diff --git a/backend/src/main/java/de/szut/casino/security/SecurityConfig.java b/backend/src/main/java/de/szut/casino/security/SecurityConfig.java index e0252bf..a8d207e 100644 --- a/backend/src/main/java/de/szut/casino/security/SecurityConfig.java +++ b/backend/src/main/java/de/szut/casino/security/SecurityConfig.java @@ -5,6 +5,12 @@ import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.web.SecurityFilterChain; +import org.springframework.web.cors.CorsConfiguration; +import org.springframework.web.cors.CorsConfigurationSource; +import org.springframework.web.cors.UrlBasedCorsConfigurationSource; + +import java.util.Arrays; +import java.util.List; @Configuration @EnableWebSecurity @@ -12,13 +18,29 @@ public class SecurityConfig { @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - http.authorizeHttpRequests(auth -> { - auth.requestMatchers("/swagger/**", "/health").permitAll() - .requestMatchers("/").authenticated(); - }) - .oauth2ResourceServer(oauth2 -> oauth2.jwt(jwt -> jwt.jwtAuthenticationConverter(new CustomJwtAuthenticationConverter()))); + http + .authorizeHttpRequests(auth -> { + auth.requestMatchers("/swagger/**", "/swagger-ui/**", "/health").permitAll() + .anyRequest().authenticated(); + }) + .oauth2ResourceServer(oauth2 -> oauth2.jwt(jwt -> + jwt.jwtAuthenticationConverter(new CustomJwtAuthenticationConverter()) + )); return http.build(); } + + @Bean + public CorsConfigurationSource corsConfigurationSource() { + CorsConfiguration configuration = new CorsConfiguration(); + configuration.setAllowedOrigins(List.of("http://localhost:4200")); + configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS")); + configuration.setAllowedHeaders(Arrays.asList("authorization", "content-type", "x-auth-token")); + configuration.setExposedHeaders(List.of("x-auth-token")); + configuration.setAllowCredentials(true); + UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); + source.registerCorsConfiguration("/**", configuration); + return source; + } } diff --git a/backend/src/main/java/de/szut/casino/user/UserController.java b/backend/src/main/java/de/szut/casino/user/UserController.java index 4d232ac..ab1ed08 100644 --- a/backend/src/main/java/de/szut/casino/user/UserController.java +++ b/backend/src/main/java/de/szut/casino/user/UserController.java @@ -5,7 +5,6 @@ import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestHeader; @@ -23,20 +22,13 @@ public class UserController { @Autowired private UserService userService; - @GetMapping("/user/{id}") - public ResponseEntity getUser(@PathVariable String id) { - if (id == null || !userService.exists(id)) { - return ResponseEntity.notFound().build(); - } - - return ResponseEntity.ok(userService.getUser(id)); - } - @PostMapping("/user") public ResponseEntity createUser(@RequestBody @Valid CreateUserDto userData) { - if (userService.exists(userData.getKeycloakId())) { + if (userService.exists(userData.getAuthentikId())) { + HttpHeaders headers = new HttpHeaders(); + headers.add("Location", "/user"); - return this.redirect("/user/" + userData.getKeycloakId()); + return new ResponseEntity<>(headers, HttpStatus.FOUND); } return ResponseEntity.ok(userService.createUser(userData)); @@ -52,11 +44,4 @@ public class UserController { return ResponseEntity.ok(userData); } - - private ResponseEntity redirect(String route) { - HttpHeaders headers = new HttpHeaders(); - headers.add("Location", route); - - return new ResponseEntity<>(headers, HttpStatus.FOUND); - } } diff --git a/backend/src/main/java/de/szut/casino/user/UserMappingService.java b/backend/src/main/java/de/szut/casino/user/UserMappingService.java index 80f5546..3908d9b 100644 --- a/backend/src/main/java/de/szut/casino/user/UserMappingService.java +++ b/backend/src/main/java/de/szut/casino/user/UserMappingService.java @@ -13,6 +13,6 @@ public class UserMappingService { } public UserEntity mapToUserEntity(CreateUserDto createUserDto) { - return new UserEntity(createUserDto.getKeycloakId(), createUserDto.getUsername(), BigDecimal.ZERO); } + return new UserEntity(createUserDto.getAuthentikId(), createUserDto.getUsername(), BigDecimal.ZERO); } } diff --git a/backend/src/main/java/de/szut/casino/user/UserService.java b/backend/src/main/java/de/szut/casino/user/UserService.java index 724962e..fed4f35 100644 --- a/backend/src/main/java/de/szut/casino/user/UserService.java +++ b/backend/src/main/java/de/szut/casino/user/UserService.java @@ -1,7 +1,8 @@ package de.szut.casino.user; -import java.util.Optional; - +import de.szut.casino.user.dto.CreateUserDto; +import de.szut.casino.user.dto.GetUserDto; +import de.szut.casino.user.dto.KeycloakUserDto; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpEntity; import org.springframework.http.HttpHeaders; @@ -10,9 +11,7 @@ import org.springframework.http.ResponseEntity; import org.springframework.stereotype.Service; import org.springframework.web.client.RestTemplate; -import de.szut.casino.user.dto.CreateUserDto; -import de.szut.casino.user.dto.GetUserDto; -import de.szut.casino.user.dto.KeycloakUserDto; +import java.util.Optional; @Service public class UserService { @@ -53,7 +52,7 @@ public class UserService { private KeycloakUserDto getKeycloakUserInfo(String token) { HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", token); - ResponseEntity response = this.http.exchange("http://localhost:9090/realms/LF12/protocol/openid-connect/userinfo", HttpMethod.GET, new HttpEntity<>(headers), KeycloakUserDto.class); + ResponseEntity response = this.http.exchange("https://oauth.simonis.lol/application/o/userinfo/", HttpMethod.GET, new HttpEntity<>(headers), KeycloakUserDto.class); return response.getBody(); } diff --git a/backend/src/main/java/de/szut/casino/user/dto/CreateUserDto.java b/backend/src/main/java/de/szut/casino/user/dto/CreateUserDto.java index ff28427..f983b2d 100644 --- a/backend/src/main/java/de/szut/casino/user/dto/CreateUserDto.java +++ b/backend/src/main/java/de/szut/casino/user/dto/CreateUserDto.java @@ -10,6 +10,6 @@ import lombok.Setter; @AllArgsConstructor @NoArgsConstructor public class CreateUserDto { - private String keycloakId; + private String authentikId; private String username; } diff --git a/backend/src/main/java/de/szut/casino/user/dto/GetUserDto.java b/backend/src/main/java/de/szut/casino/user/dto/GetUserDto.java index 8521029..7a7d561 100644 --- a/backend/src/main/java/de/szut/casino/user/dto/GetUserDto.java +++ b/backend/src/main/java/de/szut/casino/user/dto/GetUserDto.java @@ -12,7 +12,7 @@ import java.math.BigDecimal; @AllArgsConstructor @NoArgsConstructor public class GetUserDto { - private String keycloakId; + private String authentikId; private String username; private BigDecimal balance; } diff --git a/backend/src/main/resources/application.properties b/backend/src/main/resources/application.properties index 9c9c705..63d7532 100644 --- a/backend/src/main/resources/application.properties +++ b/backend/src/main/resources/application.properties @@ -13,6 +13,7 @@ spring.application.name=lf12_starter spring.security.oauth2.client.registration.authentik.client-id=MDqjm1kcWKuZfqHJXjxwAV20i44aT7m4VhhTL3Nm spring.security.oauth2.client.registration.authentik.client-secret=GY2F8te6iAVYt1TNAUVLzWZEXb6JoMNp6chbjqaXNq4gS5xTDL54HqBiAlV1jFKarN28LQ7FUsYX4SbwjfEhZhgeoKuBnZKjR9eiu7RawnGgxIK9ffvUfMkjRxnmiGI5 spring.security.oauth2.resourceserver.jwt.issuer-uri=https://oauth.simonis.lol/application/o/casino-dev/ +spring.security.oauth2.resourceserver.jwt.jwk-set-uri=https://oauth.simonis.lol/application/o/casino-dev/jwks/ #OIDC provider configuration: logging.level.org.springframework.security=DEBUG diff --git a/frontend/src/app/app.config.ts b/frontend/src/app/app.config.ts index 2bb5e26..7457315 100644 --- a/frontend/src/app/app.config.ts +++ b/frontend/src/app/app.config.ts @@ -36,7 +36,7 @@ export const appConfig: ApplicationConfig = { provideOAuthClient(), { provide: OAuthStorage, - useFactory: () => storageFactory(), + useFactory: () => localStorage, } ], }; diff --git a/frontend/src/app/service/auth.service.ts b/frontend/src/app/service/auth.service.ts index 11509d6..6e082ea 100644 --- a/frontend/src/app/service/auth.service.ts +++ b/frontend/src/app/service/auth.service.ts @@ -4,6 +4,7 @@ import { AuthConfig, OAuthService, OAuthStorage } from 'angular-oauth2-oidc'; import { UserService } from './user.service'; import { User } from '../model/User'; import { Router } from '@angular/router'; +import { environment } from '../../environments/environment'; @Injectable({ @@ -12,9 +13,9 @@ import { Router } from '@angular/router'; export class AuthService { private readonly authConfig: AuthConfig = { issuer: 'https://oauth.simonis.lol/application/o/casino-dev/', - clientId: 'MDqjm1kcWKuZfqHJXjxwAV20i44aT7m4VhhTL3Nm', - dummyClientSecret: 'GY2F8te6iAVYt1TNAUVLzWZEXb6JoMNp6chbjqaXNq4gS5xTDL54HqBiAlV1jFKarN28LQ7FUsYX4SbwjfEhZhgeoKuBnZKjR9eiu7RawnGgxIK9ffvUfMkjRxnmiGI5', - scope: 'openid profile email', + clientId: environment.OAUTH_CLIENT_ID, + dummyClientSecret: environment.OAUTH_CLIENT_SECRET, + scope: `openid email profile ${environment.OAUTH_CLIENT_ID}`, responseType: 'code', redirectUri: window.location.origin + '/auth/callback', oidc: true, @@ -22,6 +23,9 @@ export class AuthService { strictDiscoveryDocumentValidation: false, skipIssuerCheck: true, disableAtHashCheck: true, + jwks: { + skipJwksValidation: true, + } }; private userService: UserService = inject(UserService); diff --git a/frontend/src/app/service/user.service.ts b/frontend/src/app/service/user.service.ts index e0c19d1..4fb832c 100644 --- a/frontend/src/app/service/user.service.ts +++ b/frontend/src/app/service/user.service.ts @@ -1,6 +1,6 @@ import { inject, Injectable } from '@angular/core'; import { HttpClient } from '@angular/common/http'; -import { catchError, EMPTY, Observable, of, switchMap } from 'rxjs'; +import { catchError, EMPTY, Observable } from 'rxjs'; import { User } from '../model/User'; @Injectable({ @@ -9,10 +9,6 @@ import { User } from '../model/User'; export class UserService { private http: HttpClient = inject(HttpClient); - public getUser(id: string): Observable { - return this.http.get(`/backend/user/${id}`).pipe(catchError(() => EMPTY)); - } - public getCurrentUser(): Observable { return this.http.get('/backend/user').pipe(catchError(() => EMPTY)); } @@ -27,10 +23,6 @@ export class UserService { public getOrCreateUser(profile: any): Observable { const id = profile.info.sub; const username = profile.info.preferred_username; - try { - return this.getUser(id) as Observable; - } catch (error) { - return this.createUser(id, username); - } + return this.createUser(id, username); } } diff --git a/frontend/src/environments/environment.ts b/frontend/src/environments/environment.ts index 53866cc..df9cce9 100644 --- a/frontend/src/environments/environment.ts +++ b/frontend/src/environments/environment.ts @@ -1,4 +1,5 @@ export const environment = { - STRIPE_KEY: - 'pk_test_51QrePYIvCfqz7ANgMizBorPpVjJ8S6gcaL4yvcMQnVaKyReqcQ6jqaQEF7aDZbDu8rNVsTZrw8ABek4ToxQX7KZe00jpGh8naG', + STRIPE_KEY: 'pk_test_51QrePYIvCfqz7ANgMizBorPpVjJ8S6gcaL4yvcMQnVaKyReqcQ6jqaQEF7aDZbDu8rNVsTZrw8ABek4ToxQX7KZe00jpGh8naG', + OAUTH_CLIENT_ID: 'MDqjm1kcWKuZfqHJXjxwAV20i44aT7m4VhhTL3Nm', + OAUTH_CLIENT_SECRET: 'GY2F8te6iAVYt1TNAUVLzWZEXb6JoMNp6chbjqaXNq4gS5xTDL54HqBiAlV1jFKarN28LQ7FUsYX4SbwjfEhZhgeoKuBnZKjR9eiu7RawnGgxIK9ffvUfMkjRxnmiGI5' };