[spring-boot3]: Refacor project in order to configure redis usage in login projects. Add swagger configuration.
This commit is contained in:
parent
d9f98328ba
commit
5235db8218
59
README.md
59
README.md
|
|
@ -3,7 +3,7 @@
|
|||
Authorization library is a library that provides a Spring Security (6.x.x) process
|
||||
in order to authorize the endpoints of a service base on OpenAIRE Authorities.
|
||||
It can be used with two different session strategies, a stateless and
|
||||
a Redis http session.
|
||||
a Redis http session. Also, it includes swagger configuration.
|
||||
|
||||
## Stateless
|
||||
|
||||
|
|
@ -19,15 +19,15 @@ user's session, but with a cost of an extra http request per request.
|
|||
<dependency>
|
||||
<groupId>eu.dnetlib</groupId>
|
||||
<artifactId>uoa-authorization-library</artifactId>
|
||||
<version>3.0.0</version>
|
||||
<version>3.0.1</version>
|
||||
</dependency>
|
||||
|
||||
#### Spring Application/Configuration
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.SecurityConfiguration;
|
||||
|
||||
@PropertySources({@PropertySource("classpath:authorization.properties")})
|
||||
@Import(AuthorizationConfiguration.class)
|
||||
@Import(SecurityConfiguration.class)
|
||||
public class Application {
|
||||
public static void main(String[] args) {
|
||||
SpringApplication.run(Application.class, args);
|
||||
|
|
@ -54,16 +54,16 @@ where session is stored.
|
|||
<dependency>
|
||||
<groupId>eu.dnetlib</groupId>
|
||||
<artifactId>uoa-authorization-library</artifactId>
|
||||
<version>3.0.0</version>
|
||||
<version>3.0.1</version>
|
||||
<classifier>redis</classifier>
|
||||
</dependency>
|
||||
|
||||
#### Spring Application/Configuration
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.SecurityConfiguration;
|
||||
|
||||
@PropertySources({@PropertySource("classpath:authorization.properties")})
|
||||
@Import(AuthorizationConfiguration.class)
|
||||
@Import(SecurityConfiguration.class)
|
||||
public class Application {
|
||||
public static void main(String[] args) {
|
||||
SpringApplication.run(Application.class, args);
|
||||
|
|
@ -78,6 +78,37 @@ where session is stored.
|
|||
authorization.security.domain=<domain-suffix> # e.g openaire.eu Default: di.uoa.gr
|
||||
authorization.security.session=<session-cookie-name> # Default openAIRESession
|
||||
|
||||
### Custom WebSecurity
|
||||
|
||||
In case you want to create a custom WebSecurity Configuration you have to:
|
||||
|
||||
1. **@Import(AuthorizationConfiguration.class)** instead of SecurityConfiguration.
|
||||
2. (Optional) On your WebSecurity Configuration inject WebSecurity component and use security method
|
||||
in order to pre-build HttpSecurity with the default security.
|
||||
|
||||
e.g
|
||||
|
||||
@EnableWebSecurity
|
||||
@EnableMethodSecurity(securedEnabled = true, proxyTargetClass = true)
|
||||
@Configuration
|
||||
public class WebSecurityConfig {
|
||||
|
||||
private final WebSecurity webSecurity;
|
||||
|
||||
@Autowired
|
||||
public WebSecurityConfig(WebSecurity webSecurity) {
|
||||
this.webSecurity = webSecurity;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
http = webSecurity.security(http);
|
||||
// Custom Security Configuration
|
||||
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
## Authorize Requests
|
||||
|
||||
|
|
@ -119,3 +150,17 @@ e.g
|
|||
+ ")")
|
||||
@RequestMapping(value = "{type}/{id}", method = RequestMethod.GET)
|
||||
public Entity getEntity(@PathVariable("type") String type, @PathVariable("id") String id) {}
|
||||
|
||||
|
||||
## Swagger configuration
|
||||
|
||||
This library by default includes swagger configuration, which is accessible only by PORTAL ADMIN users.
|
||||
Optional set API info properties in your project configuration file:
|
||||
|
||||
api.title = <Title>
|
||||
api.description = <Description>
|
||||
api.version = ${project.version}
|
||||
|
||||
### Disable UI and/or API-docs
|
||||
springdoc.swagger-ui.enabled=false
|
||||
springdoc.api-docs.enabled=false
|
||||
|
|
|
|||
10
pom.xml
10
pom.xml
|
|
@ -40,6 +40,12 @@
|
|||
<groupId>redis.clients</groupId>
|
||||
<artifactId>jedis</artifactId>
|
||||
</dependency>
|
||||
<!-- Swagger -->
|
||||
<dependency>
|
||||
<groupId>org.springdoc</groupId>
|
||||
<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
|
||||
<version>${spring-doc-version}</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
<plugins>
|
||||
|
|
@ -55,7 +61,7 @@
|
|||
</goals>
|
||||
<configuration>
|
||||
<excludes>
|
||||
<exclude>**/eu/dnetlib/uoaauthorizationlibrary/redis/**</exclude>
|
||||
<exclude>**/eu/dnetlib/uoaauthorizationlibrary/authorization/redis/**</exclude>
|
||||
</excludes>
|
||||
</configuration>
|
||||
</execution>
|
||||
|
|
@ -68,7 +74,7 @@
|
|||
<configuration>
|
||||
<classifier>redis</classifier>
|
||||
<excludes>
|
||||
<exclude>**/eu/dnetlib/uoaauthorizationlibrary/stateless/**</exclude>
|
||||
<exclude>**/eu/dnetlib/uoaauthorizationlibrary/authorization/stateless/**</exclude>
|
||||
</excludes>
|
||||
</configuration>
|
||||
</execution>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,14 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.API;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.GlobalVars;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.Properties;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
@Configuration
|
||||
@EnableConfigurationProperties({Properties.class, GlobalVars.class, API.class})
|
||||
@ComponentScan(basePackages = {"eu.dnetlib.uoaauthorizationlibrary.authorization"})
|
||||
public class AuthorizationConfiguration {
|
||||
}
|
||||
|
|
@ -0,0 +1,13 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.API;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.GlobalVars;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.Properties;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
@Configuration
|
||||
@EnableConfigurationProperties({Properties.class, GlobalVars.class, API.class})
|
||||
@ComponentScan(basePackages = {"eu.dnetlib.uoaauthorizationlibrary.authorization"}, basePackageClasses = {WebSecurityConfig.class})
|
||||
public class SecurityConfiguration { }
|
||||
|
|
@ -1,12 +1,12 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.redis.security;
|
||||
package eu.dnetlib.uoaauthorizationlibrary;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.security.EntryPoint;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.WebSecurity;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
@EnableWebSecurity
|
||||
|
|
@ -14,17 +14,15 @@ import org.springframework.security.web.SecurityFilterChain;
|
|||
@Configuration
|
||||
public class WebSecurityConfig {
|
||||
|
||||
@Bean
|
||||
public EntryPoint entryPoint() {
|
||||
return new EntryPoint();
|
||||
private final WebSecurity webSecurity;
|
||||
|
||||
@Autowired
|
||||
public WebSecurityConfig(WebSecurity webSecurity) {
|
||||
this.webSecurity = webSecurity;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
http.csrf(AbstractHttpConfigurer::disable);
|
||||
http.exceptionHandling(handler -> handler.authenticationEntryPoint(this.entryPoint()));
|
||||
http.authorizeHttpRequests(auth -> auth.anyRequest().permitAll());
|
||||
return http.build();
|
||||
return webSecurity.security(http).build();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,34 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.authorization.configuration;
|
||||
|
||||
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||
|
||||
@ConfigurationProperties("api")
|
||||
public class API {
|
||||
private String title;
|
||||
private String description;
|
||||
private String version;
|
||||
|
||||
public String getTitle() {
|
||||
return title;
|
||||
}
|
||||
|
||||
public void setTitle(String title) {
|
||||
this.title = title;
|
||||
}
|
||||
|
||||
public String getDescription() {
|
||||
return description;
|
||||
}
|
||||
|
||||
public void setDescription(String description) {
|
||||
this.description = description;
|
||||
}
|
||||
|
||||
public String getVersion() {
|
||||
return version;
|
||||
}
|
||||
|
||||
public void setVersion(String version) {
|
||||
this.version = version;
|
||||
}
|
||||
}
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.configuration;
|
||||
package eu.dnetlib.uoaauthorizationlibrary.authorization.configuration;
|
||||
|
||||
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||
|
||||
|
|
@ -1,9 +1,9 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.configuration;
|
||||
package eu.dnetlib.uoaauthorizationlibrary.authorization.configuration;
|
||||
|
||||
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||
|
||||
@ConfigurationProperties("authorization.security")
|
||||
public class SecurityConfig {
|
||||
public class Properties {
|
||||
|
||||
private Redis redis = new Redis();
|
||||
private String userInfoUrl;
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.configuration;
|
||||
package eu.dnetlib.uoaauthorizationlibrary.authorization.configuration;
|
||||
|
||||
public class Redis {
|
||||
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.controllers;
|
||||
package eu.dnetlib.uoaauthorizationlibrary.authorization.controllers;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.configuration.GlobalVars;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.GlobalVars;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.Properties;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
|
@ -19,7 +19,7 @@ public class AuthorizationLibraryCheckDeployController {
|
|||
private final Logger log = LogManager.getLogger(this.getClass());
|
||||
|
||||
@Autowired
|
||||
private SecurityConfig securityConfig;
|
||||
private Properties securityConfig;
|
||||
|
||||
@Autowired
|
||||
private GlobalVars globalVars;
|
||||
|
|
@ -34,10 +34,12 @@ public class AuthorizationLibraryCheckDeployController {
|
|||
@RequestMapping(value = "/health_check/advanced", method = RequestMethod.GET)
|
||||
public Map<String, String> checkEverything() {
|
||||
Map<String, String> response = new HashMap<>();
|
||||
response.put("authorization.security.redis.host", securityConfig.getRedis().getHost());
|
||||
response.put("authorization.security.userInfoUrl", securityConfig.getUserInfoUrl());
|
||||
response.put("authorization.security.session", securityConfig.getSession());
|
||||
response.put("authorization.security.domain", securityConfig.getDomain());
|
||||
response.put("security.redis.host", securityConfig.getRedis().getHost());
|
||||
response.put("security.redis.port", securityConfig.getRedis().getPort());
|
||||
response.put("security.redis.password", securityConfig.getRedis().getPassword());
|
||||
response.put("security.userInfoUrl", securityConfig.getUserInfoUrl());
|
||||
response.put("security.session", securityConfig.getSession());
|
||||
response.put("security.domain", securityConfig.getDomain());
|
||||
if(GlobalVars.date != null) {
|
||||
response.put("Date of deploy", GlobalVars.date.toString());
|
||||
}
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.redis.configuration;
|
||||
package eu.dnetlib.uoaauthorizationlibrary.authorization.redis;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.Properties;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
|
@ -9,20 +9,23 @@ import org.springframework.context.annotation.Configuration;
|
|||
import org.springframework.data.redis.connection.RedisStandaloneConfiguration;
|
||||
import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
|
||||
import org.springframework.data.redis.core.RedisTemplate;
|
||||
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
|
||||
import org.springframework.data.redis.serializer.StringRedisSerializer;
|
||||
import org.springframework.session.FlushMode;
|
||||
import org.springframework.session.SaveMode;
|
||||
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisIndexedHttpSession;
|
||||
import org.springframework.session.web.http.CookieSerializer;
|
||||
import org.springframework.session.web.http.DefaultCookieSerializer;
|
||||
|
||||
@EnableRedisHttpSession
|
||||
@EnableRedisIndexedHttpSession(flushMode = FlushMode.IMMEDIATE, saveMode = SaveMode.ALWAYS)
|
||||
@Configuration
|
||||
public class RedisConfig {
|
||||
|
||||
private final SecurityConfig properties;
|
||||
private final Properties properties;
|
||||
|
||||
private static final Logger logger = LogManager.getLogger(RedisConfig.class);
|
||||
|
||||
@Autowired
|
||||
public RedisConfig(SecurityConfig properties) {
|
||||
public RedisConfig(Properties properties) {
|
||||
this.properties = properties;
|
||||
}
|
||||
|
||||
|
|
@ -39,6 +42,8 @@ public class RedisConfig {
|
|||
public RedisTemplate<String, Object> redisTemplate() {
|
||||
RedisTemplate<String, Object> template = new RedisTemplate<>();
|
||||
template.setConnectionFactory(connectionFactory());
|
||||
template.setKeySerializer(new StringRedisSerializer());
|
||||
template.setHashKeySerializer(new StringRedisSerializer());
|
||||
return template;
|
||||
}
|
||||
|
||||
|
|
@ -0,0 +1,30 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.authorization.redis;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.AuthorizationService;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.EntryPoint;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.WebSecurity;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
@Component
|
||||
public class RedisWebSecurity implements WebSecurity {
|
||||
|
||||
private final EntryPoint entryPoint;
|
||||
private final AuthorizationService service;
|
||||
|
||||
@Autowired
|
||||
public RedisWebSecurity(EntryPoint entryPoint, AuthorizationService service) {
|
||||
this.entryPoint = entryPoint;
|
||||
this.service = service;
|
||||
}
|
||||
|
||||
public HttpSecurity security(HttpSecurity http) throws Exception {
|
||||
http.csrf(AbstractHttpConfigurer::disable);
|
||||
http.exceptionHandling(handler -> handler.authenticationEntryPoint(entryPoint));
|
||||
http.authorizeHttpRequests(auth -> auth.requestMatchers("/swagger-ui/**", "/v3/api-docs/**").hasAuthority(this.service.PORTAL_ADMIN).anyRequest().permitAll());
|
||||
return http;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,6 +1,5 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.security;
|
||||
package eu.dnetlib.uoaauthorizationlibrary.authorization.security;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.UserInfo;
|
||||
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
|
@ -1,24 +1,20 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.configuration;
|
||||
package eu.dnetlib.uoaauthorizationlibrary.authorization.security;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.Properties;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.web.servlet.config.annotation.CorsRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
|
||||
@Configuration
|
||||
@EnableConfigurationProperties({SecurityConfig.class, GlobalVars.class})
|
||||
@ComponentScan(basePackages = { "eu.dnetlib.uoaauthorizationlibrary" })
|
||||
public class AuthorizationConfiguration {
|
||||
|
||||
private final SecurityConfig securityConfig;
|
||||
public class CorsConfig {
|
||||
|
||||
private final Properties properties;
|
||||
|
||||
@Autowired
|
||||
public AuthorizationConfiguration(SecurityConfig securityConfig) {
|
||||
this.securityConfig = securityConfig;
|
||||
public CorsConfig(Properties properties) {
|
||||
this.properties = properties;
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
|
@ -27,7 +23,7 @@ public class AuthorizationConfiguration {
|
|||
@Override
|
||||
public void addCorsMappings(CorsRegistry registry) {
|
||||
registry.addMapping("/**")
|
||||
.allowedOriginPatterns("*" + securityConfig.getDomain(), "*" + securityConfig.getDomain() + ":*")
|
||||
.allowedOriginPatterns("*" + properties.getDomain(), "*" + properties.getDomain() + ":*")
|
||||
.allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS")
|
||||
.allowCredentials(true);
|
||||
}
|
||||
|
|
@ -1,11 +1,14 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.security;
|
||||
package eu.dnetlib.uoaauthorizationlibrary.authorization.security;
|
||||
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
@Component
|
||||
public class EntryPoint implements AuthenticationEntryPoint {
|
||||
|
||||
@Override
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.security;
|
||||
package eu.dnetlib.uoaauthorizationlibrary.authorization.security;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.UserInfo;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.stateless.UserInfo;
|
||||
import org.springframework.security.authentication.AbstractAuthenticationToken;
|
||||
|
||||
public class OpenAIREAuthentication extends AbstractAuthenticationToken {
|
||||
|
|
@ -0,0 +1,28 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.authorization.security;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.API;
|
||||
import io.swagger.v3.oas.models.OpenAPI;
|
||||
import io.swagger.v3.oas.models.info.Info;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
@Configuration
|
||||
public class SwaggerConfig {
|
||||
|
||||
private final API api;
|
||||
|
||||
@Autowired
|
||||
public SwaggerConfig(API api) {
|
||||
this.api = api;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public OpenAPI customOpenAPI() {
|
||||
return new OpenAPI()
|
||||
.info(new Info()
|
||||
.title(api.getTitle())
|
||||
.version(api.getVersion())
|
||||
.description(api.getDescription()));
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.authorization.security;
|
||||
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
@Component
|
||||
public interface WebSecurity {
|
||||
|
||||
HttpSecurity security(HttpSecurity http) throws Exception;
|
||||
}
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
|
||||
package eu.dnetlib.uoaauthorizationlibrary.authorization.stateless;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.security.OpenAIREAuthentication;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.OpenAIREAuthentication;
|
||||
import jakarta.servlet.*;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
|
@ -1,8 +1,6 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
|
||||
package eu.dnetlib.uoaauthorizationlibrary.authorization.stateless;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.security.OpenAIREAuthentication;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.AuthorizationUtils;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.UserInfo;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.OpenAIREAuthentication;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.stateless.utils;
|
||||
package eu.dnetlib.uoaauthorizationlibrary.authorization.stateless;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.Properties;
|
||||
import jakarta.servlet.http.Cookie;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
|
|
@ -16,15 +16,15 @@ import java.util.Collections;
|
|||
@Component
|
||||
public class AuthorizationUtils {
|
||||
private final Logger log = LogManager.getLogger(this.getClass());
|
||||
private final SecurityConfig securityConfig;
|
||||
private final Properties properties;
|
||||
|
||||
@Autowired
|
||||
AuthorizationUtils(SecurityConfig securityConfig) {
|
||||
this.securityConfig = securityConfig;
|
||||
AuthorizationUtils(Properties properties) {
|
||||
this.properties = properties;
|
||||
}
|
||||
|
||||
public UserInfo getUserInfo(HttpServletRequest request) {
|
||||
String url = securityConfig.getUserInfoUrl();
|
||||
String url = properties.getUserInfoUrl();
|
||||
RestTemplate restTemplate = new RestTemplate();
|
||||
try {
|
||||
if(url != null && hasCookie(request)) {
|
||||
|
|
@ -33,7 +33,7 @@ public class AuthorizationUtils {
|
|||
}
|
||||
return null;
|
||||
} catch (RestClientException e) {
|
||||
log.error(url + ": " + e.getMessage());
|
||||
log.error("{}: {}", url, e.getMessage());
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
@ -41,7 +41,7 @@ public class AuthorizationUtils {
|
|||
private boolean hasCookie(HttpServletRequest request) {
|
||||
Cookie[] cookies = request.getCookies();
|
||||
if(cookies != null) {
|
||||
return Arrays.stream(cookies).anyMatch(cookie -> cookie.getName().equalsIgnoreCase(this.securityConfig.getSession()));
|
||||
return Arrays.stream(cookies).anyMatch(cookie -> cookie.getName().equalsIgnoreCase(this.properties.getSession()));
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
|
@ -0,0 +1,37 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.authorization.stateless;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.AuthorizationService;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.EntryPoint;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.WebSecurity;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
@Component
|
||||
public class StatelessWebSecurity implements WebSecurity {
|
||||
|
||||
private final AuthorizationFilter filter;
|
||||
private final EntryPoint entryPoint;
|
||||
private final AuthorizationService service;
|
||||
|
||||
@Autowired
|
||||
public StatelessWebSecurity(AuthorizationFilter filter, EntryPoint entryPoint, AuthorizationService service) {
|
||||
this.filter = filter;
|
||||
this.entryPoint = entryPoint;
|
||||
this.service = service;
|
||||
}
|
||||
|
||||
@Override
|
||||
public HttpSecurity security(HttpSecurity http) throws Exception {
|
||||
http.csrf(AbstractHttpConfigurer::disable);
|
||||
http.addFilterBefore(filter, BasicAuthenticationFilter.class);
|
||||
http.exceptionHandling(handler -> handler.authenticationEntryPoint(entryPoint));
|
||||
http.authorizeHttpRequests(auth -> auth.requestMatchers("/swagger-ui/**", "/v3/api-docs/**").hasAuthority(this.service.PORTAL_ADMIN).anyRequest().permitAll());
|
||||
http.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
|
||||
return http;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.stateless.utils;
|
||||
package eu.dnetlib.uoaauthorizationlibrary.authorization.stateless;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.configuration;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.security.AuthorizationService;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
@Configuration
|
||||
@ComponentScan(
|
||||
basePackageClasses = {AuthorizationService.class}
|
||||
)
|
||||
public class IgnoreSecurityConfiguration {
|
||||
}
|
||||
|
|
@ -1,42 +0,0 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.security.EntryPoint;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
||||
|
||||
@EnableWebSecurity
|
||||
@EnableMethodSecurity(securedEnabled = true, proxyTargetClass = true)
|
||||
@Configuration
|
||||
public class WebSecurityConfig {
|
||||
|
||||
private final AuthorizationFilter filter;
|
||||
|
||||
@Autowired
|
||||
public WebSecurityConfig(AuthorizationFilter filter) {
|
||||
this.filter = filter;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public EntryPoint entryPoint() {
|
||||
return new EntryPoint();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
http.csrf(AbstractHttpConfigurer::disable);
|
||||
http.addFilterBefore(filter, BasicAuthenticationFilter.class);
|
||||
http.exceptionHandling(handler -> handler.authenticationEntryPoint(this.entryPoint()));
|
||||
http.authorizeHttpRequests(auth -> auth.anyRequest().permitAll());
|
||||
http.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
|
||||
return http.build();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,4 +1,3 @@
|
|||
#dev
|
||||
spring.session.store-type=none
|
||||
authorization.security.userInfoUrl=
|
||||
authorization.security.domain=di.uoa.gr
|
||||
|
|
|
|||
Loading…
Reference in New Issue