Commit d8c29ae5 authored by Matija Obreza's avatar Matija Obreza

Application configuration updated

- OAuth http security
- Swagger on host+port
parent cbb0512e
......@@ -62,25 +62,26 @@ public class OAuth2ServerConfig {
@Override
public void configure(final HttpSecurity http) throws Exception {
http
// Since we want the protected resources to be accessible in the UI as well we
// need session creation to be allowed (it's disabled by default in 2.0.6)
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER)
http.requestMatchers().antMatchers("/oauth/**", "/api/**").and()
// no sessions
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER).and()
// no CSRF
.and().csrf().disable()
// cors
.cors()
// API info can be accessed anonymously
.and().authorizeRequests().antMatchers("/api/v0/info/version").permitAll()
.and().requestMatchers().antMatchers("/api/**", "/token")
.and().authorizeRequests().antMatchers("/api/**", "/token").authenticated()
.and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
.csrf().disable()
// And exception handling
.exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler()).and()
.antMatcher("/oauth/**")
// authorize everthing on this path
.authorizeRequests().anyRequest().fullyAuthenticated().and()
// /api/**
// authorizations
.antMatcher("/api/v0/info/version").anonymous().and()
// others must be authenticated
.antMatcher("/api/**").authorizeRequests().anyRequest().authenticated()
// Ta
;
}
}
......
......@@ -16,7 +16,6 @@
package org.genesys2.spring.config;
import static com.google.common.collect.Lists.newArrayList;
import static com.google.common.collect.Sets.newHashSet;
import static springfox.documentation.builders.PathSelectors.ant;
import static springfox.documentation.builders.PathSelectors.regex;
......@@ -47,8 +46,8 @@ import springfox.documentation.swagger2.annotations.EnableSwagger2;
@EnableSwagger2
public class SwaggerConfig {
@Value("${host.name}")
private String hostName;
@Value("${host.nameAndPort}")
private String hostAndPort;
@Value("${build.version}")
private String version;
......@@ -66,7 +65,8 @@ public class SwaggerConfig {
*/
@Bean
public Docket apiDocket() {
return new Docket(DocumentationType.SWAGGER_2).host(hostName).protocols(newHashSet("http", "https"))
return new Docket(DocumentationType.SWAGGER_2).host(hostAndPort)
// .protocols(newHashSet("http", "https"))
// Paths
.select().paths(apiPaths()).build()
// General info
......@@ -99,22 +99,22 @@ public class SwaggerConfig {
SecurityScheme oauthAuthorizationCode() {
return new OAuthBuilder().name("Other clients").grantTypes(newArrayList(new AuthorizationCodeGrantBuilder()
// token request
.tokenRequestEndpoint(new TokenRequestEndpoint("//" + hostName + "/oauth/authorize", "client_id", "client_secret"))
.tokenRequestEndpoint(new TokenRequestEndpoint("//" + hostAndPort + "/oauth/authorize", "client_id", "client_secret"))
// token endpoint
.tokenEndpoint(new TokenEndpoint("//" + hostName + "/oauth/token", "foo"))
.tokenEndpoint(new TokenEndpoint("//" + hostAndPort + "/oauth/token", "foo"))
// do
.build())).scopes(newArrayList(scopes())).build();
}
@Bean
SecurityScheme oauthClientCredentials() {
return new OAuthBuilder().name("OAuth Client Credentials").grantTypes(newArrayList(new ClientCredentialsGrant("//" + hostName + "/oauth/token"))).scopes(newArrayList(scopes()))
.build();
return new OAuthBuilder().name("OAuth Client Credentials").grantTypes(newArrayList(new ClientCredentialsGrant("//" + hostAndPort + "/oauth/token"))).scopes(newArrayList(
scopes())).build();
}
@Bean
SecurityScheme oauthUserPassword() {
return new OAuthBuilder().name("Resource Owner").grantTypes(newArrayList(new ResourceOwnerPasswordCredentialsGrant("//" + hostName + "/oauth/token"))).scopes(newArrayList(
return new OAuthBuilder().name("Resource Owner").grantTypes(newArrayList(new ResourceOwnerPasswordCredentialsGrant("//" + hostAndPort + "/oauth/token"))).scopes(newArrayList(
scopes())).build();
}
......
......@@ -16,6 +16,7 @@
# Key configuration
host.name=localhost
host.nameAndPort=${host.name}
base.url=http://${host.name}:8080
cdn.servers=${base.url}
base.cookie-domain=${host.name}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment