adorsys · max402 · Apr 18, 2024 · Jan 14, 2024 · Jan 14, 2024 · Jan 14, 2024
diff --git a/datasafe-rest-impl/pom.xml b/datasafe-rest-impl/pom.xml
@@ -19,10 +19,16 @@
         <spring-restdocs.version>3.0.0</spring-restdocs.version>
         <asciidoctor-maven-plugin.version>2.2.4</asciidoctor-maven-plugin.version>
         <exec-maven-plugin.version>1.6.0</exec-maven-plugin.version>
-        <jakarta.validation-api.version>3.0.2</jakarta.validation-api.version>
+        <jakarta.validation-api.varsion>3.0.2</jakarta.validation-api.varsion>
+        <springdoc-openapi-starter-webmvc-ui.version>2.3.0</springdoc-openapi-starter-webmvc-ui.version>
     </properties>
 
     <dependencies>
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
+            <version>${springdoc-openapi-starter-webmvc-ui.version}</version>
+        </dependency>
         <dependency>
             <groupId>de.adorsys</groupId>
             <artifactId>datasafe-business</artifactId>

diff --git a/datasafe-rest-impl/src/main/java/de/adorsys/datasafe/rest/impl/security/SecurityConfig.java b/datasafe-rest-impl/src/main/java/de/adorsys/datasafe/rest/impl/security/SecurityConfig.java
@@ -63,7 +63,7 @@ public SecurityFilterChain filterChain(HttpSecurity http, MvcRequestMatcher.Buil
                         .requestMatchers(swaggerResources).permitAll()
                         .requestMatchers(mvc.pattern("/static/**")).permitAll()
                         .requestMatchers(mvc.pattern(SecurityConstants.AUTH_LOGIN_URL)).permitAll()
-                        .requestMatchers(mvc.pattern(HttpMethod.OPTIONS, "/**")).permitAll()
+                        .requestMatchers(mvc.pattern(HttpMethod.GET, "/**")).permitAll()
                         .anyRequest().authenticated()
                 )
                 .addFilter(new JwtAuthorizationFilter(authenticationManager, securityProperties))

diff --git a/datasafe-rest-impl/src/test/resources/jwt-config.properties b/datasafe-rest-impl/src/test/resources/jwt-config.properties
@@ -1,7 +1,5 @@
-debug=false
-management.endpoints.web.exposure.include=*
-
-jwt_secret=n2r5u8x/A%D*G-KaPdSgVkYp3s6v9y$B&E(H+MbQeThWmZq4t7w!z%C*F-J@NcRf
-default_user=username
-default_password=password
-token_expiration=864000000
+jwt_secret=${JWT_SECRET}
+default_user=${DEFAULT_USER}
+default_password=${DEFAULT_PASSWORD}
+#10 Days in ms
+token_expiration=${TOKEN_EXPIRATION:864000000}