| 123456789101112131415161718192021222324252627282930313233343536373839404142434445 |
- /*
- * Copyright 2002-2019 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- package sample;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
- import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
- import static org.springframework.security.config.Customizer.withDefaults;
- /**
- * @author Josh Cummings
- */
- @EnableWebSecurity
- public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfigurerAdapter {
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- // @formatter:off
- http
- .authorizeRequests(authorizeRequests ->
- authorizeRequests
- .antMatchers("/message/**").hasAuthority("SCOPE_message:read")
- .anyRequest().authenticated()
- )
- .oauth2ResourceServer(oauth2ResourceServer ->
- oauth2ResourceServer
- .jwt(withDefaults())
- );
- // @formatter:on
- }
- }
|
