2020-07-03 12:09:22 +02:00
|
|
|
package eu.dnetlib.organizations;
|
|
|
|
|
2020-09-29 11:34:31 +02:00
|
|
|
import org.springframework.beans.factory.annotation.Value;
|
2020-07-03 12:09:22 +02:00
|
|
|
import org.springframework.context.annotation.Configuration;
|
|
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
|
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
|
|
|
|
|
|
@Configuration
|
|
|
|
@EnableWebSecurity
|
|
|
|
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
|
|
|
|
2020-11-04 10:30:29 +01:00
|
|
|
// @Autowired
|
|
|
|
// private DataSource dataSource;
|
2020-07-03 12:09:22 +02:00
|
|
|
|
2020-11-04 10:30:29 +01:00
|
|
|
// @Autowired
|
|
|
|
// private AccessDeniedHandler accessDeniedHandler;
|
2020-07-03 12:09:22 +02:00
|
|
|
|
2020-09-29 11:34:31 +02:00
|
|
|
@Value("${openaire.api.valid.subnet}")
|
|
|
|
private String openaireApiValidSubnet;
|
|
|
|
|
2020-11-04 10:30:29 +01:00
|
|
|
// @Autowired
|
|
|
|
// private ClientRegistrationRepository clientRegistrationRepository;
|
|
|
|
|
2020-07-03 12:09:22 +02:00
|
|
|
@Override
|
|
|
|
protected void configure(final HttpSecurity http) throws Exception {
|
|
|
|
|
2020-11-04 10:30:29 +01:00
|
|
|
http.authorizeRequests()
|
2020-09-29 11:34:31 +02:00
|
|
|
.anyRequest()
|
|
|
|
.authenticated()
|
|
|
|
.and()
|
2020-11-04 10:30:29 +01:00
|
|
|
.oauth2Login();
|
2020-07-03 12:09:22 +02:00
|
|
|
}
|
|
|
|
|
2020-11-04 10:30:29 +01:00
|
|
|
/*
|
|
|
|
* @Bean public ClientRegistration.Builder clientRegistration() { final Map<String, Object> metadata = new HashMap<>();
|
|
|
|
* metadata.put("end_session_endpoint", "https://jhipster.org/logout");
|
|
|
|
*
|
|
|
|
* return ClientRegistration.withRegistrationId("oidc") .redirectUriTemplate("{baseUrl}/{action}/oauth2/code/{registrationId}")
|
|
|
|
* .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
|
|
|
|
* .scope("read:user") .authorizationUri("https://jhipster.org/login/oauth/authorize")
|
|
|
|
* .tokenUri("https://jhipster.org/login/oauth/access_token") .jwkSetUri("https://jhipster.org/oauth/jwk")
|
|
|
|
* .userInfoUri("https://api.jhipster.org/user") .providerConfigurationMetadata(metadata) .userNameAttributeName("id")
|
|
|
|
* .clientName("Client Name") .clientId("client-id") .clientSecret("client-secret"); }
|
|
|
|
*/
|
2020-07-03 12:09:22 +02:00
|
|
|
|
2020-11-04 10:30:29 +01:00
|
|
|
/*
|
|
|
|
* @Autowired public void configureGlobal(final AuthenticationManagerBuilder auth) throws Exception { auth.jdbcAuthentication()
|
|
|
|
* .dataSource(dataSource) .usersByUsernameQuery("select ?, '{MD5}60c4a0eb167dd41e915a885f582414df', true") // TODO: this is a MOCK, the
|
|
|
|
* user should // be authenticated using the openaire // credentials .authoritiesByUsernameQuery("with const as (SELECT ? as email) " +
|
|
|
|
* "select c.email, 'ROLE_'||coalesce(u.role, '" + UserRole.NOT_AUTHORIZED +
|
|
|
|
* "') from const c left outer join users u on (u.email = c.email)"); }
|
|
|
|
*
|
|
|
|
* @Bean public PasswordEncoder passwordEncoder() { return PasswordEncoderFactories.createDelegatingPasswordEncoder(); }
|
|
|
|
*/
|
|
|
|
|
|
|
|
// https://www.baeldung.com/spring-security-openid-connect
|
|
|
|
|
|
|
|
// https://github.com/mitreid-connect/
|
|
|
|
// https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/tree/master/openid-connect-client
|
|
|
|
// https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/wiki/Client-configuration
|
|
|
|
|
|
|
|
// https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/uoa-login-core/trunk/
|
|
|
|
// https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/uoa-user-management/trunk/
|
|
|
|
// https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/dnet-openaire-users/trunk/
|
|
|
|
// https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/dnet-login/trunk/
|
|
|
|
|
|
|
|
// Aprire Ticket a GRNET con Argiro e Katerina come watchers
|
2020-07-03 12:09:22 +02:00
|
|
|
|
|
|
|
}
|