Produced by Araxis Merge on 4/27/2018 2:59:09 PM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
| # | Location | File | Last Modified |
|---|---|---|---|
| 1 | v2.0_Sprint_15_Build_5.zip\v2.0_Sprint_15_Build_5\Unredacted\ARS_Backend\ars_app\src\main\java\gov\va\med\ars\configuration\security | OAuth2ResourceServerConfig.java | Tue Apr 24 14:50:46 2018 UTC |
| 2 | v2.0_Sprint_15_Build_5..zip\v2.0_Sprint_15_Build_5\Unredacted\ARS_Backend\ars_app\src\main\java\gov\va\med\ars\configuration\security | OAuth2ResourceServerConfig.java | Thu Apr 26 14:11:34 2018 UTC |
| Description | Between Files 1 and 2 |
|
|---|---|---|
| Text Blocks | Lines | |
| Unchanged | 2 | 84 |
| Changed | 1 | 2 |
| Inserted | 0 | 0 |
| Removed | 0 | 0 |
| Whitespace | |
|---|---|
| Character case | Differences in character case are significant |
| Line endings | Differences in line endings (CR and LF characters) are ignored |
| CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
| 1 | package go v.va.med.a rs.configu ration.sec urity; | |
| 2 | ||
| 3 | import org .springfra mework.bea ns.factory .annotatio n.Autowire d; | |
| 4 | import org .springfra mework.con text.annot ation.Conf iguration; | |
| 5 | import org .springfra mework.sec urity.conf ig.annotat ion.web.bu ilders.Htt pSecurity; | |
| 6 | import org .springfra mework.sec urity.oaut h2.config. annotation .web.confi guration.E nableResou rceServer; | |
| 7 | import org .springfra mework.sec urity.oaut h2.config. annotation .web.confi guration.R esourceSer verConfigu rerAdapter ; | |
| 8 | import org .springfra mework.sec urity.oaut h2.config. annotation .web.confi gurers.Res ourceServe rSecurityC onfigurer; | |
| 9 | import org .springfra mework.sec urity.oaut h2.provide r.error.OA uth2Access DeniedHand ler; | |
| 10 | import org .springfra mework.sec urity.oaut h2.provide r.token.To kenStore; | |
| 11 | import org .springfra mework.sec urity.oaut h2.provide r.token.st ore.JwtAcc essTokenCo nverter; | |
| 12 | ||
| 13 | /** | |
| 14 | * | |
| 15 | * @author PI I
|
|
| 16 | * | |
| 17 | */ | |
| 18 | @Configura tion | |
| 19 | @EnableRes ourceServe r | |
| 20 | public cla ss OAuth2R esourceSer verConfig extends Re sourceServ erConfigur erAdapter { | |
| 21 | ||
| 22 | pr ivate stat ic final S tring RESO URCE_ID = "SPRING_RE ST_API"; | |
| 23 | ||
| 24 | @A utowired | |
| 25 | pr ivate Toke nStore tok enStore; | |
| 26 | ||
| 27 | @A utowired | |
| 28 | Jw tAccessTok enConverte r tokenCon verter; | |
| 29 | ||
| 30 | @O verride | |
| 31 | pu blic void configure( ResourceSe rverSecuri tyConfigur er resourc es) { | |
| 32 | reso urces.reso urceId(RES OURCE_ID). tokenStore (tokenStor e); | |
| 33 | } | |
| 34 | ||
| 35 | @O verride | |
| 36 | pu blic void configure( HttpSecuri ty http) t hrows Exce ption { | |
| 37 | http .csrf().di sable().re questMatch ers().antM atchers("/ api/**").a nd().autho rizeReques ts() | |
| 38 | .antMatc hers("/api /admin/**" ).hasRole( "ADMIN").a ntMatchers ("/api/v1/ **") | |
| 39 | .access( "hasRole(' USER') or hasRole('A DMIN')").a nyRequest( ).authenti cated().an d().except ionHandlin g() | |
| 40 | .accessD eniedHandl er(new OAu th2AccessD eniedHandl er()); | |
| 41 | } | |
| 42 | ||
| 43 | } |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.