aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/config
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/juick/config')
-rw-r--r--src/main/java/com/juick/config/SecurityConfig.java15
1 files changed, 4 insertions, 11 deletions
diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java
index 255b0c5d..d8faff7b 100644
--- a/src/main/java/com/juick/config/SecurityConfig.java
+++ b/src/main/java/com/juick/config/SecurityConfig.java
@@ -148,21 +148,13 @@ public class SecurityConfig {
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http)
throws Exception {
OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
- var loginUrlAuthenticationEntryPoint = new LoginUrlAuthenticationEntryPoint("/login");
- loginUrlAuthenticationEntryPoint.setForceHttps(true);
http.getConfigurer(OAuth2AuthorizationServerConfigurer.class)
.authorizationServerSettings(AuthorizationServerSettings.builder()
.authorizationEndpoint("/oauth/authorize")
.tokenEndpoint("/oauth/token")
.build())
- .oidc(Customizer.withDefaults()); // Enable OpenID Connect 1.0
- http
- // Redirect to the login page when not authenticated from the
- // authorization endpoint
- .exceptionHandling((exceptions) -> exceptions
- .authenticationEntryPoint(loginUrlAuthenticationEntryPoint)
- )
- .cors(cors -> cors.configurationSource(corsConfigurationSource()))
+ .oidc(Customizer.withDefaults());
+ http.cors(cors -> cors.configurationSource(corsConfigurationSource()))
// Accept access tokens for User Info and/or Client Registration
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
@@ -262,7 +254,8 @@ public class SecurityConfig {
.logout(logout -> logout
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.invalidateHttpSession(true)
- .logoutSuccessUrl("/")
+ .clearAuthentication(true)
+ .logoutSuccessUrl("/login")
.deleteCookies("hash", COOKIE_NAME))
.formLogin(form -> form.loginPage("/login")
.usernameParameter("username")