|
|
|
@ -1,6 +1,6 @@
|
|
|
|
|
# Authorization Library
|
|
|
|
|
|
|
|
|
|
Authorization library is a library that provides a Spring Security process
|
|
|
|
|
Authorization library is a library that provides a Spring Security (4.x.x) process
|
|
|
|
|
in order to authorize the endpoints of a service base on OpenAIRE Authorities.
|
|
|
|
|
It can be used with two different session strategies, a stateless and
|
|
|
|
|
a Redis http session.
|
|
|
|
@ -19,13 +19,14 @@ user's session, but with a cost of an extra http request per request.
|
|
|
|
|
<dependency>
|
|
|
|
|
<groupId>eu.dnetlib</groupId>
|
|
|
|
|
<artifactId>uoa-authorization-library</artifactId>
|
|
|
|
|
<version>2.1.1</version>
|
|
|
|
|
<version>2.1.2</version>
|
|
|
|
|
</dependency>
|
|
|
|
|
|
|
|
|
|
#### Spring Application/Configuration
|
|
|
|
|
|
|
|
|
|
import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;
|
|
|
|
|
|
|
|
|
|
@PropertySources({@PropertySource("classpath:authorization.properties")})
|
|
|
|
|
@Import(AuthorizationConfiguration.class)
|
|
|
|
|
public class Application {
|
|
|
|
|
public static void main(String[] args) {
|
|
|
|
@ -52,7 +53,7 @@ where session is stored.
|
|
|
|
|
<dependency>
|
|
|
|
|
<groupId>eu.dnetlib</groupId>
|
|
|
|
|
<artifactId>uoa-authorization-library</artifactId>
|
|
|
|
|
<version>2.1.1</version>
|
|
|
|
|
<version>2.1.2</version>
|
|
|
|
|
<classifier>redis</classifier>
|
|
|
|
|
</dependency>
|
|
|
|
|
|
|
|
|
@ -60,6 +61,7 @@ where session is stored.
|
|
|
|
|
|
|
|
|
|
import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;
|
|
|
|
|
|
|
|
|
|
@PropertySources({@PropertySource("classpath:authorization.properties")})
|
|
|
|
|
@Import(AuthorizationConfiguration.class)
|
|
|
|
|
public class Application {
|
|
|
|
|
public static void main(String[] args) {
|
|
|
|
@ -115,4 +117,36 @@ e.g
|
|
|
|
|
+ "@AuthorizationService.manager(#type, #id)) "
|
|
|
|
|
+ ")")
|
|
|
|
|
@RequestMapping(value = "{type}/{id}", method = RequestMethod.GET)
|
|
|
|
|
public Entity getEntity(@PathVariable("type") String type, @PathVariable("id") String id) {
|
|
|
|
|
public Entity getEntity(@PathVariable("type") String type, @PathVariable("id") String id) {}
|
|
|
|
|
|
|
|
|
|
## Spring Security (5.x.x) - Spring boot (2.x.x)
|
|
|
|
|
|
|
|
|
|
Because of MitreID dependency, in order to use this library
|
|
|
|
|
with redis HttpSession, service has to use spring security (4.x.x).
|
|
|
|
|
The only way to use this library in a project with spring security 5.x.x
|
|
|
|
|
is the Stateless strategy with the following modification in Application
|
|
|
|
|
class:
|
|
|
|
|
|
|
|
|
|
import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;
|
|
|
|
|
|
|
|
|
|
@PropertySources({@PropertySource("classpath:authorization.properties")})
|
|
|
|
|
@Import(AuthorizationConfiguration.class)
|
|
|
|
|
public class Application {
|
|
|
|
|
|
|
|
|
|
public static void main(String[] args) {
|
|
|
|
|
SpringApplication.run(Application.class, args);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Bean
|
|
|
|
|
public WebMvcConfigurer corsConfigurer() {
|
|
|
|
|
return new WebMvcConfigurer() {
|
|
|
|
|
@Override
|
|
|
|
|
public void addCorsMappings(CorsRegistry registry) {
|
|
|
|
|
registry.addMapping("/**")
|
|
|
|
|
.allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS")
|
|
|
|
|
.allowedOriginPatterns("*")
|
|
|
|
|
.allowCredentials(true);
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
}
|