Fix mapType in Authorization Service to handle extra '.'

[maven-release-plugin] prepare for next development iteration
[maven-release-plugin] prepare release uoa-authorization-library-2.1.4
2024-01-11 18:39:30 +02:00 · 2023-12-14 15:28:30 +02:00 · 2023-12-14 15:28:26 +02:00 · 2023-12-14 15:28:10 +02:00 · 2022-10-07 17:49:07 +03:00 · 2022-10-07 17:49:04 +03:00
21 changed files with 493 additions and 121 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,69 @@
+# ---> Java
+# Compiled class file
+*.class
+
+# Log file
+*.log
+
+# BlueJ files
+*.ctxt
+
+# Mobile Tools for Java (J2ME)
+.mtj.tmp/
+
+# Package Files #
+*.jar
+*.war
+*.nar
+*.ear
+*.zip
+*.tar.gz
+*.rar
+
+# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
+hs_err_pid*
+
+# ---> JetBrains
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
+# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
+
+# User-specific stuff
+.idea/
+target/
+
+# CMake
+cmake-build-*/
+
+# Mongo Explorer plugin
+.idea/**/mongoSettings.xml
+
+# File-based project format
+*.iws
+
+# IntelliJ
+out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+
+# Editor-based Rest Client
+.idea/httpRequests
+
+# Android studio 3.1+ serialized cache file
+.idea/caches/build_file_checksums.ser
+
+# Local Deployment scripts
+make.sh
+dnet-role-management.iml
--- a/README.md
+++ b/README.md
@ -0,0 +1,152 @@
+# Authorization Library
+
+Authorization library is a library that provides a Spring Security (4.x.x) process
+in order to authorize the endpoints of a service base on OpenAIRE Authorities.
+It can be used with two different session strategies, a stateless and
+a Redis http session.
+
+## Stateless
+
+In stateless strategy, there is not a session. A filter makes a request
+to an "userinfo" endpoint and creates an Authentication base on the response.
+The advantage of this method is that it doesn't need any storage to store 
+user's session, but with a cost of an extra http request per request.
+
+### Usage
+
+#### pom.xml
+
+    <dependency>
+        <groupId>eu.dnetlib</groupId>
+        <artifactId>uoa-authorization-library</artifactId>
+        <version>2.1.2</version>
+    </dependency>
+
+#### Spring Application/Configuration
+
+    import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;    
+
+    @PropertySources({@PropertySource("classpath:authorization.properties")})
+    @Import(AuthorizationConfiguration.class)
+    public class Application {
+        public static void main(String[] args) {
+            SpringApplication.run(Application.class, args);
+        }
+    }
+
+#### Configuration
+
+    authorization.security.userInfoUrl = http://<domain>/login-service/userInfo # Required, default ""
+    authorization.security.session=<session-cookie-name> # Default openAIRESession
+
+## Redis
+
+In Redis strategy, session is stored to a Redis database when a user
+authenticates himself through a login service. The disadvantage of 
+this strategy is that it needs access to the Redis database
+where session is stored.
+
+### Usage
+
+#### pom.xml
+
+    <dependency>
+        <groupId>eu.dnetlib</groupId>
+        <artifactId>uoa-authorization-library</artifactId>
+        <version>2.1.2</version>
+        <classifier>redis</classifier>
+    </dependency>
+
+#### Spring Application/Configuration
+
+    import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;    
+
+    @PropertySources({@PropertySource("classpath:authorization.properties")})
+    @Import(AuthorizationConfiguration.class)
+    public class Application {
+        public static void main(String[] args) {
+            SpringApplication.run(Application.class, args);
+        }
+    }
+
+#### Configuration
+
+    authorization.secuirty.redis.host=<redis-ip> # Default localhost
+    authorization.secuirty.redis.port=<redis-port> # Default 6379
+    authorization.secuirty.redis.password=<redis-password> # Default ""
+    authorization.security.domain=<domain-suffix> # e.g openaire.eu
+    authorization.security.session=<session-cookie-name> # Default openAIRESession
+
+
+## Authorize Requests
+
+### Authorization Service
+
+In order to simplify the format of the Authorities, you can use 
+this spring component to authorize your endpoints. There is also methods to
+get user's information.
+
+    public final String PORTAL_ADMIN = "PORTAL_ADMINISTRATOR";
+    public final String ANONYMOUS_USER = "ROLE_ANONYMOUS";
+    public final String REGISTERED_USER = "REGISTERED_USER";
+
+    /**
+     * Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT
+     */
+    public String curator(String type) {}
+
+    /**
+     * Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT
+     * 
+     * Id = EE, EGI, etc
+     */
+    public String manager(String type, String id) { }
+
+    /**
+     * Type = FUNDER | COMMUNITY | RI | INSTITUTION | PROJECT
+     * 
+     * Id = EE, EGI, etc
+     */
+    public String member(String type, String id)
+
+e.g
+
+    @PreAuthorize("hasAnyAuthority("
+        + "@AuthorizationService.PORTAL_ADMIN, "
+        + "@AuthorizationService.curator(#type), "
+        + "@AuthorizationService.manager(#type, #id)) "
+    + ")")
+    @RequestMapping(value = "{type}/{id}", method = RequestMethod.GET)
+    public Entity getEntity(@PathVariable("type") String type, @PathVariable("id") String id) {}
+
+## Spring Security (5.x.x) - Spring boot (2.x.x)
+
+Because of MitreID dependency, in order to use this library
+with redis HttpSession, service has to use spring security (4.x.x).
+The only way to use this library in a project with spring security 5.x.x
+is the Stateless strategy with the following modification in Application
+class:
+
+    import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;    
+
+    @PropertySources({@PropertySource("classpath:authorization.properties")})
+    @Import(AuthorizationConfiguration.class)
+    public class Application {
+
+        public static void main(String[] args) {
+            SpringApplication.run(Application.class, args);
+        }
+
+        @Bean
+        public WebMvcConfigurer corsConfigurer() {
+            return new WebMvcConfigurer() {
+                    @Override
+                    public void addCorsMappings(CorsRegistry registry) {
+                        registry.addMapping("/**")
+                                .allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS")
+                                .allowedOriginPatterns("*")
+                                .allowCredentials(true);
+                    }
+            };
+        }   
+    }
--- a/pom.xml
+++ b/pom.xml
@ -3,71 +3,88 @@
 	<modelVersion>4.0.0</modelVersion>
 	<parent>
 		<groupId>eu.dnetlib</groupId>
-		<artifactId>dnet45-parent</artifactId>
+		<artifactId>uoa-spring-boot-parent</artifactId>
 		<version>1.0.0</version>
 	</parent>
 	<artifactId>uoa-authorization-library</artifactId>
-	<version>2.0.4-SNAPSHOT</version>
+	<version>2.1.5-SNAPSHOT</version>
 	<packaging>jar</packaging>
-	<scm>
-		<developerConnection>scm:svn:https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/uoa-authorization-library/trunk</developerConnection>
-	</scm>
 	<name>uoa-authorization-library</name>
-
+	<scm>
+		<developerConnection>scm:git:gitea@code-repo.d4science.org:MaDgIK/authorization-library.git</developerConnection>
+		<tag>HEAD</tag>
+	</scm>
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
-		<java.version>1.8</java.version>
        <timestampAuthorizationLibrary>${maven.build.timestamp}</timestampAuthorizationLibrary>
        <maven.build.timestamp.format>E MMM dd HH:mm:ss z yyyy</maven.build.timestamp.format>
 	</properties>
-	<dependencyManagement>
-		<dependencies>
-			<dependency>
-				<groupId>org.springframework.boot</groupId>
-				<artifactId>spring-boot-dependencies</artifactId>
-				<version>1.5.8.RELEASE</version>
-				<type>pom</type>
-				<scope>import</scope>
-			</dependency>
-		</dependencies>
-	</dependencyManagement>
 	<dependencies>
-		<dependency>
-			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-web</artifactId>
-			<exclusions>
-				<exclusion>
-					<groupId> org.springframework.boot</groupId>
-					<artifactId>spring-boot-starter-logging</artifactId>
-				</exclusion>
-			</exclusions>
-		</dependency>
 		<!-- Starter for using Spring Security -->
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-security</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>com.google.code.gson</groupId>
-			<artifactId>gson</artifactId>
-			<version>2.8.2</version>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-data-redis</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>log4j</groupId>
-			<artifactId>log4j</artifactId>
-			<version>1.2.17</version>
+			<groupId>org.springframework.session</groupId>
+			<artifactId>spring-session-data-redis</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>biz.paluch.redis</groupId>
+			<artifactId>lettuce</artifactId>
+			<version>4.3.3.Final</version>
+		</dependency>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>openid-connect-client</artifactId>
+			<version>1.3.0</version>
+			<exclusions>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcprov-jdk15on</artifactId>
+				</exclusion>
+			</exclusions>
 		</dependency>
    </dependencies>
 	<build>
 		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-jar-plugin</artifactId>
+				<executions>
+					<execution>
+						<id>default-jar</id>
+						<phase>package</phase>
+						<goals>
+							<goal>jar</goal>
+						</goals>
+						<configuration>
+							<excludes>
+								<exclude>**/eu/dnetlib/uoaauthorizationlibrary/redis/**</exclude>
+							</excludes>
+						</configuration>
+					</execution>
+					<execution>
+						<id>redis</id>
+						<phase>package</phase>
+						<goals>
+							<goal>jar</goal>
+						</goals>
+						<configuration>
+							<classifier>redis</classifier>
+							<excludes>
+								<exclude>**/eu/dnetlib/uoaauthorizationlibrary/stateless/**</exclude>
+							</excludes>
+						</configuration>
+					</execution>
+				</executions>
+			</plugin>
 		</plugins>
        <finalName>uoa-authorization-library</finalName>
-        <resources>
-            <resource>
-                <directory>src/main/resources</directory>
-                <filtering>true</filtering>
-            </resource>
-        </resources>
 	</build>
 </project>
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/AuthorizationConfiguration.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/AuthorizationConfiguration.java
@ -2,8 +2,24 @@ package eu.dnetlib.uoaauthorizationlibrary.configuration;

 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.*;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

@Configuration
@EnableConfigurationProperties({SecurityConfig.class, GlobalVars.class})
@ComponentScan(basePackages = { "eu.dnetlib.uoaauthorizationlibrary" })
-public class AuthorizationConfiguration { }
+public class AuthorizationConfiguration {
+
+    @Bean
+    public WebMvcConfigurer corsConfigurer() {
+        return new WebMvcConfigurerAdapter() {
+            @Override
+            public void addCorsMappings(CorsRegistry registry) {
+                registry.addMapping("/**")
+                        .allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS")
+                        .allowCredentials(true);
+            }
+        };
+    }
+}
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/GlobalVars.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/GlobalVars.java
@ -4,7 +4,7 @@ import org.springframework.boot.context.properties.ConfigurationProperties;

 import java.util.Date;

-@ConfigurationProperties("authorization.globalVars")
+@ConfigurationProperties("authorization.global-vars")
 public class GlobalVars {
    public static Date date = new Date();
    private Date buildDate;
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/IgnoreSecurityConfiguration.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/IgnoreSecurityConfiguration.java
@ -0,0 +1,12 @@
+package eu.dnetlib.uoaauthorizationlibrary.configuration;
+
+import eu.dnetlib.uoaauthorizationlibrary.security.AuthorizationService;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+@ComponentScan(
+        basePackageClasses = {AuthorizationService.class}
+)
+public class IgnoreSecurityConfiguration {
+}
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/Redis.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/Redis.java
@ -0,0 +1,44 @@
+package eu.dnetlib.uoaauthorizationlibrary.configuration;
+
+public class Redis {
+
+    private String host = "localhost";
+    private String port = "6379";
+    private String password;
+
+    public Redis() {
+    }
+
+    public String getHost() {
+        return host;
+    }
+
+    public void setHost(String host) {
+        this.host = host;
+    }
+
+    public String getPort() {
+        return port;
+    }
+
+    public void setPort(String port) {
+        this.port = port;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    @Override
+    public String toString() {
+        return "Redis{" +
+                "host='" + host + '\'' +
+                ", port='" + port + '\'' +
+                ", password='" + password + '\'' +
+                '}';
+    }
+}
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/SecurityConfig.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/SecurityConfig.java
@ -5,7 +5,18 @@ import org.springframework.boot.context.properties.ConfigurationProperties;
@ConfigurationProperties("authorization.security")
 public class SecurityConfig {

+    private Redis redis = new Redis();
    private String userInfoUrl;
+    private String domain;
+    private String session;
+
+    public Redis getRedis() {
+        return redis;
+    }
+
+    public void setRedis(Redis redis) {
+        this.redis = redis;
+    }

    public String getUserInfoUrl() {
        return userInfoUrl;
@ -15,8 +26,19 @@ public class SecurityConfig {
        this.userInfoUrl = userInfoUrl;
    }

-    /** @deprecated */
-    public boolean isDeprecated() {
-        return userInfoUrl.contains("accessToken");
+    public String getDomain() {
+        return domain;
+    }
+
+    public void setDomain(String domain) {
+        this.domain = domain;
+    }
+
+    public String getSession() {
+        return session;
+    }
+
+    public void setSession(String session) {
+        this.session = session;
    }
 }
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/controllers/AuthorizationLibraryCheckDeployController.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/controllers/AuthorizationLibraryCheckDeployController.java
@ -2,7 +2,8 @@ package eu.dnetlib.uoaauthorizationlibrary.controllers;

 import eu.dnetlib.uoaauthorizationlibrary.configuration.GlobalVars;
 import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
-import org.apache.log4j.Logger;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.CrossOrigin;
@ -17,7 +18,7 @@ import java.util.Map;
@CrossOrigin(origins = "*")
@RequestMapping("/authorization-library")
 public class AuthorizationLibraryCheckDeployController {
-    private final Logger log = Logger.getLogger(this.getClass());
+    private final Logger log = LogManager.getLogger(this.getClass());

    @Autowired
    private SecurityConfig securityConfig;
@ -27,15 +28,18 @@ public class AuthorizationLibraryCheckDeployController {

    @RequestMapping(value = {"", "/health_check"}, method = RequestMethod.GET)
    public String hello() {
-        log.debug("Hello from uoa-authorization-service!");
-        return "Hello from uoa-authorization-service!";
+        log.debug("Hello from uoa-authorization-library!");
+        return "Hello from uoa-authorization-library!";
    }

    @PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
    @RequestMapping(value = "/health_check/advanced", method = RequestMethod.GET)
    public Map<String, String> checkEverything() {
        Map<String, String> response = new HashMap<>();
+        response.put("authorization.security.redis.host", securityConfig.getRedis().getHost());
        response.put("authorization.security.userInfoUrl", securityConfig.getUserInfoUrl());
+        response.put("authorization.security.session", securityConfig.getSession());
+        response.put("authorization.security.domain", securityConfig.getDomain());
        if(GlobalVars.date != null) {
            response.put("Date of deploy", GlobalVars.date.toString());
        }
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/redis/configuration/RedisConfig.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/redis/configuration/RedisConfig.java
@ -0,0 +1,40 @@
+package eu.dnetlib.uoaauthorizationlibrary.redis.configuration;
+
+import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
+import org.springframework.session.web.http.CookieSerializer;
+import org.springframework.session.web.http.DefaultCookieSerializer;
+
+@EnableRedisHttpSession
+@Configuration
+public class RedisConfig {
+
+    private final SecurityConfig securityConfig;
+    private static final Logger logger = LogManager.getLogger(RedisConfig.class);
+
+    @Autowired
+    public RedisConfig(SecurityConfig securityConfig) {this.securityConfig = securityConfig;}
+
+    @Bean
+    public LettuceConnectionFactory connectionFactory() {
+        logger.info(String.format("Redis connection listens to %s:%s ", securityConfig.getRedis().getHost(), securityConfig.getRedis().getPort()));
+        LettuceConnectionFactory factory = new LettuceConnectionFactory(securityConfig.getRedis().getHost(), Integer.parseInt(securityConfig.getRedis().getPort()));
+        if (securityConfig.getRedis().getPassword() != null) factory.setPassword(securityConfig.getRedis().getPassword());
+        return factory;
+    }
+
+    @Bean
+    public CookieSerializer cookieSerializer() {
+        DefaultCookieSerializer serializer = new DefaultCookieSerializer();
+        serializer.setCookieName(securityConfig.getSession());
+        serializer.setCookiePath("/");
+        serializer.setDomainName(securityConfig.getDomain());
+        return serializer;
+    }
+}
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/redis/security/WebSecurityConfig.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/redis/security/WebSecurityConfig.java
@ -0,0 +1,20 @@
+package eu.dnetlib.uoaauthorizationlibrary.redis.security;
+
+import eu.dnetlib.uoaauthorizationlibrary.security.EntryPoint;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.csrf().disable();
+        http.authorizeRequests().anyRequest().permitAll();
+        http.httpBasic().authenticationEntryPoint(new EntryPoint());
+    }
+
+}
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationService.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/AuthorizationService.java
@ -1,6 +1,6 @@
 package eu.dnetlib.uoaauthorizationlibrary.security;

-import org.apache.log4j.Logger;
+import org.mitre.openid.connect.model.OIDCAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
@ -12,7 +12,6 @@ import java.util.stream.Collectors;

@Component(value = "AuthorizationService")
 public class AuthorizationService {
-    private final Logger log = Logger.getLogger(this.getClass());

    public final String PORTAL_ADMIN = "PORTAL_ADMINISTRATOR";
    public final String ANONYMOUS_USER = "ROLE_ANONYMOUS";
@ -25,6 +24,9 @@ public class AuthorizationService {
        } else if (type.equals("ri") && communityMap) {
            type = "community";
        }
+        while (type.contains(".")) {
+            type = type.replace(".", "_");
+        }
        return type;
    }

@ -37,7 +39,7 @@ public class AuthorizationService {

    /**
     * Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT
-     * <p>
+     *
     * Id = EE, EGI, etc
     */
    public String manager(String type, String id) {
@ -46,7 +48,7 @@ public class AuthorizationService {

    /**
     * Type = FUNDER | COMMUNITY | RI | INSTITUTION | PROJECT
-     * <p>
+     *
     * Id = EE, EGI, etc
     */
    public String member(String type, String id) {
@ -70,7 +72,7 @@ public class AuthorizationService {
    }

    public List<String> getRoles() {
-        OpenAIREAuthentication authentication = getAuthentication();
+        Authentication authentication = getAuthentication();
        if (authentication != null && authentication.isAuthenticated()) {
            return authentication.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList());
        }
@ -78,25 +80,33 @@ public class AuthorizationService {
    }

    public String getAaiId() {
-        OpenAIREAuthentication authentication = getAuthentication();
+        Authentication authentication = getAuthentication();
        if (authentication != null && authentication.isAuthenticated()) {
-            return authentication.getUser().getSub();
+            if(authentication instanceof OpenAIREAuthentication) {
+                return ((OpenAIREAuthentication) authentication).getUser().getSub();
+            } else {
+                return ((OIDCAuthenticationToken) authentication).getUserInfo().getSub();
+            }
        }
        return null;
    }

    public String getEmail() {
-        OpenAIREAuthentication authentication = getAuthentication();
+        Authentication authentication = getAuthentication();
        if (authentication != null && authentication.isAuthenticated()) {
-            return authentication.getUser().getEmail();
+            if(authentication instanceof OpenAIREAuthentication) {
+                return ((OpenAIREAuthentication) authentication).getUser().getEmail();
+            } else {
+                return ((OIDCAuthenticationToken) authentication).getUserInfo().getEmail();
+            }
        }
        return null;
    }

-    private OpenAIREAuthentication getAuthentication() {
+    private Authentication getAuthentication() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-        if(authentication instanceof OpenAIREAuthentication) {
-            return (OpenAIREAuthentication) authentication;
+        if(authentication instanceof OpenAIREAuthentication || authentication instanceof OIDCAuthenticationToken) {
+            return authentication;
        } else {
            return null;
        }
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/CorsConfig.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/CorsConfig.java
@ -1,16 +0,0 @@
-package eu.dnetlib.uoaauthorizationlibrary.security;
-
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.servlet.config.annotation.CorsRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
-
-@Configuration
-public class CorsConfig extends WebMvcConfigurerAdapter {
-
-    @Override
-    public void addCorsMappings(CorsRegistry registry) {
-        registry.addMapping("/**")
-                .allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS")
-                .allowCredentials(true);
-    }
-}
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/OpenAIREAuthentication.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/OpenAIREAuthentication.java
@ -1,6 +1,6 @@
 package eu.dnetlib.uoaauthorizationlibrary.security;

-import eu.dnetlib.uoaauthorizationlibrary.utils.UserInfo;
+import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.UserInfo;
 import org.springframework.security.authentication.AbstractAuthenticationToken;

 public class OpenAIREAuthentication extends AbstractAuthenticationToken {
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationFilter.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationFilter.java
@ -1,7 +1,6 @@
-package eu.dnetlib.uoaauthorizationlibrary.security;
+package eu.dnetlib.uoaauthorizationlibrary.stateless.security;

-import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
-import org.apache.log4j.Logger;
+import eu.dnetlib.uoaauthorizationlibrary.security.OpenAIREAuthentication;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
@ -14,7 +13,6 @@ import java.io.IOException;
 public class AuthorizationFilter implements Filter {

    private final AuthorizationProvider authorizationProvider;
-    private final Logger log = Logger.getLogger(this.getClass());

    @Autowired
    AuthorizationFilter(AuthorizationProvider authorizationProvider) {
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationFilterConfigurer.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationFilterConfigurer.java
@ -1,6 +1,5 @@
-package eu.dnetlib.uoaauthorizationlibrary.security;
+package eu.dnetlib.uoaauthorizationlibrary.stateless.security;

-import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
 import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.web.DefaultSecurityFilterChain;
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationProvider.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/AuthorizationProvider.java
@ -1,7 +1,8 @@
-package eu.dnetlib.uoaauthorizationlibrary.security;
+package eu.dnetlib.uoaauthorizationlibrary.stateless.security;

-import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
-import eu.dnetlib.uoaauthorizationlibrary.utils.UserInfo;
+import eu.dnetlib.uoaauthorizationlibrary.security.OpenAIREAuthentication;
+import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.AuthorizationUtils;
+import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.UserInfo;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;

--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/WebSecurityConfig.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/security/WebSecurityConfig.java
@ -1,8 +1,7 @@
-package eu.dnetlib.uoaauthorizationlibrary.security;
+package eu.dnetlib.uoaauthorizationlibrary.stateless.security;

-import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
+import eu.dnetlib.uoaauthorizationlibrary.security.EntryPoint;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.ComponentScan;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@ -11,7 +10,6 @@ import org.springframework.security.config.http.SessionCreationPolicy;

@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
@EnableWebSecurity
-@ComponentScan(basePackages = {"eu.dnetlib.uoaauthorizationlibrary.*"})
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    private final AuthorizationFilter filter;
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/utils/AuthorizationUtils.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/utils/AuthorizationUtils.java
@ -1,7 +1,8 @@
-package eu.dnetlib.uoaauthorizationlibrary.utils;
+package eu.dnetlib.uoaauthorizationlibrary.stateless.utils;

 import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
-import org.apache.log4j.Logger;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.*;
 import org.springframework.stereotype.Component;
@ -15,39 +16,25 @@ import java.util.Collections;

@Component
 public class AuthorizationUtils {
-    private final Logger log = Logger.getLogger(this.getClass());
+    private final Logger log = LogManager.getLogger(this.getClass());
    private final SecurityConfig securityConfig;
-    private final static String TOKEN = "AccessToken";
-    private final static String SESSION = "OpenAIRESession";

    @Autowired
    AuthorizationUtils(SecurityConfig securityConfig) {
        this.securityConfig = securityConfig;
    }

-    private String getToken(HttpServletRequest request) {
-        if (request.getCookies() == null) {
-            return null;
-        }
-        for (Cookie c : request.getCookies()) {
-            if (c.getName().equals(TOKEN)) {
-                return c.getValue();
-            }
-        }
-        return null;
-    }
-
    public UserInfo getUserInfo(HttpServletRequest request) {
-        String url = securityConfig.getUserInfoUrl() + (securityConfig.isDeprecated()?getToken(request):"");
+        String url = securityConfig.getUserInfoUrl();
        RestTemplate restTemplate = new RestTemplate();
        try {
-            if(hasCookie(request)) {
+            if(url != null && hasCookie(request)) {
                ResponseEntity<UserInfo> response = restTemplate.exchange(url, HttpMethod.GET, createHeaders(request), UserInfo.class);
-                return  response.getBody();
+                return response.getBody();
            }
            return null;
        } catch (RestClientException e) {
-            log.error(url + ":" + e.getMessage());
+            log.error(url + ": " + e.getMessage());
            return null;
        }
    }
@ -55,11 +42,7 @@ public class AuthorizationUtils {
    private boolean hasCookie(HttpServletRequest request) {
        Cookie[] cookies = request.getCookies();
        if(cookies != null) {
-            if (securityConfig.isDeprecated()) {
-                return Arrays.stream(cookies).anyMatch(cookie -> cookie.getName().equalsIgnoreCase(TOKEN));
-            } else {
-                return Arrays.stream(cookies).anyMatch(cookie -> cookie.getName().equalsIgnoreCase(SESSION));
-            }
+            return Arrays.stream(cookies).anyMatch(cookie -> cookie.getName().equalsIgnoreCase(this.securityConfig.getSession()));
        }
        return false;
    }
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/utils/UserInfo.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/stateless/utils/UserInfo.java
@ -1,4 +1,4 @@
-package eu.dnetlib.uoaauthorizationlibrary.utils;
+package eu.dnetlib.uoaauthorizationlibrary.stateless.utils;

 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
--- a/src/main/resources/authorization.properties
+++ b/src/main/resources/authorization.properties
@ -1,4 +1,7 @@
 #dev
-authorization.security.userInfoUrl = http://mpagasas.di.uoa.gr:8080/login-service/userInfo
-authorization.globalVars.buildDate=@timestampAuthorizationLibrary@
-authorization.globalVars.version=@project.version@
+spring.session.store-type=none
+authorization.security.userInfoUrl=
+authorization.security.domain=di.uoa.gr
+authorization.security.session=openAIRESession
+authorization.global-vars.buildDate=@timestampAuthorizationLibrary@
+authorization.global-vars.version=@project.version@
Author	SHA1	Message	Date
Konstantinos Triantafyllou	e91a0e6af8	Fix mapType in Authorization Service to handle extra '.'	2024-01-11 18:39:30 +02:00
Konstantinos Triantafyllou	b84f29c803	[maven-release-plugin] prepare for next development iteration	2023-12-14 15:28:30 +02:00
Konstantinos Triantafyllou	695c02355c	[maven-release-plugin] prepare release uoa-authorization-library-2.1.4	2023-12-14 15:28:26 +02:00
Konstantinos Triantafyllou	93fd8a651b	Create IgnoreSecurityConfiguration and move WebMvcConfigurer to AuthorizationConfiguration.	2023-12-14 15:28:10 +02:00
Konstantinos Triantafyllou	78ad75ca3f	[maven-release-plugin] prepare for next development iteration	2022-10-07 17:49:07 +03:00
Konstantinos Triantafyllou	0e4d58a284	[maven-release-plugin] prepare release uoa-authorization-library-2.1.3	2022-10-07 17:49:04 +03:00
Konstantinos Triantafyllou	e20cc9559d	Update spring-boot-parent version	2022-10-07 17:48:46 +03:00
Konstantinos Triantafyllou	da334c1b97	Add new parent and change log4j	2022-10-07 11:20:31 +03:00
Konstantinos Triantafyllou	30f98cf9ff	[maven-release-plugin] prepare for next development iteration	2021-12-13 15:34:05 +02:00
Konstantinos Triantafyllou	b22554665b	[maven-release-plugin] prepare release uoa-authorization-library-2.1.2	2021-12-13 15:34:02 +02:00
Konstantinos Triantafyllou	2a3301aeed	Prepare for new release	2021-12-13 15:33:33 +02:00
Konstantinos Triantafyllou	7175c9586c	Rename globalVars to global-vars	2021-12-13 10:28:30 +02:00
Konstantinos Triantafyllou	ca890552cb	[maven-release-plugin] prepare for next development iteration	2021-12-08 13:58:17 +02:00
Konstantinos Triantafyllou	00edaeb5ce	[maven-release-plugin] prepare release uoa-authorization-library-2.1.1	2021-12-08 13:58:13 +02:00
Konstantinos Triantafyllou	bde479b4ac	Change default value of userInfoUrl. Add redis configuration to ReadMe	2021-12-08 13:57:39 +02:00
Konstantinos Triantafyllou	0603002333	Add ReadMe and .gitignore	2021-12-08 13:46:09 +02:00
Konstantinos Triantafyllou	622c63f122	Update <scm> for gitea	2021-12-07 17:23:13 +02:00
Konstantinos Triantafyllou	d14e3ffd70	[maven-release-plugin] prepare for next development iteration	2021-12-07 09:24:04 +00:00
Konstantinos Triantafyllou	bd1d517be4	[maven-release-plugin] prepare release uoa-authorization-library-2.1.0	2021-12-07 09:24:02 +00:00
Konstantinos Triantafyllou	b30fb5fd0b	Add classifier to enable Redis Authorization. Default Stateless Authorization	2021-12-07 09:23:36 +00:00
Konstantinos Triantafyllou	38ac5d60ea	[maven-release-plugin] prepare for next development iteration	2021-12-06 14:53:31 +00:00
Konstantinos Triantafyllou	435dbbe050	[maven-release-plugin] prepare release uoa-authorization-library-2.0.4	2021-12-06 14:53:30 +00:00
Konstantinos Triantafyllou	86cdad5232	Change snapshot version back to 2.0.4	2021-12-06 14:52:13 +00:00
Konstantinos Triantafyllou	f8c80fad37	Add property for session id	2021-12-03 10:25:34 +00:00