data: Store Authentik users, create (optional) relationship to Spieler

2026-03-11 13:31:02 +01:00 · 2025-09-08 23:04:34 +02:00
parent 895f6d882f
commit 8827d6732c
4 changed files with 92 additions and 3 deletions
--- a/src/main/java/org/kickerelo/kickerelo/config/SecurityConfiguration.java
+++ b/src/main/java/org/kickerelo/kickerelo/config/SecurityConfiguration.java
@@ -1,20 +1,29 @@
 package org.kickerelo.kickerelo.config;

+import org.kickerelo.kickerelo.data.AuthentikUser;
+import org.kickerelo.kickerelo.repository.AuthentikUserRepository;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-
 import org.springframework.security.oauth2.client.*;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager;
 import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository;
+import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.security.web.SecurityFilterChain;

@Profile("prod")
@Configuration
 class SecurityConfiguration {
+
+    AuthentikUserRepository userRepository;
+
+    public SecurityConfiguration(AuthentikUserRepository userRepository) {
+        this.userRepository = userRepository;
+    }
+
    @Bean
    public OAuth2AuthorizedClientManager authorizedClientManager(
            ClientRegistrationRepository clientRegistrationRepository,
@@ -37,10 +46,20 @@ class SecurityConfiguration {

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        http.authorizeHttpRequests(auth -> auth
+        http
+                .authorizeHttpRequests(auth -> auth
                        .requestMatchers("/app/admin/**", "/app/admin", "/app/app/admin/**", "/app/app/admin").hasAuthority("Kicker Admin")
                        .anyRequest().permitAll())
-                .oauth2Login(org.springframework.security.config.Customizer.withDefaults())
+                .oauth2Login(oauth -> oauth
+                        .successHandler((request, response, authentication) -> {
+                            String id = ((OAuth2User) authentication.getPrincipal()).getAttribute("sub");
+                            if (!userRepository.existsById(id)) {
+                                String name = ((OAuth2User) authentication.getPrincipal()).getAttribute("name");
+                                AuthentikUser user = new AuthentikUser(id, name);
+                                userRepository.save(user);
+                            }
+                            response.sendRedirect("/");
+                        }))
                .logout(logout -> logout.logoutSuccessUrl("/"))
                .csrf(csrf -> csrf.disable());

--- a/src/main/java/org/kickerelo/kickerelo/data/AuthentikUser.java
+++ b/src/main/java/org/kickerelo/kickerelo/data/AuthentikUser.java
@@ -0,0 +1,46 @@
+package org.kickerelo.kickerelo.data;
+
+import jakarta.persistence.*;
+
+import javax.annotation.Nullable;
+import java.util.Optional;
+
+@Entity
+@Table(name = "AUTHENTIK_USER")
+public class AuthentikUser {
+    @Id
+    @Column(name = "ID", unique = true, nullable = false)
+    private String id;
+
+    @OneToOne(mappedBy = "authentikUser", optional = true)
+    private Spieler spieler;
+
+    @Column(name = "NAME", nullable = false)
+    private String name;
+
+    public AuthentikUser() {
+    }
+
+    public AuthentikUser(String id, String name) {
+        this.id = id;
+        this.name = name;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public Optional<Spieler> getSpieler() {
+        return Optional.ofNullable(spieler);
+    }
+
+    public void setSpieler(@Nullable Spieler spieler) {
+        this.spieler = spieler;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (!(o instanceof AuthentikUser)) return false;
+        return this.id == ((AuthentikUser) o).id;
+    }
+}
--- a/src/main/java/org/kickerelo/kickerelo/data/Spieler.java
+++ b/src/main/java/org/kickerelo/kickerelo/data/Spieler.java
@@ -2,6 +2,9 @@ package org.kickerelo.kickerelo.data;

 import jakarta.persistence.*;

+import javax.annotation.Nullable;
+import java.util.Optional;
+
@Entity
@Table(name = "SPIELER")
 public class Spieler {
@@ -22,6 +25,10 @@ public class Spieler {
    @Column(name = "ELO_ALT")
    private float elo_alt;

+    @OneToOne(optional = true)
+    @JoinColumn(name = "AUTHENTIK_USER", referencedColumnName = "ID", unique = true)
+    private AuthentikUser authentikUser;
+
    public Spieler() {
    }

@@ -65,6 +72,14 @@ public class Spieler {
        this.elo_alt = elo_alt;
    }

+    public Optional<AuthentikUser> getAuthentikUser() {
+        return Optional.ofNullable(authentikUser);
+    }
+
+    public void setAuthentikUser(@Nullable AuthentikUser authentikUser) {
+        this.authentikUser = authentikUser;
+    }
+
    @Override
    public String toString() {
        return this.name;
--- a/src/main/java/org/kickerelo/kickerelo/repository/AuthentikUserRepository.java
+++ b/src/main/java/org/kickerelo/kickerelo/repository/AuthentikUserRepository.java
@@ -0,0 +1,9 @@
+package org.kickerelo.kickerelo.repository;
+
+import org.kickerelo.kickerelo.data.AuthentikUser;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public interface AuthentikUserRepository extends JpaRepository<AuthentikUser, String> {
+}