protected void configure()

in src/main/java/com/epam/digital/data/platform/bpms/admin/config/security/WebAppSecurityConfig.java [56:75]

• 20 lines of code
• 1 McCabe index (conditional complexity)

  protected void configure(HttpSecurity http) throws Exception {
    allowAccessToActuatorEndpoints(http);
    http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
        .and()
        .requestMatchers().antMatchers("/**").and()
        .authorizeRequests(
            authorizeRequests ->
                authorizeRequests
                    .antMatchers("/login**", "/oauth2/authorization**")
                    .permitAll()
                    .antMatchers("/**", "/api/**", "/lib/**")
                    .authenticated())
        .oauth2Login().successHandler(adminPortalAuthenticationSuccessHandler)
        .and()
        .logout()
        .logoutRequestMatcher(new AntPathRequestMatcher("/camunda/**/logout"))
        .logoutSuccessHandler(keycloakLogoutHandler)
    ;
    http.addFilterAfter(new RedirectionFilter(), BasicAuthenticationFilter.class);
  }