piair/MyINPulse
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: applied formatter (on all import as well :)
Some checks failed
Format / formatting (push) Failing after 8s
Details
CI / build (push) Successful in 13s
Details

Browse Source
This commit is contained in:
Pierre Tellier
2025-02-12 15:29:12 +01:00
parent 8b24456b48
commit 746fa97cf3
21 changed files with 197 additions and 158 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
MyINPulse-back/src/main/java/enseirb/myinpulse/config/WebSecurityCustomConfiguration.java
View File

@ -1,6 +1,9 @@
package enseirb.myinpulse.config;
import static org.springframework.security.authorization.AuthorityAuthorizationManager.hasRole;
import enseirb.myinpulse.security.KeycloakJwtRolesConverter;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@ -13,9 +16,6 @@ import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import java.util.Arrays;
import java.util.List;
import static org.springframework.security.authorization.AuthorityAuthorizationManager.hasRole;
@Configuration
public class WebSecurityCustomConfiguration {
// CORS configuration
@ -24,8 +24,8 @@ public class WebSecurityCustomConfiguration {
private String frontendUrl;
/**
* Configure the CORS (Cross Origin Ressource Sharing -- a security feature) configuration.
* The only allowed website is the frontend, defined in the .env file.
* Configure the CORS (Cross Origin Ressource Sharing -- a security feature) configuration. The
* only allowed website is the frontend, defined in the .env file.
*
* @return the CORS configuration used by the backend
*/
@ -35,10 +35,7 @@ public class WebSecurityCustomConfiguration {
configuration.setAllowedOrigins(List.of(frontendUrl));
configuration.setAllowedMethods(Arrays.asList("GET", "OPTIONS"));
configuration.setAllowedHeaders(
Arrays.asList(
"authorization",
"content-type",
"x-auth-token"));
Arrays.asList("authorization", "content-type", "x-auth-token"));
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
@ -47,8 +44,10 @@ public class WebSecurityCustomConfiguration {
/**
* Configure the authorisation required for each path.
* admin endpoints are under /admin/* and entrepreneur are under /entrepreneur/*
* If endpoints dont require authentication, they are under /unauth/
*
* <p>admin endpoints are under /admin/* and entrepreneur are under /entrepreneur/*
*
* <p>If endpoints dont require authentication, they are under /unauth/
*
* @param http automatically filled in by spring.
* @return a securityfilterchain, automatically used by spring.