|
|
- package ru.digitalbanana.demoresourceserver.config;
-
- import org.springframework.context.annotation.Configuration;
- import org.springframework.http.HttpMethod;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-
- @Configuration
- public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
-
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.cors()
- .and()
- .authorizeRequests()
- .antMatchers(HttpMethod.GET, "/userinfo", "/user/**")
- .authenticated()
- // .hasAuthority("SCOPE_web-api")
- .anyRequest()
- .authenticated()
- .and()
- .oauth2ResourceServer()
- .jwt();
- }
- }
|