소스 검색

ISSUE-788 Added oauth2 security config (#822)

German Osin 3 년 전
부모
커밋
63059ffa28
1개의 변경된 파일40개의 추가작업 그리고 0개의 파일을 삭제
  1. 40 0
      kafka-ui-api/src/main/java/com/provectus/kafka/ui/config/OAuthSecurityConfig.java

+ 40 - 0
kafka-ui-api/src/main/java/com/provectus/kafka/ui/config/OAuthSecurityConfig.java

@@ -0,0 +1,40 @@
+package com.provectus.kafka.ui.config;
+
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
+import org.springframework.security.config.web.server.ServerHttpSecurity;
+import org.springframework.security.web.server.SecurityWebFilterChain;
+
+@Configuration
+@EnableWebFluxSecurity
+@ConditionalOnProperty(value = "auth.enabled", havingValue = "true")
+public class OAuthSecurityConfig {
+
+  private static final String[] AUTH_WHITELIST = {
+      "/css/**",
+      "/js/**",
+      "/media/**",
+      "/resources/**",
+      "/actuator/health",
+      "/actuator/info",
+      "/login",
+      "/logout",
+      "/oauth2/**"
+  };
+
+  @Bean
+  public SecurityWebFilterChain configure(ServerHttpSecurity http) {
+    return http.authorizeExchange()
+        .pathMatchers(AUTH_WHITELIST).permitAll()
+        .anyExchange().authenticated()
+        .and()
+        .oauth2Login()
+        .and()
+        .csrf().disable()
+        .build();
+  }
+
+}
+