1 package org.petify.feed.config;
2
3 import org.springframework.context.annotation.Bean;
4 import org.springframework.context.annotation.Configuration;
5 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
6 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
7 import org.springframework.security.config.http.SessionCreationPolicy;
8 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
9 import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
10 import org.springframework.security.web.SecurityFilterChain;
11
12 @Configuration
13 public class JwtSecurityConfig {
14
15 @Bean
16 public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
17 http
18 .csrf(AbstractHttpConfigurer::disable)
19 .authorizeHttpRequests(auth -> auth
20 .requestMatchers("/posts/**").permitAll()
21 .requestMatchers("/events/**").permitAll()
22 .requestMatchers(
23 "/swagger-ui.html",
24 "/swagger-ui/**",
25 "/v3/api-docs",
26 "/v3/api-docs/**",
27 "/actuator/health"
28 ).permitAll()
29 )
30 .sessionManagement(session -> session
31 .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
32 )
33 .oauth2ResourceServer(oauth2 -> oauth2
34 .jwt(jwt -> jwt
35 .jwtAuthenticationConverter(jwtAuthenticationConverter())
36 )
37 );
38 return http.build();
39 }
40
41 @Bean
42 public JwtAuthenticationConverter jwtAuthenticationConverter() {
43 JwtGrantedAuthoritiesConverter grantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
44 grantedAuthoritiesConverter.setAuthorityPrefix("ROLE_");
45 grantedAuthoritiesConverter.setAuthoritiesClaimName("roles");
46
47 JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
48 jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(grantedAuthoritiesConverter);
49 return jwtAuthenticationConverter;
50 }
51 }