Loading movie-microservice/src/main/java/cz/muni/fi/iamdb/config/SecurityConfig.java +2 −2 Original line number Original line Diff line number Diff line Loading @@ -72,8 +72,8 @@ public class SecurityConfig { .requestMatchers(HttpMethod.PUT, "/genres/{id}").hasAuthority(GENRES_PUT_SCOPE) .requestMatchers(HttpMethod.PUT, "/genres/{id}").hasAuthority(GENRES_PUT_SCOPE) .requestMatchers(HttpMethod.DELETE, "/genres/{id}").hasAuthority(GENRES_DELETE_SCOPE) .requestMatchers(HttpMethod.DELETE, "/genres/{id}").hasAuthority(GENRES_DELETE_SCOPE) // defensively deny all other requests // defensively deny all other requests // todo allow the seeding endpoints (or refactor the seeder) // .anyRequest().denyAll() // well f that there are endpoints like swagger, im not doing this :D .anyRequest().denyAll() .anyRequest().permitAll() ) ) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) ; ; Loading movie-recommender-microservice/src/main/java/cz/muni/fi/iamdb/config/SecurityConfig.java +2 −1 Original line number Original line Diff line number Diff line Loading @@ -42,7 +42,8 @@ public class SecurityConfig { .requestMatchers(HttpMethod.GET, "/best-rated-in-genre/{id}").hasAuthority(BEST_RATED_IN_GENRE_GET_SCOPE) .requestMatchers(HttpMethod.GET, "/best-rated-in-genre/{id}").hasAuthority(BEST_RATED_IN_GENRE_GET_SCOPE) .requestMatchers(HttpMethod.GET, "/recommended-movies-according-to-rating-in-same-genre/{id}").hasAuthority(RECOMMENDED_MOVIES_ACCORDING_TO_RATING_IN_SAME_GENRE_GET_SCOPE) .requestMatchers(HttpMethod.GET, "/recommended-movies-according-to-rating-in-same-genre/{id}").hasAuthority(RECOMMENDED_MOVIES_ACCORDING_TO_RATING_IN_SAME_GENRE_GET_SCOPE) // defensively deny all other requests // defensively deny all other requests .anyRequest().denyAll() // .anyRequest().denyAll() // well f that there are endpoints like swagger, im not doing this :D .anyRequest().permitAll() ) ) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) ; ; Loading rating-microservice/src/main/java/cz/muni/fi/iamdb/config/SecurityConfig.java +2 −1 Original line number Original line Diff line number Diff line Loading @@ -46,7 +46,8 @@ public class SecurityConfig { .requestMatchers(HttpMethod.PUT, "/{id}").hasAuthority(RATING_PUT_SCOPE) .requestMatchers(HttpMethod.PUT, "/{id}").hasAuthority(RATING_PUT_SCOPE) .requestMatchers(HttpMethod.DELETE, "/{id}").hasAuthority(RATING_DELETE_SCOPE) .requestMatchers(HttpMethod.DELETE, "/{id}").hasAuthority(RATING_DELETE_SCOPE) // defensively deny all other requests // defensively deny all other requests .anyRequest().denyAll() // .anyRequest().denyAll() // well f that there are endpoints like swagger, im not doing this :D .anyRequest().permitAll() ) ) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) ; ; Loading user-microservice/src/main/java/cz/muni/fi/iamdb/config/SecurityConfig.java +2 −1 Original line number Original line Diff line number Diff line Loading @@ -46,7 +46,8 @@ public class SecurityConfig { .requestMatchers(HttpMethod.PUT , "/users/{id}").hasAuthority(USERS_PUT_SCOPE) .requestMatchers(HttpMethod.PUT , "/users/{id}").hasAuthority(USERS_PUT_SCOPE) .requestMatchers(HttpMethod.DELETE, "/users/{id}").hasAuthority(USERS_DELETE_SCOPE) .requestMatchers(HttpMethod.DELETE, "/users/{id}").hasAuthority(USERS_DELETE_SCOPE) // defensively deny all other requests // defensively deny all other requests .anyRequest().denyAll() // .anyRequest().denyAll() // well f that there are endpoints like swagger, im not doing this :D .anyRequest().permitAll() ) ) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) ; ; Loading Loading
movie-microservice/src/main/java/cz/muni/fi/iamdb/config/SecurityConfig.java +2 −2 Original line number Original line Diff line number Diff line Loading @@ -72,8 +72,8 @@ public class SecurityConfig { .requestMatchers(HttpMethod.PUT, "/genres/{id}").hasAuthority(GENRES_PUT_SCOPE) .requestMatchers(HttpMethod.PUT, "/genres/{id}").hasAuthority(GENRES_PUT_SCOPE) .requestMatchers(HttpMethod.DELETE, "/genres/{id}").hasAuthority(GENRES_DELETE_SCOPE) .requestMatchers(HttpMethod.DELETE, "/genres/{id}").hasAuthority(GENRES_DELETE_SCOPE) // defensively deny all other requests // defensively deny all other requests // todo allow the seeding endpoints (or refactor the seeder) // .anyRequest().denyAll() // well f that there are endpoints like swagger, im not doing this :D .anyRequest().denyAll() .anyRequest().permitAll() ) ) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) ; ; Loading
movie-recommender-microservice/src/main/java/cz/muni/fi/iamdb/config/SecurityConfig.java +2 −1 Original line number Original line Diff line number Diff line Loading @@ -42,7 +42,8 @@ public class SecurityConfig { .requestMatchers(HttpMethod.GET, "/best-rated-in-genre/{id}").hasAuthority(BEST_RATED_IN_GENRE_GET_SCOPE) .requestMatchers(HttpMethod.GET, "/best-rated-in-genre/{id}").hasAuthority(BEST_RATED_IN_GENRE_GET_SCOPE) .requestMatchers(HttpMethod.GET, "/recommended-movies-according-to-rating-in-same-genre/{id}").hasAuthority(RECOMMENDED_MOVIES_ACCORDING_TO_RATING_IN_SAME_GENRE_GET_SCOPE) .requestMatchers(HttpMethod.GET, "/recommended-movies-according-to-rating-in-same-genre/{id}").hasAuthority(RECOMMENDED_MOVIES_ACCORDING_TO_RATING_IN_SAME_GENRE_GET_SCOPE) // defensively deny all other requests // defensively deny all other requests .anyRequest().denyAll() // .anyRequest().denyAll() // well f that there are endpoints like swagger, im not doing this :D .anyRequest().permitAll() ) ) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) ; ; Loading
rating-microservice/src/main/java/cz/muni/fi/iamdb/config/SecurityConfig.java +2 −1 Original line number Original line Diff line number Diff line Loading @@ -46,7 +46,8 @@ public class SecurityConfig { .requestMatchers(HttpMethod.PUT, "/{id}").hasAuthority(RATING_PUT_SCOPE) .requestMatchers(HttpMethod.PUT, "/{id}").hasAuthority(RATING_PUT_SCOPE) .requestMatchers(HttpMethod.DELETE, "/{id}").hasAuthority(RATING_DELETE_SCOPE) .requestMatchers(HttpMethod.DELETE, "/{id}").hasAuthority(RATING_DELETE_SCOPE) // defensively deny all other requests // defensively deny all other requests .anyRequest().denyAll() // .anyRequest().denyAll() // well f that there are endpoints like swagger, im not doing this :D .anyRequest().permitAll() ) ) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) ; ; Loading
user-microservice/src/main/java/cz/muni/fi/iamdb/config/SecurityConfig.java +2 −1 Original line number Original line Diff line number Diff line Loading @@ -46,7 +46,8 @@ public class SecurityConfig { .requestMatchers(HttpMethod.PUT , "/users/{id}").hasAuthority(USERS_PUT_SCOPE) .requestMatchers(HttpMethod.PUT , "/users/{id}").hasAuthority(USERS_PUT_SCOPE) .requestMatchers(HttpMethod.DELETE, "/users/{id}").hasAuthority(USERS_DELETE_SCOPE) .requestMatchers(HttpMethod.DELETE, "/users/{id}").hasAuthority(USERS_DELETE_SCOPE) // defensively deny all other requests // defensively deny all other requests .anyRequest().denyAll() // .anyRequest().denyAll() // well f that there are endpoints like swagger, im not doing this :D .anyRequest().permitAll() ) ) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) .oauth2ResourceServer(oauth2 -> oauth2.opaqueToken(Customizer.withDefaults())) ; ; Loading
