Security filter and feign configuration

c56331e3 · Filip Piták · 26fca0ce · c56331e3 · c56331e3 · c56331e3
Commit c56331e3 authored 11 months ago by Filip Piták
--- a/client/pom.xml
+++ b/client/pom.xml
@@ -28,12 +28,6 @@
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-openfeign</artifactId>
        </dependency>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-configuration-processor</artifactId>
-            <optional>true</optional>
-        </dependency>
-        
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-oauth2-client</artifactId>
@@ -42,7 +36,6 @@
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
-        
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
@@ -70,8 +63,8 @@
            <artifactId>js-cookie</artifactId>
            <version>3.0.1</version>
        </dependency>
-        
    </dependencies>
+
    <dependencyManagement>
        <dependencies>
            <dependency>

--- a/client/src/main/java/cz/muni/pa165/banking/client/controller/AuthController.java
+++ b/client/src/main/java/cz/muni/pa165/banking/client/controller/AuthController.java
@@ -2,12 +2,23 @@ package cz.muni.pa165.banking.client.controller;

 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.Authentication;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
+import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient;
+import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;

+import java.time.ZoneId;
+import java.util.TreeSet;
+
 /**
 * Spring MVC Controller.
 * Handles HTTP requests by preparing data in model and passing it to Thymeleaf HTML templates.
@@ -17,6 +28,9 @@ public class AuthController {

    private static final Logger log = LoggerFactory.getLogger(AuthController.class);

+    @Autowired
+    private OAuth2AuthorizedClientService clientService;
+    
    /**
     * Home page accessible even to non-authenticated users. Displays user personal data.
     */
@@ -26,13 +40,17 @@ public class AuthController {
        log.debug("* index() called                                       *");
        log.debug("********************************************************");
        log.debug("user {}", user == null ? "is anonymous" : user.getSubject());
-
        model.addAttribute("user", user);

        if (user != null) {
+            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+            OAuth2AuthenticationToken oauthToken = (OAuth2AuthenticationToken) authentication;
+            OAuth2AuthorizedClient client = clientService.loadAuthorizedClient(oauthToken.getAuthorizedClientRegistrationId(), oauthToken.getName());
+            log.info("BEARER: " + client.getAccessToken().getTokenValue());
+            
            model.addAttribute("issuerName",
                    "https://oidc.muni.cz/oidc/".equals(user.getIssuer().toString()) ? "MUNI" : "Google");
-            model.addAttribute("token", user.getIdToken().getTokenValue());
+            model.addAttribute("token", client.getAccessToken().getTokenValue());
        }

        return "index";

--- a/infrastructure/pom.xml
+++ b/infrastructure/pom.xml
@@ -20,13 +20,44 @@
        <maven.compiler.source>21</maven.compiler.source>
        <maven.compiler.target>21</maven.compiler.target>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+
+        <spring-cloud.version>2023.0.1</spring-cloud.version>
    </properties>

-    <!--  Only exact dependencies to eliminate transitive dependencies  -->
+    <dependencyManagement>
+        <dependencies>
+            <dependency>
+                <groupId>org.springframework.cloud</groupId>
+                <artifactId>spring-cloud-dependencies</artifactId>
+                <version>${spring-cloud.version}</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
+        </dependencies>
+    </dependencyManagement>
+    
    <dependencies>
        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-web</artifactId>
        </dependency>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-openfeign</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-config</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-starter-common</artifactId>
+            <version>2.3.0</version>
+            <scope>compile</scope>
+        </dependency>
    </dependencies>
 </project>
\ No newline at end of file