Newer
Older
import it.inaf.ia2.gms.persistence.LoggingDAO;
import it.inaf.ia2.rap.client.RapClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.core.Ordered;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
public class SecurityConfig {
private static final Logger LOG = LoggerFactory.getLogger(SecurityConfig.class);
@Value("${cors.allowed.origin}")
private String corsAllowedOrigin;
/**
* CORS are necessary only for development (API access from npm server).
*/
@Profile("dev")
public WebMvcConfigurer corsConfigurer() {
return new WebMvcConfigurer() {
@Override
public void addCorsMappings(CorsRegistry registry) {
LOG.warn("Development profile active: CORS filter enabled");
registry.addMapping("/**")
.allowedOrigins(corsAllowedOrigin)
.allowedMethods("*")
.allowCredentials(true);
}
};
/**
* Checks JWT for web services.
*/
@Bean
public FilterRegistrationBean serviceJWTFilter(LoggingDAO loggingDAO, RapClient rapClient) {
FilterRegistrationBean bean = new FilterRegistrationBean();
bean.setFilter(new JWTFilter(loggingDAO, rapClient));
bean.addUrlPatterns("/*");
bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
return bean;
}
public FilterRegistrationBean loginFilterRegistration() {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new GmsLoginFilter());
registration.addUrlPatterns("/*");
return registration;
}
@Bean
public RestTemplate rapRestTemplate() {
return new RestTemplate();