idek man
Some checks failed
Some checks failed
This commit is contained in:
csimonis
parent
e848b548b5
commit
242b72ca45
7 changed files with 55 additions and 26 deletions
|
|
@ -11,9 +11,6 @@ public class CustomJwtAuthenticationConverter implements Converter<Jwt, Abstract
|
||||||
@Override
|
@Override
|
||||||
public AbstractAuthenticationToken convert(Jwt source) {
|
public AbstractAuthenticationToken convert(Jwt source) {
|
||||||
JwtGrantedAuthoritiesConverter authoritiesConverter = new JwtGrantedAuthoritiesConverter();
|
JwtGrantedAuthoritiesConverter authoritiesConverter = new JwtGrantedAuthoritiesConverter();
|
||||||
authoritiesConverter.setAuthorityPrefix("ROLE_"); // Ensure roles have the prefix
|
|
||||||
authoritiesConverter.setAuthoritiesClaimName("roles"); // Use Authentik's claim for roles
|
|
||||||
|
|
||||||
JwtAuthenticationConverter converter = new JwtAuthenticationConverter();
|
JwtAuthenticationConverter converter = new JwtAuthenticationConverter();
|
||||||
converter.setJwtGrantedAuthoritiesConverter(authoritiesConverter);
|
converter.setJwtGrantedAuthoritiesConverter(authoritiesConverter);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,6 @@ import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
|
|
||||||
import org.springframework.security.web.SecurityFilterChain;
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
|
|
|
||||||
|
|
@ -5,9 +5,27 @@ import { FontAwesomeModule } from '@fortawesome/angular-fontawesome';
|
||||||
import { routes } from './app.routes';
|
import { routes } from './app.routes';
|
||||||
import { provideHttpClient, withInterceptors } from '@angular/common/http';
|
import { provideHttpClient, withInterceptors } from '@angular/common/http';
|
||||||
import { provideAnimationsAsync } from '@angular/platform-browser/animations/async';
|
import { provideAnimationsAsync } from '@angular/platform-browser/animations/async';
|
||||||
import { provideOAuthClient } from 'angular-oauth2-oidc';
|
import { OAuthStorage, provideOAuthClient } from 'angular-oauth2-oidc';
|
||||||
import { httpInterceptor } from './shared/interceptor/http.interceptor';
|
import { httpInterceptor } from './shared/interceptor/http.interceptor';
|
||||||
|
|
||||||
|
function storageFactory() {
|
||||||
|
return new class implements OAuthStorage {
|
||||||
|
private data: { [key: string]: string } = {};
|
||||||
|
|
||||||
|
getItem(key: string): string | null {
|
||||||
|
return this.data[key];
|
||||||
|
}
|
||||||
|
|
||||||
|
removeItem(key: string): void {
|
||||||
|
delete this.data[key]
|
||||||
|
}
|
||||||
|
|
||||||
|
setItem(key: string, data: string): void {
|
||||||
|
this.data[key] = data;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
export const appConfig: ApplicationConfig = {
|
export const appConfig: ApplicationConfig = {
|
||||||
providers: [
|
providers: [
|
||||||
provideRouter(routes),
|
provideRouter(routes),
|
||||||
|
|
@ -16,5 +34,9 @@ export const appConfig: ApplicationConfig = {
|
||||||
provideExperimentalZonelessChangeDetection(),
|
provideExperimentalZonelessChangeDetection(),
|
||||||
provideAnimationsAsync(),
|
provideAnimationsAsync(),
|
||||||
provideOAuthClient(),
|
provideOAuthClient(),
|
||||||
|
{
|
||||||
|
provide: OAuthStorage,
|
||||||
|
useFactory: () => storageFactory(),
|
||||||
|
}
|
||||||
],
|
],
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -15,6 +15,5 @@ export default class LoginSuccessComponent implements OnInit {
|
||||||
private router: Router = inject(Router);
|
private router: Router = inject(Router);
|
||||||
private authService: AuthService = inject(AuthService);
|
private authService: AuthService = inject(AuthService);
|
||||||
async ngOnInit() {
|
async ngOnInit() {
|
||||||
console.log(this.authService.getAccessToken());
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,16 +1,15 @@
|
||||||
import { inject, Injectable } from '@angular/core';
|
import { inject, Injectable } from '@angular/core';
|
||||||
import { Subject } from 'rxjs';
|
import { Subject } from 'rxjs';
|
||||||
import { AuthConfig, OAuthService } from 'angular-oauth2-oidc';
|
import { AuthConfig, OAuthService, OAuthStorage } from 'angular-oauth2-oidc';
|
||||||
import { UserService } from './user.service';
|
import { UserService } from './user.service';
|
||||||
import { User } from '../model/User';
|
import { User } from '../model/User';
|
||||||
|
import { Router } from '@angular/router';
|
||||||
|
|
||||||
|
|
||||||
@Injectable({
|
@Injectable({
|
||||||
providedIn: 'root',
|
providedIn: 'root',
|
||||||
})
|
})
|
||||||
export class AuthService {
|
export class AuthService {
|
||||||
private userService: UserService = inject(UserService);
|
|
||||||
|
|
||||||
private readonly authConfig: AuthConfig = {
|
private readonly authConfig: AuthConfig = {
|
||||||
issuer: 'https://oauth.simonis.lol/application/o/casino-dev/',
|
issuer: 'https://oauth.simonis.lol/application/o/casino-dev/',
|
||||||
clientId: 'MDqjm1kcWKuZfqHJXjxwAV20i44aT7m4VhhTL3Nm',
|
clientId: 'MDqjm1kcWKuZfqHJXjxwAV20i44aT7m4VhhTL3Nm',
|
||||||
|
|
@ -21,24 +20,34 @@ export class AuthService {
|
||||||
oidc: true,
|
oidc: true,
|
||||||
requestAccessToken: true,
|
requestAccessToken: true,
|
||||||
strictDiscoveryDocumentValidation: false,
|
strictDiscoveryDocumentValidation: false,
|
||||||
showDebugInformation: true,
|
|
||||||
skipIssuerCheck: true,
|
skipIssuerCheck: true,
|
||||||
disableAtHashCheck: true,
|
disableAtHashCheck: true,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
private userService: UserService = inject(UserService);
|
||||||
|
private oauthService: OAuthService = inject(OAuthService);
|
||||||
|
private oauthStorage: OAuthStorage = inject(OAuthStorage);
|
||||||
|
private router: Router = inject(Router);
|
||||||
|
|
||||||
private isAuthenticated = new Subject<boolean>();
|
private isAuthenticated = new Subject<boolean>();
|
||||||
private user: User | null = null;
|
private user: User | null = null;
|
||||||
private oauthService: OAuthService = inject(OAuthService);
|
|
||||||
|
|
||||||
constructor() {
|
constructor() {
|
||||||
|
console.log(1);
|
||||||
this.oauthService.setStorage(localStorage);
|
this.oauthService.setStorage(localStorage);
|
||||||
this.oauthService.configure(this.authConfig);
|
this.oauthService.configure(this.authConfig);
|
||||||
this.oauthService.events.subscribe((event) => {
|
this.oauthService.events.subscribe((event) => {
|
||||||
|
console.log(2, event.type);
|
||||||
if (event.type === 'token_received') {
|
if (event.type === 'token_received') {
|
||||||
localStorage.setItem('jwt', this.getAccessToken());
|
console.log(3);
|
||||||
|
this.oauthStorage.setItem('jwt', this.getAccessToken());
|
||||||
this.oauthService.loadUserProfile().then((profile) => {
|
this.oauthService.loadUserProfile().then((profile) => {
|
||||||
|
console.log(4);
|
||||||
this.fromUserProfile(profile).subscribe((user) => {
|
this.fromUserProfile(profile).subscribe((user) => {
|
||||||
|
console.log(5);
|
||||||
this.user = user;
|
this.user = user;
|
||||||
|
console.log(user);
|
||||||
|
this.router.navigate(['home']);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -25,19 +25,12 @@ export class UserService {
|
||||||
}
|
}
|
||||||
|
|
||||||
public getOrCreateUser(profile: any): Observable<User> {
|
public getOrCreateUser(profile: any): Observable<User> {
|
||||||
console.log(profile);
|
|
||||||
const id = profile.info.sub;
|
const id = profile.info.sub;
|
||||||
const username = profile.info.preferred_username;
|
const username = profile.info.preferred_username;
|
||||||
|
try {
|
||||||
return this.getUser(id).pipe(
|
return this.getUser(id) as Observable<User>;
|
||||||
switchMap((user) => {
|
} catch (error) {
|
||||||
if (user) {
|
return this.createUser(id, username);
|
||||||
return of(user);
|
}
|
||||||
} else {
|
|
||||||
return this.createUser(id, username);
|
|
||||||
}
|
|
||||||
}),
|
|
||||||
catchError(() => EMPTY)
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,18 @@
|
||||||
import { HttpInterceptorFn } from '@angular/common/http';
|
import { HttpInterceptorFn } from '@angular/common/http';
|
||||||
|
import { inject } from '@angular/core';
|
||||||
|
import { OAuthStorage } from 'angular-oauth2-oidc';
|
||||||
|
|
||||||
export const httpInterceptor: HttpInterceptorFn = (req, next) => {
|
export const httpInterceptor: HttpInterceptorFn = (req, next) => {
|
||||||
if (localStorage.getItem('jwt')) {
|
const oauthStorage = inject(OAuthStorage);
|
||||||
return next(req.clone({ setHeaders: { 'Authorization': 'Bearer ' + localStorage.getItem('jwt') } }));
|
|
||||||
|
if (oauthStorage.getItem('jwt')) {
|
||||||
|
return next(req.clone({
|
||||||
|
setHeaders: {
|
||||||
|
'Authorization': 'Bearer ' + oauthStorage.getItem('jwt'),
|
||||||
|
'Access-Control-Allow-Origin': '*',
|
||||||
|
'Referrer-Policy': 'no-referrer',
|
||||||
|
}
|
||||||
|
}));
|
||||||
} else {
|
} else {
|
||||||
return next(req);
|
return next(req);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue