ramonmalcolm10 · ramonmalcolm10 · Nov 28, 2022
diff --git a/src/main/java/com/example/config/SecurityConfig.java b/src/main/java/com/example/config/SecurityConfig.java
@@ -41,6 +41,20 @@ public class SecurityConfig {
 
     @Bean
     @Order(1)
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http
+                .securityMatcher("/api/**")
+                .authorizeHttpRequests()
+                .anyRequest()
+                .authenticated()
+                .and()
+                .oauth2ResourceServer()
+                .jwt();
+        return http.build();
+    }
+
+    @Bean
+    @Order(2)
     public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http)
             throws Exception {
         OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
@@ -53,14 +67,15 @@ public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity h
                         .authenticationEntryPoint(
                                 new LoginUrlAuthenticationEntryPoint("/login"))
                 )
+                //.exceptionHandling()
                 // Accept access tokens for User Info and/or Client Registration
                 .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
 
         return http.build();
     }
 
     @Bean
-    @Order(2)
+    @Order(3)
     public SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http)
             throws Exception {
         http

diff --git a/src/main/java/com/example/controller/TestApiController.java b/src/main/java/com/example/controller/TestApiController.java
@@ -0,0 +1,14 @@
+package com.example.controller;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class TestApiController {
+
+    @GetMapping("/api/test")
+    public String test() {
+        return "test";
+    }
+
+}