Spring security - custom provider

gistfile1.txt

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Autowired
    private JwtTokenFilter jwtTokenFilter;

//    @Autowired
//    private UserDetailsService userDetailsService;

    @Autowired
    BCryptPasswordEncoder passwordEncoder;

    @Autowired
    JwtAuthenticationProvider customAuthenticationProvider;

    // we are not using default authentication provider,
    // so we do not need to set these here.
    // we set these things in the our custom authentication provider.
//    @Autowired
//    public void configurePasswordEncoder(AuthenticationManagerBuilder builder) throws Exception {
//        builder.userDelet channel = F.SERVICE("rabbit").channel
let config = F.CONFIG("rabbit").config;
let HOST = F.CONFIG("app").config.host;

async function createTradingAccountCORE(){
    console.log("creating...")
    let res = await axios.post(CORE_API, payload)
      .then((success)=> console.log("created", success))
      .catch(err => {
        console.log("cannot create account", err)
      })
}
  
exports.install = function () {
    channel.prefetch(1);
    channel.consume("CORE_TASKS", async function (msg) {
        const task = msg.name;
        try {
            if (task == "create_user") {
                createTradingAccountCORE().then(channel.ack(msg))
            }

        } catch (error) {
            console.error("ERROR: ", error)
            channel.ack(msg);
        }
    });
}

tailsService(userDetailsService).passwordEncoder(passwordEncoder);
//    }

    @Bean
let channel = F.SERVICE("rabbit").channel
let config = F.CONFIG("rabbit").config;
let HOST = F.CONFIG("app").config.host;

async function createTradingAccountCORE(){
    console.log("creating...")
    let res = await axios.post(CORE_API, payload)
      .then((success)=> console.log("created", success))
      .catch(err => {
        console.log("cannot create account", err)
      })
}
  
exports.install = function () {
    channel.prefetch(1);
    channel.consume("CORE_TASKS", async function (msg) {
        const task = msg.name;
        try {
            if (task == "create_user") {
                createTradingAccountCORE().then(channel.ack(msg))
            }

        } catch (error) {
            console.error("ERROR: ", error)
            channel.ack(msg);
        }
    });
}

    public AuthenticationManager getAuthenticationManager() throws Exception {
        return super.authenticationManagerBean();
    }

    // adding our custom authentication provider
    // authentication manager will call this customer provider's
    // authenticate method from now on.
    @Override
    protected void configure(AuthenticationManagerBuilder auth) {
        auth.authenticationProvider(customAuthenticationProvider);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                // disabling csrf since we won't use form login
                .csrf().disable()

                // giving every permission to every request for /login endpoint
                .authorizeRequests().antMatchers("/login").permitAll()
                // for everything else, the user has to be authenticated
                .anyRequest().authenticated()
                // setting stateless session, because we choose to implement Rest API
                .and().sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS);

        // adding the custom filter before UsernamePasswordAuthenticationFilter in the filter chain
        http.addFilterBefore(jwtTokenFilter, UsernamePasswordAuthenticationFilter.class);
    }
}