@Bean SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception { // @formatter:off http .authorizeExchange() .anyExchange().hasAuthority("message:read") .and() .oauth2ResourceServer() .jwt() .jwtAuthenticationConverter(jwtAuthenticationConverter()) .publicKey(publicKey()); // @formatter:on return http.build(); }