
webSecurity.ignoring().antMatchers("/token**").antMatchers("/token/refresh**")
|
|
.antMatchers("/api/v1/courses/all").antMatchers("/api/v1/groups/course/{id}")
|
|
.antMatchers("/v2/api-docs", "/configuration/ui", "/swagger-resources/**", "/configuration/security",
|
|
"/swagger-ui.html", "/webjars/**");
|
|
}
|
|
|
|
@Override
|
|
protected void configure(HttpSecurity http) throws Exception {
|
|
http.csrf().disable().cors().and().formLogin().disable().httpBasic().disable().logout().disable()
|
|
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().exceptionHandling()
|
|
.and().authenticationProvider(provider)
|
|
.addFilterBefore(authenticationFilter(), AnonymousAuthenticationFilter.class).authorizeRequests()
|
|
.anyRequest().authenticated();
|
|
|
|
}
|
|
|
|
AuthenticationFilter authenticationFilter() throws Exception {
|
|
final AuthenticationFilter filter = new AuthenticationFilter(PROTECTED_URLS);
|
|
filter.setAuthenticationManager(authenticationManager());
|
|
return filter;
|
|
}
|
|
|
|
@Bean
|
|
AuthenticationEntryPoint forbiddenEntryPoint() {
|
|
return new HttpStatusEntryPoint(HttpStatus.FORBIDDEN);
|
|
}
|
|
|
|
}
|