diff --git a/core/pom.xml b/core/pom.xml
index 148f899..32c2bdd 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -45,7 +45,7 @@
gr.cite.opendmp
repositorydepositbase
- 1.0.4
+ 1.0.0-SNAPSHOT
diff --git a/core/src/main/java/eu/eudat/depositinterface/zenodorepository/configuration/zenodo/ZenodoProperties.java b/core/src/main/java/eu/eudat/depositinterface/zenodorepository/configuration/zenodo/ZenodoProperties.java
index 968ff01..cc4cc35 100644
--- a/core/src/main/java/eu/eudat/depositinterface/zenodorepository/configuration/zenodo/ZenodoProperties.java
+++ b/core/src/main/java/eu/eudat/depositinterface/zenodorepository/configuration/zenodo/ZenodoProperties.java
@@ -1,7 +1,6 @@
package eu.eudat.depositinterface.zenodorepository.configuration.zenodo;
import eu.eudat.depositinterface.repository.RepositoryDepositConfiguration;
-import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.boot.context.properties.ConstructorBinding;
@@ -30,22 +29,22 @@ public class ZenodoProperties {
}
public static class ZenodoConfig extends RepositoryDepositConfiguration {
- private int depositType;
- private String repositoryId;
- private String accessToken;
- private String repositoryUrl;
- private String repositoryAuthorizationUrl;
- private String repositoryRecordUrl;
- private String repositoryAccessTokenUrl;
- private String repositoryClientId;
- private String repositoryClientSecret;
- private String redirectUri;
- private boolean hasLogo;
- private String logo;
- private String doiFunder;
- private String community;
- private String affiliation;
- private String domain;
+ private final int depositType;
+ private final String repositoryId;
+ private final String accessToken;
+ private final String repositoryUrl;
+ private final String repositoryAuthorizationUrl;
+ private final String repositoryRecordUrl;
+ private final String repositoryAccessTokenUrl;
+ private final String repositoryClientId;
+ private final String repositoryClientSecret;
+ private final String redirectUri;
+ private final boolean hasLogo;
+ private final String logo;
+ private final String doiFunder;
+ private final String community;
+ private final String affiliation;
+ private final String domain;
@ConstructorBinding
public ZenodoConfig(int depositType, String repositoryId, String accessToken, String repositoryUrl, String repositoryAuthorizationUrl, String repositoryRecordUrl, String repositoryAccessTokenUrl, String repositoryClientId, String repositoryClientSecret, String redirectUri, boolean hasLogo, String logo, String doiFunder, String community, String affiliation, String domain) {
diff --git a/pom.xml b/pom.xml
index 3fa71f9..da49e38 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
org.springframework.boot
spring-boot-starter-parent
- 2.7.4
+ 3.1.0
diff --git a/web/pom.xml b/web/pom.xml
index 6343e57..481b4ca 100644
--- a/web/pom.xml
+++ b/web/pom.xml
@@ -27,6 +27,11 @@
org.springframework.boot
spring-boot-starter-web
+
+ gr.cite
+ oidc-authn
+ 2.1.0
+
diff --git a/web/src/main/resources/config/application.yml b/web/src/main/resources/config/application.yml
index 3125085..88d5a11 100644
--- a/web/src/main/resources/config/application.yml
+++ b/web/src/main/resources/config/application.yml
@@ -7,4 +7,5 @@ spring:
optional:classpath:config/zenodo.yml[.yml], optional:classpath:config/zenodo-${spring.profiles.active}.yml[.yml], optional:file:../config/zenodo-${spring.profiles.active}.yml[.yml],
optional:classpath:config/pid.yml[.yml], optional:classpath:config/pid-${spring.profiles.active}.yml[.yml], optional:file:../config/pid-${spring.profiles.active}.yml[.yml],
optional:classpath:config/funder.yml[.yml], optional:classpath:config/funder-${spring.profiles.active}.yml[.yml], optional:file:../config/funder-${spring.profiles.active}.yml[.yml],
- optional:classpath:config/identifiers.yml[.yml], optional:classpath:config/identifiers-${spring.profiles.active}.yml[.yml], optional:file:../config/identifiers-${spring.profiles.active}.yml[.yml]
+ optional:classpath:config/identifiers.yml[.yml], optional:classpath:config/identifiers-${spring.profiles.active}.yml[.yml], optional:file:../config/identifiers-${spring.profiles.active}.yml[.yml],
+ optional:classpath:config/security.yml[.yml], optional:classpath:config/security-${spring.profiles.active}.yml[.yml], optional:file:../config/security-${spring.profiles.active}.yml[.yml]
diff --git a/web/src/main/resources/config/security.yml b/web/src/main/resources/config/security.yml
new file mode 100644
index 0000000..7d9a763
--- /dev/null
+++ b/web/src/main/resources/config/security.yml
@@ -0,0 +1,19 @@
+web:
+ security:
+ enabled: true
+ authorized-endpoints: [ api ]
+ idp:
+ api-key:
+ enabled: true
+ authorization-header: Authorization
+ client-id: ${IDP_APIKEY_CLIENT_ID:}
+ client-secret: ${IDP_APIKEY_CLIENT_SECRET:}
+ scope: ${IDP_APIKEY_SCOPE:}
+ resource:
+ token-type: JWT #| opaque
+ opaque:
+ client-id: ${IDP_OPAQUE_CLIENT_ID:}
+ client-secret: ${IDP_OPAQUE_CLIENT_SECRET:}
+ jwt:
+ claims: [ role, x-role ]
+ issuer-uri: ${IDP_ISSUER_URI:}
\ No newline at end of file