@Bean SecurityWebFilterChain springSecurity(ServerHttpSecurity http) throws Exception { // @formatter:off http .authorizeExchange() .pathMatchers("/authenticated").authenticated() .pathMatchers("/unobtainable").hasAuthority("unobtainable") .and() .oauth2ResourceServer() .accessDeniedHandler(new HttpStatusServerAccessDeniedHandler(HttpStatus.BANDWIDTH_LIMIT_EXCEEDED)) .authenticationEntryPoint(new HttpStatusServerEntryPoint(HttpStatus.I_AM_A_TEAPOT)) .jwt() .publicKey(publicKey()); // @formatter:on return http.build(); } }