Merge pull request #341 from tallyto/23.06

Configurando o Resource Server para JWT assinado com chave simétrica

src/main/java/com/tallyto/algafood/core/security/WebSecurityConfig.java

@@ -5,8 +5,12 @@
 import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.oauth2.jwt.JwtDecoder;
+import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
 import org.springframework.security.web.SecurityFilterChain;
 
+import javax.crypto.spec.SecretKeySpec;
+
 @Configuration
 @EnableWebSecurity
 @Profile("developer")
@@ -20,9 +24,16 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
             .and()
                 .cors()
             .and()
-                .oauth2ResourceServer().opaqueToken();
+                .oauth2ResourceServer().jwt();
 
         return http.build();
     }
 
+    @Bean
+    public JwtDecoder jwtDecoder() {
+        var secretKey = new SecretKeySpec("df5f8fdd4c0db669bb2d7546584a2ff08694fe29b93426ebbfcf135161029b94".getBytes(), "HmacSHA256");
+        return NimbusJwtDecoder.withSecretKey(secretKey).build();
+    }
+
+
 }

src/main/resources/application-developer.properties

@@ -41,6 +41,6 @@ spring.mvc.pathmatch.matching-strategy=ant-path-matcher
 server.compression.enabled=true
 logging.loggly.token=${LOGGLY_TOKEN}
 
-spring.security.oauth2.resourceserver.opaquetoken.introspection-uri=http://localhost:3002/oauth/check_token
-spring.security.oauth2.resourceserver.opaquetoken.client-id=admin
-spring.security.oauth2.resourceserver.opaquetoken.client-secret=admin
+#spring.security.oauth2.resourceserver.opaquetoken.introspection-uri=http://localhost:3002/oauth/check_token
+#spring.security.oauth2.resourceserver.opaquetoken.client-id=admin
+#spring.security.oauth2.resourceserver.opaquetoken.client-secret=admin