Commit 0a5f33f1 authored by Magnus Westergaard's avatar Magnus Westergaard
Browse files

Revert "Removed the last cyclic dependency in java codebase. Rejoice!", broke auth.

This reverts commit 6c5ed7bc.
parent a48b73a1
package no.deichman.auth.config;
import javax.inject.Inject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.support.ResourceBundleMessageSource;
......@@ -16,7 +15,7 @@ import lombok.extern.slf4j.Slf4j;
public class MvcConfig implements WebMvcConfigurer {
private final String zone;
@Inject
@Autowired
public MvcConfig(Environment environment) {
this.zone = environment.getProperty("ZONE", "local");
......
......@@ -7,11 +7,10 @@ import static org.springframework.security.test.web.servlet.response.SecurityMoc
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl;
import javax.inject.Inject;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.security.test.context.support.WithMockUser;
import org.springframework.test.context.TestPropertySource;
......@@ -25,7 +24,7 @@ import org.springframework.web.context.WebApplicationContext;
@TestPropertySource(locations = {"classpath:test.properties"})
public class DeichmanAuthServerTest {
private MockMvc mockMvc;
@Inject
@Autowired
private WebApplicationContext context;
@Before
......
......@@ -40,19 +40,17 @@ import no.deichman.auth.DeichmanUser;
@EnableGlobalMethodSecurity(prePostEnabled = true)
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
@Value("${security.oauth2.auth-server-url}")
private String authServerUrl;
/**
* ATTENTION! not using constructor injection since it causes a circular dependency and runtime error
*/
@Inject
private DefaultTokenServices tokenServices;
private TokenStore tokenStore;
@Inject
public ResourceServerConfig(DefaultTokenServices tokenServices, TokenStore tokenStore) {
this.tokenServices = tokenServices;
this.tokenStore = tokenStore;
}
private TokenStore tokenStore;
@Override
public void configure(ResourceServerSecurityConfigurer resources) {
......@@ -62,94 +60,84 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().antMatchers("/actuator/**").permitAll().antMatchers("/api/**/index")
.permitAll().anyRequest().authenticated().and().logout().logoutSuccessUrl(authServerUrl + "/exit");
}
public void setAuthServerUrl(String authServerUrl) {
this.authServerUrl = authServerUrl;
.permitAll().anyRequest().authenticated().and().logout().logoutSuccessUrl(this.authServerUrl + "/exit");
}
@Bean
@Primary
public static DefaultTokenServices tokenServices() {
if (null == defaultTokenServicesInstance) {
defaultTokenServicesInstance = new DefaultTokenServices();
defaultTokenServicesInstance.setTokenStore(tokenStore());
defaultTokenServicesInstance.setSupportRefreshToken(true);
defaultTokenServicesInstance.setTokenEnhancer(accessTokenConverter());
public JwtAccessTokenConverter accessTokenConverter() {
Resource resource = new ClassPathResource("public_key.txt");
String publicKey;
try {
publicKey = IOUtils.toString(resource.getInputStream(), "utf-8");
} catch (final IOException e) {
throw new UncheckedIOException(e);
}
return defaultTokenServicesInstance;
}
@Bean
public static TokenStore tokenStore() {
if (null == tokenStoreInstance) {
tokenStoreInstance = new JwtTokenStore(accessTokenConverter());
}
return tokenStoreInstance;
}
private static JwtAccessTokenConverter accessTokenConverter() {
if (null == converterInstance) {
Resource resource = new ClassPathResource("public_key.txt");
String publicKey;
try {
publicKey = IOUtils.toString(resource.getInputStream(), "utf-8");
} catch (final IOException e) {
throw new UncheckedIOException(e);
}
AccessTokenConverter tokenConverter = new DefaultAccessTokenConverter();
((DefaultAccessTokenConverter) tokenConverter).setUserTokenConverter(userAuthenticationConverter());
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setAccessTokenConverter(tokenConverter);
converter.setVerifierKey(publicKey);
AccessTokenConverter tokenConverter = new DefaultAccessTokenConverter();
((DefaultAccessTokenConverter) tokenConverter).setUserTokenConverter(userAuthenticationConverter);
converterInstance = new JwtAccessTokenConverter();
converterInstance.setAccessTokenConverter(tokenConverter);
converterInstance.setVerifierKey(publicKey);
}
return converterInstance;
return converter;
}
private static DefaultTokenServices defaultTokenServicesInstance;
private static TokenStore tokenStoreInstance;
private static JwtAccessTokenConverter converterInstance;
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
private static final UserAuthenticationConverter userAuthenticationConverter = new DefaultUserAuthenticationConverter() {
@Bean
public UserAuthenticationConverter userAuthenticationConverter() {
return new DefaultUserAuthenticationConverter() {
@Override
public Authentication extractAuthentication(Map<String, ?> map) {
final Collection<? extends GrantedAuthority> authorities = getMyAuthorities(map);
@Override
public Authentication extractAuthentication(Map<String, ?> map) {
final Collection<? extends GrantedAuthority> authorities = getMyAuthorities(map);
if (map.containsKey(USERNAME)) {
DeichmanUser principal = DeichmanUser.builder().dn((String) map.get("deichman_dn"))
.accountNonExpired((Boolean) map.get("deichman_account_non_expired"))
.accountNonLocked((Boolean) map.get("deichman_account_non_locked"))
.credentialsNonExpired((Boolean) map.get("deichman_credentials_non_exipred"))
.enabled((Boolean) map.get("deichman_enabled"))
if (map.containsKey(USERNAME)) {
DeichmanUser principal = DeichmanUser.builder().dn((String) map.get("deichman_dn"))
.accountNonExpired((Boolean) map.get("deichman_account_non_expired"))
.accountNonLocked((Boolean) map.get("deichman_account_non_locked"))
.credentialsNonExpired((Boolean) map.get("deichman_credentials_non_exipred"))
.enabled((Boolean) map.get("deichman_enabled"))
.name((String) map.get("name")).username((String) map.get("user_name"))
.email((String) map.get("email")).surname((String) map.get("family_name"))
.givenName((String) map.get("given_name"))
.name((String) map.get("name")).username((String) map.get("user_name"))
.email((String) map.get("email")).surname((String) map.get("family_name"))
.givenName((String) map.get("given_name"))
.authorities(authorities).build();
.authorities(authorities).build();
return new UsernamePasswordAuthenticationToken(principal, "N/A", authorities);
return new UsernamePasswordAuthenticationToken(principal, "N/A", authorities);
}
return null;
}
return null;
}
private Collection<? extends GrantedAuthority> getMyAuthorities(Map<String, ?> map) {
if (!map.containsKey(AUTHORITIES)) {
return Collections.emptyList();
}
Object authorities = map.get(AUTHORITIES);
if (authorities instanceof String) {
return AuthorityUtils.commaSeparatedStringToAuthorityList((String) authorities);
private Collection<? extends GrantedAuthority> getMyAuthorities(Map<String, ?> map) {
if (!map.containsKey(AUTHORITIES)) {
return Collections.emptyList();
}
Object authorities = map.get(AUTHORITIES);
if (authorities instanceof String) {
return AuthorityUtils.commaSeparatedStringToAuthorityList((String) authorities);
}
if (authorities instanceof Collection) {
return AuthorityUtils.commaSeparatedStringToAuthorityList(
StringUtils.collectionToCommaDelimitedString((Collection<?>) authorities));
}
throw new IllegalArgumentException("Authorities must be either a String or a Collection");
}
if (authorities instanceof Collection) {
return AuthorityUtils.commaSeparatedStringToAuthorityList(
StringUtils.collectionToCommaDelimitedString((Collection<?>) authorities));
}
throw new IllegalArgumentException("Authorities must be either a String or a Collection");
}
};
};
}
@Bean
@Primary
public DefaultTokenServices tokenServices() {
DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(tokenStore());
defaultTokenServices.setSupportRefreshToken(true);
defaultTokenServices.setTokenEnhancer(accessTokenConverter());
return defaultTokenServices;
}
}
......@@ -243,16 +243,13 @@ public class CalendarProfile {
}
private static void dump(String ind, Map<?, ?> map) {
if (!log.isDebugEnabled()) {
return;
}
for (Entry<?, ?> entr : map.entrySet()) {
Object val = entr.getValue();
if (val instanceof Map) {
log.debug("{}{}: ({})", ind, entr.getKey(), val.getClass().getSimpleName());
log.info("{}{}: ({})", ind, entr.getKey(), val.getClass().getSimpleName());
dump(ind + " ", Map.class.cast(val));
} else {
log.debug("{}{}: {} ({})", ind, entr.getKey(), val, val.getClass().getSimpleName());
log.info("{}{}: {} ({})", ind, entr.getKey(), val, val.getClass().getSimpleName());
}
}
}
......
......@@ -11,7 +11,12 @@ import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.rdf4j.model.Model;
import org.eclipse.rdf4j.model.Statement;
import org.eclipse.rdf4j.model.ValueFactory;
import org.eclipse.rdf4j.model.impl.SimpleValueFactory;
import org.eclipse.rdf4j.model.vocabulary.RDF;
import org.springframework.format.annotation.DateTimeFormat;
import org.springframework.format.annotation.DateTimeFormat.ISO;
import org.springframework.security.access.prepost.PreAuthorize;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment