From e3566ec66bb7730ccf067797e6c9d235d5dc2b65 Mon Sep 17 00:00:00 2001 From: kashiuno Date: Wed, 8 Jan 2025 09:17:04 +0300 Subject: [PATCH] Add authorization for endpoints --- build.gradle.kts | 1 + .../qr_access_api/config/SecurityConfig.kt | 20 +++++++++++++++++++ .../controller/QrSyncController.kt | 2 ++ src/main/resources/application.properties | 4 ---- src/main/resources/application.yaml | 12 +++++++++++ 5 files changed, 35 insertions(+), 4 deletions(-) create mode 100644 src/main/kotlin/ru/vyatsu/qr_access_api/config/SecurityConfig.kt delete mode 100644 src/main/resources/application.properties create mode 100644 src/main/resources/application.yaml diff --git a/build.gradle.kts b/build.gradle.kts index 04baaba..aabe020 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -34,6 +34,7 @@ dependencies { testImplementation("org.springframework.security:spring-security-test") testImplementation("org.testcontainers:postgresql") testRuntimeOnly("org.junit.platform:junit-platform-launcher") + implementation("org.yaml:snakeyaml") } kotlin { diff --git a/src/main/kotlin/ru/vyatsu/qr_access_api/config/SecurityConfig.kt b/src/main/kotlin/ru/vyatsu/qr_access_api/config/SecurityConfig.kt new file mode 100644 index 0000000..60476bf --- /dev/null +++ b/src/main/kotlin/ru/vyatsu/qr_access_api/config/SecurityConfig.kt @@ -0,0 +1,20 @@ +package ru.vyatsu.qr_access_api.config + +import org.springframework.context.annotation.Bean +import org.springframework.context.annotation.Configuration +import org.springframework.security.config.Customizer +import org.springframework.security.config.annotation.web.builders.HttpSecurity +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity +import org.springframework.security.web.SecurityFilterChain + +@Configuration +@EnableWebSecurity(debug = true) +class SecurityConfig { + + @Bean + fun defaultSecurityFilterChain(http: HttpSecurity): SecurityFilterChain { + return http.authorizeHttpRequests { it.anyRequest().authenticated() } + .oauth2ResourceServer { it.jwt(Customizer.withDefaults()) } + .build() + } +} \ No newline at end of file diff --git a/src/main/kotlin/ru/vyatsu/qr_access_api/controller/QrSyncController.kt b/src/main/kotlin/ru/vyatsu/qr_access_api/controller/QrSyncController.kt index 9145413..e14467b 100644 --- a/src/main/kotlin/ru/vyatsu/qr_access_api/controller/QrSyncController.kt +++ b/src/main/kotlin/ru/vyatsu/qr_access_api/controller/QrSyncController.kt @@ -1,10 +1,12 @@ package ru.vyatsu.qr_access_api.controller import org.springframework.http.ResponseEntity +import org.springframework.web.bind.annotation.RestController import ru.vyatsu.apis.QrApi import ru.vyatsu.models.QrCodesResponse import ru.vyatsu.qr_access_api.service.QrSyncService +@RestController class QrSyncController(val syncService: QrSyncService) : QrApi { override fun getQrCodes(): ResponseEntity = diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties deleted file mode 100644 index b35f27a..0000000 --- a/src/main/resources/application.properties +++ /dev/null @@ -1,4 +0,0 @@ -spring.application.name=qr-access-api -spring.datasource.url=jdbc:postgresql://localhost:5432/qr_access -spring.datasource.username=qr_access_user -spring.datasource.password=123 \ No newline at end of file diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml new file mode 100644 index 0000000..bdd4d26 --- /dev/null +++ b/src/main/resources/application.yaml @@ -0,0 +1,12 @@ +spring: + application: + name: qr-access-api + datasource: + url: jdbc:postgresql://localhost:5432/qr_access + username: qr_access_user + password: 123 + security: + oauth2: + resourceserver: + jwt: + jwk-set-uri: http://localhost:8081/oauth2/jwks \ No newline at end of file