-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathSpringConfig.scala
More file actions
91 lines (78 loc) · 3.23 KB
/
SpringConfig.scala
File metadata and controls
91 lines (78 loc) · 3.23 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
package com.example.scalaspringexperiment
import cats.effect.unsafe.IORuntime
import cats.effect.{IO, Resource}
import com.example.scalaspringexperiment.auth.{JwtAuthManager, JwtServerAuthConverter}
import com.example.scalaspringexperiment.util.{CirceJsonDecoder, CirceJsonEncoder}
import doobie.{DataSourceTransactor, ExecutionContexts}
import doobie.util.transactor.Transactor
import org.springframework.context.annotation.{Bean, Configuration, Primary}
import org.springframework.http.HttpStatus
import org.springframework.http.codec.ServerCodecConfigurer
import org.springframework.security.authentication.{DelegatingReactiveAuthenticationManager, UsernamePasswordAuthenticationToken}
import org.springframework.security.config.Customizer
import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity
import org.springframework.security.config.web.server.{SecurityWebFiltersOrder, ServerHttpSecurity}
import org.springframework.security.web.server.SecurityWebFilterChain
import org.springframework.security.web.server.authentication.AuthenticationWebFilter
import org.springframework.security.web.server.context.{NoOpServerSecurityContextRepository, WebSessionServerSecurityContextRepository}
import org.springframework.web.reactive.config.WebFluxConfigurer
import javax.sql.DataSource
@Configuration
class SpringConfig(
dataSource: DataSource,
) {
@Bean
def doobieTransactor(): Resource[IO, DataSourceTransactor[IO]] = {
for {
ce <- ExecutionContexts.fixedThreadPool[IO](32) // our connect EC
} yield Transactor.fromDataSource[IO](dataSource, ce)
}
}
@Configuration
@EnableWebFluxSecurity
@EnableReactiveMethodSecurity
class SecurityConfig(
jwtAuthManager: JwtAuthManager,
) {
@Bean
def securityFilterChain(
http: ServerHttpSecurity,
jwtAuthFilter: AuthenticationWebFilter,
): SecurityWebFilterChain = {
http
.cors(Customizer.withDefaults())
.csrf(csrf => csrf.disable())
.authorizeExchange(_.anyExchange().permitAll())
.addFilterAt(jwtAuthFilter, SecurityWebFiltersOrder.AUTHENTICATION)
.securityContextRepository(NoOpServerSecurityContextRepository.getInstance()) // stateless auth
.build()
}
@Bean
def jwtAuthFilter(
jwtAuthManager: JwtAuthManager
): AuthenticationWebFilter = {
val filter = new AuthenticationWebFilter(jwtAuthManager)
filter.setServerAuthenticationConverter(new JwtServerAuthConverter)
filter.setSecurityContextRepository(NoOpServerSecurityContextRepository.getInstance())
filter
}
}
@Configuration(proxyBeanMethods = false)
class CatsEffectConfig {
@Bean
def catsEffectIORuntime(): IORuntime = {
cats.effect.unsafe.implicits.global
}
}
@Configuration
class CirceWebFluxConfig extends WebFluxConfigurer {
override def configureHttpMessageCodecs(configurer: ServerCodecConfigurer): Unit = {
// disable jackson codecs
configurer.defaultCodecs().jackson2JsonDecoder(null)
configurer.defaultCodecs().jackson2JsonEncoder(null)
// register circe codecs
configurer.customCodecs().register(new CirceJsonDecoder())
configurer.customCodecs().register(new CirceJsonEncoder())
}
}