search

danvega / jwt

Spring Security + JWT
83 stars 37 forks source link

Error in tokenSecurityFilterChain method #7

Closed mguerraferrer closed 1 year ago

mguerraferrer commented 1 year ago

Hi @danvega

In the tokenSecurityFilterChain method of the SecurityConfig class, http.requestMatcher(new AntPathRequestMatcher("/token")) is declared, but the requestMatcher(AntPathRequestMatcher) method is not defined for the HttpSecurity type, so it gives an error.

It can fixed doing something like this:

.authorizeHttpRequests(auth -> {
    auth.requestMatchers(new AntPathRequestMatcher("/token"));
    auth.anyRequest().authenticated();
})

Anyway, after getting the granted token and trying to use it to access "/" or "/secure", you always get 401 Unauthorized. Could you take a look at this issue please?

danvega-jwt-error danvega-jwt-error1

mguerraferrer commented 1 year ago

Hi @danvega

Searching through the closed PRs, I noticed that the correct way to declare AntPathRequestMatcher is .securityMatcher(new AntPathRequestMatcher("/token")), but for some reason, it was changed in the actual code. Fixing that, everything works great