Skip to content
Snippets Groups Projects
Commit cdda4b90 authored by Andrej Zabka's avatar Andrej Zabka
Browse files

merge develop to security fixes

parent 3f947954
No related branches found
No related tags found
4 merge requests!54Merge develop into main,!48Scenario,!47Docker fix,!44Security
This commit is part of merge request !44. Comments created here will be created in the context of that merge request.
Hide whitespace changes
Inline Side-by-side
core/openapi.yaml
+ 0
1
View file @ cdda4b90
......@@ -13,7 +13,6 @@ tags:
- name: EngineerService
components:
schemas:
CarComponentType:
type: string
......
core/src/main/java/cz/muni/pa165/config/SecurityConfig.java
+ 1
1
View file @ cdda4b90
......@@ -22,7 +22,7 @@ public class SecurityConfig {
http.csrf().disable();
http
.authorizeHttpRequests(x -> x
.requestMatchers("/swagger-ui/**", "/v3/api-docs/**").permitAll()
.requestMatchers("/swagger-ui/**", "/v3/api-docs/**", "/seed", "/clear").permitAll()
.requestMatchers(HttpMethod.POST,"/carComponent").hasAuthority("SCOPE_test_1")
.requestMatchers(HttpMethod.GET, "/carComponent").hasAnyAuthority("SCOPE_test_5", "SCOPE_test_1")
.requestMatchers("/carComponent/**").hasAnyAuthority("SCOPE_test_5", "SCOPE_test_1")
......
core/src/main/resources/application.properties
+ 13
0
View file @ cdda4b90
......@@ -13,6 +13,19 @@ spring.cache.type=NONE
spring.profiles.active=dev
appconfig.enablecache=false
#resource server nastavenia
spring.security.oauth2.resourceserver.opaquetoken.introspection-uri=https://oidc.muni.cz/oidc/introspect
spring.security.oauth2.resourceserver.opaquetoken.client-id=d57b3a8f-156e-46de-9f27-39c4daee05e1
spring.security.oauth2.resourceserver.opaquetoken.client-secret=fa228ebc-4d54-4cda-901e-4d6287f8b1652a9c9c44-73c9-4502-973f-bcdb4a8ec96a
#logovanie security do console
logging.level.org.springframework.security=DEBUG
#swagger nastavenia
springdoc.swagger-ui.oauth.client-id=7e02a0a9-446a-412d-ad2b-90add47b0fdd
springdoc.swagger-ui.oauth.client-secret=48a2b2e3-4b2b-471e-b7b7-b81a85b6eeef22f347f2-3fc9-4e16-8698-3e2492701a89
springdoc.swagger-ui.oauth.scopes=openid, test_1, test_5
management.endpoints.web.exposure.include=info,health,metrics,loggers,beans,env,prometheus
management.endpoint.health.show-details=always
management.endpoint.health.show-components=always
......
prometheus.yml
+ 1
1
View file @ cdda4b90
......@@ -11,7 +11,7 @@ scrape_configs:
metrics_path: /actuator/prometheus
static_configs:
- targets:
- host.docker.internal:8080
- host.docker.internal:8090
- host.docker.internal:8081
- host.docker.internal:8082
- host.docker.internal:8083
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment