chore: remove keycloak
This commit is contained in:
parent
1ea610d423
commit
afaa7693c0
2 changed files with 0 additions and 125 deletions
|
|
@ -1,48 +0,0 @@
|
|||
package de.szut.casino.security;
|
||||
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
|
||||
import org.springframework.security.web.authentication.logout.LogoutHandler;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
import org.springframework.web.util.UriComponentsBuilder;
|
||||
|
||||
@Slf4j
|
||||
@Component
|
||||
public class KeycloakLogoutHandler implements LogoutHandler {
|
||||
|
||||
|
||||
private final RestTemplate restTemplate;
|
||||
|
||||
public KeycloakLogoutHandler(RestTemplate restTemplate) {
|
||||
this.restTemplate = restTemplate;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication auth) {
|
||||
logout(request, auth);
|
||||
}
|
||||
|
||||
public void logout(HttpServletRequest request, Authentication auth) {
|
||||
logoutFromKeycloak((OidcUser) auth.getPrincipal());
|
||||
}
|
||||
|
||||
private void logoutFromKeycloak(OidcUser user) {
|
||||
String endSessionEndpoint = user.getIssuer() + "/protocol/openid-connect/logout";
|
||||
UriComponentsBuilder builder = UriComponentsBuilder
|
||||
.fromUriString(endSessionEndpoint)
|
||||
.queryParam("id_token_hint", user.getIdToken().getTokenValue());
|
||||
|
||||
ResponseEntity<String> logoutResponse = restTemplate.getForEntity(builder.toUriString(), String.class);
|
||||
if (logoutResponse.getStatusCode().is2xxSuccessful()) {
|
||||
log.info("Successfulley logged out from Keycloak");
|
||||
} else {
|
||||
log.error("Could not propagate logout to Keycloak");
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,77 +0,0 @@
|
|||
package de.szut.casino.security;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.Customizer;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.session.SessionRegistry;
|
||||
import org.springframework.security.core.session.SessionRegistryImpl;
|
||||
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
|
||||
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
|
||||
import org.springframework.security.web.session.HttpSessionEventPublisher;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
class KeycloakSecurityConfig {
|
||||
|
||||
private final KeycloakLogoutHandler keycloakLogoutHandler;
|
||||
|
||||
KeycloakSecurityConfig(KeycloakLogoutHandler keycloakLogoutHandler) {
|
||||
this.keycloakLogoutHandler = keycloakLogoutHandler;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public SessionRegistry sessionRegistry() {
|
||||
return new SessionRegistryImpl();
|
||||
}
|
||||
|
||||
@Bean
|
||||
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
|
||||
return new RegisterSessionAuthenticationStrategy(sessionRegistry());
|
||||
}
|
||||
|
||||
@Bean
|
||||
public HttpSessionEventPublisher httpSessionEventPublisher() {
|
||||
return new HttpSessionEventPublisher();
|
||||
}
|
||||
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain resourceServerFilterChain(HttpSecurity http) throws Exception {
|
||||
return http.authorizeHttpRequests(authz -> {
|
||||
|
||||
authz.requestMatchers("/swagger/**", "/v3/api-docs/**", "/swagger-ui/**", "/health")
|
||||
.permitAll()
|
||||
.anyRequest()
|
||||
.authenticated();
|
||||
}).build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public JwtAuthenticationConverter jwtAuthenticationConverter() {
|
||||
JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
|
||||
jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(jwt -> {
|
||||
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
|
||||
|
||||
Map<String, Object> realmAccess = jwt.getClaim("realm_access");
|
||||
if (realmAccess != null && realmAccess.containsKey("roles")) {
|
||||
List<String> roles = (List<String>) realmAccess.get("roles");
|
||||
for (String role : roles) {
|
||||
grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_" + role));
|
||||
}
|
||||
}
|
||||
|
||||
return grantedAuthorities;
|
||||
});
|
||||
return jwtAuthenticationConverter;
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue