diff --git a/pom.xml b/pom.xml
index aa8be72..e82ec7b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -48,6 +48,30 @@
org.springframework.boot
spring-boot-starter-security
+
+ org.springframework.boot
+ spring-boot-starter-data-redis
+
+
+ org.springframework.session
+ spring-session-data-redis
+
+
+ biz.paluch.redis
+ lettuce
+ 4.3.3.Final
+
+
+ org.mitre
+ openid-connect-client
+ 1.3.0
+
+
+ org.bouncycastle
+ bcprov-jdk15on
+
+
+
com.google.code.gson
gson
@@ -61,6 +85,37 @@
+
+ org.apache.maven.plugins
+ maven-jar-plugin
+
+
+ default-jar
+ package
+
+ jar
+
+
+
+ **/eu/dnetlib/uoaauthorizationlibrary/redis/**
+
+
+
+
+ redis
+ package
+
+ jar
+
+
+ redis
+
+ **/eu/dnetlib/uoaauthorizationlibrary/stateless/**
+
+
+
+
+
uoa-authorization-library
diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/Redis.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/Redis.java
new file mode 100644
index 0000000..ae2200d
--- /dev/null
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/Redis.java
@@ -0,0 +1,44 @@
+package eu.dnetlib.uoaauthorizationlibrary.configuration;
+
+public class Redis {
+
+ private String host = "localhost";
+ private String port = "6379";
+ private String password;
+
+ public Redis() {
+ }
+
+ public String getHost() {
+ return host;
+ }
+
+ public void setHost(String host) {
+ this.host = host;
+ }
+
+ public String getPort() {
+ return port;
+ }
+
+ public void setPort(String port) {
+ this.port = port;
+ }
+
+ public String getPassword() {
+ return password;
+ }
+
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ @Override
+ public String toString() {
+ return "Redis{" +
+ "host='" + host + '\'' +
+ ", port='" + port + '\'' +
+ ", password='" + password + '\'' +
+ '}';
+ }
+}
diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/SecurityConfig.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/SecurityConfig.java
index 3a21783..a583027 100644
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/SecurityConfig.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/SecurityConfig.java
@@ -5,9 +5,19 @@ import org.springframework.boot.context.properties.ConfigurationProperties;
@ConfigurationProperties("authorization.security")
public class SecurityConfig {
+ private Redis redis = new Redis();
private String userInfoUrl;
+ private String domain;
private String session;
+ public Redis getRedis() {
+ return redis;
+ }
+
+ public void setRedis(Redis redis) {
+ this.redis = redis;
+ }
+
public String getUserInfoUrl() {
return userInfoUrl;
}
@@ -16,6 +26,14 @@ public class SecurityConfig {
this.userInfoUrl = userInfoUrl;
}
+ public String getDomain() {
+ return domain;
+ }
+
+ public void setDomain(String domain) {
+ this.domain = domain;
+ }
+
public String getSession() {
return session;
}
diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/controllers/AuthorizationLibraryCheckDeployController.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/controllers/AuthorizationLibraryCheckDeployController.java
index ddc8a4e..63c906e 100644
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/controllers/AuthorizationLibraryCheckDeployController.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/controllers/AuthorizationLibraryCheckDeployController.java
@@ -27,16 +27,18 @@ public class AuthorizationLibraryCheckDeployController {
@RequestMapping(value = {"", "/health_check"}, method = RequestMethod.GET)
public String hello() {
- log.debug("Hello from uoa-authorization-service!");
- return "Hello from uoa-authorization-service!";
+ log.debug("Hello from uoa-authorization-library!");
+ return "Hello from uoa-authorization-library!";
}
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
@RequestMapping(value = "/health_check/advanced", method = RequestMethod.GET)
public Map checkEverything() {
Map response = new HashMap<>();
+ response.put("authorization.security.redis.host", securityConfig.getRedis().getHost());
response.put("authorization.security.userInfoUrl", securityConfig.getUserInfoUrl());
response.put("authorization.security.session", securityConfig.getSession());
+ response.put("authorization.security.domain", securityConfig.getDomain());
if(GlobalVars.date != null) {
response.put("Date of deploy", GlobalVars.date.toString());
}
diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/redis/configuration/RedisConfig.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/redis/configuration/RedisConfig.java
new file mode 100644
index 0000000..50d0d74
--- /dev/null
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/redis/configuration/RedisConfig.java
@@ -0,0 +1,39 @@
+package eu.dnetlib.uoaauthorizationlibrary.redis.configuration;
+
+import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
+import org.apache.log4j.Logger;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
+import org.springframework.session.web.http.CookieSerializer;
+import org.springframework.session.web.http.DefaultCookieSerializer;
+
+@EnableRedisHttpSession
+@Configuration
+public class RedisConfig {
+
+ private final SecurityConfig securityConfig;
+ private static final Logger logger = Logger.getLogger(RedisConfig.class);
+
+ @Autowired
+ public RedisConfig(SecurityConfig securityConfig) {this.securityConfig = securityConfig;}
+
+ @Bean
+ public LettuceConnectionFactory connectionFactory() {
+ logger.info(String.format("Redis connection listens to %s:%s ", securityConfig.getRedis().getHost(), securityConfig.getRedis().getPort()));
+ LettuceConnectionFactory factory = new LettuceConnectionFactory(securityConfig.getRedis().getHost(), Integer.parseInt(securityConfig.getRedis().getPort()));
+ if (securityConfig.getRedis().getPassword() != null) factory.setPassword(securityConfig.getRedis().getPassword());
+ return factory;
+ }
+
+ @Bean
+ public CookieSerializer cookieSerializer() {
+ DefaultCookieSerializer serializer = new DefaultCookieSerializer();
+ serializer.setCookieName(securityConfig.getSession());
+ serializer.setCookiePath("/");
+ serializer.setDomainName(securityConfig.getDomain());
+ return serializer;
+ }
+}
diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/redis/security/WebSecurityConfig.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/redis/security/WebSecurityConfig.java
new file mode 100644
index 0000000..8607c35
--- /dev/null
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/redis/security/WebSecurityConfig.java
@@ -0,0 +1,20 @@
+package eu.dnetlib.uoaauthorizationlibrary.redis.security;
+
+import eu.dnetlib.uoaauthorizationlibrary.security.EntryPoint;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.csrf().disable();
+ http.authorizeRequests().anyRequest().permitAll();
+ http.httpBasic().authenticationEntryPoint(new EntryPoint());
+ }
+
+}
diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationService.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationService.java
index 7eec0f1..c8f6505 100644
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationService.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationService.java
@@ -1,6 +1,7 @@
package eu.dnetlib.uoaauthorizationlibrary.security;
import org.apache.log4j.Logger;
+import org.mitre.openid.connect.model.OIDCAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
@@ -70,7 +71,7 @@ public class AuthorizationService {
}
public List getRoles() {
- OpenAIREAuthentication authentication = getAuthentication();
+ Authentication authentication = getAuthentication();
if (authentication != null && authentication.isAuthenticated()) {
return authentication.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList());
}
@@ -78,25 +79,33 @@ public class AuthorizationService {
}
public String getAaiId() {
- OpenAIREAuthentication authentication = getAuthentication();
+ Authentication authentication = getAuthentication();
if (authentication != null && authentication.isAuthenticated()) {
- return authentication.getUser().getSub();
+ if(authentication instanceof OpenAIREAuthentication) {
+ return ((OpenAIREAuthentication) authentication).getUser().getSub();
+ } else {
+ return ((OIDCAuthenticationToken) authentication).getUserInfo().getSub();
+ }
}
return null;
}
public String getEmail() {
- OpenAIREAuthentication authentication = getAuthentication();
+ Authentication authentication = getAuthentication();
if (authentication != null && authentication.isAuthenticated()) {
- return authentication.getUser().getEmail();
+ if(authentication instanceof OpenAIREAuthentication) {
+ return ((OpenAIREAuthentication) authentication).getUser().getEmail();
+ } else {
+ return ((OIDCAuthenticationToken) authentication).getUserInfo().getEmail();
+ }
}
return null;
}
- private OpenAIREAuthentication getAuthentication() {
+ private Authentication getAuthentication() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
- if(authentication instanceof OpenAIREAuthentication) {
- return (OpenAIREAuthentication) authentication;
+ if(authentication instanceof OpenAIREAuthentication || authentication instanceof OIDCAuthenticationToken) {
+ return authentication;
} else {
return null;
}
diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/OpenAIREAuthentication.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/OpenAIREAuthentication.java
index c8a1459..b5fe790 100644
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/OpenAIREAuthentication.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/OpenAIREAuthentication.java
@@ -1,6 +1,6 @@
package eu.dnetlib.uoaauthorizationlibrary.security;
-import eu.dnetlib.uoaauthorizationlibrary.utils.UserInfo;
+import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.UserInfo;
import org.springframework.security.authentication.AbstractAuthenticationToken;
public class OpenAIREAuthentication extends AbstractAuthenticationToken {
diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationFilter.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationFilter.java
similarity index 89%
rename from src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationFilter.java
rename to src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationFilter.java
index 0652607..dac3dc9 100644
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationFilter.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationFilter.java
@@ -1,6 +1,6 @@
-package eu.dnetlib.uoaauthorizationlibrary.security;
+package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
-import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
+import eu.dnetlib.uoaauthorizationlibrary.security.OpenAIREAuthentication;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContextHolder;
diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationFilterConfigurer.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationFilterConfigurer.java
similarity index 87%
rename from src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationFilterConfigurer.java
rename to src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationFilterConfigurer.java
index 323e395..176413a 100644
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationFilterConfigurer.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationFilterConfigurer.java
@@ -1,6 +1,5 @@
-package eu.dnetlib.uoaauthorizationlibrary.security;
+package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
-import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.DefaultSecurityFilterChain;
diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationProvider.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationProvider.java
similarity index 69%
rename from src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationProvider.java
rename to src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationProvider.java
index 77739fc..62dcb0e 100644
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationProvider.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationProvider.java
@@ -1,7 +1,8 @@
-package eu.dnetlib.uoaauthorizationlibrary.security;
+package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
-import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
-import eu.dnetlib.uoaauthorizationlibrary.utils.UserInfo;
+import eu.dnetlib.uoaauthorizationlibrary.security.OpenAIREAuthentication;
+import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.AuthorizationUtils;
+import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.UserInfo;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/WebSecurityConfig.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/WebSecurityConfig.java
similarity index 82%
rename from src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/WebSecurityConfig.java
rename to src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/WebSecurityConfig.java
index fe7a029..ac5a1f9 100644
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/WebSecurityConfig.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/WebSecurityConfig.java
@@ -1,8 +1,7 @@
-package eu.dnetlib.uoaauthorizationlibrary.security;
+package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
-import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
+import eu.dnetlib.uoaauthorizationlibrary.security.EntryPoint;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.ComponentScan;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -11,7 +10,6 @@ import org.springframework.security.config.http.SessionCreationPolicy;
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
@EnableWebSecurity
-@ComponentScan(basePackages = {"eu.dnetlib.uoaauthorizationlibrary.*"})
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private final AuthorizationFilter filter;
diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/utils/AuthorizationUtils.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/utils/AuthorizationUtils.java
similarity index 97%
rename from src/main/java/eu/dnetlib/uoaauthorizationlibrary/utils/AuthorizationUtils.java
rename to src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/utils/AuthorizationUtils.java
index abaa952..0c3b3d2 100644
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/utils/AuthorizationUtils.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/utils/AuthorizationUtils.java
@@ -1,4 +1,4 @@
-package eu.dnetlib.uoaauthorizationlibrary.utils;
+package eu.dnetlib.uoaauthorizationlibrary.stateless.utils;
import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
import org.apache.log4j.Logger;
diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/utils/UserInfo.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/utils/UserInfo.java
similarity index 96%
rename from src/main/java/eu/dnetlib/uoaauthorizationlibrary/utils/UserInfo.java
rename to src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/utils/UserInfo.java
index ea62860..c8df399 100644
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/utils/UserInfo.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/utils/UserInfo.java
@@ -1,4 +1,4 @@
-package eu.dnetlib.uoaauthorizationlibrary.utils;
+package eu.dnetlib.uoaauthorizationlibrary.stateless.utils;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
diff --git a/src/main/resources/authorization.properties b/src/main/resources/authorization.properties
index b8f0008..313d978 100644
--- a/src/main/resources/authorization.properties
+++ b/src/main/resources/authorization.properties
@@ -1,5 +1,7 @@
#dev
+spring.session.store-type=none
authorization.security.userInfoUrl = http://mpagasas.di.uoa.gr:8080/login-service/userInfo
+authorization.security.domain=di.uoa.gr
authorization.security.session=openAIRESession
authorization.globalVars.buildDate=@timestampAuthorizationLibrary@
authorization.globalVars.version=@project.version@