1 package org.petify.image.config;
2
3 import org.springframework.context.annotation.Bean;
4 import org.springframework.context.annotation.Configuration;
5 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
6 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
7 import org.springframework.security.config.http.SessionCreationPolicy;
8 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
9 import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
10 import org.springframework.security.web.SecurityFilterChain;
11
12 @Configuration
13 public class JwtSecurityConfig {
14
15 @Bean
16 public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
17 http
18 .csrf(AbstractHttpConfigurer::disable)
19 .authorizeHttpRequests(auth -> auth
20 .requestMatchers("/images/**").permitAll()
21 .requestMatchers(
22 "/swagger-ui.html",
23 "/swagger-ui/**",
24 "/v3/api-docs",
25 "/v3/api-docs/**",
26 "/actuator/health"
27 ).permitAll()
28 )
29 .sessionManagement(session -> session
30 .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
31 )
32 .oauth2ResourceServer(oauth2 -> oauth2
33 .jwt(jwt -> jwt
34 .jwtAuthenticationConverter(jwtAuthenticationConverter())
35 )
36 );
37 return http.build();
38 }
39
40 @Bean
41 public JwtAuthenticationConverter jwtAuthenticationConverter() {
42 JwtGrantedAuthoritiesConverter grantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
43 grantedAuthoritiesConverter.setAuthorityPrefix("ROLE_");
44 grantedAuthoritiesConverter.setAuthoritiesClaimName("roles");
45
46 JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
47 jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(grantedAuthoritiesConverter);
48 return jwtAuthenticationConverter;
49 }
50 }