fix: Fix security config, add health check route and adjust requests (!9)

Co-authored-by: Phan Huy Tran <p.tran@neusta.de> Reviewed-on: https://git.simonis.lol/projects/casino/pulls/9 Reviewed-by: Constantin Simonis <constantin@simonis.lol> Reviewed-by: lziemke <lea.z4@schule.bremen.de>
2025-02-05 11:38:00 +00:00 · 2025-02-05 11:38:00 +00:00 · 35bfa3be7f
commit 35bfa3be7f
parent 7fe8f276cf
5 changed files with 23 additions and 39 deletions
--- a/backend/src/main/java/de/szut/casino/health/HealthController.java
+++ b/backend/src/main/java/de/szut/casino/health/HealthController.java
@ -0,0 +1,15 @@
+package de.szut.casino.health;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.Map;
+
+@RestController
+public class HealthController {
+
+    @GetMapping("/health")
+    public Map<String, String> healthCheck() {
+        return Map.of("status", "UP");
+    }
+}
--- a/backend/src/main/java/de/szut/casino/security/KeycloakSecurityConfig.java
+++ b/backend/src/main/java/de/szut/casino/security/KeycloakSecurityConfig.java
@ -52,23 +52,12 @@ class KeycloakSecurityConfig {

    @Bean
    public SecurityFilterChain resourceServerFilterChain(HttpSecurity http) throws Exception {
-
        http.authorizeHttpRequests(auth -> auth
-                .requestMatchers(new AntPathRequestMatcher("/welcome"))
-                .permitAll()
-                .requestMatchers(
-                        new AntPathRequestMatcher("/swagger"),
-                        new AntPathRequestMatcher("/swagger-ui/**"),
-                        new AntPathRequestMatcher("/v3/api-docs/**"))
-                .permitAll()
-                .requestMatchers(new AntPathRequestMatcher("/hello/**"))
-                .hasRole("lf12_test_role")
-                .requestMatchers(new AntPathRequestMatcher("/roles"))
-                .authenticated()
-                .requestMatchers(new AntPathRequestMatcher("/"))
-                .permitAll()
-                .anyRequest()
-                .authenticated()).oauth2ResourceServer(spec -> spec.jwt(Customizer.withDefaults()));
+                .requestMatchers("/swagger", "/swagger-ui/**", "/v3/api-docs/**", "/health").permitAll()
+                .anyRequest().authenticated()
+            )
+            .oauth2ResourceServer(spec -> spec.jwt(Customizer.withDefaults()));
+        
        return http.build();
    }

@ -90,4 +79,4 @@ class KeycloakSecurityConfig {
        });
        return jwtAuthenticationConverter;
    }
-}
+}