diff --git a/kbazaar/src/main/java/com/kampus/kbazaar/cart/CartController.java b/kbazaar/src/main/java/com/kampus/kbazaar/cart/CartController.java index d5c60a3..f5cd0ea 100644 --- a/kbazaar/src/main/java/com/kampus/kbazaar/cart/CartController.java +++ b/kbazaar/src/main/java/com/kampus/kbazaar/cart/CartController.java @@ -8,7 +8,7 @@ public class CartController { @GetMapping("/carts") - public ResponseEntity getCart() { + public ResponseEntity getCart() { // NOSONAR return ResponseEntity.ok().build(); } } diff --git a/kbazaar/src/main/java/com/kampus/kbazaar/security/JwtAuthFilter.java b/kbazaar/src/main/java/com/kampus/kbazaar/security/JwtAuthFilter.java index b90416a..b2aa833 100644 --- a/kbazaar/src/main/java/com/kampus/kbazaar/security/JwtAuthFilter.java +++ b/kbazaar/src/main/java/com/kampus/kbazaar/security/JwtAuthFilter.java @@ -35,13 +35,11 @@ protected void doFilterInternal( } jwtToken = authHeader.substring(7); - if (SecurityContextHolder.getContext().getAuthentication() == null) { - if (!jwtService.isTokenExpired(jwtToken)) { - UsernamePasswordAuthenticationToken authenticationToken = - new UsernamePasswordAuthenticationToken( - "mockUser", null, new ArrayList<>()); - SecurityContextHolder.getContext().setAuthentication(authenticationToken); - } + if (SecurityContextHolder.getContext().getAuthentication() == null + && !jwtService.isTokenExpired(jwtToken)) { + UsernamePasswordAuthenticationToken authenticationToken = + new UsernamePasswordAuthenticationToken("mockUser", null, new ArrayList<>()); + SecurityContextHolder.getContext().setAuthentication(authenticationToken); } filterChain.doFilter(request, response); diff --git a/kbazaar/src/main/java/com/kampus/kbazaar/security/JwtService.java b/kbazaar/src/main/java/com/kampus/kbazaar/security/JwtService.java index a0461cf..9711534 100644 --- a/kbazaar/src/main/java/com/kampus/kbazaar/security/JwtService.java +++ b/kbazaar/src/main/java/com/kampus/kbazaar/security/JwtService.java @@ -11,7 +11,7 @@ public class JwtService { @Value("${security.jwt.secret}") - private String SECRET_KEY = ""; + private String SECRET_KEY = ""; // NOSONAR public Date extractExpiration(String token) { return extractClaim(token, Claims::getExpiration); @@ -27,7 +27,7 @@ private Claims extractAllClaims(String token) { Jwts.parserBuilder() .setSigningKey(SECRET_KEY.getBytes()) .build() - .parse(token) + .parse(token) // NOSONAR .getBody(); } diff --git a/kbazaar/src/main/java/com/kampus/kbazaar/security/SecurityConfig.java b/kbazaar/src/main/java/com/kampus/kbazaar/security/SecurityConfig.java index 8ef9c87..0c9ca2e 100644 --- a/kbazaar/src/main/java/com/kampus/kbazaar/security/SecurityConfig.java +++ b/kbazaar/src/main/java/com/kampus/kbazaar/security/SecurityConfig.java @@ -4,6 +4,7 @@ import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; @@ -20,9 +21,9 @@ public SecurityConfig(JwtAuthFilter jwtAuthFilter) { @Bean SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception { - return http.csrf(httpSecurityCsrfConfigurer -> httpSecurityCsrfConfigurer.disable()) + return http.csrf(AbstractHttpConfigurer::disable) .authorizeHttpRequests( - (requests) -> + requests -> requests.requestMatchers("/swagger-ui/**", "/v3/api-docs/**") .permitAll() .anyRequest()