usbharu
/
Hideout
mirror of https://github.com/usbharu/Hideout.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

fix: Spring Securityが正常に動作していなかったので修正

This commit is contained in:
usbharu 2025-02-14 17:45:13 +09:00
parent e19a165be4
commit ae0e4a4013
Signed by: usbharu
GPG Key ID: 8CB1087135660B8D
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
hideout/hideout-activitypub/src/main/kotlin/dev/usbharu/hideout/activitypub/config/ActivityPubSecurityConfig.kt
View File

@ -8,6 +8,8 @@ import org.springframework.http.HttpMethod.POST
import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.invoke
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.util.matcher.AnyRequestMatcher
import org.springframework.security.web.util.matcher.RequestMatcher
@Configuration
class ActivityPubSecurityConfig {
@ -15,11 +17,16 @@ class ActivityPubSecurityConfig {
@Order(4)
fun activityPubSecurityFilterChain(http: HttpSecurity): SecurityFilterChain {
http {
securityMatcher(RequestMatcher {
val accept = it.getHeader("Accept") ?: ""
return@RequestMatcher accept == "application/json" || accept == "application/activity+json"
})
authorizeHttpRequests {
authorize(POST, "/inbox", permitAll)
authorize(POST, "/users/{username}/inbox", permitAll)
authorize(GET, "/outbox", permitAll)
authorize(GET, "/users/{username}/outbox", permitAll)
authorize(GET, "/users/{username}", permitAll)
}
}
return http.build()