| 1234567891011121314151617181920212223242526272829303132333435363738394041424344 |
- /*
- * Copyright 2020-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- package sample.config;
- import org.springframework.context.annotation.Bean;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
- import org.springframework.security.web.SecurityFilterChain;
- /**
- * @author Joe Grandja
- * @since 0.0.1
- */
- @EnableWebSecurity
- public class ResourceServerConfig {
- // @formatter:off
- @Bean
- SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
- http
- .mvcMatcher("/messages/**")
- .authorizeRequests()
- .mvcMatchers("/messages/**").access("hasAuthority('SCOPE_message.read')")
- .and()
- .oauth2ResourceServer()
- .jwt();
- return http.build();
- }
- // @formatter:on
- }
|
