feat: Implement Update Project Route (SCRUM-11) (!28)
Co-authored-by: Phan Huy Tran <p.tran@neusta.de> Reviewed-on: #28 Reviewed-by: Jan Gleytenhoover <krisellp9@gmail.com> Co-authored-by: Phan Huy Tran <ptran@noreply.localhost> Co-committed-by: Phan Huy Tran <ptran@noreply.localhost>
This commit is contained in:
parent
cbb77cc1ca
commit
4eb7626c10
23 changed files with 1065 additions and 786 deletions
|
|
@ -1,94 +1,94 @@
|
|||
package de.szut.lf8_starter.security;
|
||||
|
||||
import java.util.*;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Profile;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.config.Customizer;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
|
||||
import org.springframework.security.core.session.SessionRegistry;
|
||||
import org.springframework.security.core.session.SessionRegistryImpl;
|
||||
import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority;
|
||||
import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
|
||||
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
|
||||
import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
|
||||
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
|
||||
import org.springframework.security.web.session.HttpSessionEventPublisher;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
class KeycloakSecurityConfig {
|
||||
|
||||
private static final String REALM_ACCESS_CLAIM = "realm_access";
|
||||
private static final String ROLES_CLAIM = "roles";
|
||||
|
||||
KeycloakSecurityConfig() {
|
||||
}
|
||||
|
||||
@Bean
|
||||
public SessionRegistry sessionRegistry() {
|
||||
return new SessionRegistryImpl();
|
||||
}
|
||||
|
||||
@Bean
|
||||
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
|
||||
return new RegisterSessionAuthenticationStrategy(sessionRegistry());
|
||||
}
|
||||
|
||||
@Bean
|
||||
public HttpSessionEventPublisher httpSessionEventPublisher() {
|
||||
return new HttpSessionEventPublisher();
|
||||
}
|
||||
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain resourceServerFilterChain(HttpSecurity http) throws Exception {
|
||||
|
||||
http.authorizeHttpRequests(auth -> auth
|
||||
.requestMatchers(new AntPathRequestMatcher("/welcome"))
|
||||
.permitAll()
|
||||
.requestMatchers(
|
||||
new AntPathRequestMatcher("/swagger"),
|
||||
new AntPathRequestMatcher("/swagger-ui/**"),
|
||||
new AntPathRequestMatcher("/v3/api-docs/**"))
|
||||
.permitAll()
|
||||
.requestMatchers(new AntPathRequestMatcher("/hello/**"))
|
||||
.hasRole("user")
|
||||
.requestMatchers(new AntPathRequestMatcher("/roles"))
|
||||
.authenticated()
|
||||
.requestMatchers(new AntPathRequestMatcher("/"))
|
||||
.permitAll()
|
||||
.anyRequest()
|
||||
.authenticated()).oauth2ResourceServer(spec -> spec.jwt(Customizer.withDefaults()));
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public JwtAuthenticationConverter jwtAuthenticationConverter() {
|
||||
JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
|
||||
jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(jwt -> {
|
||||
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
|
||||
|
||||
Map<String, Object> realmAccess = jwt.getClaim(REALM_ACCESS_CLAIM);
|
||||
if (realmAccess != null && realmAccess.containsKey(ROLES_CLAIM)) {
|
||||
List<String> roles = (List<String>) realmAccess.get(ROLES_CLAIM);
|
||||
for (String role : roles) {
|
||||
grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_" + role));
|
||||
}
|
||||
}
|
||||
|
||||
return grantedAuthorities;
|
||||
});
|
||||
return jwtAuthenticationConverter;
|
||||
}
|
||||
}
|
||||
package de.szut.lf8_starter.security;
|
||||
|
||||
import java.util.*;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Profile;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.config.Customizer;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
|
||||
import org.springframework.security.core.session.SessionRegistry;
|
||||
import org.springframework.security.core.session.SessionRegistryImpl;
|
||||
import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority;
|
||||
import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
|
||||
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
|
||||
import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
|
||||
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
|
||||
import org.springframework.security.web.session.HttpSessionEventPublisher;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
class KeycloakSecurityConfig {
|
||||
|
||||
private static final String REALM_ACCESS_CLAIM = "realm_access";
|
||||
private static final String ROLES_CLAIM = "roles";
|
||||
|
||||
KeycloakSecurityConfig() {
|
||||
}
|
||||
|
||||
@Bean
|
||||
public SessionRegistry sessionRegistry() {
|
||||
return new SessionRegistryImpl();
|
||||
}
|
||||
|
||||
@Bean
|
||||
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
|
||||
return new RegisterSessionAuthenticationStrategy(sessionRegistry());
|
||||
}
|
||||
|
||||
@Bean
|
||||
public HttpSessionEventPublisher httpSessionEventPublisher() {
|
||||
return new HttpSessionEventPublisher();
|
||||
}
|
||||
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain resourceServerFilterChain(HttpSecurity http) throws Exception {
|
||||
|
||||
http.authorizeHttpRequests(auth -> auth
|
||||
.requestMatchers(new AntPathRequestMatcher("/welcome"))
|
||||
.permitAll()
|
||||
.requestMatchers(
|
||||
new AntPathRequestMatcher("/swagger"),
|
||||
new AntPathRequestMatcher("/swagger-ui/**"),
|
||||
new AntPathRequestMatcher("/v3/api-docs/**"))
|
||||
.permitAll()
|
||||
.requestMatchers(new AntPathRequestMatcher("/hello/**"))
|
||||
.hasRole("user")
|
||||
.requestMatchers(new AntPathRequestMatcher("/roles"))
|
||||
.authenticated()
|
||||
.requestMatchers(new AntPathRequestMatcher("/"))
|
||||
.permitAll()
|
||||
.anyRequest()
|
||||
.authenticated()).oauth2ResourceServer(spec -> spec.jwt(Customizer.withDefaults()));
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public JwtAuthenticationConverter jwtAuthenticationConverter() {
|
||||
JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
|
||||
jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(jwt -> {
|
||||
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
|
||||
|
||||
Map<String, Object> realmAccess = jwt.getClaim(REALM_ACCESS_CLAIM);
|
||||
if (realmAccess != null && realmAccess.containsKey(ROLES_CLAIM)) {
|
||||
List<String> roles = (List<String>) realmAccess.get(ROLES_CLAIM);
|
||||
for (String role : roles) {
|
||||
grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_" + role));
|
||||
}
|
||||
}
|
||||
|
||||
return grantedAuthorities;
|
||||
});
|
||||
return jwtAuthenticationConverter;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Reference in a new issue