Add support for configure http basic.

This commit is contained in:
Paulo Gustavo Veiga
2024-02-10 13:53:44 -08:00
parent 6f528835bf
commit f8b8aea901
12 changed files with 49 additions and 47 deletions

View File

@@ -7,7 +7,7 @@ import com.wisemapping.security.Utils;
import com.wisemapping.service.MindmapServiceImpl;
import com.wisemapping.util.VelocityEngineUtils;
import jakarta.servlet.http.HttpServletRequest;
import org.jetbrains.annotations.Nullable;
import org.jetbrains.annotations.NotNull;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
@@ -23,14 +23,15 @@ import java.util.Locale;
public class CommonConfig {
@Bean
public LocaleResolver localeResolver() {
final LocaleResolver localeResolver = new AcceptHeaderLocaleResolver() {
return new AcceptHeaderLocaleResolver() {
@Override
public Locale resolveLocale(@Nullable HttpServletRequest request) {
public Locale resolveLocale(@NotNull HttpServletRequest request) {
final User user = Utils.getUser();
Locale result;
String locale = user.getLocale();
if (user != null && locale != null) {
if (user != null && user.getLocale() != null) {
String locale = user.getLocale();
final String locales[] = locale.split("_");
Locale.Builder builder = new Locale.Builder().setLanguage(locales[0]);
if (locales.length > 1) {
builder.setVariant(locales[1]);
@@ -42,7 +43,6 @@ public class CommonConfig {
return result;
}
};
return localeResolver;
}
}

View File

@@ -5,6 +5,7 @@ import com.wisemapping.rest.MindmapController;
import jakarta.servlet.http.HttpServletResponse;
import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Import;
@@ -25,6 +26,9 @@ import static org.springframework.security.config.Customizer.withDefaults;
@EnableWebSecurity
public class RestAppConfig {
@Value("${app.api.http-basic-enabled:false}")
private boolean enableHttpBasic;
@Autowired
private JwtAuthenticationFilter jwtAuthenticationFilter;
@@ -35,7 +39,7 @@ public class RestAppConfig {
@Bean
SecurityFilterChain apiSecurityFilterChain(@NotNull final HttpSecurity http, @NotNull final MvcRequestMatcher.Builder mvc) throws Exception {
return http
http
.securityMatcher("/**")
.addFilterAfter(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
.authorizeHttpRequests(auth -> auth
@@ -54,8 +58,13 @@ public class RestAppConfig {
response.setStatus(HttpServletResponse.SC_OK);
}))
.csrf(AbstractHttpConfigurer::disable)
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.httpBasic(withDefaults())
.build();
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
// Http basic is mainly used by automation tests.
if (enableHttpBasic) {
http.httpBasic(withDefaults());
}
return http.build();
}
}