From 0e66d5a49a60a1db7a6f3d38ad40dd047bcf96f3 Mon Sep 17 00:00:00 2001
From: usbharu <i@usbharu.dev>
Date: Tue, 21 Jan 2025 23:56:36 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20#654=20Spring=20Authorization=20Server?=
 =?UTF-8?q?=E3=81=AESecurityFIlterChain=E3=81=AE=E8=A8=AD=E5=AE=9A?=
 =?UTF-8?q?=E6=96=B9=E6=B3=95=E3=81=8C=E5=A4=89=E3=82=8F=E3=81=A3=E3=81=A6?=
 =?UTF-8?q?=E3=81=84=E3=82=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../usbharu/hideout/core/config/SecurityConfig.kt  | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/hideout/hideout-core/src/main/kotlin/dev/usbharu/hideout/core/config/SecurityConfig.kt b/hideout/hideout-core/src/main/kotlin/dev/usbharu/hideout/core/config/SecurityConfig.kt
index d0b071ca..1e0e24f3 100644
--- a/hideout/hideout-core/src/main/kotlin/dev/usbharu/hideout/core/config/SecurityConfig.kt
+++ b/hideout/hideout-core/src/main/kotlin/dev/usbharu/hideout/core/config/SecurityConfig.kt
@@ -45,7 +45,7 @@ import org.springframework.security.oauth2.server.authorization.OAuth2Authorizat
 import org.springframework.security.oauth2.server.authorization.OAuth2TokenType
 import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository
-import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration
+import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer
 import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings
 import org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext
 import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenCustomizer
@@ -65,8 +65,18 @@ class SecurityConfig {
     @Bean
     @Order(1)
     fun oauth2Provider(http: HttpSecurity): SecurityFilterChain {
-        OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http)
+        val authorizationServer = OAuth2AuthorizationServerConfigurer.authorizationServer()
         http {
+            securityMatcher(authorizationServer.endpointsMatcher)
+            with(authorizationServer) {
+                authorizationEndpoint {
+
+                }
+            }
+            authorizeHttpRequests {
+                authorize(anyRequest, authenticated)
+
+            }
             exceptionHandling {
                 authenticationEntryPoint = LoginUrlAuthenticationEntryPoint("/auth/sign_in")
             }