NFC-47 Review findings. Extract USER role.

SanderKondratjevNortal · SanderKondratjevNortal · commit 30df1a1f2862 · 2025-08-28T12:10:20.000+03:00
diff --git a/example/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java b/example/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java
@@ -25,6 +25,7 @@
 import eu.webeid.example.security.AuthTokenDTOAuthenticationProvider;
 import eu.webeid.example.security.WebEidAjaxLoginProcessingFilter;
 import eu.webeid.example.security.ui.WebEidLoginPageGeneratingFilter;
+import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
@@ -51,12 +52,14 @@ public SecurityFilterChain filterChain(HttpSecurity http, AuthTokenDTOAuthentica
 
         return http
             .authorizeHttpRequests(auth -> auth
+                .requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
                 .requestMatchers("/", "/error").permitAll()
                 .requestMatchers(HttpMethod.GET, "/auth/eid/login").permitAll()
                 .requestMatchers("/auth/challenge").permitAll()
                 .requestMatchers(HttpMethod.POST, "/auth/mobile/auth/init").permitAll()
-                .requestMatchers("/favicon.ico", "/css/**", "/files/**", "/img/**", "/js/**").permitAll()
-                .anyRequest().authenticated()
+                .requestMatchers("/auth/login").permitAll()
+                .requestMatchers("/welcome").hasRole("USER")
+                .anyRequest().permitAll()
             )
             .authenticationProvider(authTokenDTOAuthenticationProvider)
             .addFilterBefore(new WebEidLoginPageGeneratingFilter(), UsernamePasswordAuthenticationFilter.class)
diff --git a/example/src/main/java/eu/webeid/example/security/ui/WebEidLoginPageGeneratingFilter.java b/example/src/main/java/eu/webeid/example/security/ui/WebEidLoginPageGeneratingFilter.java
@@ -74,7 +74,6 @@ protected void doFilterInternal(@NonNull HttpServletRequest request, @NonNull Ht
         response.getWriter().write(html);
     }
 
-
     private String generateHtml(String csrfToken, String csrfHeaderName) {
         return String.format(LOGIN_PAGE_HTML, csrfToken, csrfHeaderName);
     }

Original file line number	Diff line number	Diff line change
`@@ -74,7 +74,6 @@ protected void doFilterInternal(@NonNull HttpServletRequest request, @NonNull Ht`
`74`	`74`	`response.getWriter().write(html);`
`75`	`75`	`}`
`76`	`76`
`77`		`-`
`78`	`77`	`private String generateHtml(String csrfToken, String csrfHeaderName) {`
`79`	`78`	`return String.format(LOGIN_PAGE_HTML, csrfToken, csrfHeaderName);`
`80`	`79`	`}`