1 package org.petify.shelter.config;
2
3 import org.springframework.context.annotation.Bean;
4 import org.springframework.context.annotation.Configuration;
5 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
6 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
7 import org.springframework.security.config.http.SessionCreationPolicy;
8 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
9 import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
10 import org.springframework.security.web.SecurityFilterChain;
11
12 @Configuration
13 public class JwtSecurityConfig {
14
15 @Bean
16 public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
17 http
18 .csrf(AbstractHttpConfigurer::disable)
19 .authorizeHttpRequests(auth -> auth
20 .requestMatchers("/shelters/**").permitAll()
21 .requestMatchers("/pets/**").permitAll()
22 .requestMatchers("/adoptions/**").permitAll()
23 .requestMatchers(
24 "/swagger-ui.html",
25 "/swagger-ui/**",
26 "/v3/api-docs",
27 "/v3/api-docs/**",
28 "/actuator/health"
29 ).permitAll()
30 )
31 .sessionManagement(session -> session
32 .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
33 )
34 .oauth2ResourceServer(oauth2 -> oauth2
35 .jwt(jwt -> jwt
36 .jwtAuthenticationConverter(jwtAuthenticationConverter())
37 )
38 );
39 return http.build();
40 }
41
42 @Bean
43 public JwtAuthenticationConverter jwtAuthenticationConverter() {
44 JwtGrantedAuthoritiesConverter grantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
45 grantedAuthoritiesConverter.setAuthorityPrefix("ROLE_");
46 grantedAuthoritiesConverter.setAuthoritiesClaimName("roles");
47
48 JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
49 jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(grantedAuthoritiesConverter);
50 return jwtAuthenticationConverter;
51 }
52 }