Activiti/Activiti#4366: add actuator INFO exclude Matcher (#1147)

* Activiti/Activiti#4366: add actuaror info exclude Matcher

* Activiti/Activiti#4366: remove Unused import

activiti-cloud-runtime-bundle-service/activiti-cloud-starter-runtime-bundle/src/test/java/org/activiti/cloud/starter/tests/security/TestActuatorSecurityIT.java

@@ -23,13 +23,9 @@
 import org.activiti.cloud.services.test.containers.RabbitMQContainerApplicationInitializer;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.SpringBootConfiguration;
-import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
-import org.springframework.boot.info.BuildProperties;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
-import org.springframework.boot.test.mock.mockito.MockBean;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.web.servlet.MockMvc;
 
@@ -43,16 +39,9 @@ public class TestActuatorSecurityIT {
     @Autowired
     private MockMvc mockMvc;
 
-    @MockBean
-    private BuildProperties buildProperties;
-
-    @Autowired(required = false)
+    @Autowired
     private CommonSecurityAutoConfiguration commonSecurityAutoConfiguration;
 
-    @SpringBootConfiguration
-    @EnableAutoConfiguration
-    static class Application {}
-
     @Test
     public void should_getActuatorLoggersAndReturnUnauthorized() throws Exception {
         mockMvc.perform(get("/actuator/loggers")).andExpect(status().isUnauthorized());
@@ -62,4 +51,9 @@ public void should_getActuatorLoggersAndReturnUnauthorized() throws Exception {
     public void should_getActuatorHealthAndReturn200ok() throws Exception {
         mockMvc.perform(get("/actuator/health")).andExpect(status().isOk());
     }
+
+    @Test
+    public void should_getActuatorInfoAndReturn200ok() throws Exception {
+        mockMvc.perform(get("/actuator/info")).andExpect(status().isOk());
+    }
 }

activiti-cloud-service-common/activiti-cloud-services-common-security/src/main/java/org/activiti/cloud/services/common/security/config/CommonSecurityAutoConfiguration.java

@@ -17,6 +17,7 @@
 
 import com.github.benmanes.caffeine.cache.Caffeine;
 import feign.RequestInterceptor;
+import java.util.Arrays;
 import java.util.Collection;
 import java.util.List;
 import org.activiti.api.runtime.shared.security.PrincipalGroupsProvider;
@@ -239,7 +240,12 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
     private RequestMatcher actuatorEndpointsMatcher() {
         RequestMatcher actuatorMatcher = new AntPathRequestMatcher("/actuator/**");
         RequestMatcher healthMatcher = new AntPathRequestMatcher("/actuator/health/**");
-        return request -> actuatorMatcher.matches(request) && !healthMatcher.matches(request);
+        RequestMatcher infoMatcher = new AntPathRequestMatcher("/actuator/info/**");
+
+        List<RequestMatcher> excludeMatchers = Arrays.asList(healthMatcher, infoMatcher);
+
+        return request ->
+            actuatorMatcher.matches(request) && excludeMatchers.stream().noneMatch(matcher -> matcher.matches(request));
     }
 
     @Bean