Checked, added and fixed rights to endpoints

re #9511

backend/src/main/java/cz/zcu/kiv/backendapi/security/jwt/JwtTokenVerifier.java

@@ -8,6 +8,7 @@ import com.google.common.base.Strings;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -19,9 +20,9 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
-import java.util.Arrays;
 import java.util.Collection;
 import java.util.List;
+import java.util.Map;
 import java.util.stream.Collectors;
 
 
@@ -38,9 +39,9 @@ public class JwtTokenVerifier extends OncePerRequestFilter {
     private final JwtUtils jwtUtils;
 
     /**
-     * Array or urls with this filter (JWT not needed for them)
+     * Map of permitted endpoints with HTTP method (user does not need to be authenticated perform the request)
      */
-    private final String[] skipFilterUrls;
+    private final Map<String, HttpMethod> skipFilterEndpoints;
 
     /**
      * Filters request - checks for JWT token and validates it
@@ -83,10 +84,9 @@ public class JwtTokenVerifier extends OncePerRequestFilter {
      *
      * @param request request
      * @return true if given request should not be scanned for JWT, false otherwise
-     * @throws ServletException servlet exception
      */
     @Override
-    protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {
-        return Arrays.stream(skipFilterUrls).anyMatch(url -> new AntPathRequestMatcher(url).matches(request));
+    protected boolean shouldNotFilter(HttpServletRequest request) {
+        return skipFilterEndpoints.entrySet().stream().anyMatch(e -> new AntPathRequestMatcher(e.getKey(), e.getValue().toString()).matches(request));
     }
 }