Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package com.example.springjwt.auth;
- import com.example.springjwt.services.CustomUserDetailsService;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.authentication.AuthenticationManager;
- import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
- import org.springframework.security.config.http.SessionCreationPolicy;
- import org.springframework.security.crypto.password.NoOpPasswordEncoder;
- import org.springframework.security.web.SecurityFilterChain;
- import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
- @Configuration
- @EnableWebSecurity
- public class SecurityConfig {
- private final CustomUserDetailsService userDetailsService;
- private final JwtAuthorizationFilter jwtAuthorizationFilter;
- public SecurityConfig(CustomUserDetailsService customUserDetailsService, JwtAuthorizationFilter jwtAuthorizationFilter) {
- this.userDetailsService = customUserDetailsService;
- this.jwtAuthorizationFilter = jwtAuthorizationFilter;
- }
- @Bean
- public AuthenticationManager authenticationManager(HttpSecurity http, NoOpPasswordEncoder noOpPasswordEncoder)
- throws Exception {
- AuthenticationManagerBuilder authenticationManagerBuilder = http.getSharedObject(AuthenticationManagerBuilder.class);
- authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(noOpPasswordEncoder);
- return authenticationManagerBuilder.build();
- }
- @Bean
- public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
- http.csrf().disable()
- .authorizeRequests()
- .requestMatchers("/rest/auth/**").permitAll()
- .anyRequest().authenticated()
- .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
- .and().addFilterBefore(jwtAuthorizationFilter,UsernamePasswordAuthenticationFilter.class);
- return http.build();
- }
- @SuppressWarnings("deprecation")
- @Bean
- public NoOpPasswordEncoder passwordEncoder() {
- return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement