From aa78ccc630ef258ed59ac30de349e675a9175796 Mon Sep 17 00:00:00 2001
From: csimonis <c.simonis@neusta.de>
Date: Wed, 23 Apr 2025 08:42:27 +0200
Subject: [PATCH] feat(security): allow access to webhook endpoint

---
 .../src/main/java/de/szut/casino/security/SecurityConfig.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/backend/src/main/java/de/szut/casino/security/SecurityConfig.java b/backend/src/main/java/de/szut/casino/security/SecurityConfig.java
index 5b4f4fc..c6cb6b8 100644
--- a/backend/src/main/java/de/szut/casino/security/SecurityConfig.java
+++ b/backend/src/main/java/de/szut/casino/security/SecurityConfig.java
@@ -23,7 +23,7 @@ public class SecurityConfig {
             .cors(Customizer.withDefaults())
             .csrf(csrf -> csrf.disable())
             .authorizeHttpRequests(auth -> {
-                auth.requestMatchers("/swagger/**", "/swagger-ui/**", "/health").permitAll()
+                auth.requestMatchers("/webhook", "/swagger/**", "/swagger-ui/**", "/health").permitAll()
                     .anyRequest().authenticated();
                 })
                 .oauth2ResourceServer(oauth2 -> oauth2.jwt(jwt ->