• Search by APIs
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• oauth2-blog-master
  • src
    • main
      • resources
        • db
          • changelog
            • db.changelog-master.yaml
        • application-prod.properties
        • application-default.properties
      • java
        • com
          • patternmatch
            • oauth2blog
              • resources
                • Admin.java
                • Token.java
                • Hello.java
              • entity
                • AppUser.java
              • config
                • TokenStoreConfig.java
                • ResourceServerConfig.java
                • SecurityConfig.java
                • AuthorizationServerConfig.java
                • Const.java
              • service
                • DefaultAuthenticationProvider.java
                • DefaultUserDetailsService.java
              • model
                • Welcome.java
              • repository
                • AppUserRepository.java
              • Oauth2BlogApplication.java
    • test
      • java
        • com
          • patternmatch
            • oauth2blog
              • resources
                • HelloMvcTest.java
                • HelloMockUserTest.java
                • HelloE2ETest.java
              • config
                • TestConfig.java
              • Oauth2BlogApplicationTests.java
  • gradle
    • wrapper
      • gradle-wrapper.properties
      • gradle-wrapper.jar
  • gradlew.bat
  • LICENSE
  • gradlew
  • build.gradle
  • README.md
  • settings.gradle
  • .gitignore

package com.patternmatch.oauth2blog.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;

@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

    private static final String RESOURCE_ID = "resource_id";

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) {
        resources.resourceId(RESOURCE_ID).stateless(false);
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.
                anonymous().disable()
                .authorizeRequests()
                .antMatchers("/api/**").authenticated()
                .and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
    }

}