Using Header Predicate - status 403 at "/users-ws/users/status/check" with Bearer abc

[hazartilirot]

Well, I have spent a decent amount of time comparing code trying to figure out why I get the 403 status with Bearer.
https://github.com/simplyi/SpringCloudVideoCourse/blob/update-spring-boot-v3.0.1/PhotoAppApiUsers/src/main/java/com/appsdeveloperblog/photoapp/api/users/security/WebSecurity.java

I deleted many times from the snippet of code

http
                .cors().and()
                .csrf().disable().authorizeHttpRequests()
                .requestMatchers(HttpMethod.POST, "/users")
                     .access(new WebExpressionAuthorizationManager(
        				"hasIpAddress('"+environment.getProperty("gateway.ip")+"')"
        				))
                .requestMatchers(HttpMethod.POST, environment.getProperty("login.url.path")).permitAll()
                .requestMatchers(new AntPathRequestMatcher("/h2-console/**")).permitAll()
                .anyRequest().authenticated().and()

                .addFilter(getAuthenticationFilter(authenticationManager))
                .authenticationManager(authenticationManager)

                .sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS);

        http.headers().frameOptions().disable();

        return http.build();

the line:
.requestMatchers(HttpMethod.POST, environment.getProperty("login.url.path")).permitAll();

Actually, when you watch the course you delete it in one of previous lesson. I don't know why (or how) it appears here. The line is pointless, but don't rush deleting it. Just change POST request to GET and instead of environment.getProperty("login.url.path") hardcode "/users/status/check". Restart all services.