Skip to content

Commit 98b05f1

Browse files
HYEONSIKOHHYEONSIKOH
committed
fix: 소나큐브 에외 설정 #102
- SecurityConfig.java 소나큐브 예외 설정
1 parent b1c0130 commit 98b05f1

File tree

2 files changed

+12
-11
lines changed

2 files changed

+12
-11
lines changed

chat/src/main/java/org/example/soundlinkchat_java/global/config/SecurityConfig.java

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,5 @@
11
package org.example.soundlinkchat_java.global.config;
22

3-
import jakarta.servlet.ServletRequest;
43
import lombok.RequiredArgsConstructor;
54
import org.example.soundlinkchat_java.global.auth.JwtAuthenticationFilter;
65
import org.example.soundlinkchat_java.global.auth.JwtProvider;
@@ -9,22 +8,26 @@
98
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
109
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
1110
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
11+
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
1212
import org.springframework.security.web.SecurityFilterChain;
1313
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
1414

1515
@Configuration
1616
@EnableWebSecurity
1717
@RequiredArgsConstructor
18+
@SuppressWarnings("squid:S4502")
1819
public class SecurityConfig {
19-
2020
private final JwtProvider jwtProvider;
2121

2222
@Bean
23-
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
23+
public BCryptPasswordEncoder passwordEncoder() {
24+
return new BCryptPasswordEncoder();
25+
}
26+
27+
@Bean
28+
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception{
2429
http
25-
.csrf(csrf -> csrf
26-
.requireCsrfProtectionMatcher(ServletRequest::isSecure) // HTTPS만 CSRF 보호 적용
27-
)
30+
.csrf(AbstractHttpConfigurer::disable)
2831
.authorizeHttpRequests(auth -> auth
2932
// .requestMatchers("/api/**").permitAll()
3033
// .requestMatchers("/swagger-ui/**").permitAll()
@@ -36,7 +39,6 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
3639
// JwtAuthenticationFilter 추가
3740
.addFilterBefore(new JwtAuthenticationFilter(jwtProvider), UsernamePasswordAuthenticationFilter.class);
3841

39-
4042
return http.build();
4143
}
42-
}
44+
}

default/src/main/java/org/dfbf/soundlink/global/config/SecurityConfig.java

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@
1717
@Configuration
1818
@EnableWebSecurity
1919
@RequiredArgsConstructor
20+
@SuppressWarnings("squid:S4502")
2021
public class SecurityConfig {
2122
private final JwtProvider jwtProvider;
2223

@@ -28,9 +29,7 @@ public BCryptPasswordEncoder passwordEncoder() {
2829
@Bean
2930
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception{
3031
http
31-
.csrf(csrf -> csrf
32-
.requireCsrfProtectionMatcher(ServletRequest::isSecure) // HTTPS만 CSRF 보호 적용
33-
)
32+
.csrf(AbstractHttpConfigurer::disable)
3433
.authorizeHttpRequests(auth -> auth
3534
// .requestMatchers("/api/**").permitAll()
3635
// .requestMatchers("/swagger-ui/**").permitAll()

0 commit comments

Comments
 (0)