church/BiCO
1
0
Fork 0
Code Issues 2 Pull Requests Packages Projects Releases Wiki Activity

securing with nextcloud oidc

Browse Source
This commit is contained in:
Jottyfan
2023-12-26 18:28:37 +01:00
parent 6fdd4a57e0
commit 47bcd311ea
15 changed files with 86 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/main/java/de/jottyfan/bico/config/SecurityConfig.java
View File

@ -1,15 +1,9 @@
package de.jottyfan.bico.config;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationEventPublisher;
import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.SecurityFilterChain;
/**
*
@ -17,18 +11,15 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager;
*
*/
@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Bean
@ConditionalOnMissingBean(UserDetailsService.class)
InMemoryUserDetailsManager imudm() {
return new InMemoryUserDetailsManager(User.withUsername("user").password("{noop}password").roles("USER").build());
}
@Bean
@ConditionalOnMissingBean(AuthenticationEventPublisher.class)
DefaultAuthenticationEventPublisher daep(ApplicationEventPublisher delegate) {
return new DefaultAuthenticationEventPublisher(delegate);
SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests(
// @formatter:off
r -> r.requestMatchers("/", "/error", "/css/**", "/js/**", "/webjars/**", "/template").permitAll()
.requestMatchers("/**").authenticated())
.oauth2Login(l -> l.authorizationEndpoint(e -> e.baseUri("/oauth2/authorize-client")));
// @formatter:on
return http.build();
}
}