From 35bfa3be7fc7cd68e4fa7745445858d3530ef84f Mon Sep 17 00:00:00 2001 From: Huy Date: Wed, 5 Feb 2025 11:38:00 +0000 Subject: [PATCH] fix: Fix security config, add health check route and adjust requests (!9) Co-authored-by: Phan Huy Tran Reviewed-on: https://git.simonis.lol/projects/casino/pulls/9 Reviewed-by: Constantin Simonis Reviewed-by: lziemke --- backend/SampleRequests.http | 21 ----------------- .../getBearerToken.http} | 2 +- backend/requests/healthCheck.http | 1 + .../szut/casino/health/HealthController.java | 15 ++++++++++++ .../security/KeycloakSecurityConfig.java | 23 +++++-------------- 5 files changed, 23 insertions(+), 39 deletions(-) delete mode 100644 backend/SampleRequests.http rename backend/{GetBearerToken.http => requests/getBearerToken.http} (75%) create mode 100644 backend/requests/healthCheck.http create mode 100644 backend/src/main/java/de/szut/casino/health/HealthController.java diff --git a/backend/SampleRequests.http b/backend/SampleRequests.http deleted file mode 100644 index ddb2a12..0000000 --- a/backend/SampleRequests.http +++ /dev/null @@ -1,21 +0,0 @@ -@token = eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxX3I2eDlta1B3cm9NWHQ5Q1Y4cktyak5WNndybktrWnI0Qk5xYW9QM2VVIn0.eyJleHAiOjE3MjYwNDA4NDQsImlhdCI6MTcyNjA0MDU0NCwianRpIjoiZmIwNWJhNzAtMmFkYy00ZDQyLWJjOWUtMWVmZTE5NjJiMTc2IiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo5MDkwL3JlYWxtcy9MRjEyIiwiYXVkIjoiYWNjb3VudCIsInN1YiI6IjUyY2MwMjA4LWEzYmQtNDM2Ny05NGM1LTA0MDRiMDE2YTAwMyIsInR5cCI6IkJlYXJlciIsImF6cCI6ImxmMTIiLCJzZXNzaW9uX3N0YXRlIjoiMTdlOGRkMjEtMDQ3OS00ZTM1LTgxOTUtOGY5NmFiNWExNjAwIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyJodHRwOi8vbG9jYWxob3N0OjQyMDAiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbImRlZmF1bHQtcm9sZXMtbGYxMiIsImxmMTJfdGVzdF9yb2xlIiwib2ZmbGluZV9hY2Nlc3MiLCJ1bWFfYXV0aG9yaXphdGlvbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoicHJvZmlsZSBlbWFpbCIsInNpZCI6IjE3ZThkZDIxLTA0NzktNGUzNS04MTk1LThmOTZhYjVhMTYwMCIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoibGYxMl90ZXN0X3VzZXIifQ.gGPUe-0GGFb7yiko-o5yNlPoyTy3kJCEduwd-VHOLzJubAa9CeO_kjgtxYFDQP1xsBR32Wl6eCoSrz6JfAguU3bfuJ4vukKZ-MUWBc5K_It8NgqcdtR9cTs0nTF2qt2sTG99zn_2Cw9Xs0zc-YEkNHX_YnOZ-p0uMFk_YaEtwcjnw8rs00cbNMPLeAZe5C1QD8TNxZZerRgd0GVfs8P4z7exrJjxdVQeTK1jMz8B3uPCUqBRk1rQI3HLlWNfX195Vcituppj7so9mupq7sit8o9g_gxrVKYObZBVMlBDx-YujGA5QDBngiZZNHNyxseZjcbMyMZXsVTenuZbLU6aEA -### -GET localhost:8080/welcome - -### -GET localhost:8080/roles -Authorization: Bearer {{token}} - -### -GET localhost:8080/hellos -Authorization: Bearer {{token}} - -### -POST localhost:8080/hellos -Authorization: Bearer {{token}} -Content-Type: application/json - -{ - "message": "test" -} - diff --git a/backend/GetBearerToken.http b/backend/requests/getBearerToken.http similarity index 75% rename from backend/GetBearerToken.http rename to backend/requests/getBearerToken.http index cf21567..afdea20 100644 --- a/backend/GetBearerToken.http +++ b/backend/requests/getBearerToken.http @@ -3,4 +3,4 @@ Content-Type: application/x-www-form-urlencoded grant_type=password&client_id=lf12&username=lf12_test_user&password=secret - +> {% client.global.set("token", response.body.access_token); %} \ No newline at end of file diff --git a/backend/requests/healthCheck.http b/backend/requests/healthCheck.http new file mode 100644 index 0000000..4be46b5 --- /dev/null +++ b/backend/requests/healthCheck.http @@ -0,0 +1 @@ +GET localhost:8080/health \ No newline at end of file diff --git a/backend/src/main/java/de/szut/casino/health/HealthController.java b/backend/src/main/java/de/szut/casino/health/HealthController.java new file mode 100644 index 0000000..da05352 --- /dev/null +++ b/backend/src/main/java/de/szut/casino/health/HealthController.java @@ -0,0 +1,15 @@ +package de.szut.casino.health; + +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RestController; + +import java.util.Map; + +@RestController +public class HealthController { + + @GetMapping("/health") + public Map healthCheck() { + return Map.of("status", "UP"); + } +} diff --git a/backend/src/main/java/de/szut/casino/security/KeycloakSecurityConfig.java b/backend/src/main/java/de/szut/casino/security/KeycloakSecurityConfig.java index e2d0bc8..8ddcbcb 100644 --- a/backend/src/main/java/de/szut/casino/security/KeycloakSecurityConfig.java +++ b/backend/src/main/java/de/szut/casino/security/KeycloakSecurityConfig.java @@ -52,23 +52,12 @@ class KeycloakSecurityConfig { @Bean public SecurityFilterChain resourceServerFilterChain(HttpSecurity http) throws Exception { - http.authorizeHttpRequests(auth -> auth - .requestMatchers(new AntPathRequestMatcher("/welcome")) - .permitAll() - .requestMatchers( - new AntPathRequestMatcher("/swagger"), - new AntPathRequestMatcher("/swagger-ui/**"), - new AntPathRequestMatcher("/v3/api-docs/**")) - .permitAll() - .requestMatchers(new AntPathRequestMatcher("/hello/**")) - .hasRole("lf12_test_role") - .requestMatchers(new AntPathRequestMatcher("/roles")) - .authenticated() - .requestMatchers(new AntPathRequestMatcher("/")) - .permitAll() - .anyRequest() - .authenticated()).oauth2ResourceServer(spec -> spec.jwt(Customizer.withDefaults())); + .requestMatchers("/swagger", "/swagger-ui/**", "/v3/api-docs/**", "/health").permitAll() + .anyRequest().authenticated() + ) + .oauth2ResourceServer(spec -> spec.jwt(Customizer.withDefaults())); + return http.build(); } @@ -90,4 +79,4 @@ class KeycloakSecurityConfig { }); return jwtAuthenticationConverter; } -} \ No newline at end of file +}