dnet-applications/apps/dnet-orgs-database-application/src/main/java/eu/dnetlib/organizations/WebSecurityConfig.java

package eu.dnetlib.organizations;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

	// @Autowired
	// private DataSource dataSource;

	// @Autowired
	// private AccessDeniedHandler accessDeniedHandler;

	@Value("${openaire.api.valid.subnet}")
	private String openaireApiValidSubnet;

	// @Autowired
	// private ClientRegistrationRepository clientRegistrationRepository;

	@Override
	protected void configure(final HttpSecurity http) throws Exception {

		http.authorizeRequests()
			.anyRequest()
			.authenticated()
			.and()
			.oauth2Login();
	}

	/*
	 * @Bean public ClientRegistration.Builder clientRegistration() { final Map<String, Object> metadata = new HashMap<>();
	 * metadata.put("end_session_endpoint", "https://jhipster.org/logout");
	 *
	 * return ClientRegistration.withRegistrationId("oidc") .redirectUriTemplate("{baseUrl}/{action}/oauth2/code/{registrationId}")
	 * .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
	 * .scope("read:user") .authorizationUri("https://jhipster.org/login/oauth/authorize")
	 * .tokenUri("https://jhipster.org/login/oauth/access_token") .jwkSetUri("https://jhipster.org/oauth/jwk")
	 * .userInfoUri("https://api.jhipster.org/user") .providerConfigurationMetadata(metadata) .userNameAttributeName("id")
	 * .clientName("Client Name") .clientId("client-id") .clientSecret("client-secret"); }
	 */

	/*
	 * @Autowired public void configureGlobal(final AuthenticationManagerBuilder auth) throws Exception { auth.jdbcAuthentication()
	 * .dataSource(dataSource) .usersByUsernameQuery("select ?, '{MD5}60c4a0eb167dd41e915a885f582414df', true") // TODO: this is a MOCK, the
	 * user should // be authenticated using the openaire // credentials .authoritiesByUsernameQuery("with const as (SELECT ? as email) " +
	 * "select c.email, 'ROLE_'||coalesce(u.role, '" + UserRole.NOT_AUTHORIZED +
	 * "') from const c left outer join users u on (u.email = c.email)"); }
	 *
	 * @Bean public PasswordEncoder passwordEncoder() { return PasswordEncoderFactories.createDelegatingPasswordEncoder(); }
	 */

	// https://www.baeldung.com/spring-security-openid-connect

	// https://github.com/mitreid-connect/
	// https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/tree/master/openid-connect-client
	// https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/wiki/Client-configuration

	// https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/uoa-login-core/trunk/
	// https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/uoa-user-management/trunk/
	// https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/dnet-openaire-users/trunk/
	// https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/dnet-login/trunk/

	// Aprire Ticket a GRNET con Argiro e Katerina come watchers

}
added dnet-orgs-database-application 2020-07-03 12:09:22 +02:00			`package eu.dnetlib.organizations;`

restricted access for simrels api 2020-09-29 11:34:31 +02:00			`import org.springframework.beans.factory.annotation.Value;`
added dnet-orgs-database-application 2020-07-03 12:09:22 +02:00			`import org.springframework.context.annotation.Configuration;`
			`import org.springframework.security.config.annotation.web.builders.HttpSecurity;`
			`import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;`
			`import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;`

			`@Configuration`
			`@EnableWebSecurity`
			`public class WebSecurityConfig extends WebSecurityConfigurerAdapter {`

oauth2 first steps 2020-11-04 10:30:29 +01:00			`// @Autowired`
			`// private DataSource dataSource;`
added dnet-orgs-database-application 2020-07-03 12:09:22 +02:00
oauth2 first steps 2020-11-04 10:30:29 +01:00			`// @Autowired`
			`// private AccessDeniedHandler accessDeniedHandler;`
added dnet-orgs-database-application 2020-07-03 12:09:22 +02:00
restricted access for simrels api 2020-09-29 11:34:31 +02:00			`@Value("${openaire.api.valid.subnet}")`
			`private String openaireApiValidSubnet;`

oauth2 first steps 2020-11-04 10:30:29 +01:00			`// @Autowired`
			`// private ClientRegistrationRepository clientRegistrationRepository;`

added dnet-orgs-database-application 2020-07-03 12:09:22 +02:00			`@Override`
			`protected void configure(final HttpSecurity http) throws Exception {`

oauth2 first steps 2020-11-04 10:30:29 +01:00			`http.authorizeRequests()`
restricted access for simrels api 2020-09-29 11:34:31 +02:00			`.anyRequest()`
			`.authenticated()`
			`.and()`
oauth2 first steps 2020-11-04 10:30:29 +01:00			`.oauth2Login();`
added dnet-orgs-database-application 2020-07-03 12:09:22 +02:00			`}`

oauth2 first steps 2020-11-04 10:30:29 +01:00			`/*`
			`* @Bean public ClientRegistration.Builder clientRegistration() { final Map<String, Object> metadata = new HashMap<>();`
			`* metadata.put("end_session_endpoint", "https://jhipster.org/logout");`
			`*`
			`* return ClientRegistration.withRegistrationId("oidc") .redirectUriTemplate("{baseUrl}/{action}/oauth2/code/{registrationId}")`
			`* .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)`
			`* .scope("read:user") .authorizationUri("https://jhipster.org/login/oauth/authorize")`
			`* .tokenUri("https://jhipster.org/login/oauth/access_token") .jwkSetUri("https://jhipster.org/oauth/jwk")`
			`* .userInfoUri("https://api.jhipster.org/user") .providerConfigurationMetadata(metadata) .userNameAttributeName("id")`
			`* .clientName("Client Name") .clientId("client-id") .clientSecret("client-secret"); }`
			`*/`
added dnet-orgs-database-application 2020-07-03 12:09:22 +02:00
oauth2 first steps 2020-11-04 10:30:29 +01:00			`/*`
			`* @Autowired public void configureGlobal(final AuthenticationManagerBuilder auth) throws Exception { auth.jdbcAuthentication()`
			`* .dataSource(dataSource) .usersByUsernameQuery("select ?, '{MD5}60c4a0eb167dd41e915a885f582414df', true") // TODO: this is a MOCK, the`
			`* user should // be authenticated using the openaire // credentials .authoritiesByUsernameQuery("with const as (SELECT ? as email) " +`
			`* "select c.email, 'ROLE_'\|\|coalesce(u.role, '" + UserRole.NOT_AUTHORIZED +`
			`* "') from const c left outer join users u on (u.email = c.email)"); }`
			`*`
			`* @Bean public PasswordEncoder passwordEncoder() { return PasswordEncoderFactories.createDelegatingPasswordEncoder(); }`
			`*/`

			`// https://www.baeldung.com/spring-security-openid-connect`

			`// https://github.com/mitreid-connect/`
			`// https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/tree/master/openid-connect-client`
			`// https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/wiki/Client-configuration`

			`// https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/uoa-login-core/trunk/`
			`// https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/uoa-user-management/trunk/`
			`// https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/dnet-openaire-users/trunk/`
			`// https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/dnet-login/trunk/`

			`// Aprire Ticket a GRNET con Argiro e Katerina come watchers`
added dnet-orgs-database-application 2020-07-03 12:09:22 +02:00
			`}`