22
33import engineering .everest .starterkit .security .ApplicationUserDetailsService ;
44import org .springframework .beans .factory .annotation .Autowired ;
5+ import org .springframework .beans .factory .annotation .Value ;
56import org .springframework .context .annotation .Configuration ;
67import org .springframework .core .annotation .Order ;
78import org .springframework .security .config .annotation .web .builders .HttpSecurity ;
2122@ EnableResourceServer
2223public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
2324
24- private static final String ADMIN_API = "/admin/**" ;
25- private static final String SPRING_ACTUATOR_API = "/actuator/**" ;
26- private static final String APP_API = "/api/**" ;
27- private static final String SPRING_ACTUATOR_PROM_API = "/actuator/prometheus/**" ;
28- private static final String CATCH_ALL_PATH = "/**" ;
29- private static final String ORGANIZATIONS_REGISTER_API = "/api/organizations/register/**" ;
30- private static final String ORGANIZATIONS_REGISTER_CONFIRM_API = "/api/organizations/**/register/**" ;
31- private static final String VERSION_API = "/api/version" ;
32- private static final String SPRING_ACTUATOR_HEALTH_API = "/actuator/health/**" ;
33- private static final String GUEST_API = "/api/guest" ;
34- private static final String SWAGGER_API_DOCUMENTATION = "/api/doc/**" ;
35- private static final String SWAGGER_UI = "/swagger-ui/**" ;
36- private static final String SWAGGER_RESOURCES = "/swagger-resources/**" ;
37-
38- private static final String [] ADMIN_USERS_PATHS = {
39- ADMIN_API ,
40- SPRING_ACTUATOR_API
41- };
42- private static final String [] AUTHENTICATED_USER_PATHS = {
43- APP_API ,
44- SPRING_ACTUATOR_PROM_API ,
45- CATCH_ALL_PATH
46- };
47- private static final String [] ANONYMOUS_USER_PATHS = {
48- ORGANIZATIONS_REGISTER_API ,
49- ORGANIZATIONS_REGISTER_CONFIRM_API ,
50- VERSION_API ,
51- SPRING_ACTUATOR_HEALTH_API ,
52- GUEST_API ,
53- SWAGGER_API_DOCUMENTATION ,
54- SWAGGER_UI ,
55- SWAGGER_RESOURCES
56- };
25+ private final String [] anonymousUserAntPaths ;
26+ private final String [] authenticatedUserAntPaths ;
27+ private final String [] adminUserAntPaths ;
5728
5829 private final JwtAccessTokenConverter jwtAccessTokenConverter ;
5930
6031 @ Autowired
6132 public ResourceServerConfig (JwtAccessTokenConverter jwtAccessTokenConverter ,
62- ApplicationUserDetailsService userDetailsService ) {
33+ ApplicationUserDetailsService userDetailsService ,
34+ @ Value ("${application.security.endpoint.matchers.anonymous}" ) String [] anonymousUserAntPaths ,
35+ @ Value ("${application.security.endpoint.matchers.authenticated}" ) String [] authenticatedUserAntPaths ,
36+ @ Value ("${application.security.endpoint.matchers.admin}" ) String [] adminUserAntPaths ) {
6337 super ();
6438 var defaultUserAuthenticationConverter = new DefaultUserAuthenticationConverter ();
6539 defaultUserAuthenticationConverter .setUserDetailsService (userDetailsService );
6640 var accessTokenConverter = (DefaultAccessTokenConverter ) jwtAccessTokenConverter .getAccessTokenConverter ();
6741 accessTokenConverter .setUserTokenConverter (defaultUserAuthenticationConverter );
6842 this .jwtAccessTokenConverter = jwtAccessTokenConverter ;
43+ this .anonymousUserAntPaths = anonymousUserAntPaths ;
44+ this .authenticatedUserAntPaths = authenticatedUserAntPaths ;
45+ this .adminUserAntPaths = adminUserAntPaths ;
6946 }
7047
7148 @ Override
@@ -79,8 +56,8 @@ public void configure(HttpSecurity http) throws Exception {
7956 .csrf ().disable ()
8057 .sessionManagement ().sessionCreationPolicy (STATELESS ).and ()
8158 .authorizeRequests (request ->
82- request .antMatchers (ANONYMOUS_USER_PATHS ).access ("permitAll" )
83- .antMatchers (ADMIN_USERS_PATHS ).access ("hasRole('ADMIN')" )
84- .antMatchers (AUTHENTICATED_USER_PATHS ).access ("authenticated" ));
59+ request .antMatchers (anonymousUserAntPaths ).access ("permitAll" )
60+ .antMatchers (adminUserAntPaths ).access ("hasRole('ADMIN')" )
61+ .antMatchers (authenticatedUserAntPaths ).access ("authenticated" ));
8562 }
8663}
0 commit comments