1. Optimize imports on broker api.
2. Add user api / user api impl for test purposes. Check aai 3. Add config class for redis 4. Add FrontEndLinkURIAuthenticationSuccessHandler for aai 5. Add redis / aai properties on application properties file
This commit is contained in:
parent
f43753253d
commit
f3e55be459
25
pom.xml
25
pom.xml
|
@ -12,7 +12,7 @@
|
|||
<groupId>eu.dnetlib</groupId>
|
||||
<artifactId>uoa-repository-manager-service</artifactId>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
<packaging>jar</packaging>
|
||||
<packaging>war</packaging>
|
||||
|
||||
|
||||
<build>
|
||||
|
@ -230,6 +230,29 @@
|
|||
<version>9.1-901.jdbc3</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.mitre</groupId>
|
||||
<artifactId>openid-connect-client</artifactId>
|
||||
<version>1.3.0</version>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.slf4j</groupId>
|
||||
<artifactId>jcl-over-slf4j</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework.session</groupId>
|
||||
<artifactId>spring-session-data-redis</artifactId>
|
||||
<version>1.3.1.RELEASE</version>
|
||||
<type>pom</type>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>biz.paluch.redis</groupId>
|
||||
<artifactId>lettuce</artifactId>
|
||||
<version>3.5.0.Final</version>
|
||||
</dependency>
|
||||
|
||||
|
||||
</dependencies>
|
||||
|
|
|
@ -3,7 +3,7 @@ package eu.dnetlib.repo.manager.service.controllers;
|
|||
import eu.dnetlib.repo.manager.shared.BrokerException;
|
||||
import eu.dnetlib.repo.manager.shared.Term;
|
||||
import eu.dnetlib.repo.manager.shared.broker.*;
|
||||
import io.swagger.annotations.*;
|
||||
import io.swagger.annotations.Api;
|
||||
import org.json.JSONException;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
package eu.dnetlib.repo.manager.service.controllers;
|
||||
|
||||
import io.swagger.annotations.Api;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
@RestController
|
||||
@RequestMapping(value = "/user")
|
||||
@Api(description = "User API", tags = {"user"})
|
||||
public interface UserApi {
|
||||
|
||||
@RequestMapping(value = "/login" , method = RequestMethod.GET)
|
||||
void login(HttpServletRequest req,
|
||||
HttpServletResponse resp);
|
||||
|
||||
|
||||
}
|
|
@ -0,0 +1,25 @@
|
|||
package eu.dnetlib.repo.manager.service.controllers;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
@Component
|
||||
public class UserApiImpl implements UserApi {
|
||||
|
||||
private static final org.apache.log4j.Logger LOGGER = org.apache.log4j.Logger
|
||||
.getLogger(UserApiImpl.class);
|
||||
|
||||
@Value("${oidc.issuer}")
|
||||
private String oidc_issuer;
|
||||
|
||||
@Override
|
||||
public void login(HttpServletRequest req,
|
||||
HttpServletResponse resp) {
|
||||
LOGGER.debug(oidc_issuer);
|
||||
resp.setStatus(HttpServletResponse.SC_FOUND);
|
||||
resp.setHeader("Location", oidc_issuer);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,54 @@
|
|||
package eu.dnetlib.repo.manager.service.utils;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
|
||||
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
|
||||
import org.springframework.session.web.http.CookieSerializer;
|
||||
import org.springframework.session.web.http.DefaultCookieSerializer;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
import java.util.logging.Logger;
|
||||
|
||||
@Configuration
|
||||
@EnableRedisHttpSession
|
||||
@PropertySource(value = { "classpath:eu/dnetlib/repo/manager/service/application.properties", "classpath:application.properties"} )
|
||||
@ComponentScan(basePackages = "eu.dnetlib.repo.manager")
|
||||
public class Config {
|
||||
|
||||
private static Logger LOGGER = Logger.getLogger(String.valueOf(Config.class));
|
||||
|
||||
@Value("${redis.host}")
|
||||
private String host;
|
||||
|
||||
@Value("${redis.port:6379}")
|
||||
private String port;
|
||||
|
||||
@Value("${redis.password:#{null}}")
|
||||
private String password;
|
||||
|
||||
@PostConstruct
|
||||
private void init(){
|
||||
LOGGER.info(host);
|
||||
}
|
||||
|
||||
@Bean
|
||||
public LettuceConnectionFactory connectionFactory() {
|
||||
LOGGER.info(String.format("Redis connection listens to %s:%s",host,port));
|
||||
LettuceConnectionFactory factory = new LettuceConnectionFactory(host,Integer.parseInt(port));
|
||||
if(password != null) factory.setPassword(password);
|
||||
return factory;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public CookieSerializer cookieSerializer() {
|
||||
DefaultCookieSerializer serializer = new DefaultCookieSerializer();
|
||||
serializer.setCookieName("SESSION"); // <1>
|
||||
serializer.setCookiePath("/"); // <2>
|
||||
return serializer;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,36 @@
|
|||
package eu.dnetlib.repo.manager.service.utils;
|
||||
|
||||
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.Cookie;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
|
||||
public class FrontEndLinkURIAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
|
||||
|
||||
private String frontEndURI;
|
||||
|
||||
@Override
|
||||
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
|
||||
OIDCAuthenticationToken authOIDC = (OIDCAuthenticationToken) authentication;
|
||||
Cookie sessionCookie = new Cookie("currentUser", authOIDC.getSub());
|
||||
int expireSec = -1;
|
||||
sessionCookie.setMaxAge(expireSec);
|
||||
sessionCookie.setPath("/");
|
||||
response.addCookie(sessionCookie);
|
||||
response.sendRedirect(frontEndURI);
|
||||
}
|
||||
|
||||
public String getFrontEndURI() {
|
||||
return frontEndURI;
|
||||
}
|
||||
|
||||
public void setFrontEndURI(String frontEndURI) {
|
||||
this.frontEndURI = frontEndURI;
|
||||
}
|
||||
}
|
||||
|
|
@ -1,13 +1,15 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
|
||||
xmlns:context="http://www.springframework.org/schema/context"
|
||||
xmlns:task="http://www.springframework.org/schema/task" xmlns:tx="http://www.springframework.org/schema/tx"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans
|
||||
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
|
||||
http://www.springframework.org/schema/context
|
||||
http://www.springframework.org/schema/context/spring-context-4.0.xsd
|
||||
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd">
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:security="http://www.springframework.org/schema/security"
|
||||
xmlns:util="http://www.springframework.org/schema/util" xmlns:task="http://www.springframework.org/schema/task"
|
||||
xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
|
||||
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
|
||||
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.1.xsd
|
||||
|
||||
http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd"
|
||||
default-autowire="byType">
|
||||
|
||||
<!--<import resource="classpath:META-INF/cxf/cxf.xml"/>
|
||||
<import resource="classpath:META-INF/cxf/cxf-extension-jaxws.xml"/>
|
||||
|
@ -28,6 +30,7 @@
|
|||
<context:property-placeholder location="classpath*:/eu/**/application.properties" />
|
||||
<tx:annotation-driven transaction-manager="txManager"/>
|
||||
|
||||
<!--
|
||||
<bean class="eu.dnetlib.repo.manager.service.config.CascadingPropertyLoader" id="propertyLoader">
|
||||
<property name="order" value="2" />
|
||||
<property name="properties">
|
||||
|
@ -56,6 +59,7 @@
|
|||
</list>
|
||||
</property>
|
||||
</bean>
|
||||
-->
|
||||
|
||||
<bean id="repomanager.dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
|
||||
<property name="driverClassName" value="${repomanager.db.driverClassName}" />
|
||||
|
@ -80,4 +84,168 @@
|
|||
<property name="dataSource" ref="repomanager.dataSource"/>
|
||||
</bean>
|
||||
|
||||
<bean id="webexpressionHandler"
|
||||
class="org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler"/>
|
||||
|
||||
<security:global-method-security pre-post-annotations="enabled" proxy-target-class="true"
|
||||
authentication-manager-ref="authenticationManager"/>
|
||||
|
||||
<security:http auto-config="false" use-expressions="true"
|
||||
disable-url-rewriting="true" entry-point-ref="authenticationEntryPoint"
|
||||
pattern="/**">
|
||||
|
||||
<security:custom-filter before="PRE_AUTH_FILTER" ref="openIdConnectAuthenticationFilter" />
|
||||
|
||||
<security:logout />
|
||||
|
||||
</security:http>
|
||||
|
||||
<bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint" >
|
||||
<constructor-arg type="java.lang.String" value="/openid_connect_login"/>
|
||||
</bean>
|
||||
|
||||
<security:authentication-manager alias="authenticationManager">
|
||||
<security:authentication-provider ref="openIdConnectAuthenticationProvider" />
|
||||
</security:authentication-manager>
|
||||
|
||||
<bean id="openIdConnectAuthenticationProvider" class="org.mitre.openid.connect.client.OIDCAuthenticationProvider">
|
||||
<property name="authoritiesMapper">
|
||||
<bean class="org.mitre.openid.connect.client.NamedAdminAuthoritiesMapper">
|
||||
<property name="admins" ref="namedAdmins" />
|
||||
</bean>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
<util:set id="namedAdmins" value-type="org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority">
|
||||
<!--
|
||||
This is an example of how quantity set up a user as an administrator: they'll be given ROLE_ADMIN in addition quantity ROLE_USER.
|
||||
Note that having an administrator role on the IdP doesn't grant administrator access on this client.
|
||||
These are values from the demo "openid-connect-server-webapp" project of MITREid Connect.
|
||||
-->
|
||||
<bean class="org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority">
|
||||
<constructor-arg name="subject" value="90342.ASDFJWFA" />
|
||||
<constructor-arg name="issuer" value="${oidc.issuer}" />
|
||||
</bean>
|
||||
</util:set>
|
||||
|
||||
<bean class="eu.dnetlib.repo.manager.service.utils.FrontEndLinkURIAuthenticationSuccessHandler" id="frontEndRedirect">
|
||||
<property name="frontEndURI" value="${webapp.front}"/>
|
||||
</bean>
|
||||
<!--
|
||||
-
|
||||
- The authentication filter
|
||||
-
|
||||
-->
|
||||
<bean id="openIdConnectAuthenticationFilter" class="org.mitre.openid.connect.client.OIDCAuthenticationFilter">
|
||||
<property name="authenticationManager" ref="authenticationManager" />
|
||||
|
||||
<property name="issuerService" ref="staticIssuerService" />
|
||||
<property name="serverConfigurationService" ref="staticServerConfigurationService" />
|
||||
<property name="clientConfigurationService" ref="staticClientConfigurationService" />
|
||||
<property name="authRequestOptionsService" ref="staticAuthRequestOptionsService" />
|
||||
<property name="authRequestUrlBuilder" ref="plainAuthRequestUrlBuilder" />
|
||||
<property name="authenticationSuccessHandler" ref="frontEndRedirect"/>
|
||||
|
||||
</bean>
|
||||
|
||||
|
||||
|
||||
<!--
|
||||
-
|
||||
- Issuer Services: Determine which identity provider issuer is used.
|
||||
-
|
||||
-->
|
||||
|
||||
|
||||
<!--
|
||||
Static issuer service, returns the same issuer for every request.
|
||||
-->
|
||||
<bean class="org.mitre.openid.connect.client.service.impl.StaticSingleIssuerService" id="staticIssuerService">
|
||||
<property name="issuer" value="${oidc.issuer}" />
|
||||
</bean>
|
||||
|
||||
<bean class="org.mitre.openid.connect.client.service.impl.HybridIssuerService" id="hybridIssuerService">
|
||||
<property name="loginPageUrl" value="login" />
|
||||
<property name="forceHttps" value="false" /> <!-- this default property forces the webfinger issuer URL quantity be HTTPS, turn off for development work -->
|
||||
</bean>
|
||||
|
||||
<!--
|
||||
Dynamic server configuration, fetches the server's information using OIDC Discovery.
|
||||
-->
|
||||
<bean class="org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService" id="staticServerConfigurationService">
|
||||
<property name="servers">
|
||||
<map>
|
||||
<entry key="${oidc.issuer}">
|
||||
<bean class="org.mitre.openid.connect.config.ServerConfiguration">
|
||||
<property name="issuer" value="${oidc.issuer}" />
|
||||
<property name="authorizationEndpointUri" value="${oidc.issuer}authorize" />
|
||||
<property name="tokenEndpointUri" value="${oidc.issuer}token" />
|
||||
<property name="userInfoUri" value="${oidc.issuer}userinfo" />
|
||||
<property name="jwksUri" value="${oidc.issuer}jwk" />
|
||||
<property name="revocationEndpointUri" value="${oidc.issuer}revoke" />
|
||||
</bean>
|
||||
</entry>
|
||||
</map>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
|
||||
<!--
|
||||
Static Client Configuration. Configures a client statically by storing configuration on a per-issuer basis.
|
||||
-->
|
||||
|
||||
<bean class="org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService" id="staticClientConfigurationService">
|
||||
<property name="clients">
|
||||
<map>
|
||||
<entry key="${oidc.issuer}">
|
||||
<bean class="org.mitre.oauth2.model.RegisteredClient">
|
||||
<property name="clientId" value="${oidc.id}" />
|
||||
<property name="clientSecret" value="${oidc.secret}" />
|
||||
<property name="scope">
|
||||
<set value-type="java.lang.String">
|
||||
<value>openid</value>
|
||||
</set>
|
||||
</property>
|
||||
<property name="tokenEndpointAuthMethod" value="SECRET_BASIC" />
|
||||
<property name="redirectUris">
|
||||
<set>
|
||||
<value>${webapp.home}</value>
|
||||
</set>
|
||||
</property>
|
||||
</bean>
|
||||
</entry>
|
||||
</map>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
|
||||
<!--
|
||||
-
|
||||
- Auth request options service: returns the optional components of the request
|
||||
-
|
||||
-->
|
||||
<bean class="org.mitre.openid.connect.client.service.impl.StaticAuthRequestOptionsService" id="staticAuthRequestOptionsService">
|
||||
<property name="options">
|
||||
<map>
|
||||
<!-- Entries in this map are sent as key-value parameters quantity the auth request -->
|
||||
<!--
|
||||
<entry key="display" value="page" />
|
||||
<entry key="max_age" value="30" />
|
||||
<entry key="prompt" value="none" />
|
||||
-->
|
||||
</map>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
<!--
|
||||
-
|
||||
- Authorization URL Builders: create the URL quantity redirect the user quantity for authorization.
|
||||
-
|
||||
-->
|
||||
|
||||
<!--
|
||||
Plain authorization request builder, puts all options as query parameters on the GET request
|
||||
-->
|
||||
<bean class="org.mitre.openid.connect.client.service.impl.PlainAuthRequestUrlBuilder" id="plainAuthRequestUrlBuilder" />
|
||||
|
||||
</beans>
|
|
@ -96,4 +96,14 @@ repomanager.db.password = dnetPwd
|
|||
|
||||
services.repomanager.analyticsURL = http://analytics.openaire.eu/addsite.php?
|
||||
|
||||
topic_types.url = https://beta.services.openaire.eu/provision/mvc/vocabularies/dnet:topic_types.json
|
||||
topic_types.url = https://beta.services.openaire.eu/provision/mvc/vocabularies/dnet:topic_types.json
|
||||
|
||||
oidc.issuer = https://aai.openminted.eu/oidc/
|
||||
oidc.id = 24e83176-1312-4ba3-bc0b-ffeebea1603e
|
||||
oidc.secret = U_gLOupYu2trYIOwfxGgZkkZoOHG_zGfaViOUsXcZ7qVQuF1rcJeQYKIDX1TY3z27CIoHaqq9ht2rmAiUmBRYQ
|
||||
webapp.home = http://localhost:8380/repomanager-service/openid_connect_login
|
||||
webapp.front=http://localhost:8380/
|
||||
|
||||
redis.host = 83.212.101.85
|
||||
#redis.port = 6379
|
||||
#redis.password
|
|
@ -17,6 +17,14 @@ http://xmlns.jcp.org/xml/ns/javaee "
|
|||
<param-name>log4jExposeWebAppRoot</param-name>
|
||||
<param-value>false</param-value>
|
||||
</context-param>
|
||||
<filter>
|
||||
<filter-name>springSecurityFilterChain</filter-name>
|
||||
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
|
||||
</filter>
|
||||
<filter-mapping>
|
||||
<filter-name>springSecurityFilterChain</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
<listener>
|
||||
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
|
||||
</listener>
|
||||
|
@ -33,17 +41,37 @@ http://xmlns.jcp.org/xml/ns/javaee "
|
|||
</context-param>
|
||||
|
||||
|
||||
<servlet>
|
||||
<servlet-name>spring</servlet-name>
|
||||
<servlet-class>
|
||||
org.springframework.web.servlet.DispatcherServlet
|
||||
</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
<filter>
|
||||
<filter-name>CorsFilter</filter-name>
|
||||
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
|
||||
<init-param>
|
||||
<param-name>cors.allowed.origins</param-name>
|
||||
<param-value>*</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>cors.allowed.headers</param-name>
|
||||
<param-value>Content-Type,X-Requested-With,accept,authorization,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
|
||||
</init-param>
|
||||
<init-param>
|
||||
<param-name>cors.allowed.methods</param-name>
|
||||
<param-value>GET, POST, PUT, DELETE, OPTIONS, HEAD</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>spring</servlet-name>
|
||||
<url-pattern>/</url-pattern>
|
||||
</servlet-mapping>
|
||||
<filter-mapping>
|
||||
<filter-name>CorsFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter>
|
||||
<filter-name>springSessionRepositoryFilter</filter-name>
|
||||
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
|
||||
</filter>
|
||||
<filter-mapping>
|
||||
<filter-name>springSessionRepositoryFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
<dispatcher>REQUEST</dispatcher>
|
||||
<dispatcher>ERROR</dispatcher>
|
||||
</filter-mapping>
|
||||
|
||||
</web-app>
|
Loading…
Reference in New Issue