usbharu
/
Hideout
mirror of https://github.com/usbharu/Hideout.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

fix: Spring Securityが正常に動作していなかったので修正

This commit is contained in:
usbharu 2025-02-14 17:45:13 +09:00
parent e19a165be4
commit ae0e4a4013
Signed by: usbharu
GPG Key ID: 8CB1087135660B8D
1 changed files with 7 additions and 0 deletions
hideout/hideout-activitypub/src/main/kotlin/dev/usbharu/hideout/activitypub/config
ActivityPubSecurityConfig.kt

7
hideout/hideout-activitypub/src/main/kotlin/dev/usbharu/hideout/activitypub/config/ActivityPubSecurityConfig.kt
View File

@ -8,6 +8,8 @@ import org.springframework.http.HttpMethod.POST
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.util.matcher.AnyRequestMatcher
import org.springframework.security.web.util.matcher.RequestMatcher
@Configuration @Configuration
class ActivityPubSecurityConfig { class ActivityPubSecurityConfig {
@ -15,11 +17,16 @@ class ActivityPubSecurityConfig {
@Order(4) @Order(4)
fun activityPubSecurityFilterChain(http: HttpSecurity): SecurityFilterChain { fun activityPubSecurityFilterChain(http: HttpSecurity): SecurityFilterChain {
http { http {
securityMatcher(RequestMatcher {
val accept = it.getHeader("Accept") ?: ""
return@RequestMatcher accept == "application/json" || accept == "application/activity+json"
})
authorizeHttpRequests { authorizeHttpRequests {
authorize(POST, "/inbox", permitAll) authorize(POST, "/inbox", permitAll)
authorize(POST, "/users/{username}/inbox", permitAll) authorize(POST, "/users/{username}/inbox", permitAll)
authorize(GET, "/outbox", permitAll) authorize(GET, "/outbox", permitAll)
authorize(GET, "/users/{username}/outbox", permitAll) authorize(GET, "/users/{username}/outbox", permitAll)
authorize(GET, "/users/{username}", permitAll)
} }
} }
return http.build() return http.build()