0

I want to authenticate with JWT for all requests coming to server but there is some endpoint I want to authentication also with OAuth2 with social media website like Facebook, Twitter or Instagram. See the diagram:

https://i.stack.imgur.com/cEFOY.png

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, jsr250Enabled = true)
@AllArgsConstructor
public class SecurityConfig {

    private final UserDetailsService userDetailsDervice;
    private final RsaKeyProperties jwtConfigProperties;

    @Bean
    @Order(value = Ordered.HIGHEST_PRECEDENCE)
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http
            .csrf().disable()
            .authorizeRequests(
                auth -> auth.antMatchers("/api/v1/auth/**").permitAll()
                        .anyRequest().authenticated())
            .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt)
            .sessionManagement(session -> 
                session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
            .formLogin().disable()
            .logout().disable();
        return http.build();
    }

    @Bean
    @Order(2)
    public SecurityFilterChain clientSecurityFilterChain(HttpSecurity http) throws Exception {
        http
            .csrf().disable()
            .authorizeRequests()
                .anyRequest().authenticated()
                .and()
            .sessionManagement(session ->  session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
            .logout().disable()
            .oauth2Login();
        return http.build();
    }
dur
  • 15,689
  • 25
  • 79
  • 125
Shehab El Basmy
  • 1
  • 2

0 Answers0