https://hyun-sun.github.io/2021-05-02-swagger/
https://github.com/springfox/springfox/issues/1450
=================================================================================================================
package com.sungchul.stock.config.security;
import org.springframework.security.web.util.matcher.RequestMatcher;
import javax.servlet.http.HttpServletRequest;
import java.util.regex.Pattern;
public class CsrfRequireMatcher implements RequestMatcher {
private static final Pattern ALLOWED_METHODS = Pattern.compile(“^(GET|HEAD|TRACE|OPTIONS)$”);
@Override
public boolean matches(HttpServletRequest request) {
if (ALLOWED_METHODS.matcher(request.getMethod()).matches())
return false;
final String referer = request.getHeader("Referer");
if (referer != null && referer.contains("/swagger-ui")) {
return false;
}
return true;
} } =================================================================================================================
=================================================================================================================
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
//.antMatchers(“/”).permitAll()
//스웨거에는 바로 접속할수 있도록 아래의 URL에서 예외처리
.antMatchers(“/”, “/v2/api-docs”, “/configuration/”, “/swagger*/”, “/webjars/**”).permitAll()
.antMatchers("/user").hasRole("USER")
.antMatchers("/manager").hasRole("MANAGER")
.antMatchers("/admin" , "/test" , "/test/**","/user" , "/user/**").hasRole("ADMIN")
.anyRequest().authenticated()
.and()
.formLogin();
http.csrf()
.requireCsrfProtectionMatcher(new CsrfRequireMatcher())
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
}
=================================================================================================================