initial wip

c5cb48f9 · unknown · aac7c11f · c5cb48f9 · c5cb48f9 · c5cb48f9
Commit c5cb48f9 authored 5 years ago by unknown
--- a/pom.xml
+++ b/pom.xml
@@ -249,6 +249,18 @@
            <artifactId>java-jwt</artifactId>
            <version>3.8.3</version>
        </dependency>
+        <dependency>
+            <groupId>com.auth0</groupId>
+            <artifactId>java-jwt</artifactId>
+            <version>3.8.3</version>
+        </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-spring-boot-2-starter</artifactId>
+            <version>4.0.0.Final</version>
+        </dependency>
+
+
    </dependencies>

    <build>

--- a/src/main/application.properties
+++ b/src/main/application.properties
+keycloak.realm=Demo
+keycloak.resource=vanilla
+keycloak.auth-server-url=http://localhost:8080/auth
+keycloak.ssl-required=external
+keycloak.public-client=true
+
+#keycloak.securityConstraints[0].authRoles[0]=Member
+#keycloak.securityConstraints[0].authRoles[1]=Librarian
+#keycloak.securityConstraints[0].securityCollections[0].name=member resource
+#keycloak.securityConstraints[0].securityCollections[0].patterns[0]=/books
+
+#keycloak.securityConstraints[1].authRoles[0]=Librarian
+#keycloak.securityConstraints[1].securityCollections[0].name=librarian resource
+#keycloak.securityConstraints[1].securityCollections[0].patterns[0]=/manager
\ No newline at end of file
--- a/src/main/java/eu/hbp/mip/configuration/SecurityConfiguration.java
+++ b/src/main/java/eu/hbp/mip/configuration/SecurityConfiguration.java
@@ -88,6 +88,9 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Value("#{'${hbp.resource.revokeTokenUri:https://services.humanbrainproject.eu/oidc/revoke}'}")
    private String revokeTokenURI;

+    @Autowired
+    private HttpServletRequest request;
+
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // @formatter:off
@@ -108,9 +111,11 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
                    .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
        }
        else {
-            http.antMatcher("/**")
-                    .authorizeRequests()
-                    .antMatchers("/**").permitAll().and().csrf().disable();
+            //keycloak
+            (KeycloakSecurityContext) request.getAttribute(KeycloakSecurityContext.class.getName());
+//            http.antMatcher("/**")
+//                    .authorizeRequests()
+//                    .antMatchers("/**").permitAll().and().csrf().disable();
        }
    }