This project contains common classes to use in authorization.
This library is a helper when using the Spring Boot Resource Server functionality. It helps with adding claims as authorities and mapping Jwt's to suitable principal classes
Add the following dependency to your build.gradle file:
implementation 'no.vigoiks.fint:fint-resource-server-security:<latest version>'
@EnableWebFluxSecurity
public class SecurityConfiguration {
@Value("${fint.integration.service.authorized-org-id:vigo.no}")
private String authorizedOrgId;
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange((authorize) -> authorize
.pathMatchers("/**")
.hasAnyAuthority("ORGID_" + authorizedOrgId)
.anyExchange()
.authenticated())
.oauth2ResourceServer((resourceServer) -> resourceServer
.jwt()
.jwtAuthenticationConverter(new FintJwtUserConverter()));
return http.build();
}
}@EnableWebFluxSecurity
public class SecurityConfiguration {
@Value("${fint.integration.service.authorized-role:https://role-catalog.vigoiks.no/vigo/elevfakturering/user}")
private String authorizedRole;
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange((authorize) -> authorize
.pathMatchers("/**")
.hasRole(authorizedRole)
.anyExchange()
.authenticated())
.oauth2ResourceServer((resourceServer) -> resourceServer
.jwt()
.jwtAuthenticationConverter(new FintJwtUserConverter()));
return http.build();
}
}@GetMapping
public ResponseEntity<FintJwtEndUserPrincipal> getLatestIntegrationConfigurations(@AuthenticationPrincipal Jwt jwt) {
return ResponseEntity.ok(FintJwtEndUserPrincipal.from(jwt));
}