github
/
halo
mirror of https://github.com/halo-dev/halo
1
0
Fork 0
Code Issues Releases Wiki Activity

chore: use providerSettings to create OAuth2TokenEndpointFilter (#1863)

pull/1864/head
guqing 2022-04-20 16:08:10 +08:00 committed by GitHub
parent 8ac819ad14
commit 3f5e83fcae
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/main/java/run/halo/app/config/WebSecurityConfig.java
View File

@ -44,7 +44,7 @@ import run.halo.app.infra.properties.JwtProperties;
/** /**
* @author guqing * @author guqing
* @date 2022-04-12 * @since 2022-04-12
*/ */
@EnableWebSecurity @EnableWebSecurity
@EnableConfigurationProperties(JwtProperties.class) @EnableConfigurationProperties(JwtProperties.class)
@ -69,12 +69,13 @@ public class WebSecurityConfig {
ProviderContextFilter providerContextFilter = new ProviderContextFilter(providerSettings); ProviderContextFilter providerContextFilter = new ProviderContextFilter(providerSettings);
http http
.authorizeHttpRequests((authorize) -> authorize .authorizeHttpRequests((authorize) -> authorize
.antMatchers("/api/v1/oauth2/token").permitAll() .antMatchers(providerSettings.getTokenEndpoint()).permitAll()
.antMatchers("/api/**", "/apis/**").authenticated() .antMatchers("/api/**", "/apis/**").authenticated()
) )
.csrf(AbstractHttpConfigurer::disable) .csrf(AbstractHttpConfigurer::disable)
.httpBasic(Customizer.withDefaults()) .httpBasic(Customizer.withDefaults())
.addFilterBefore(new OAuth2TokenEndpointFilter(authenticationManager()), .addFilterBefore(new OAuth2TokenEndpointFilter(authenticationManager(),
providerSettings.getTokenEndpoint()),
FilterSecurityInterceptor.class) FilterSecurityInterceptor.class)
.addFilterAfter(providerContextFilter, SecurityContextPersistenceFilter.class) .addFilterAfter(providerContextFilter, SecurityContextPersistenceFilter.class)
.sessionManagement( .sessionManagement(