diff --git a/src/main/java/org/kickerelo/kickerelo/config/SecurityConfiguration.java b/src/main/java/org/kickerelo/kickerelo/config/SecurityConfiguration.java index 226f435..d450b5f 100644 --- a/src/main/java/org/kickerelo/kickerelo/config/SecurityConfiguration.java +++ b/src/main/java/org/kickerelo/kickerelo/config/SecurityConfiguration.java @@ -1,20 +1,29 @@ package org.kickerelo.kickerelo.config; +import org.kickerelo.kickerelo.data.AuthentikUser; +import org.kickerelo.kickerelo.repository.AuthentikUserRepository; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Profile; import org.springframework.jdbc.core.JdbcTemplate; import org.springframework.security.config.annotation.web.builders.HttpSecurity; - import org.springframework.security.oauth2.client.*; import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager; import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository; +import org.springframework.security.oauth2.core.user.OAuth2User; import org.springframework.security.web.SecurityFilterChain; @Profile("prod") @Configuration class SecurityConfiguration { + + AuthentikUserRepository userRepository; + + public SecurityConfiguration(AuthentikUserRepository userRepository) { + this.userRepository = userRepository; + } + @Bean public OAuth2AuthorizedClientManager authorizedClientManager( ClientRegistrationRepository clientRegistrationRepository, @@ -37,10 +46,20 @@ class SecurityConfiguration { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - http.authorizeHttpRequests(auth -> auth + http + .authorizeHttpRequests(auth -> auth .requestMatchers("/app/admin/**", "/app/admin", "/app/app/admin/**", "/app/app/admin").hasAuthority("Kicker Admin") .anyRequest().permitAll()) - .oauth2Login(org.springframework.security.config.Customizer.withDefaults()) + .oauth2Login(oauth -> oauth + .successHandler((request, response, authentication) -> { + String id = ((OAuth2User) authentication.getPrincipal()).getAttribute("sub"); + if (!userRepository.existsById(id)) { + String name = ((OAuth2User) authentication.getPrincipal()).getAttribute("name"); + AuthentikUser user = new AuthentikUser(id, name); + userRepository.save(user); + } + response.sendRedirect("/"); + })) .logout(logout -> logout.logoutSuccessUrl("/")) .csrf(csrf -> csrf.disable()); diff --git a/src/main/java/org/kickerelo/kickerelo/data/AuthentikUser.java b/src/main/java/org/kickerelo/kickerelo/data/AuthentikUser.java new file mode 100644 index 0000000..0906af8 --- /dev/null +++ b/src/main/java/org/kickerelo/kickerelo/data/AuthentikUser.java @@ -0,0 +1,46 @@ +package org.kickerelo.kickerelo.data; + +import jakarta.persistence.*; + +import javax.annotation.Nullable; +import java.util.Optional; + +@Entity +@Table(name = "AUTHENTIK_USER") +public class AuthentikUser { + @Id + @Column(name = "ID", unique = true, nullable = false) + private String id; + + @OneToOne(mappedBy = "authentikUser", optional = true) + private Spieler spieler; + + @Column(name = "NAME", nullable = false) + private String name; + + public AuthentikUser() { + } + + public AuthentikUser(String id, String name) { + this.id = id; + this.name = name; + } + + public String getName() { + return name; + } + + public Optional getSpieler() { + return Optional.ofNullable(spieler); + } + + public void setSpieler(@Nullable Spieler spieler) { + this.spieler = spieler; + } + + @Override + public boolean equals(Object o) { + if (!(o instanceof AuthentikUser)) return false; + return this.id == ((AuthentikUser) o).id; + } +} diff --git a/src/main/java/org/kickerelo/kickerelo/data/Spieler.java b/src/main/java/org/kickerelo/kickerelo/data/Spieler.java index db2843e..9f62507 100644 --- a/src/main/java/org/kickerelo/kickerelo/data/Spieler.java +++ b/src/main/java/org/kickerelo/kickerelo/data/Spieler.java @@ -2,6 +2,9 @@ package org.kickerelo.kickerelo.data; import jakarta.persistence.*; +import javax.annotation.Nullable; +import java.util.Optional; + @Entity @Table(name = "SPIELER") public class Spieler { @@ -22,6 +25,10 @@ public class Spieler { @Column(name = "ELO_ALT") private float elo_alt; + @OneToOne(optional = true) + @JoinColumn(name = "AUTHENTIK_USER", referencedColumnName = "ID", unique = true) + private AuthentikUser authentikUser; + public Spieler() { } @@ -65,6 +72,14 @@ public class Spieler { this.elo_alt = elo_alt; } + public Optional getAuthentikUser() { + return Optional.ofNullable(authentikUser); + } + + public void setAuthentikUser(@Nullable AuthentikUser authentikUser) { + this.authentikUser = authentikUser; + } + @Override public String toString() { return this.name; diff --git a/src/main/java/org/kickerelo/kickerelo/repository/AuthentikUserRepository.java b/src/main/java/org/kickerelo/kickerelo/repository/AuthentikUserRepository.java new file mode 100644 index 0000000..972f3af --- /dev/null +++ b/src/main/java/org/kickerelo/kickerelo/repository/AuthentikUserRepository.java @@ -0,0 +1,9 @@ +package org.kickerelo.kickerelo.repository; + +import org.kickerelo.kickerelo.data.AuthentikUser; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; + +@Repository +public interface AuthentikUserRepository extends JpaRepository { +}