[springboot3]: Fix check properties method base on Mode.
This commit is contained in:
parent
cb0369b1d4
commit
e82f686829
|
|
@ -1,12 +1,15 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary;
|
||||
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.*;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.SecurityMode;
|
||||
import jakarta.annotation.PostConstruct;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
import java.util.HashMap;
|
||||
|
|
@ -19,16 +22,22 @@ public class AuthorizationConfiguration {
|
|||
|
||||
private final SecurityProperties properties;
|
||||
private final GlobalVars globalVars;
|
||||
private final SecurityMode securityMode;
|
||||
|
||||
@Autowired
|
||||
public AuthorizationConfiguration(SecurityProperties properties, GlobalVars globalVars) {
|
||||
public AuthorizationConfiguration(SecurityProperties properties, GlobalVars globalVars, SecurityMode securityMode) {
|
||||
this.properties = properties;
|
||||
this.globalVars = globalVars;
|
||||
this.securityMode = securityMode;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public RestTemplate restTemplate() {
|
||||
return new RestTemplate();
|
||||
RestTemplate restTemplate() {
|
||||
RestTemplate restTemplate = new RestTemplate();
|
||||
MappingJackson2HttpMessageConverter converter = new MappingJackson2HttpMessageConverter();
|
||||
converter.setObjectMapper(new ObjectMapper());
|
||||
restTemplate.getMessageConverters().add(converter);
|
||||
return restTemplate;
|
||||
}
|
||||
|
||||
@PostConstruct
|
||||
|
|
@ -37,32 +46,15 @@ public class AuthorizationConfiguration {
|
|||
throw new RuntimeException("authorization.security.domain is missing!");
|
||||
} else if(properties.getSession() == null || properties.getSession().isEmpty()) {
|
||||
throw new RuntimeException("authorization.security.session is missing!");
|
||||
} else if(SecurityProperties.MODE == Mode.STATELESS) {
|
||||
if(properties.getUserInfoUrl() == null || properties.getUserInfoUrl().isEmpty()) {
|
||||
throw new RuntimeException("authorization.security.userInfoUrl is missing!");
|
||||
}
|
||||
} else if(SecurityProperties.MODE == Mode.REDIS) {
|
||||
Redis redis = properties.getRedis();
|
||||
if (redis.getHost() == null || redis.getHost().isEmpty()) {
|
||||
throw new RuntimeException("authorization.security.redis.host is missing!");
|
||||
} else if (redis.getPort() == null || redis.getPort().isEmpty()) {
|
||||
throw new RuntimeException("authorization.security.redis.port is missing!");
|
||||
}
|
||||
}
|
||||
this.securityMode.checkProperties(properties);
|
||||
}
|
||||
|
||||
public Map<String, String> getProperties() {
|
||||
Map<String, String> map = new HashMap<>();
|
||||
map.put("authorization.security.domain", properties.getDomain());
|
||||
map.put("authorization.security.session", properties.getSession());
|
||||
if(SecurityProperties.MODE == Mode.STATELESS) {
|
||||
map.put("authorization.security.userInfoUrl", properties.getUserInfoUrl());
|
||||
}
|
||||
if(SecurityProperties.MODE == Mode.REDIS) {
|
||||
map.put("authorization.security.redis.host", properties.getRedis().getHost());
|
||||
map.put("authorization.security.redis.port", properties.getRedis().getPort());
|
||||
map.put("authorization.security.redis.password", properties.getRedis().getPassword());
|
||||
}
|
||||
this.securityMode.getProperties(map, properties);
|
||||
if (GlobalVars.date != null) {
|
||||
map.put("Date of deploy", GlobalVars.date.toString());
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.WebSecurity;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.SecurityMode;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
|
@ -14,15 +14,15 @@ import org.springframework.security.web.SecurityFilterChain;
|
|||
@Configuration
|
||||
public class WebSecurityConfig {
|
||||
|
||||
private final WebSecurity webSecurity;
|
||||
private final SecurityMode securityMode;
|
||||
|
||||
@Autowired
|
||||
public WebSecurityConfig(WebSecurity webSecurity) {
|
||||
this.webSecurity = webSecurity;
|
||||
public WebSecurityConfig(SecurityMode securityMode) {
|
||||
this.securityMode = securityMode;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
return webSecurity.security(http).build();
|
||||
return securityMode.security(http).build();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +0,0 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.authorization.configuration;
|
||||
|
||||
public enum Mode {
|
||||
STATELESS, REDIS
|
||||
}
|
||||
|
|
@ -6,8 +6,6 @@ import org.springframework.boot.context.properties.ConfigurationProperties;
|
|||
@ConfigurationProperties("authorization.security")
|
||||
public class SecurityProperties {
|
||||
|
||||
public static Mode MODE = Mode.STATELESS;
|
||||
|
||||
private Redis redis = new Redis();
|
||||
private String userInfoUrl;
|
||||
private String domain;
|
||||
|
|
|
|||
|
|
@ -1,6 +1,5 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.authorization.security;
|
||||
package eu.dnetlib.uoaauthorizationlibrary.authorization.configuration;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.API;
|
||||
import io.swagger.v3.oas.models.OpenAPI;
|
||||
import io.swagger.v3.oas.models.info.Info;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
|
@ -1,28 +1,30 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.authorization.redis;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.Mode;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.Redis;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.SecurityProperties;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.AuthorizationService;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.EntryPoint;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.WebSecurity;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.SecurityMode;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
@Component
|
||||
public class RedisWebSecurity implements WebSecurity {
|
||||
public class RedisSecurityMode implements SecurityMode {
|
||||
|
||||
private final EntryPoint entryPoint;
|
||||
private final AuthorizationService service;
|
||||
|
||||
@Autowired
|
||||
public RedisWebSecurity(EntryPoint entryPoint, AuthorizationService service) {
|
||||
public RedisSecurityMode(EntryPoint entryPoint, AuthorizationService service) {
|
||||
this.entryPoint = entryPoint;
|
||||
this.service = service;
|
||||
SecurityProperties.MODE = Mode.REDIS;
|
||||
}
|
||||
|
||||
@Override
|
||||
public HttpSecurity security(HttpSecurity http) throws Exception {
|
||||
http.csrf(AbstractHttpConfigurer::disable);
|
||||
http.exceptionHandling(handler -> handler.authenticationEntryPoint(entryPoint));
|
||||
|
|
@ -30,4 +32,20 @@ public class RedisWebSecurity implements WebSecurity {
|
|||
return http;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void checkProperties(SecurityProperties properties) {
|
||||
Redis redis = properties.getRedis();
|
||||
if (redis.getHost() == null || redis.getHost().isEmpty()) {
|
||||
throw new RuntimeException("authorization.security.redis.host is missing!");
|
||||
} else if (redis.getPort() == null || redis.getPort().isEmpty()) {
|
||||
throw new RuntimeException("authorization.security.redis.port is missing!");
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void getProperties(Map<String, String> map, SecurityProperties properties) {
|
||||
map.put("authorization.security.redis.host", properties.getRedis().getHost());
|
||||
map.put("authorization.security.redis.port", properties.getRedis().getPort());
|
||||
map.put("authorization.security.redis.password", properties.getRedis().getPassword());
|
||||
}
|
||||
}
|
||||
|
|
@ -42,7 +42,7 @@ public class AuthorizationService {
|
|||
/**
|
||||
* Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT
|
||||
*
|
||||
* Id = EE, EGI, etc
|
||||
* ID = EE, EGI, etc
|
||||
*/
|
||||
public String manager(String type, String id) {
|
||||
return mapType(type, true).toUpperCase() + "_" + id.toUpperCase() + "_MANAGER";
|
||||
|
|
@ -51,7 +51,7 @@ public class AuthorizationService {
|
|||
/**
|
||||
* Type = FUNDER | COMMUNITY | RI | INSTITUTION | PROJECT
|
||||
*
|
||||
* Id = EE, EGI, etc
|
||||
* ID = EE, EGI, etc
|
||||
*/
|
||||
public String member(String type, String id) {
|
||||
return mapType(type, false).toUpperCase() + "_" + id.toUpperCase();
|
||||
|
|
|
|||
|
|
@ -0,0 +1,17 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.authorization.security;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.SecurityProperties;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
@Component
|
||||
public interface SecurityMode {
|
||||
|
||||
HttpSecurity security(HttpSecurity http) throws Exception;
|
||||
|
||||
void checkProperties(SecurityProperties securityProperties);
|
||||
|
||||
void getProperties(Map<String, String> map, SecurityProperties properties);
|
||||
}
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.authorization.security;
|
||||
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
@Component
|
||||
public interface WebSecurity {
|
||||
|
||||
HttpSecurity security(HttpSecurity http) throws Exception;
|
||||
}
|
||||
|
|
@ -1,10 +1,9 @@
|
|||
package eu.dnetlib.uoaauthorizationlibrary.authorization.stateless;
|
||||
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.Mode;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.configuration.SecurityProperties;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.AuthorizationService;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.EntryPoint;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.WebSecurity;
|
||||
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.SecurityMode;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
|
|
@ -12,19 +11,20 @@ import org.springframework.security.config.http.SessionCreationPolicy;
|
|||
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
@Component
|
||||
public class StatelessWebSecurity implements WebSecurity {
|
||||
public class StatelessSecurityMode implements SecurityMode {
|
||||
|
||||
private final AuthorizationFilter filter;
|
||||
private final EntryPoint entryPoint;
|
||||
private final AuthorizationService service;
|
||||
|
||||
@Autowired
|
||||
public StatelessWebSecurity(AuthorizationFilter filter, EntryPoint entryPoint, AuthorizationService service) {
|
||||
public StatelessSecurityMode(AuthorizationFilter filter, EntryPoint entryPoint, AuthorizationService service) {
|
||||
this.filter = filter;
|
||||
this.entryPoint = entryPoint;
|
||||
this.service = service;
|
||||
SecurityProperties.MODE = Mode.STATELESS;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -37,4 +37,15 @@ public class StatelessWebSecurity implements WebSecurity {
|
|||
return http;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void checkProperties(SecurityProperties properties) {
|
||||
if(properties.getUserInfoUrl() == null || properties.getUserInfoUrl().isEmpty()) {
|
||||
throw new RuntimeException("authorization.security.userInfoUrl is missing!");
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void getProperties(Map<String, String> map, SecurityProperties properties) {
|
||||
map.put("authorization.security.userInfoUrl", properties.getUserInfoUrl());
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue