package com.example.demo

import com.example.loginapi.OauthResourceServerSecurity
import org.springframework.context.annotation.Configuration
import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer

/**
 * @author sombochea <Sambo Chea>
 * @email sombochea@cubetiqs.com
 * @date 15/10/19
 * @since 1.0
 */
@Configuration
@EnableResourceServer
class SecurityConfig : OauthResourceServerSecurity() {
    @Throws(Exception::class)
    override fun configure(http: HttpSecurity) {
        http.exceptionHandling()
            .and()
            .authorizeRequests()
            .antMatchers("/api/**", "/oauth", "/customers")
            .access("#oauth2.hasAnyScope('read','write')")
            .antMatchers("/actuator/**")
            .hasAnyRole("SUPER_ADMIN", "SYS_ADMIN","ACTUATOR")
    }
}