Fix some issues. Remove origins temporaly
This commit is contained in:
parent
6013bae4c5
commit
2db7769965
|
@ -37,12 +37,9 @@ public class AuthorizationFilter implements Filter {
|
||||||
HttpServletRequest request = (HttpServletRequest) req;
|
HttpServletRequest request = (HttpServletRequest) req;
|
||||||
String token = utils.getToken(request);
|
String token = utils.getToken(request);
|
||||||
if (token != null) {
|
if (token != null) {
|
||||||
|
System.out.println(token);
|
||||||
Authentication auth = authorizationProvider.getAuthentication(token);
|
Authentication auth = authorizationProvider.getAuthentication(token);
|
||||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||||
} else {
|
|
||||||
HttpServletResponse response = (HttpServletResponse) res;
|
|
||||||
response.sendError(HttpStatus.UNAUTHORIZED.value(), "No token has been found");
|
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
filterChain.doFilter(req, res);
|
filterChain.doFilter(req, res);
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,7 +6,6 @@ import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.web.DefaultSecurityFilterChain;
|
import org.springframework.security.web.DefaultSecurityFilterChain;
|
||||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||||
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
|
||||||
|
|
||||||
public class AuthorizationFilterConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
|
public class AuthorizationFilterConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
|
||||||
|
|
||||||
|
@ -27,7 +26,7 @@ public class AuthorizationFilterConfigurer extends SecurityConfigurerAdapter<Def
|
||||||
@Override
|
@Override
|
||||||
public void configure(HttpSecurity http) throws Exception {
|
public void configure(HttpSecurity http) throws Exception {
|
||||||
AuthorizationFilter customFilter = new AuthorizationFilter(authorizationProvider, utils);
|
AuthorizationFilter customFilter = new AuthorizationFilter(authorizationProvider, utils);
|
||||||
http.addFilterBefore(customFilter, BasicAuthenticationFilter.class);
|
http.addFilterBefore(customFilter, UsernamePasswordAuthenticationFilter.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,7 +20,6 @@ public class CorsConfig extends WebMvcConfigurerAdapter {
|
||||||
public void addCorsMappings(CorsRegistry registry) {
|
public void addCorsMappings(CorsRegistry registry) {
|
||||||
registry.addMapping("/**")
|
registry.addMapping("/**")
|
||||||
.allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS")
|
.allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS")
|
||||||
.allowedOrigins(securityConfig.getOriginServer())
|
|
||||||
.allowCredentials(true);
|
.allowCredentials(true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,7 +9,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||||
|
|
||||||
@EnableGlobalMethodSecurity(securedEnabled = true)
|
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
@ComponentScan(basePackages = {"eu.dnetlib.uoaauthorizationlibrary.*"})
|
@ComponentScan(basePackages = {"eu.dnetlib.uoaauthorizationlibrary.*"})
|
||||||
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
|
|
Loading…
Reference in New Issue