From e19e0e59bc0f31728ebeb05164e6b90813560f13 Mon Sep 17 00:00:00 2001 From: Swordsteel Date: Tue, 12 Aug 2025 14:59:32 +0200 Subject: [PATCH] update public path --- .../ltd/hlaeja/configuration/SecurityConfiguration.kt | 3 ++- .../kotlin/ltd/hlaeja/security/authorize/PublicPaths.kt | 8 ++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 src/main/kotlin/ltd/hlaeja/security/authorize/PublicPaths.kt diff --git a/src/main/kotlin/ltd/hlaeja/configuration/SecurityConfiguration.kt b/src/main/kotlin/ltd/hlaeja/configuration/SecurityConfiguration.kt index ad21d50..b1afb0c 100644 --- a/src/main/kotlin/ltd/hlaeja/configuration/SecurityConfiguration.kt +++ b/src/main/kotlin/ltd/hlaeja/configuration/SecurityConfiguration.kt @@ -2,6 +2,7 @@ package ltd.hlaeja.configuration import ltd.hlaeja.security.JwtAuthenticationConverter import ltd.hlaeja.security.JwtAuthenticationManager +import ltd.hlaeja.security.authorize.publicPaths import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity @@ -55,6 +56,6 @@ class SecurityConfiguration { private fun authorizeExchange( authorizeExchange: AuthorizeExchangeSpec, ) = authorizeExchange - .pathMatchers("/login").permitAll() + .publicPaths().permitAll() .anyExchange().hasRole("REGISTRY") } diff --git a/src/main/kotlin/ltd/hlaeja/security/authorize/PublicPaths.kt b/src/main/kotlin/ltd/hlaeja/security/authorize/PublicPaths.kt new file mode 100644 index 0000000..79c98a2 --- /dev/null +++ b/src/main/kotlin/ltd/hlaeja/security/authorize/PublicPaths.kt @@ -0,0 +1,8 @@ +package ltd.hlaeja.security.authorize + +import org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec + +fun AuthorizeExchangeSpec.publicPaths(): AuthorizeExchangeSpec.Access = pathMatchers( + "/actuator/**", + "/login", +)