fix : swagger 문서 접근 권한 수정

- swagger 문서 인증 필터 없이 접근가능하도록 변경
tukcomCD2024 · Jan 17, 2024 · 25fd595 · 25fd595
1 parent 8b04e19
commit 25fd595
Showing 1 changed file with 6 additions and 2 deletions.
diff --git a/...ore/src/main/java/site/timecapsulearchive/core/global/config/security/SecurityConfig.java b/...ore/src/main/java/site/timecapsulearchive/core/global/config/security/SecurityConfig.java
@@ -11,6 +11,7 @@
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
@@ -40,6 +41,11 @@ public PasswordEncoder getPasswordEncoder() {
         return new BCryptPasswordEncoder();
     }
 
+    @Bean
+    public WebSecurityCustomizer webSecurityCustomizer() {
+        return (web) -> web.ignoring().requestMatchers("/v3/api-docs/**", "/swagger-resources/**", "/swagger-ui/**");
+    }
+
     @Bean
     @Order(1)
     public SecurityFilterChain filterChainWithOAuth(HttpSecurity http) throws Exception {
@@ -77,8 +83,6 @@ public SecurityFilterChain filterChainWithJwt(
         http
             .securityMatcher(regexMatcher("^\\/(?!auth\\/login).*"))
             .authorizeHttpRequests(auth -> auth
-                .requestMatchers("/v3/api-docs/**", "/swagger-resources/**", "/swagger-ui/**")
-                .permitAll()
                 .anyRequest().authenticated()
             );