-
Notifications
You must be signed in to change notification settings - Fork 0
/
Application.java
executable file
·70 lines (58 loc) · 2.78 KB
/
Application.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
///usr/bin/env jbang "$0" "$@" ; exit $?
//JAVA 17+
//DEPS org.springframework.boot:spring-boot-dependencies:3.0.5@pom
//DEPS org.springframework.boot:spring-boot-starter-web
//DEPS org.springframework.boot:spring-boot-starter-security
//DEPS org.springframework.boot:spring-boot-starter-actuator
//DEPS org.springframework.security:spring-security-oauth2-jose
//DEPS org.springframework.security:spring-security-oauth2-resource-server
//FILES application.properties
package demo;
import org.springframework.boot.Banner;
import org.springframework.boot.actuate.health.HealthEndpoint;
import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.context.annotation.Bean;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@SpringBootApplication
@RestController
@EnableWebSecurity
@EnableMethodSecurity
public class Application {
public static void main(String... args) {
new SpringApplicationBuilder()
.bannerMode(Banner.Mode.OFF)
.lazyInitialization(true)
.sources(Application.class)
.main(Application.class)
.run(args);
}
@Bean
public SecurityFilterChain healthFilterChain(HttpSecurity http) throws Exception {
return http.securityMatcher(EndpointRequest.to(HealthEndpoint.class))
.authorizeHttpRequests((requests) -> requests.anyRequest().permitAll())
.build();
}
@Bean
public SecurityFilterChain oauth2FilterChain(HttpSecurity http) throws Exception {
return http.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt)
.authorizeHttpRequests().anyRequest().authenticated().and()
.anonymous().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.build();
}
@RequestMapping("/")
@PreAuthorize("hasAuthority('SCOPE_hello')")
public String hello() {
return "Hello Spring Boot!";
}
}