From 40d7e1d9d5d67bbfe07560996cc381d7caf00d62 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EC=A1=B0=EC=9D=80=EB=B9=84?= <69096886+eunbc@users.noreply.github.com> Date: Fri, 12 Jan 2024 12:59:53 +0900 Subject: [PATCH] =?UTF-8?q?=08chore:=20default=20authenticated=20=EC=A0=81?= =?UTF-8?q?=EC=9A=A9=20(#240)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * chore: http Authorization 헤더 추가 * docs: ddl 컬럼 크기 변경 * docs: 컨트롤러 스웨거 추가 * chore: swagger 권한 설정 * chore: permitAll 로 임시 변경 * chore: swagger, h2-console 권한 변경, x-frame-options disable * chore: default authenticated --- .../security/config/WebSecurityConfig.java | 29 +++++++++---------- 1 file changed, 13 insertions(+), 16 deletions(-) diff --git a/core/core-security/src/main/java/com/pgms/coresecurity/security/config/WebSecurityConfig.java b/core/core-security/src/main/java/com/pgms/coresecurity/security/config/WebSecurityConfig.java index 1af59f93..b764a733 100644 --- a/core/core-security/src/main/java/com/pgms/coresecurity/security/config/WebSecurityConfig.java +++ b/core/core-security/src/main/java/com/pgms/coresecurity/security/config/WebSecurityConfig.java @@ -55,11 +55,10 @@ public AuthenticationManager authenticationManager(AuthenticationConfiguration a @Bean public SecurityFilterChain securityFilterChainPermitAll(HttpSecurity http) throws Exception { configureCommonSecuritySettings(http); - http - .securityMatchers(matchers -> matchers - .requestMatchers(requestPermitAll()) - ) - .authorizeHttpRequests().anyRequest().permitAll(); + http.securityMatchers(matchers -> matchers.requestMatchers(requestPermitAll())) + .authorizeHttpRequests() + .anyRequest() + .permitAll(); return http.build(); } @@ -163,8 +162,7 @@ public FilterRegistrationBean filterRegistration(JwtAut } private RequestMatcher[] requestHasRoleSuperAdmin() { - List requestMatchers = List.of( - antMatcher("/api/*/admin/management/**")); + List requestMatchers = List.of(antMatcher("/api/*/admin/management/**")); return requestMatchers.toArray(RequestMatcher[]::new); } @@ -224,15 +222,14 @@ private RequestMatcher[] requestHasRoleUser() { @Bean public SecurityFilterChain securityFilterChainDefault(HttpSecurity http) throws Exception { configureCommonSecuritySettings(http); - http - .authorizeHttpRequests() - .anyRequest().permitAll(); - // .and() - // .addFilterAfter(jwtAuthenticationFilter, ExceptionTranslationFilter.class) - // .exceptionHandling(exception -> { - // exception.authenticationEntryPoint(jwtAuthenticationEntryPoint); - // exception.accessDeniedHandler(jwtAccessDeniedHandler); - // }); + http.authorizeHttpRequests() + .anyRequest().authenticated() + .and() + .addFilterAfter(jwtAuthenticationFilter, ExceptionTranslationFilter.class) + .exceptionHandling(exception -> { + exception.authenticationEntryPoint(jwtAuthenticationEntryPoint); + exception.accessDeniedHandler(jwtAccessDeniedHandler); + }); return http.build(); }