From c47a83e8d402c91011637c364a2163c3de841d58 Mon Sep 17 00:00:00 2001 From: Moritz Kowalski Date: Sun, 11 May 2025 19:23:49 +0200 Subject: [PATCH] Add connection to fs auth provider, redirect not tested --- pom.xml | 5 ++ .../kickerelo/config/SecurityConfig.java | 50 +++++++++++++++++++ .../kickerelo/layout/KickerAppLayout.java | 9 ++++ .../kickerelo/kickerelo/views/AdminView.java | 2 +- .../kickerelo/kickerelo/views/Chart1vs1.java | 2 + .../kickerelo/kickerelo/views/Chart2vs2.java | 3 ++ .../kickerelo/views/Enter1vs1View.java | 2 +- .../kickerelo/views/Enter2vs2View.java | 2 +- .../kickerelo/views/Graph1vs1View.java | 2 +- .../kickerelo/views/Graph2vs2View.java | 2 +- .../kickerelo/views/History1vs1View.java | 2 +- .../kickerelo/views/History2vs2View.java | 2 +- .../kickerelo/views/PlayerListView.java | 2 +- .../kickerelo/views/Stat2vs2View.java | 2 +- .../resources/application-prod.properties | 7 +-- .../resources/application-test.properties | 4 +- 16 files changed, 85 insertions(+), 13 deletions(-) create mode 100644 src/main/java/org/kickerelo/kickerelo/config/SecurityConfig.java diff --git a/pom.xml b/pom.xml index cf6098d..1e60e6e 100644 --- a/pom.xml +++ b/pom.xml @@ -72,6 +72,11 @@ org.springframework.boot spring-boot-starter-oauth2-client + + io.github.cdimascio + dotenv-java + 3.0.0 + diff --git a/src/main/java/org/kickerelo/kickerelo/config/SecurityConfig.java b/src/main/java/org/kickerelo/kickerelo/config/SecurityConfig.java new file mode 100644 index 0000000..d744c86 --- /dev/null +++ b/src/main/java/org/kickerelo/kickerelo/config/SecurityConfig.java @@ -0,0 +1,50 @@ +package org.kickerelo.kickerelo.config; + +import io.github.cdimascio.dotenv.Dotenv; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.oauth2.client.registration.ClientRegistration; +import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; +import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository; +import org.springframework.security.oauth2.core.AuthorizationGrantType; +import org.springframework.security.web.SecurityFilterChain; + +@Configuration +public class SecurityConfig { + + private final Dotenv dotenv = Dotenv.load(); + + @Bean + public ClientRegistrationRepository clientRegistrationRepository() { + ClientRegistration oidcRegistration = ClientRegistration.withRegistrationId("oidc") + .clientId(dotenv.get("OIDC_CLIENT_ID")) + .clientSecret(dotenv.get("OIDC_CLIENT_SECRET")) + .scope("openid", "profile", "email") + .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE) + .authorizationUri(dotenv.get("OIDC_ISSUER_BASE_URI") + "application/o/authorize/") + .tokenUri(dotenv.get("OIDC_ISSUER_BASE_URI") + "application/o/token/") + .userInfoUri(dotenv.get("OIDC_ISSUER_BASE_URI") + "application/o/userinfo/") + .userNameAttributeName("sub") + .clientName("OIDC") + .redirectUri(dotenv.get("OIDC_REDIRECT_URI")) + .build(); + + return new InMemoryClientRegistrationRepository(oidcRegistration); + } + + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + http + .authorizeHttpRequests(auth -> auth + .requestMatchers("/oauth2/**").permitAll() // Allow all OAuth2 requests + .anyRequest().permitAll() // Allow all requests + ) + .oauth2Login() + .and() + .logout(logout -> logout.logoutSuccessUrl("/")) + .csrf(csrf -> csrf.disable()); + + return http.build(); + } +} diff --git a/src/main/java/org/kickerelo/kickerelo/layout/KickerAppLayout.java b/src/main/java/org/kickerelo/kickerelo/layout/KickerAppLayout.java index 617b7f0..a0638eb 100644 --- a/src/main/java/org/kickerelo/kickerelo/layout/KickerAppLayout.java +++ b/src/main/java/org/kickerelo/kickerelo/layout/KickerAppLayout.java @@ -67,6 +67,15 @@ public class KickerAppLayout extends AppLayout { new SideNavItem("Historie", History2vs2View.class, VaadinIcon.RECORDS.create()), new SideNavItem("Statistik", Stat2vs2View.class, VaadinIcon.ABACUS.create())); + // add additional nav item if user is logged in + if (isAuthenticated) { + SideNav nav3 = new SideNav("Admin"); + nav3.setCollapsible(true); + nav3.addItem(new SideNavItem("Delete Internet", AdminView.class, VaadinIcon.COG.create()), + new SideNavItem("Current User: " + auth.getName(), AdminView.class, VaadinIcon.COG.create())); + +} + Image githubLogo = new Image("github-mark.png", "Github"); githubLogo.setHeight("30px"); diff --git a/src/main/java/org/kickerelo/kickerelo/views/AdminView.java b/src/main/java/org/kickerelo/kickerelo/views/AdminView.java index 5098cbb..99692f1 100644 --- a/src/main/java/org/kickerelo/kickerelo/views/AdminView.java +++ b/src/main/java/org/kickerelo/kickerelo/views/AdminView.java @@ -12,7 +12,7 @@ import org.kickerelo.kickerelo.exception.InvalidDataException; import org.kickerelo.kickerelo.exception.PlayerNameNotSetException; import org.kickerelo.kickerelo.service.KickerEloService; -@Route("admin") +@Route("app/admin") public class AdminView extends VerticalLayout { public AdminView(KickerEloService service) { H2 subheader = new H2("Verwaltung"); diff --git a/src/main/java/org/kickerelo/kickerelo/views/Chart1vs1.java b/src/main/java/org/kickerelo/kickerelo/views/Chart1vs1.java index 48e7df3..571db32 100644 --- a/src/main/java/org/kickerelo/kickerelo/views/Chart1vs1.java +++ b/src/main/java/org/kickerelo/kickerelo/views/Chart1vs1.java @@ -16,6 +16,7 @@ import com.github.appreciated.apexcharts.config.yaxis.Title; import com.github.appreciated.apexcharts.helper.Series; import com.vaadin.flow.component.UI; import com.vaadin.flow.component.button.Button; +import com.vaadin.flow.router.Route; import com.vaadin.flow.server.VaadinService; import com.vaadin.flow.theme.lumo.Lumo; import org.kickerelo.kickerelo.data.Spieler; @@ -24,6 +25,7 @@ import org.kickerelo.kickerelo.util.Spieler1vs1EloComparator; import java.math.BigDecimal; import java.util.List; +@Route(value = "app/chart1vs1") public class Chart1vs1 extends ApexChartsBuilder { public Chart1vs1(List l) { Theme theme = new Theme(); diff --git a/src/main/java/org/kickerelo/kickerelo/views/Chart2vs2.java b/src/main/java/org/kickerelo/kickerelo/views/Chart2vs2.java index 696e0cd..db986e9 100644 --- a/src/main/java/org/kickerelo/kickerelo/views/Chart2vs2.java +++ b/src/main/java/org/kickerelo/kickerelo/views/Chart2vs2.java @@ -12,11 +12,14 @@ import com.github.appreciated.apexcharts.config.theme.Mode; import com.github.appreciated.apexcharts.config.theme.Monochrome; import com.github.appreciated.apexcharts.config.xaxis.Labels; import com.github.appreciated.apexcharts.helper.Series; +import com.vaadin.flow.router.Route; + import org.kickerelo.kickerelo.data.Spieler; import org.kickerelo.kickerelo.util.Spieler2vs2EloComparator; import java.util.List; +@Route(value = "app/chart1vs1") public class Chart2vs2 extends ApexChartsBuilder { public Chart2vs2(List l) { Theme theme = new Theme(); diff --git a/src/main/java/org/kickerelo/kickerelo/views/Enter1vs1View.java b/src/main/java/org/kickerelo/kickerelo/views/Enter1vs1View.java index 016d00d..7973903 100644 --- a/src/main/java/org/kickerelo/kickerelo/views/Enter1vs1View.java +++ b/src/main/java/org/kickerelo/kickerelo/views/Enter1vs1View.java @@ -14,7 +14,7 @@ import org.kickerelo.kickerelo.exception.NoSuchPlayerException; import org.kickerelo.kickerelo.exception.PlayerNameNotSetException; import org.kickerelo.kickerelo.service.KickerEloService; -@Route(value = "enter1vs1") +@Route(value = "app/enter1vs1") public class Enter1vs1View extends VerticalLayout { public Enter1vs1View(KickerEloService eloService) { diff --git a/src/main/java/org/kickerelo/kickerelo/views/Enter2vs2View.java b/src/main/java/org/kickerelo/kickerelo/views/Enter2vs2View.java index 23829bc..ce753b3 100644 --- a/src/main/java/org/kickerelo/kickerelo/views/Enter2vs2View.java +++ b/src/main/java/org/kickerelo/kickerelo/views/Enter2vs2View.java @@ -14,7 +14,7 @@ import org.kickerelo.kickerelo.exception.NoSuchPlayerException; import org.kickerelo.kickerelo.exception.PlayerNameNotSetException; import org.kickerelo.kickerelo.service.KickerEloService; -@Route(value = "enter2vs2") +@Route(value = "app/enter2vs2") public class Enter2vs2View extends VerticalLayout { public Enter2vs2View(KickerEloService eloService) { H2 subheading = new H2("2 vs 2 Ergebnis"); diff --git a/src/main/java/org/kickerelo/kickerelo/views/Graph1vs1View.java b/src/main/java/org/kickerelo/kickerelo/views/Graph1vs1View.java index 6d86fc6..2582416 100644 --- a/src/main/java/org/kickerelo/kickerelo/views/Graph1vs1View.java +++ b/src/main/java/org/kickerelo/kickerelo/views/Graph1vs1View.java @@ -7,7 +7,7 @@ import com.vaadin.flow.component.orderedlayout.VerticalLayout; import com.vaadin.flow.router.Route; import org.kickerelo.kickerelo.repository.SpielerRepository; -@Route("graph1vs1") +@Route("app/graph1vs1") public class Graph1vs1View extends VerticalLayout { ApexCharts chart1vs1; diff --git a/src/main/java/org/kickerelo/kickerelo/views/Graph2vs2View.java b/src/main/java/org/kickerelo/kickerelo/views/Graph2vs2View.java index 26ad677..968c0a9 100644 --- a/src/main/java/org/kickerelo/kickerelo/views/Graph2vs2View.java +++ b/src/main/java/org/kickerelo/kickerelo/views/Graph2vs2View.java @@ -7,7 +7,7 @@ import com.vaadin.flow.component.orderedlayout.VerticalLayout; import com.vaadin.flow.router.Route; import org.kickerelo.kickerelo.repository.SpielerRepository; -@Route("graph2vs2") +@Route("app/graph2vs2") public class Graph2vs2View extends VerticalLayout { ApexCharts chart2vs2; public Graph2vs2View(SpielerRepository repo) { diff --git a/src/main/java/org/kickerelo/kickerelo/views/History1vs1View.java b/src/main/java/org/kickerelo/kickerelo/views/History1vs1View.java index 2c1344f..7d84869 100644 --- a/src/main/java/org/kickerelo/kickerelo/views/History1vs1View.java +++ b/src/main/java/org/kickerelo/kickerelo/views/History1vs1View.java @@ -18,7 +18,7 @@ import org.kickerelo.kickerelo.repository.Ergebnis1vs1Repository; import java.util.List; -@Route("history1vs1") +@Route("app/history1vs1") public class History1vs1View extends VerticalLayout { List res; public History1vs1View(Ergebnis1vs1Repository repo) { diff --git a/src/main/java/org/kickerelo/kickerelo/views/History2vs2View.java b/src/main/java/org/kickerelo/kickerelo/views/History2vs2View.java index 5daeb45..f956e43 100644 --- a/src/main/java/org/kickerelo/kickerelo/views/History2vs2View.java +++ b/src/main/java/org/kickerelo/kickerelo/views/History2vs2View.java @@ -19,7 +19,7 @@ import org.kickerelo.kickerelo.repository.Ergebnis2vs2Repository; import java.util.List; -@Route("history2vs2") +@Route("app/history2vs2") public class History2vs2View extends VerticalLayout { public History2vs2View(Ergebnis2vs2Repository repo) { setSizeFull(); diff --git a/src/main/java/org/kickerelo/kickerelo/views/PlayerListView.java b/src/main/java/org/kickerelo/kickerelo/views/PlayerListView.java index 205dbae..e012df0 100644 --- a/src/main/java/org/kickerelo/kickerelo/views/PlayerListView.java +++ b/src/main/java/org/kickerelo/kickerelo/views/PlayerListView.java @@ -11,7 +11,7 @@ import org.kickerelo.kickerelo.service.KickerEloService; import java.util.List; -@Route("") +@Route("app") public class PlayerListView extends VerticalLayout { public PlayerListView(KickerEloService eloService) { setSizeFull(); diff --git a/src/main/java/org/kickerelo/kickerelo/views/Stat2vs2View.java b/src/main/java/org/kickerelo/kickerelo/views/Stat2vs2View.java index 7bfa90e..3c0c0ee 100644 --- a/src/main/java/org/kickerelo/kickerelo/views/Stat2vs2View.java +++ b/src/main/java/org/kickerelo/kickerelo/views/Stat2vs2View.java @@ -12,7 +12,7 @@ import org.kickerelo.kickerelo.service.KickerEloService; import org.kickerelo.kickerelo.service.Stat2vs2Service; import org.kickerelo.kickerelo.util.Position; -@Route("stat2vs2") +@Route("app/stat2vs2") public class Stat2vs2View extends VerticalLayout { Stat2vs2Service stat2vs2Service; KickerEloService kickerEloService; diff --git a/src/main/resources/application-prod.properties b/src/main/resources/application-prod.properties index 2dfcd30..2fa27fb 100644 --- a/src/main/resources/application-prod.properties +++ b/src/main/resources/application-prod.properties @@ -11,9 +11,10 @@ spring.jpa.show-sql=false spring.jpa.open-in-view=false # == OIDC Configuration == -spring.security.oauth2.client.registration.oidc.client-id=client-id -spring.security.oauth2.client.registration.oidc.client-secret=client-secret +spring.security.oauth2.client.registration.oidc.client-id=${OIDC_CLIENT_ID} +spring.security.oauth2.client.registration.oidc.client-secret=${OIDC_CLIENT_SECRET} spring.security.oauth2.client.registration.oidc.scope=openid,profile,email spring.security.oauth2.client.registration.oidc.redirect-uri={baseUrl}/login/oauth2/code/{registrationId} +spring.security.oauth2.client.provider.oidc.issuer-uri=${OIDC_ISSUER_URI} -spring.security.oauth2.client.provider.oidc.issuer-uri=https://auth.fs.cs.uni-frankfurt.de/application/o/oidc/ +vaadin.urlMapping=/* diff --git a/src/main/resources/application-test.properties b/src/main/resources/application-test.properties index 314bb7d..386b42a 100644 --- a/src/main/resources/application-test.properties +++ b/src/main/resources/application-test.properties @@ -1,5 +1,6 @@ server.port=${PORT:8080} logging.level.org.atmosphere = warn +logging.level.org.springframework.security=DEBUG spring.mustache.check-template-location = false spring.datasource.url=jdbc:h2:file:./data @@ -14,5 +15,6 @@ spring.security.oauth2.client.registration.oidc.client-id=${OIDC_CLIENT_ID} spring.security.oauth2.client.registration.oidc.client-secret=${OIDC_CLIENT_SECRET} spring.security.oauth2.client.registration.oidc.scope=openid,profile,email spring.security.oauth2.client.registration.oidc.redirect-uri={baseUrl}/login/oauth2/code/{registrationId} - spring.security.oauth2.client.provider.oidc.issuer-uri=${OIDC_ISSUER_URI} + +vaadin.urlMapping=/app/*