Package com.mindstore.backend.security

Class SecurityConfig

java.lang.Object
com.mindstore.backend.security.SecurityConfig
@Configuration @EnableWebSecurity public class SecurityConfig extends Object
Main security configuration class

  • Constructor Details

    • SecurityConfig

      public SecurityConfig(JwtAuthenticationFilter jwtAuthenticationFilter, org.springframework.security.authentication.AuthenticationProvider authenticationProvider, @Lazy CustomOAuth2SuccessHandler customOAuth2SuccessHandler)
      security configuration
      Parameters:
      jwtAuthenticationFilter - filter for jwt token
      authenticationProvider - spring security auth provider class
      customOAuth2SuccessHandler - success handler for oAuth

  • Method Details

    • securityFilterChain

      @Bean public org.springframework.security.web.SecurityFilterChain securityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
      function: sets the filterChain for the routes that need special permissions by default, any request needs authentication uses jwtAuthenticationFilter and oauth for oauth login
      Parameters:
      http - http security
      Returns:
      the build securityFilterChain
      Throws:
      Exception - when a route is accessed without authentication that needs it

    • customOAuth2SuccessHandler

      @Bean public CustomOAuth2SuccessHandler customOAuth2SuccessHandler(JwtService jwtService, AuthenticationService authService)
      function: creates the customOAuthSuccessHandler with the Authentication service and the jwt service
      Parameters:
      jwtService - that serves as input for the handler
      authService - our authentication service
      Returns:
      the custom Oauth handler