Add authorization for endpoints

2025-01-08 09:17:04 +03:00 · 2025-01-08 09:17:04 +03:00 · e3566ec66b
commit e3566ec66b
parent 1549abfac4
5 changed files with 35 additions and 4 deletions
--- a/build.gradle.kts
+++ b/build.gradle.kts
@ -34,6 +34,7 @@ dependencies {
 	testImplementation("org.springframework.security:spring-security-test")
 	testImplementation("org.testcontainers:postgresql")
 	testRuntimeOnly("org.junit.platform:junit-platform-launcher")
+	implementation("org.yaml:snakeyaml")
 }

 kotlin {
--- a/src/main/kotlin/ru/vyatsu/qr_access_api/config/SecurityConfig.kt
+++ b/src/main/kotlin/ru/vyatsu/qr_access_api/config/SecurityConfig.kt
@ -0,0 +1,20 @@
+package ru.vyatsu.qr_access_api.config
+
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.security.config.Customizer
+import org.springframework.security.config.annotation.web.builders.HttpSecurity
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
+import org.springframework.security.web.SecurityFilterChain
+
+@Configuration
+@EnableWebSecurity(debug = true)
+class SecurityConfig {
+
+    @Bean
+    fun defaultSecurityFilterChain(http: HttpSecurity): SecurityFilterChain {
+        return http.authorizeHttpRequests { it.anyRequest().authenticated() }
+            .oauth2ResourceServer { it.jwt(Customizer.withDefaults()) }
+            .build()
+    }
+}
--- a/src/main/kotlin/ru/vyatsu/qr_access_api/controller/QrSyncController.kt
+++ b/src/main/kotlin/ru/vyatsu/qr_access_api/controller/QrSyncController.kt
@ -1,10 +1,12 @@
 package ru.vyatsu.qr_access_api.controller

 import org.springframework.http.ResponseEntity
+import org.springframework.web.bind.annotation.RestController
 import ru.vyatsu.apis.QrApi
 import ru.vyatsu.models.QrCodesResponse
 import ru.vyatsu.qr_access_api.service.QrSyncService

+@RestController
 class QrSyncController(val syncService: QrSyncService) : QrApi {

    override fun getQrCodes(): ResponseEntity<QrCodesResponse> =
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@ -1,4 +0,0 @@
-spring.application.name=qr-access-api
-spring.datasource.url=jdbc:postgresql://localhost:5432/qr_access
-spring.datasource.username=qr_access_user
-spring.datasource.password=123
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@ -0,0 +1,12 @@
+spring:
+  application:
+    name: qr-access-api
+  datasource:
+    url: jdbc:postgresql://localhost:5432/qr_access
+    username: qr_access_user
+    password: 123
+  security:
+    oauth2:
+      resourceserver:
+        jwt:
+          jwk-set-uri: http://localhost:8081/oauth2/jwks