From 511c4f3979acccbb6ddfa0f40604e73bd8589e30 Mon Sep 17 00:00:00 2001
From: ThanKarab <tkarabatsis@hotmail.com>
Date: Wed, 18 Nov 2020 01:55:25 -0800
Subject: [PATCH] User updated if info changed and csrf disabled on
development.
---
docker/README.md | 3 ++-
.../mip/configurations/SecurityConfiguration.java | 7 ++++++-
.../eu/hbp/mip/services/ActiveUserService.java | 14 +++++---------
3 files changed, 13 insertions(+), 11 deletions(-)
diff --git a/docker/README.md b/docker/README.md
index da8299413..361c5ae56 100644
--- a/docker/README.md
+++ b/docker/README.md
@@ -74,4 +74,5 @@ To use this image, you need a running instance of PostgreSQL and to configure th
* DATA_CENTER_LOCATION: Location of the datacenter, used when reporting errors to Bugsnag
-# TODO Refactor variables
\ No newline at end of file
+# TODO Refactor variables
+# TODO Refactor variables on mip-deployent as well
\ No newline at end of file
diff --git a/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java b/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java
index dfc5d4e47..21a494b88 100644
--- a/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java
+++ b/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java
@@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletRequest;
@KeycloakConfiguration
public class SecurityConfiguration extends KeycloakWebSecurityConfigurerAdapter {
- // Redirect to login page url
+ // Upon logout, redirect to login page url
private static final String logoutRedirectURL = "/sso/login";
@Value("#{'${authentication.enabled}'}")
@@ -36,6 +36,11 @@ public class SecurityConfiguration extends KeycloakWebSecurityConfigurerAdapter
super.configure(http);
if (authenticationEnabled) {
+
+ // Used for development with authentication turned on.
+ // Should not be enabled on production.
+ http.csrf().disable();
+
http.authorizeRequests()
.antMatchers(
"/sso/login",
diff --git a/src/main/java/eu/hbp/mip/services/ActiveUserService.java b/src/main/java/eu/hbp/mip/services/ActiveUserService.java
index 5004e1f7f..61bad973c 100644
--- a/src/main/java/eu/hbp/mip/services/ActiveUserService.java
+++ b/src/main/java/eu/hbp/mip/services/ActiveUserService.java
@@ -46,19 +46,15 @@ public class ActiveUserService {
return user;
}
-
- // TODO Update user if new values are providedTO
// If authentication is ON get user info from Token
KeycloakPrincipal keycloakPrincipal =
(KeycloakPrincipal) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
IDToken idToken = keycloakPrincipal.getKeycloakSecurityContext().getIdToken();
- UserDAO userInDatabase = userRepository.findByUsername(idToken.getPreferredUsername());
- if (userInDatabase != null) {
- user = userInDatabase;
- } else {
- UserDAO newUser = new UserDAO(idToken.getPreferredUsername(), idToken.getName(), idToken.getEmail());
- userRepository.save(newUser);
- user = newUser;
+ user = new UserDAO(idToken.getPreferredUsername(), idToken.getName(), idToken.getEmail());
+
+ UserDAO userInDatabase = userRepository.findByUsername(user.getUsername());
+ if (userInDatabase == null || !userInDatabase.equals(user)) {
+ userRepository.save(user);
}
return user;
}
--
GitLab