Migrate project to spring-boot-3
This commit is contained in:
parent
e91a0e6af8
commit
da0bced79a
24
pom.xml
24
pom.xml
|
@ -4,10 +4,10 @@
|
|||
<parent>
|
||||
<groupId>eu.dnetlib</groupId>
|
||||
<artifactId>uoa-spring-boot-parent</artifactId>
|
||||
<version>1.0.0</version>
|
||||
<version>2.0.1</version>
|
||||
</parent>
|
||||
<artifactId>uoa-authorization-library</artifactId>
|
||||
<version>2.1.5-SNAPSHOT</version>
|
||||
<version>3.0.0-SNAPSHOT</version>
|
||||
<packaging>jar</packaging>
|
||||
<name>uoa-authorization-library</name>
|
||||
<scm>
|
||||
|
@ -28,27 +28,17 @@
|
|||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-data-redis</artifactId>
|
||||
<artifactId>spring-boot-starter-oauth2-client</artifactId>
|
||||
</dependency>
|
||||
<!-- Redis -->
|
||||
<dependency>
|
||||
<groupId>org.springframework.session</groupId>
|
||||
<artifactId>spring-session-data-redis</artifactId>
|
||||
</dependency>
|
||||
<!-- Redis Client -->
|
||||
<dependency>
|
||||
<groupId>biz.paluch.redis</groupId>
|
||||
<artifactId>lettuce</artifactId>
|
||||
<version>4.3.3.Final</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.mitre</groupId>
|
||||
<artifactId>openid-connect-client</artifactId>
|
||||
<version>1.3.0</version>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.bouncycastle</groupId>
|
||||
<artifactId>bcprov-jdk15on</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
<groupId>redis.clients</groupId>
|
||||
<artifactId>jedis</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
|
|
|
@ -1,22 +1,32 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.configuration;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.context.annotation.*;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.web.servlet.config.annotation.CorsRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
||||
|
||||
@Configuration
|
||||
@EnableConfigurationProperties({SecurityConfig.class, GlobalVars.class})
|
||||
@ComponentScan(basePackages = { "eu.dnetlib.uoaauthorizationlibrary" })
|
||||
public class AuthorizationConfiguration {
|
||||
|
||||
private final SecurityConfig securityConfig;
|
||||
|
||||
@Autowired
|
||||
public AuthorizationConfiguration(SecurityConfig securityConfig) {
|
||||
this.securityConfig = securityConfig;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public WebMvcConfigurer corsConfigurer() {
|
||||
return new WebMvcConfigurerAdapter() {
|
||||
return new WebMvcConfigurer() {
|
||||
@Override
|
||||
public void addCorsMappings(CorsRegistry registry) {
|
||||
registry.addMapping("/**")
|
||||
.allowedOriginPatterns("*" + securityConfig.getDomain())
|
||||
.allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS")
|
||||
.allowCredentials(true);
|
||||
}
|
||||
|
|
|
@ -15,7 +15,6 @@ import java.util.HashMap;
|
|||
import java.util.Map;
|
||||
|
||||
@RestController
|
||||
@CrossOrigin(origins = "*")
|
||||
@RequestMapping("/authorization-library")
|
||||
public class AuthorizationLibraryCheckDeployController {
|
||||
private final Logger log = LogManager.getLogger(this.getClass());
|
||||
|
@ -26,7 +25,7 @@ public class AuthorizationLibraryCheckDeployController {
|
|||
@Autowired
|
||||
private GlobalVars globalVars;
|
||||
|
||||
@RequestMapping(value = {"", "/health_check"}, method = RequestMethod.GET)
|
||||
@RequestMapping(value = {"","/", "/health_check"}, method = RequestMethod.GET)
|
||||
public String hello() {
|
||||
log.debug("Hello from uoa-authorization-library!");
|
||||
return "Hello from uoa-authorization-library!";
|
||||
|
|
|
@ -6,7 +6,9 @@ import org.apache.logging.log4j.Logger;
|
|||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
|
||||
import org.springframework.data.redis.connection.RedisStandaloneConfiguration;
|
||||
import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
|
||||
import org.springframework.data.redis.core.RedisTemplate;
|
||||
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
|
||||
import org.springframework.session.web.http.CookieSerializer;
|
||||
import org.springframework.session.web.http.DefaultCookieSerializer;
|
||||
|
@ -15,26 +17,37 @@ import org.springframework.session.web.http.DefaultCookieSerializer;
|
|||
@Configuration
|
||||
public class RedisConfig {
|
||||
|
||||
private final SecurityConfig securityConfig;
|
||||
private final SecurityConfig properties;
|
||||
|
||||
private static final Logger logger = LogManager.getLogger(RedisConfig.class);
|
||||
|
||||
@Autowired
|
||||
public RedisConfig(SecurityConfig securityConfig) {this.securityConfig = securityConfig;}
|
||||
public RedisConfig(SecurityConfig properties) {
|
||||
this.properties = properties;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public LettuceConnectionFactory connectionFactory() {
|
||||
logger.info(String.format("Redis connection listens to %s:%s ", securityConfig.getRedis().getHost(), securityConfig.getRedis().getPort()));
|
||||
LettuceConnectionFactory factory = new LettuceConnectionFactory(securityConfig.getRedis().getHost(), Integer.parseInt(securityConfig.getRedis().getPort()));
|
||||
if (securityConfig.getRedis().getPassword() != null) factory.setPassword(securityConfig.getRedis().getPassword());
|
||||
return factory;
|
||||
public JedisConnectionFactory connectionFactory() {
|
||||
logger.info(String.format("Redis connection listens to %s:%s ", properties.getRedis().getHost(), properties.getRedis().getPort()));
|
||||
RedisStandaloneConfiguration configuration = new RedisStandaloneConfiguration(properties.getRedis().getHost(), Integer.parseInt(properties.getRedis().getPort()));
|
||||
if (properties.getRedis().getPassword() != null)
|
||||
configuration.setPassword(properties.getRedis().getPassword());
|
||||
return new JedisConnectionFactory(configuration);
|
||||
}
|
||||
|
||||
@Bean
|
||||
public RedisTemplate<String, Object> redisTemplate() {
|
||||
RedisTemplate<String, Object> template = new RedisTemplate<>();
|
||||
template.setConnectionFactory(connectionFactory());
|
||||
return template;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public CookieSerializer cookieSerializer() {
|
||||
DefaultCookieSerializer serializer = new DefaultCookieSerializer();
|
||||
serializer.setCookieName(securityConfig.getSession());
|
||||
serializer.setCookieName(properties.getSession());
|
||||
serializer.setCookiePath("/");
|
||||
serializer.setDomainName(securityConfig.getDomain());
|
||||
serializer.setDomainName(properties.getDomain());
|
||||
return serializer;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,20 +1,30 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.redis.security;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.security.EntryPoint;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
||||
@EnableWebSecurity
|
||||
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
@EnableMethodSecurity(securedEnabled = true, proxyTargetClass = true)
|
||||
@Configuration
|
||||
public class WebSecurityConfig {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.csrf().disable();
|
||||
http.authorizeRequests().anyRequest().permitAll();
|
||||
http.httpBasic().authenticationEntryPoint(new EntryPoint());
|
||||
@Bean
|
||||
public EntryPoint entryPoint() {
|
||||
return new EntryPoint();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
http.csrf(AbstractHttpConfigurer::disable);
|
||||
http.exceptionHandling(handler -> handler.authenticationEntryPoint(this.entryPoint()));
|
||||
http.authorizeHttpRequests(auth -> auth.anyRequest().permitAll());
|
||||
return http.build();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -1,13 +1,16 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.security;
|
||||
|
||||
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.UserInfo;
|
||||
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Objects;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@Component(value = "AuthorizationService")
|
||||
|
@ -85,7 +88,7 @@ public class AuthorizationService {
|
|||
if(authentication instanceof OpenAIREAuthentication) {
|
||||
return ((OpenAIREAuthentication) authentication).getUser().getSub();
|
||||
} else {
|
||||
return ((OIDCAuthenticationToken) authentication).getUserInfo().getSub();
|
||||
return Objects.requireNonNull(this.getOidcUser()).getSubject();
|
||||
}
|
||||
}
|
||||
return null;
|
||||
|
@ -97,7 +100,17 @@ public class AuthorizationService {
|
|||
if(authentication instanceof OpenAIREAuthentication) {
|
||||
return ((OpenAIREAuthentication) authentication).getUser().getEmail();
|
||||
} else {
|
||||
return ((OIDCAuthenticationToken) authentication).getUserInfo().getEmail();
|
||||
return Objects.requireNonNull(this.getOidcUser()).getEmail();
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
private DefaultOidcUser getOidcUser() {
|
||||
Authentication authentication = getAuthentication();
|
||||
if (authentication != null && authentication.isAuthenticated()) {
|
||||
if (authentication instanceof OAuth2AuthenticationToken token) {
|
||||
return (DefaultOidcUser) token.getPrincipal();
|
||||
}
|
||||
}
|
||||
return null;
|
||||
|
@ -105,7 +118,7 @@ public class AuthorizationService {
|
|||
|
||||
private Authentication getAuthentication() {
|
||||
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||
if(authentication instanceof OpenAIREAuthentication || authentication instanceof OIDCAuthenticationToken) {
|
||||
if(authentication instanceof OpenAIREAuthentication || authentication instanceof OAuth2AuthenticationToken) {
|
||||
return authentication;
|
||||
} else {
|
||||
return null;
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.security;
|
||||
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
|
||||
public class EntryPoint implements AuthenticationEntryPoint {
|
||||
|
|
|
@ -1,12 +1,11 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.security.OpenAIREAuthentication;
|
||||
import jakarta.servlet.*;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.servlet.*;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.io.IOException;
|
||||
|
||||
@Component
|
||||
|
@ -19,20 +18,15 @@ public class AuthorizationFilter implements Filter {
|
|||
this.authorizationProvider = authorizationProvider;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void init(FilterConfig filterConfig) throws ServletException {}
|
||||
|
||||
@Override
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException {
|
||||
OpenAIREAuthentication auth = authorizationProvider.getAuthentication((HttpServletRequest) req);
|
||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
|
||||
if (request instanceof HttpServletRequest req) {
|
||||
OpenAIREAuthentication auth = authorizationProvider.getAuthentication(req);
|
||||
if (auth.isAuthenticated()) {
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
}
|
||||
filterChain.doFilter(req, res);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void destroy() {
|
||||
|
||||
chain.doFilter(request, response);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,26 +0,0 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
|
||||
|
||||
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.web.DefaultSecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
|
||||
public class AuthorizationFilterConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
|
||||
|
||||
private final AuthorizationFilter filter;
|
||||
|
||||
@Override
|
||||
public void init(HttpSecurity http) throws Exception {
|
||||
http.csrf().disable();
|
||||
}
|
||||
|
||||
public AuthorizationFilterConfigurer(AuthorizationFilter filter) {
|
||||
this.filter = filter;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void configure(HttpSecurity http) throws Exception {
|
||||
http.addFilterBefore(filter, UsernamePasswordAuthenticationFilter.class);
|
||||
}
|
||||
|
||||
}
|
|
@ -3,11 +3,10 @@ package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
|
|||
import eu.dnetlib.uoaauthorizationlibrary.security.OpenAIREAuthentication;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.AuthorizationUtils;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.UserInfo;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
@Component
|
||||
public class AuthorizationProvider {
|
||||
|
||||
|
|
|
@ -2,29 +2,42 @@ package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
|
|||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.security.EntryPoint;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
||||
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
||||
@EnableWebSecurity
|
||||
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
@EnableMethodSecurity(securedEnabled = true, proxyTargetClass = true)
|
||||
@Configuration
|
||||
public class WebSecurityConfig {
|
||||
|
||||
private final AuthorizationFilter filter;
|
||||
|
||||
@Autowired
|
||||
WebSecurityConfig(AuthorizationFilter filter) {
|
||||
public WebSecurityConfig(AuthorizationFilter filter) {
|
||||
this.filter = filter;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.apply(new AuthorizationFilterConfigurer(filter));
|
||||
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
||||
http.authorizeRequests().anyRequest().permitAll();
|
||||
http.httpBasic().authenticationEntryPoint(new EntryPoint());
|
||||
|
||||
@Bean
|
||||
public EntryPoint entryPoint() {
|
||||
return new EntryPoint();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
http.csrf(AbstractHttpConfigurer::disable);
|
||||
http.addFilterBefore(filter, BasicAuthenticationFilter.class);
|
||||
http.exceptionHandling(handler -> handler.authenticationEntryPoint(this.entryPoint()));
|
||||
http.authorizeHttpRequests(auth -> auth.anyRequest().permitAll());
|
||||
http.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
|
||||
return http.build();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.stateless.utils;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
|
||||
import jakarta.servlet.http.Cookie;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
@ -8,9 +10,6 @@ import org.springframework.http.*;
|
|||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.client.RestClientException;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
import javax.servlet.http.Cookie;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
|
||||
|
|
Loading…
Reference in New Issue