auth.fosil.eu

build.gradle.kts

@@ -19,7 +19,7 @@ repositories {
 
 dependencies {
 	implementation("org.springframework.boot:spring-boot-starter-data-jpa")
-//	implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server")
+	implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server")
 	implementation("org.springframework.boot:spring-boot-starter-web")
 	implementation("com.fasterxml.jackson.module:jackson-module-kotlin")
 	implementation("org.jetbrains.kotlin:kotlin-reflect")

src/main/kotlin/eu/fosil/okupamicoche/spring/conf/JWTSecurityConfig.kt

@@ -0,0 +1,20 @@
+package eu.fosil.okupamicoche.spring.conf
+
+import org.springframework.context.annotation.Configuration
+import org.springframework.security.config.annotation.web.builders.HttpSecurity
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
+
+@Configuration
+class JWTSecurityConfig : WebSecurityConfigurerAdapter() {
+    @Throws(Exception::class)
+    override fun configure(http: HttpSecurity) {// @formatter:off
+        http.cors()
+            .and()
+                .authorizeRequests()
+                    .anyRequest()
+                        .hasAuthority("SCOPE_profile")
+            .and()
+                .oauth2ResourceServer()
+                    .jwt();
+    }//@formatter:on
+}

src/main/resources/application.properties

@@ -1 +1,2 @@
-
+spring.security.oauth2.resourceserver.jwt.issuer-uri=https://auth.fosil.eu/auth/realms/fosil
+spring.security.oauth2.resourceserver.jwt.jwk-set-uri=https://auth.fosil.eu/auth/realms/fosil/protocol/openid-connect/certs