java source code of OAuth2SsoConfiguration

Project: flair-registry (GitHub Link)

flair-registry-master
- .github
  - PULL_REQUEST_TEMPLATE.md
  - ISSUE_TEMPLATE
    - feature_request.md
    - bug_report.md
  - ISSUE_TEMPLATE.md
- src
  - main
    - resources
      - templates
        error.html
      - config
        application.yml
        application-peer1.yml
        application-uaa.yaml
        application-dev.yml
        application-prod.yml
        bootstrap-prod.yml
        application-oauth2.yml
        bootstrap.yml
        bootstrap-private.yml
        application-peer2.yml
      - logback-spring.xml
      - banner.txt
      - static
        eureka
        images
        css
        wro.css
    - docker
      - keycloak.yml
      - sonar.yml
      - deploy.stag.yml
      - app.yml
      - realm-config
        jhipster-realm.json
        jhipster-users-0.json
      - build.yml
      - .maven-dockerignore
      - deploy.dev.yml
      - Dockerfile
      - deploy.yml
    - java
      - io
        github
        jhipster
        registry
        security
        AuthoritiesConstants.java
        jwt
        JWTConfigurer.java
        JWTFilter.java
        TokenProvider.java
        oauth2
        AuthorizationHeaderUtil.java
        SimplePrincipalExtractor.java
        SimpleAuthoritiesExtractor.java
        OAuth2ClientCredentialsService.java
        package-info.java
        Http401UnauthorizedEntryPoint.java
        web
        rest
        EurekaResource.java
        ProfileInfoResource.java
        vm
        LoginVM.java
        package-info.java
        UserVM.java
        EurekaVM.java
        LoggerVM.java
        RouteVM.java
        RoutesResource.java
        SshResource.java
        UserJWTController.java
        package-info.java
        LogsResource.java
        AccountResource.java
        errors
        ParameterizedErrorVM.java
        FieldErrorVM.java
        ExceptionTranslator.java
        ErrorConstants.java
        ErrorVM.java
        CustomParameterizedException.java
        client
        AuthorizedFeignClient.java
        TokenRelayRequestInterceptor.java
        OAuth2InterceptedFeignConfiguration.java
        config
        ApplicationProperties.java
        LoggingAspectConfiguration.java
        UaaConfiguration.java
        MetricsConfiguration.java
        ConfigServerConfig.java
        DefaultProfileUtil.java
        Constants.java
        LocaleConfiguration.java
        OAuth2SsoConfiguration.java
        package-info.java
        JWTSecurityConfiguration.java
        WebConfigurer.java
        LoggingConfiguration.java
        OAuth2SecurityConfiguration.java
        apidoc
        RegistrySwaggerResourcesProvider.java
        NativeRepositoryConfiguration.java
        AsyncConfiguration.java
        DateTimeFormatConfiguration.java
        service
        dto
        package-info.java
        ZuulRouteDTO.java
        CloudConfigRefreshService.java
        ZuulUpdaterService.java
        filters
        responserewriting
        SwaggerBasePathRewritingFilter.java
        OAuth2TokenRelayFilter.java
        RegistryConfiguration.java
        JWTTokenRelayFilter.java
        accesscontrol
        AccessControlFilter.java
        UaaTokenRelayFilter.java
        aop
        logging
        LoggingAspect.java
        JHipsterRegistryApp.java
    - webapp
      - robots.txt
      - content
        images
        scss
        global.scss
        vendor.scss
      - manifest.webapp
      - swagger-ui
        images
        throbber.gif
        index.html
      - favicon.ico
      - 404.html
      - index.html
      - app
        home
        home.component.ts
        eureka.status.service.ts
        home.scss
        index.ts
        home.module.ts
        home.route.ts
        home.component.html
        app-routing.module.ts
        registry
        registry.module.ts
        registry.route.ts
        applications
        applications.component.scss
        applications.route.ts
        applications.component.html
        applications.component.ts
        applications.service.ts
        index.ts
        config
        config.component.html
        config.route.ts
        config.component.ts
        config.service.ts
        replicas
        replicas.route.ts
        replicas.component.html
        replicas.service.ts
        replicas.component.ts
        replicas.component.scss
        history
        history.service.ts
        history.component.ts
        history.route.ts
        history.component.html
        encryption
        encryption.service.ts
        encryption.route.ts
        encryption.component.html
        encryption.component.ts
        ssh
        ssh.component.ts
        ssh.route.ts
        ssh.component.html
        ssh.service.ts
        vendor.ts
        admin
        configuration
        configuration.component.ts
        configuration.route.ts
        configuration.component.html
        configuration.service.ts
        health
        health-modal.component.ts
        health.component.html
        health.route.ts
        health-modal.component.html
        health.service.ts
        health.component.ts
        logfile
        logfile.route.ts
        logfile.scss
        logfile.service.ts
        logfile.component.html
        logfile.component.ts
        index.ts
        admin.module.ts
        admin.route.ts
        logs
        logs.component.ts
        log.model.ts
        logs.component.html
        logs.service.ts
        logs.route.ts
        metrics
        metrics.route.ts
        metrics-modal.component.html
        metrics.component.ts
        metrics-modal.component.ts
        metrics.component.html
        metrics.service.ts
        docs
        docs.route.ts
        docs.component.html
        docs.component.ts
        app.module.ts
        app.route.ts
        app.constants.ts
        polyfills.ts
        app.main.ts
        blocks
        config
        prod.config.ts
        uib-pagination.config.ts
        interceptor
        notification.interceptor.ts
        errorhandler.interceptor.ts
        auth-expired.interceptor.ts
        auth.interceptor.ts
        core
        user
        user.model.ts
        user.service.ts
        account.model.ts
        index.ts
        auth
        account.service.ts
        principal.service.ts
        csrf.service.ts
        auth-session.service.ts
        state-storage.service.ts
        auth-jwt.service.ts
        user-route-access-service.ts
        core.module.ts
        login
        login.service.ts
        login-modal.service.ts
        login.component.html
        login.component.ts
        layouts
        main
        main.component.html
        main.component.ts
        footer
        footer.component.html
        footer.component.ts
        profiles
        profile-info.model.ts
        profile.service.ts
        page-ribbon.component.ts
        page-ribbon.scss
        error
        error.component.html
        error.component.ts
        error.route.ts
        index.ts
        navbar
        navbar.component.ts
        navbar.scss
        navbar.route.ts
        navbar.component.html
        shared
        shared.module.ts
        index.ts
        shared-libs.module.ts
        util
        request-util.ts
        oauth2
        login-oauth2.service.ts
        alert
        alert.component.ts
        alert-error.component.ts
        constants
        pagination.constants.ts
        shared-common.module.ts
        refresh
        refresh-selector.component.scss
        refresh-selector.component.html
        refresh.service.ts
        refresh-selector.component.ts
        pipe
        group-by.pipe.ts
        auth
        has-any-authority.directive.ts
        routes
        route.model.ts
        route-selector.component.ts
        routes.service.ts
        route-selector.component.scss
        route-selector.component.html
  - test
    - resources
      - logback.xml
      - config
        application.yml
    - javascript
      - spec
        entry.ts
        helpers
        mock-account.service.ts
        mock-route.service.ts
        mock-event-manager.service.ts
        mock-active-modal.service.ts
        mock-principal.service.ts
        spyobject.ts
        test.module.ts
        app
        home
        home.component.spec.ts
        registry
        applications
        applications.component.spec.ts
        history
        history.component.spec.ts
        admin
        health
        health.component.spec.ts
      - karma.conf.js
    - java
      - io
        github
        jhipster
        registry
        security
        jwt
        package-info.java
        package-info.java
        utils
        TestUtils.java
        web
        rest
        UserJWTControllerTest.java
        vm
        LoginVMTest.java
        LoggerVMTest.java
        package-info.java
        UserVMTest.java
        EurekaVMTest.java
        SshResourceTest.java
        TestUtil.java
        AccountResourceTest.java
        LogsResourceTest.java
        package-info.java
        errors
        FieldErrorVMTest.java
        CustomParameterizedExceptionTest.java
        ExceptionTranslatorTest.java
        package-info.java
        ParameterizedErrorVMTest.java
        ErrorVMTest.java
        config
        package-info.java
        filters
        responserewriting
        SwaggerBasePathRewritingFilterTest.java
- .angular-cli.json
- .yo-rc.json
- pom.xml
- .prettierrc
- mvnw
- tslint.json
- postcss.config.js
- central-config
  - application.yml
- proxy.conf.json
- LICENSE
- azure-pipelines.yml
- CONTRIBUTING.md
- .editorconfig
- .gitattributes
- tsconfig-aot.json
- .mvn
  - wrapper
    - maven-wrapper.jar
    - maven-wrapper.properties
- app.json
- .travis.yml
- README.md
- package.json
- CODE_OF_CONDUCT.md
- webpack
  - webpack.dev.js
  - webpack.prod.js
  - webpack.common.js
  - webpack.test.js
  - utils.js
- NOTICE
- tsconfig.json
- .gitignore
- Jenkinsfile
- .prettierignore
- mvnw.cmd
- .dockerignore

package io.github.jhipster.registry.config;

import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.util.matcher.NegatedRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;

import io.github.jhipster.registry.security.AuthoritiesConstants;

@EnableOAuth2Sso
@Configuration
@Profile(Constants.PROFILE_OAUTH2)
public class OAuth2SsoConfiguration extends WebSecurityConfigurerAdapter {

    private final RequestMatcher authorizationHeaderRequestMatcher;

    public OAuth2SsoConfiguration(@Qualifier("authorizationHeaderRequestMatcher") RequestMatcher authorizationHeaderRequestMatcher) {
        this.authorizationHeaderRequestMatcher = authorizationHeaderRequestMatcher;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .csrf()
            .disable()
            .headers()
            .frameOptions()
            .disable()
        .and()
            .requestMatcher(new NegatedRequestMatcher(authorizationHeaderRequestMatcher))
            .authorizeRequests()
            .antMatchers("/services/**").authenticated()
            .antMatchers("/eureka/**").hasAuthority(AuthoritiesConstants.ADMIN)
            .antMatchers("/api/profile-info").permitAll()
            .antMatchers("/api/**").authenticated()
            .antMatchers("/config/**").hasAuthority(AuthoritiesConstants.ADMIN)
            .antMatchers("/management/health").permitAll()
            .antMatchers("/management/**").hasAuthority(AuthoritiesConstants.ADMIN)
            .anyRequest().permitAll();
    }
}