|
|
|
|
@ -1,6 +1,6 @@
|
|
|
|
|
# Authorization Library |
|
|
|
|
|
|
|
|
|
Authorization library is a library that provides a Spring Security process |
|
|
|
|
Authorization library is a library that provides a Spring Security (4.x.x) process |
|
|
|
|
in order to authorize the endpoints of a service base on OpenAIRE Authorities. |
|
|
|
|
It can be used with two different session strategies, a stateless and |
|
|
|
|
a Redis http session. |
|
|
|
|
@ -19,13 +19,14 @@ user's session, but with a cost of an extra http request per request.
|
|
|
|
|
<dependency> |
|
|
|
|
<groupId>eu.dnetlib</groupId> |
|
|
|
|
<artifactId>uoa-authorization-library</artifactId> |
|
|
|
|
<version>2.1.1</version> |
|
|
|
|
<version>2.1.2</version> |
|
|
|
|
</dependency> |
|
|
|
|
|
|
|
|
|
#### Spring Application/Configuration |
|
|
|
|
|
|
|
|
|
import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration; |
|
|
|
|
|
|
|
|
|
@PropertySources({@PropertySource("classpath:authorization.properties")}) |
|
|
|
|
@Import(AuthorizationConfiguration.class) |
|
|
|
|
public class Application { |
|
|
|
|
public static void main(String[] args) { |
|
|
|
|
@ -52,7 +53,7 @@ where session is stored.
|
|
|
|
|
<dependency> |
|
|
|
|
<groupId>eu.dnetlib</groupId> |
|
|
|
|
<artifactId>uoa-authorization-library</artifactId> |
|
|
|
|
<version>2.1.1</version> |
|
|
|
|
<version>2.1.2</version> |
|
|
|
|
<classifier>redis</classifier> |
|
|
|
|
</dependency> |
|
|
|
|
|
|
|
|
|
@ -60,6 +61,7 @@ where session is stored.
|
|
|
|
|
|
|
|
|
|
import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration; |
|
|
|
|
|
|
|
|
|
@PropertySources({@PropertySource("classpath:authorization.properties")}) |
|
|
|
|
@Import(AuthorizationConfiguration.class) |
|
|
|
|
public class Application { |
|
|
|
|
public static void main(String[] args) { |
|
|
|
|
@ -115,4 +117,36 @@ e.g
|
|
|
|
|
+ "@AuthorizationService.manager(#type, #id)) " |
|
|
|
|
+ ")") |
|
|
|
|
@RequestMapping(value = "{type}/{id}", method = RequestMethod.GET) |
|
|
|
|
public Entity getEntity(@PathVariable("type") String type, @PathVariable("id") String id) { |
|
|
|
|
public Entity getEntity(@PathVariable("type") String type, @PathVariable("id") String id) {} |
|
|
|
|
|
|
|
|
|
## Spring Security (5.x.x) - Spring boot (2.x.x) |
|
|
|
|
|
|
|
|
|
Because of MitreID dependency, in order to use this library |
|
|
|
|
with redis HttpSession, service has to use spring security (4.x.x). |
|
|
|
|
The only way to use this library in a project with spring security 5.x.x |
|
|
|
|
is the Stateless strategy with the following modification in Application |
|
|
|
|
class: |
|
|
|
|
|
|
|
|
|
import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration; |
|
|
|
|
|
|
|
|
|
@PropertySources({@PropertySource("classpath:authorization.properties")}) |
|
|
|
|
@Import(AuthorizationConfiguration.class) |
|
|
|
|
public class Application { |
|
|
|
|
|
|
|
|
|
public static void main(String[] args) { |
|
|
|
|
SpringApplication.run(Application.class, args); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@Bean |
|
|
|
|
public WebMvcConfigurer corsConfigurer() { |
|
|
|
|
return new WebMvcConfigurer() { |
|
|
|
|
@Override |
|
|
|
|
public void addCorsMappings(CorsRegistry registry) { |
|
|
|
|
registry.addMapping("/**") |
|
|
|
|
.allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS") |
|
|
|
|
.allowedOriginPatterns("*") |
|
|
|
|
.allowCredentials(true); |
|
|
|
|
} |
|
|
|
|
}; |
|
|
|
|
} |
|
|
|
|
} |
