Cleanup

2026-03-11 13:31:02 +01:00 · 2025-06-27 15:55:43 +02:00
parent 3df5670015
commit a30c616f3f
2 changed files with 5 additions and 51 deletions
--- a/src/main/java/org/kickerelo/kickerelo/config/SecurityConfig.java
+++ b/src/main/java/org/kickerelo/kickerelo/config/SecurityConfig.java
@@ -1,20 +0,0 @@
 package org.kickerelo.kickerelo.config;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.oauth2.client.JdbcOAuth2AuthorizedClientService;
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
@Profile("prod")
@Configuration
 public class SecurityConfig {
    @Bean
    public OAuth2AuthorizedClientService authorizedClientService(
            JdbcTemplate jdbcTemplate,
            ClientRegistrationRepository clientRegistrationRepository) {
        return new JdbcOAuth2AuthorizedClientService(jdbcTemplate, clientRegistrationRepository);
    }
 }
--- a/src/main/java/org/kickerelo/kickerelo/config/SecurityConfiguration.java
+++ b/src/main/java/org/kickerelo/kickerelo/config/SecurityConfiguration.java
@@ -1,15 +1,11 @@
 package org.kickerelo.kickerelo.config;
 import java.security.SecureRandom;
 import java.util.Base64;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import com.vaadin.flow.spring.security.VaadinWebSecurity;
 import org.springframework.security.oauth2.client.*;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager;
@@ -19,28 +15,6 @@ import org.springframework.security.web.SecurityFilterChain;
@Profile("prod")
@Configuration
 class SecurityConfiguration {
    private final OAuth2AuthorizedClientService authorizedClientService;
    // Inject the persistent authorized client service we configured previously
    public SecurityConfiguration(OAuth2AuthorizedClientService authorizedClientService) {
        this.authorizedClientService = authorizedClientService;
    }
    private static String rememberMeSecret = null;
    protected void configure(HttpSecurity http) throws Exception {
        if (rememberMeSecret == null) rememberMeSecret = generateSecret();
        http.authorizeHttpRequests(auth -> auth
                .requestMatchers("/app/admin/**", "/app/admin", "/app/app/admin/**", "/app/app/admin").hasAuthority("Kicker Admin")
                .anyRequest().permitAll())
            .oauth2Login(org.springframework.security.config.Customizer.withDefaults())
            .logout(logout -> logout.logoutSuccessUrl("/"))
            .csrf(csrf -> csrf.disable());
    }
    @Bean
    public OAuth2AuthorizedClientManager authorizedClientManager(
            ClientRegistrationRepository clientRegistrationRepository,
@@ -73,10 +47,10 @@ class SecurityConfiguration {
        return http.build();
    }
-    private String generateSecret() {
+    @Bean
-        SecureRandom random = new SecureRandom();
+    public OAuth2AuthorizedClientService authorizedClientService(
-        byte[] bytes = new byte[24];
+            JdbcTemplate jdbcTemplate,
-        random.nextBytes(bytes);
+            ClientRegistrationRepository clientRegistrationRepository) {
-        return Base64.getEncoder().encodeToString(bytes);
+        return new JdbcOAuth2AuthorizedClientService(jdbcTemplate, clientRegistrationRepository);
    }
 }