Oauth2

2023-10-29 11:57:24 +01:00 · 2023-10-29 11:57:24 +01:00 · ae4214c6ed
parent f49301f200
commit ae4214c6ed
5 changed files with 46 additions and 2 deletions
--- a/api/.gitignore
+++ b/api/.gitignore
@ -31,3 +31,6 @@ build/

 ### VS Code ###
 .vscode/
+
+### secrets
+/src/main/resources/application-secured.properties
--- a/api/pom.xml
+++ b/api/pom.xml
@ -53,6 +53,10 @@
 			<groupId>org.springframework.data</groupId>
 			<artifactId>spring-data-commons</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-oauth2-client</artifactId>
+		</dependency>
 		<!--SpringDoc
 		dependencies -->
 		<dependency>
--- a/api/src/main/java/net/meutel/recettes/api/RecettesSecurityConfig.java
+++ b/api/src/main/java/net/meutel/recettes/api/RecettesSecurityConfig.java
@ -0,0 +1,19 @@
+package net.meutel.recettes.api;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+public class RecettesSecurityConfig {
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+         .anyRequest().authenticated()
+         .and()
+         .oauth2Login();
+        return http.build();
+    }
+}
--- a/api/src/main/java/net/meutel/recettes/api/controller/ParameterController.java
+++ b/api/src/main/java/net/meutel/recettes/api/controller/ParameterController.java
@ -2,8 +2,6 @@ package net.meutel.recettes.api.controller;

 import java.util.List;

-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.RestController;

--- a/api/src/main/resources/application.properties
+++ b/api/src/main/resources/application.properties
@ -1,4 +1,24 @@
+spring.profiles.active=secured
+
 spring.data.mongodb.database=recettes
 logging.level.org.springframework.data.mongodb=DEBUG
 management.endpoint.health.show-details=always
 spring.jackson.default-property-inclusion=non-null
+#spring.security.oauth2.client.registration.gitea.client-id=
+#spring.security.oauth2.client.registration.gitea.client-secret=
+spring.security.oauth2.client.registration.gitea.authorization-grant-type=authorization_code
+spring.security.oauth2.client.registration.gitea.redirect-uri={baseUrl}/login/oauth2/code/{registrationId}
+
+# GITEA OAUTH2 PROVIDER
+# OpenID Connect Discovery	/.well-known/openid-configuration
+# Authorization Endpoint	/login/oauth/authorize
+# Access Token Endpoint	/login/oauth/access_token
+# OpenID Connect UserInfo	/login/oauth/userinfo
+# JSON Web Key Set	/login/oauth/keys
+
+spring.security.oauth2.client.provider.gitea.authorization-uri=https://git.meutel.net/login/oauth/authorize
+spring.security.oauth2.client.provider.gitea.token-uri=https://git.meutel.net/login/oauth/access_token
+spring.security.oauth2.client.provider.gitea.jwk-set-uri=https://git.meutel.net/login/oauth/keys
+spring.security.oauth2.client.provider.gitea.user-info-uri=https://git.meutel.net/login/oauth/userinfo
+#spring.security.oauth2.client.provider.gitea.user-info-authentication-method=authorization_code
+spring.security.oauth2.client.provider.gitea.userNameAttribute=sub