jank/casino
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: Fix security config, add health check route and adjust requests (!9)

Browse source 
Co-authored-by: Phan Huy Tran <p.tran@neusta.de>
Reviewed-on: https://git.simonis.lol/projects/casino/pulls/9
Reviewed-by: Constantin Simonis <constantin@simonis.lol>
Reviewed-by: lziemke <lea.z4@schule.bremen.de>
This commit is contained in:
Huy 2025-02-05 11:38:00 +00:00
parent 7fe8f276cf
commit 35bfa3be7f
5 changed files with 23 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
backend/SampleRequests.http
View file

@ -1,21 +0,0 @@
@token = eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxX3I2eDlta1B3cm9NWHQ5Q1Y4cktyak5WNndybktrWnI0Qk5xYW9QM2VVIn0.eyJleHAiOjE3MjYwNDA4NDQsImlhdCI6MTcyNjA0MDU0NCwianRpIjoiZmIwNWJhNzAtMmFkYy00ZDQyLWJjOWUtMWVmZTE5NjJiMTc2IiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo5MDkwL3JlYWxtcy9MRjEyIiwiYXVkIjoiYWNjb3VudCIsInN1YiI6IjUyY2MwMjA4LWEzYmQtNDM2Ny05NGM1LTA0MDRiMDE2YTAwMyIsInR5cCI6IkJlYXJlciIsImF6cCI6ImxmMTIiLCJzZXNzaW9uX3N0YXRlIjoiMTdlOGRkMjEtMDQ3OS00ZTM1LTgxOTUtOGY5NmFiNWExNjAwIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyJodHRwOi8vbG9jYWxob3N0OjQyMDAiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbImRlZmF1bHQtcm9sZXMtbGYxMiIsImxmMTJfdGVzdF9yb2xlIiwib2ZmbGluZV9hY2Nlc3MiLCJ1bWFfYXV0aG9yaXphdGlvbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoicHJvZmlsZSBlbWFpbCIsInNpZCI6IjE3ZThkZDIxLTA0NzktNGUzNS04MTk1LThmOTZhYjVhMTYwMCIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoibGYxMl90ZXN0X3VzZXIifQ.gGPUe-0GGFb7yiko-o5yNlPoyTy3kJCEduwd-VHOLzJubAa9CeO_kjgtxYFDQP1xsBR32Wl6eCoSrz6JfAguU3bfuJ4vukKZ-MUWBc5K_It8NgqcdtR9cTs0nTF2qt2sTG99zn_2Cw9Xs0zc-YEkNHX_YnOZ-p0uMFk_YaEtwcjnw8rs00cbNMPLeAZe5C1QD8TNxZZerRgd0GVfs8P4z7exrJjxdVQeTK1jMz8B3uPCUqBRk1rQI3HLlWNfX195Vcituppj7so9mupq7sit8o9g_gxrVKYObZBVMlBDx-YujGA5QDBngiZZNHNyxseZjcbMyMZXsVTenuZbLU6aEA
###
GET localhost:8080/welcome
###
GET localhost:8080/roles
Authorization: Bearer {{token}}
###
GET localhost:8080/hellos
Authorization: Bearer {{token}}
###
POST localhost:8080/hellos
Authorization: Bearer {{token}}
Content-Type: application/json
{
"message": "test"
}

2
backend/GetBearerToken.http → backend/requests/getBearerToken.http
View file

@ -3,4 +3,4 @@ Content-Type: application/x-www-form-urlencoded
grant_type=password&client_id=lf12&username=lf12_test_user&password=secret
> {% client.global.set("token", response.body.access_token); %}

1
backend/requests/healthCheck.http Normal file
View file

@ -0,0 +1 @@
GET localhost:8080/health

15
backend/src/main/java/de/szut/casino/health/HealthController.java Normal file
View file

@ -0,0 +1,15 @@
package de.szut.casino.health;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import java.util.Map;
@RestController
public class HealthController {
@GetMapping("/health")
public Map<String, String> healthCheck() {
return Map.of("status", "UP");
}
}

21
backend/src/main/java/de/szut/casino/security/KeycloakSecurityConfig.java
View file

@ -52,23 +52,12 @@ class KeycloakSecurityConfig {
@Bean
public SecurityFilterChain resourceServerFilterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests(auth -> auth
.requestMatchers(new AntPathRequestMatcher("/welcome"))
.permitAll()
.requestMatchers(
new AntPathRequestMatcher("/swagger"),
new AntPathRequestMatcher("/swagger-ui/**"),
new AntPathRequestMatcher("/v3/api-docs/**"))
.permitAll()
.requestMatchers(new AntPathRequestMatcher("/hello/**"))
.hasRole("lf12_test_role")
.requestMatchers(new AntPathRequestMatcher("/roles"))
.authenticated()
.requestMatchers(new AntPathRequestMatcher("/"))
.permitAll()
.anyRequest()
.authenticated()).oauth2ResourceServer(spec -> spec.jwt(Customizer.withDefaults()));
.requestMatchers("/swagger", "/swagger-ui/**", "/v3/api-docs/**", "/health").permitAll()
.anyRequest().authenticated()
)
.oauth2ResourceServer(spec -> spec.jwt(Customizer.withDefaults()));
return http.build();
}