Package com.alpaca.config

Class SecurityConfig

java.lang.Object
com.alpaca.config.SecurityConfig
@Configuration @EnableWebSecurity public class SecurityConfig extends Object
Configures security settings for the application, including authentication, authorization, OAuth2 login, and JWT token validation.

  • Field Details

    • oAuth2BaseURI

      private static final String oAuth2BaseURI
      See Also:

    • oAuth2RedirectionEndPoint

      private static final String oAuth2RedirectionEndPoint
      See Also:

    • manager

      private final JJwtManager manager

    • passwordManager

      private final PasswordManager passwordManager

    • authService

      private final AuthServiceImpl authService

    • oauth2FailureHandler

      private final AuthFailureHandler oauth2FailureHandler

    • oauth2SuccessHandler

      private final AuthSuccessHandler oauth2SuccessHandler

    • cookieAuthReqRepo

      private final CookieAuthReqRepo cookieAuthReqRepo

    • clientRegistrationRepository

      private final org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository

  • Constructor Details

    • SecurityConfig

      public SecurityConfig()

  • Method Details

    • securityFilterChain

      @Bean org.springframework.security.web.SecurityFilterChain securityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
      Configures security filter chain with authentication and authorization settings.
      Parameters:
      http - HttpSecurity configuration.
      Returns:
      SecurityFilterChain instance.
      Throws:
      Exception - if an error occurs during configuration.

    • authorizationCodeTokenResponseClient

      private org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient<org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest> authorizationCodeTokenResponseClient()
      Creates an OAuth2 access token response client.
      Returns:
      OAuth2AccessTokenResponseClient instance.

    • accessDeniedHandler

      @Bean public org.springframework.security.web.access.AccessDeniedHandler accessDeniedHandler()
      Configures access denied handler.
      Returns:
      AccessDeniedHandler instance.

    • authenticationEntryPoint

      @Bean public org.springframework.security.web.AuthenticationEntryPoint authenticationEntryPoint()
      Configures an authentication entry point.
      Returns:
      AuthenticationEntryPoint instance.

    • getManager

      @Bean public org.springframework.security.authentication.AuthenticationManager getManager(org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration configuration) throws Exception
      Retrieves the authentication manager from the configuration.
      Parameters:
      configuration - AuthenticationConfiguration instance.
      Returns:
      AuthenticationManager instance.
      Throws:
      Exception - if an error occurs.

    • provider

      @Bean public org.springframework.security.authentication.AuthenticationProvider provider(IAuthService authService)
      Configures an authentication provider with password encoding and user details service.
      Parameters:
      authService - Authentication Service Implementation.
      Returns:
      AuthenticationProvider instance.