This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@Configuration | |
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter { | |
@Override | |
protected void configure(HttpSecurity http) throws Exception { | |
http.authorizeRequests() | |
.anyRequest() | |
.authenticated(); | |
http.oauth2ResourceServer() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"custom_claims": [ | |
"COMPANY:1:READ", | |
"COMPANY:1:WRITE", | |
"COMPANY:2:READ", | |
"SUBSIDIARY:125:READ" | |
], | |
"iss": "https://securetoken.google.com/fir-auth-springsecurity", | |
"aud": "fir-auth-springsecurity", | |
"auth_time": 1636893816, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
INSERT INTO COMPANY(ID, NAME, TYPE) VALUES(1, 'Imaginary Solutions', 'LLC'); | |
INSERT INTO COMPANY(ID, NAME, TYPE) VALUES(2, 'Green Innovations', 'LLC'); | |
INSERT INTO SUBSIDIARY(ID, NAME, CITY, COMPANY_ID) VALUES(1, 'Imaginary Solutions California', 'Palo Alto', 1); | |
INSERT INTO SUBSIDIARY(ID, NAME, CITY, COMPANY_ID) VALUES(2, 'Imaginary Solutions Texas', 'Austin', 1); | |
INSERT INTO SUBSIDIARY(ID, NAME, CITY, COMPANY_ID) VALUES(3, 'Green Innovations Canada', 'Quebec', 2); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@RestController | |
@RequestMapping("/app") | |
@RequiredArgsConstructor | |
public class AppController { | |
private final CompanyJpaRepository companyRepo; | |
private final SubsidiaryJpaRepository subsidiaryRepo; | |
@GetMapping(path = "/company/{id}") | |
@PreAuthorize("hasAuthority('COMPANY:' + #id + ':READ')") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true) | |
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter { | |
@Override | |
protected void configure(HttpSecurity http) throws Exception { | |
http.csrf().disable(); | |
http.oauth2ResourceServer() | |
.jwt() | |
.jwtAuthenticationConverter(jwtAuthenticationConverter()); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
curl --location --request POST 'http://localhost:8080/admin/user-claims/WsD5H21KFKYyCOTIbkOwjXLQRsu1' \ | |
--header 'Content-Type: application/json' \ | |
--data-raw '{ | |
"COMPANY": { | |
"1": [ | |
"READ", | |
"WRITE" | |
], | |
"2": [ | |
"READ" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@RestController | |
@RequestMapping("/admin") | |
@RequiredArgsConstructor | |
public class AdminController { | |
private final UserManagementService userManagementService; | |
@Secured("ROLE_ANONYMOUS") | |
@PostMapping(path = "/user-claims/{uid}") | |
public void setUserClaims( |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ | |
"COMPANY:1:READ", | |
"COMPANY:1:WRITE", | |
"COMPANY:2:READ", | |
"SUBSIDIARY:125:READ" | |
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"COMPANY": { | |
"1": [ | |
"READ", | |
"WRITE" | |
], | |
"2": [ | |
"READ" | |
] | |
}, |
NewerOlder