Add authorization for endpoints
This commit is contained in:
kashiuno
parent
1549abfac4
commit
e3566ec66b
@ -34,6 +34,7 @@ dependencies {
|
|||||||
testImplementation("org.springframework.security:spring-security-test")
|
testImplementation("org.springframework.security:spring-security-test")
|
||||||
testImplementation("org.testcontainers:postgresql")
|
testImplementation("org.testcontainers:postgresql")
|
||||||
testRuntimeOnly("org.junit.platform:junit-platform-launcher")
|
testRuntimeOnly("org.junit.platform:junit-platform-launcher")
|
||||||
|
implementation("org.yaml:snakeyaml")
|
||||||
}
|
}
|
||||||
|
|
||||||
kotlin {
|
kotlin {
|
||||||
|
|||||||
@ -0,0 +1,20 @@
|
|||||||
|
package ru.vyatsu.qr_access_api.config
|
||||||
|
|
||||||
|
import org.springframework.context.annotation.Bean
|
||||||
|
import org.springframework.context.annotation.Configuration
|
||||||
|
import org.springframework.security.config.Customizer
|
||||||
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity
|
||||||
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
|
||||||
|
import org.springframework.security.web.SecurityFilterChain
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
@EnableWebSecurity(debug = true)
|
||||||
|
class SecurityConfig {
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
fun defaultSecurityFilterChain(http: HttpSecurity): SecurityFilterChain {
|
||||||
|
return http.authorizeHttpRequests { it.anyRequest().authenticated() }
|
||||||
|
.oauth2ResourceServer { it.jwt(Customizer.withDefaults()) }
|
||||||
|
.build()
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -1,10 +1,12 @@
|
|||||||
package ru.vyatsu.qr_access_api.controller
|
package ru.vyatsu.qr_access_api.controller
|
||||||
|
|
||||||
import org.springframework.http.ResponseEntity
|
import org.springframework.http.ResponseEntity
|
||||||
|
import org.springframework.web.bind.annotation.RestController
|
||||||
import ru.vyatsu.apis.QrApi
|
import ru.vyatsu.apis.QrApi
|
||||||
import ru.vyatsu.models.QrCodesResponse
|
import ru.vyatsu.models.QrCodesResponse
|
||||||
import ru.vyatsu.qr_access_api.service.QrSyncService
|
import ru.vyatsu.qr_access_api.service.QrSyncService
|
||||||
|
|
||||||
|
@RestController
|
||||||
class QrSyncController(val syncService: QrSyncService) : QrApi {
|
class QrSyncController(val syncService: QrSyncService) : QrApi {
|
||||||
|
|
||||||
override fun getQrCodes(): ResponseEntity<QrCodesResponse> =
|
override fun getQrCodes(): ResponseEntity<QrCodesResponse> =
|
||||||
|
|||||||
@ -1,4 +0,0 @@
|
|||||||
spring.application.name=qr-access-api
|
|
||||||
spring.datasource.url=jdbc:postgresql://localhost:5432/qr_access
|
|
||||||
spring.datasource.username=qr_access_user
|
|
||||||
spring.datasource.password=123
|
|
||||||
12
src/main/resources/application.yaml
Normal file
12
src/main/resources/application.yaml
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
spring:
|
||||||
|
application:
|
||||||
|
name: qr-access-api
|
||||||
|
datasource:
|
||||||
|
url: jdbc:postgresql://localhost:5432/qr_access
|
||||||
|
username: qr_access_user
|
||||||
|
password: 123
|
||||||
|
security:
|
||||||
|
oauth2:
|
||||||
|
resourceserver:
|
||||||
|
jwt:
|
||||||
|
jwk-set-uri: http://localhost:8081/oauth2/jwks
|
||||||
Loading…
Reference in New Issue
Block a user