27 lines
916 B
Kotlin
27 lines
916 B
Kotlin
package com.example.demo
|
|
|
|
import com.example.loginapi.OauthResourceServerSecurity
|
|
import org.springframework.context.annotation.Configuration
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity
|
|
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer
|
|
|
|
/**
|
|
* @author sombochea <Sambo Chea>
|
|
* @email sombochea@cubetiqs.com
|
|
* @date 15/10/19
|
|
* @since 1.0
|
|
*/
|
|
@Configuration
|
|
@EnableResourceServer
|
|
class SecurityConfig : OauthResourceServerSecurity() {
|
|
@Throws(Exception::class)
|
|
override fun configure(http: HttpSecurity) {
|
|
http.exceptionHandling()
|
|
.and()
|
|
.authorizeRequests()
|
|
.antMatchers("/api/**", "/oauth", "/customers")
|
|
.access("#oauth2.hasAnyScope('read','write')")
|
|
.antMatchers("/actuator/**")
|
|
.hasAnyRole("SUPER_ADMIN", "SYS_ADMIN","ACTUATOR")
|
|
}
|
|
} |