spotless
This commit is contained in:
@@ -3,7 +3,6 @@ package com.kamco.cd.training.config;
|
|||||||
import com.kamco.cd.training.auth.CustomAuthenticationProvider;
|
import com.kamco.cd.training.auth.CustomAuthenticationProvider;
|
||||||
import com.kamco.cd.training.auth.JwtAuthenticationFilter;
|
import com.kamco.cd.training.auth.JwtAuthenticationFilter;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.http.HttpMethod;
|
import org.springframework.http.HttpMethod;
|
||||||
@@ -26,78 +25,77 @@ import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
|||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
public class SecurityConfig {
|
public class SecurityConfig {
|
||||||
|
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public SecurityFilterChain securityFilterChain(
|
public SecurityFilterChain securityFilterChain(
|
||||||
org.springframework.security.config.annotation.web.builders.HttpSecurity http,
|
org.springframework.security.config.annotation.web.builders.HttpSecurity http,
|
||||||
JwtAuthenticationFilter jwtAuthenticationFilter,
|
JwtAuthenticationFilter jwtAuthenticationFilter,
|
||||||
CustomAuthenticationProvider customAuthenticationProvider)
|
CustomAuthenticationProvider customAuthenticationProvider)
|
||||||
throws Exception {
|
throws Exception {
|
||||||
|
|
||||||
http.cors(cors -> cors.configurationSource(corsConfigurationSource()))
|
http.cors(cors -> cors.configurationSource(corsConfigurationSource()))
|
||||||
.csrf(csrf -> csrf.disable())
|
.csrf(csrf -> csrf.disable())
|
||||||
.sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
.sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
||||||
.formLogin(form -> form.disable())
|
.formLogin(form -> form.disable())
|
||||||
|
|
||||||
// /monitor 에서 Basic 인증을 쓰려면 disable 하면 안됨
|
// /monitor 에서 Basic 인증을 쓰려면 disable 하면 안됨
|
||||||
.httpBasic(basic -> {})
|
.httpBasic(basic -> {})
|
||||||
.logout(logout -> logout.disable())
|
.logout(logout -> logout.disable())
|
||||||
.authenticationProvider(customAuthenticationProvider)
|
.authenticationProvider(customAuthenticationProvider)
|
||||||
.authorizeHttpRequests(
|
.authorizeHttpRequests(
|
||||||
auth ->
|
auth ->
|
||||||
auth
|
auth
|
||||||
|
|
||||||
// monitor
|
// monitor
|
||||||
.requestMatchers("/monitor/health", "/monitor/health/**")
|
.requestMatchers("/monitor/health", "/monitor/health/**")
|
||||||
.permitAll()
|
.permitAll()
|
||||||
.requestMatchers("/monitor/**")
|
.requestMatchers("/monitor/**")
|
||||||
.authenticated() // Basic으로 인증되게끔
|
.authenticated() // Basic으로 인증되게끔
|
||||||
|
|
||||||
// mapsheet
|
// mapsheet
|
||||||
.requestMatchers("/api/mapsheet/**")
|
.requestMatchers("/api/mapsheet/**")
|
||||||
.permitAll()
|
.permitAll()
|
||||||
.requestMatchers(HttpMethod.POST, "/api/mapsheet/upload")
|
.requestMatchers(HttpMethod.POST, "/api/mapsheet/upload")
|
||||||
.permitAll()
|
.permitAll()
|
||||||
|
|
||||||
// test role
|
// test role
|
||||||
.requestMatchers("/api/test/admin")
|
.requestMatchers("/api/test/admin")
|
||||||
.hasRole("ADMIN")
|
.hasRole("ADMIN")
|
||||||
.requestMatchers("/api/test/label")
|
.requestMatchers("/api/test/label")
|
||||||
.hasAnyRole("ADMIN", "LABELER")
|
.hasAnyRole("ADMIN", "LABELER")
|
||||||
.requestMatchers("/api/test/review")
|
.requestMatchers("/api/test/review")
|
||||||
.hasAnyRole("ADMIN", "REVIEWER")
|
.hasAnyRole("ADMIN", "REVIEWER")
|
||||||
|
|
||||||
// common permit
|
// common permit
|
||||||
.requestMatchers("/error")
|
.requestMatchers("/error")
|
||||||
.permitAll()
|
.permitAll()
|
||||||
.requestMatchers(HttpMethod.OPTIONS, "/**")
|
.requestMatchers(HttpMethod.OPTIONS, "/**")
|
||||||
.permitAll()
|
.permitAll()
|
||||||
.requestMatchers(
|
.requestMatchers(
|
||||||
"/api/auth/signin",
|
"/api/auth/signin",
|
||||||
"/api/auth/refresh",
|
"/api/auth/refresh",
|
||||||
"/api/auth/logout",
|
"/api/auth/logout",
|
||||||
"/swagger-ui/**",
|
"/swagger-ui/**",
|
||||||
"/v3/api-docs/**",
|
"/v3/api-docs/**",
|
||||||
"/api/upload/chunk-upload-dataset",
|
"/api/upload/chunk-upload-dataset",
|
||||||
"/api/upload/chunk-upload-complete",
|
"/api/upload/chunk-upload-complete",
|
||||||
"/download_progress_test.html",
|
"/download_progress_test.html",
|
||||||
"/api/models/download/**")
|
"/api/models/download/**")
|
||||||
.permitAll()
|
.permitAll()
|
||||||
.requestMatchers("/api/members/*/password")
|
.requestMatchers("/api/members/*/password")
|
||||||
.authenticated()
|
.authenticated()
|
||||||
// default
|
// default
|
||||||
.anyRequest()
|
.anyRequest()
|
||||||
.authenticated())
|
.authenticated())
|
||||||
|
|
||||||
// JWT 필터는 앞단에
|
// JWT 필터는 앞단에
|
||||||
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
|
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
|
||||||
|
|
||||||
return http.build();
|
return http.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration)
|
public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration)
|
||||||
throws Exception {
|
throws Exception {
|
||||||
return configuration.getAuthenticationManager();
|
return configuration.getAuthenticationManager();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user