Fachschaft/KickerELO
5
0
Fork 0
mirror of https://github.com/AJMicke/KickerELO.git synced 2026-03-11 05:21:07 +01:00
Code Activity

Cleanup

Browse Source
This commit is contained in:
Anton Micke
2025-06-27 15:55:43 +02:00
committed by AJMicke
parent 3df5670015
commit a30c616f3f
2 changed files with 5 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/main/java/org/kickerelo/kickerelo/config/SecurityConfig.java
View File

@@ -1,20 +0,0 @@
package org.kickerelo.kickerelo.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
@Profile("prod")
@Configuration
public class SecurityConfig {
@Bean
public OAuth2AuthorizedClientService authorizedClientService(
JdbcTemplate jdbcTemplate,
ClientRegistrationRepository clientRegistrationRepository) {
return new JdbcOAuth2AuthorizedClientService(jdbcTemplate, clientRegistrationRepository);
}
}

36
src/main/java/org/kickerelo/kickerelo/config/SecurityConfiguration.java
View File

@@ -1,15 +1,11 @@
package org.kickerelo.kickerelo.config;
import java.security.SecureRandom;
import java.util.Base64;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import com.vaadin.flow.spring.security.VaadinWebSecurity;
import org.springframework.security.oauth2.client.*;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager;
@@ -19,28 +15,6 @@ import org.springframework.security.web.SecurityFilterChain;
@Profile("prod")
@Configuration
class SecurityConfiguration {
private final OAuth2AuthorizedClientService authorizedClientService;
// Inject the persistent authorized client service we configured previously
public SecurityConfiguration(OAuth2AuthorizedClientService authorizedClientService) {
this.authorizedClientService = authorizedClientService;
}
private static String rememberMeSecret = null;
protected void configure(HttpSecurity http) throws Exception {
if (rememberMeSecret == null) rememberMeSecret = generateSecret();
http.authorizeHttpRequests(auth -> auth
.requestMatchers("/app/admin/**", "/app/admin", "/app/app/admin/**", "/app/app/admin").hasAuthority("Kicker Admin")
.anyRequest().permitAll())
.oauth2Login(org.springframework.security.config.Customizer.withDefaults())
.logout(logout -> logout.logoutSuccessUrl("/"))
.csrf(csrf -> csrf.disable());
}
@Bean
public OAuth2AuthorizedClientManager authorizedClientManager(
ClientRegistrationRepository clientRegistrationRepository,
@@ -73,10 +47,10 @@ class SecurityConfiguration {
return http.build();
}
private String generateSecret() {
SecureRandom random = new SecureRandom();
byte[] bytes = new byte[24];
random.nextBytes(bytes);
return Base64.getEncoder().encodeToString(bytes);
@Bean
public OAuth2AuthorizedClientService authorizedClientService(
JdbcTemplate jdbcTemplate,
ClientRegistrationRepository clientRegistrationRepository) {
return new JdbcOAuth2AuthorizedClientService(jdbcTemplate, clientRegistrationRepository);
}
}