From c0440351ca1efd0aa45a129b6d528e050a4d3347 Mon Sep 17 00:00:00 2001 From: Tunahan Cicek Date: Fri, 1 Dec 2023 16:35:03 +0100 Subject: [PATCH] Fixed handling of Oauth (Bearer token). --- CHANGELOG.md | 6 ++++++ .../semantics/registry/security/OAuthSecurityConfig.java | 8 +++++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 81e47871..ef27214a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## 0.3.21 +### Added + +## fixed +- Fixed handling of Oauth (Bearer token). + ## 0.3.20 ### Added - Length for Column "SUB_PROTOCOL_BODY" has been extended to 2048. diff --git a/backend/src/main/java/org/eclipse/tractusx/semantics/registry/security/OAuthSecurityConfig.java b/backend/src/main/java/org/eclipse/tractusx/semantics/registry/security/OAuthSecurityConfig.java index ffe01b59..34edad22 100644 --- a/backend/src/main/java/org/eclipse/tractusx/semantics/registry/security/OAuthSecurityConfig.java +++ b/backend/src/main/java/org/eclipse/tractusx/semantics/registry/security/OAuthSecurityConfig.java @@ -69,9 +69,11 @@ protected SecurityFilterChain configure(HttpSecurity http) throws Exception { //getDescription allowed for reader .requestMatchers( HttpMethod.GET, "/**/description" ).access( "@authorizationEvaluator.hasRoleViewDigitalTwin()" ) ) - .csrf(CsrfConfigurer::disable) - .sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) - .oauth2ResourceServer(oauth2ResourceServerConfigurer -> oauth2ResourceServerConfigurer.jwt()); + .csrf().disable() + .sessionManagement().sessionCreationPolicy( SessionCreationPolicy.STATELESS ) + .and() + .oauth2ResourceServer() + .jwt(); return http.build(); }