new version oauth2 keycloak integration

0b2d2ffd · Javi Corvi · 5f782789 · 0b2d2ffd · 0b2d2ffd · 0b2d2ffd
Commit 0b2d2ffd authored Dec 29, 2021 by Javi Corvi
--- a/pom.xml
+++ b/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
-        <version>2.1.6.RELEASE</version>
+        <version>2.5.0</version>
    </parent>

    <dependencies>
@@ -29,32 +29,59 @@
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
+        
+        
+        <dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+      	
+      	
+      	
+      	 <!-- <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-oauth2-client</artifactId>
+        </dependency>  -->
+        
+        
+        
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
+        
        <dependency>
-		    <groupId>com.fasterxml.jackson.core</groupId>
-		    <artifactId>jackson-databind</artifactId>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-devtools</artifactId>
+            <optional>true</optional>
        </dependency>
+        
+        
        <dependency>
            <groupId>org.springframework.boot</groupId>
-    		<artifactId>spring-boot-starter-data-mongodb</artifactId>
+            <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
        </dependency>
+        
        <dependency>
-			<groupId>com.google.code.gson</groupId>
-			<artifactId>gson</artifactId>
+   			<groupId>org.springframework.security</groupId>
+   			<artifactId>spring-security-oauth2-jose</artifactId>
 		</dependency> 
+        
+        
        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-devtools</artifactId>
-            <optional>true</optional>
+		    <groupId>com.fasterxml.jackson.core</groupId>
+		    <artifactId>jackson-databind</artifactId>
 		</dependency>
 		<dependency>
            <groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-security</artifactId>
+    		<artifactId>spring-boot-starter-data-mongodb</artifactId>
    	</dependency>
+    	<dependency>
+			<groupId>com.google.code.gson</groupId>
+			<artifactId>gson</artifactId>
+		</dependency>
+        
        
 <!--       	<dependency>
 			<groupId>org.springframework.boot</groupId>

--- a/src/main/java/es/bsc/inb/ades/rest/api/controllers/DocumentController.java
+++ b/src/main/java/es/bsc/inb/ades/rest/api/controllers/DocumentController.java
@@ -20,7 +20,7 @@ import es.bsc.inb.ades.rest.api.services.DocumentService;


 @RestController
-@CrossOrigin()
+@CrossOrigin(origins="*")
 public class DocumentController {
 	
 	@Autowired

--- a/src/main/java/es/bsc/inb/ades/rest/api/controllers/LivenessController.java
+++ b/src/main/java/es/bsc/inb/ades/rest/api/controllers/LivenessController.java
@@ -4,7 +4,7 @@ import org.springframework.web.bind.annotation.CrossOrigin;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RestController;

-@CrossOrigin()
+@CrossOrigin("*")
 @RestController
 public class LivenessController {

@@ -17,4 +17,9 @@ public class LivenessController {
  public String readeness() {
      return "true";
  }
+  
+  @GetMapping(path = "/hello")
+  public String hello() {
+      return "holita";
+  }
 }
--- a/src/main/java/es/bsc/inb/ades/rest/api/repository/DocumentRepositoryImpl.java
+++ b/src/main/java/es/bsc/inb/ades/rest/api/repository/DocumentRepositoryImpl.java
@@ -33,8 +33,8 @@ public class DocumentRepositoryImpl implements DocumentRepositoryCustom{
 		query.fields().include("name");
 		query.fields().include("processDate");
 		query.fields().include("status");
-		Sort sort = new Sort(Sort.Direction.ASC, "name");
-		query.with(sort);
+		//Sort sort = new Sort(Sort.Direction.ASC, "name");
+		//query.with(sort);
 		List<Document> documents = mongoTemplate.find(query,  Document.class);
 		return documents;
 	}

--- a/src/main/java/es/bsc/inb/ades/rest/api/security/basic/inmemory/SecurityConfig.java
+++ b/src/main/java/es/bsc/inb/ades/rest/api/security/basic/inmemory/SecurityConfig.java
@@ -7,7 +7,7 @@ import org.springframework.security.config.annotation.authentication.builders.Au
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

-@Configuration
+//@Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {

--- a/src/main/java/es/bsc/inb/ades/rest/api/security/pkce/SecurityConfig.java
+++ b/src/main/java/es/bsc/inb/ades/rest/api/security/pkce/SecurityConfig.java
+package es.bsc.inb.ades.rest.api.security.pkce;
+
+
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+
+import ch.qos.logback.core.net.LoginAuthenticator;
+
+@Configuration
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    public void configure(HttpSecurity httpSecurity) throws Exception {
+        
+//      httpSecurity
+//      .authorizeRequests().antMatchers("/**")
+//      .authenticated()
+//      .and()
+//      .sessionManagement()
+//      .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+//      .and()
+//      .cors()
+//      .and()
+//      .csrf()
+//      .disable()
+//      .oauth2ResourceServer()
+//      .jwt();
+    	
+    	httpSecurity
+                .authorizeRequests()
+                .antMatchers(HttpMethod.GET, "/documents").permitAll()
+                .anyRequest().authenticated()
+                .and()
+                .sessionManagement()
+                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                .and()
+                //.formLogin()
+                //.and()
+                .cors()
+                .and()
+                .csrf()
+                .disable()
+                .oauth2ResourceServer()
+                .jwt();
+//    	
+//        httpSecurity
+//        .authorizeRequests(authz -> authz
+//          .antMatchers(HttpMethod.GET, "/**").hasAuthority("SCOPE_read")
+//          .antMatchers(HttpMethod.POST, "/**").hasAuthority("SCOPE_write")
+//          .anyRequest().authenticated())
+//        .oauth2ResourceServer(oauth2 -> oauth2.jwt());
+	
+
+    }
+}
--- a/src/main/java/es/bsc/inb/ades/rest/api/services/DocumentServiceImpl.java
+++ b/src/main/java/es/bsc/inb/ades/rest/api/services/DocumentServiceImpl.java
@@ -251,10 +251,12 @@ public class DocumentServiceImpl implements DocumentService {
 	public String findFindingEvidenceByDocumentIdAndFindingId(Long id, Integer findingId) {
 		DocumentAnnotations documentAnnotations = this.findDocumentAnnotationsByDocumentId(id);
 		Finding findingSelected = null;
+		Annotation sentenceRelevantText = null;
 		for (Annotation annotation : documentAnnotations.getRelevantSentences()) {
 			for (Finding finding : annotation.getFindings()) {
 				if(finding.getFindingId().equals(findingId)) {
 					findingSelected = finding;
+					sentenceRelevantText = annotation;
 					break;
 				}
 			}
@@ -276,7 +278,10 @@ public class DocumentServiceImpl implements DocumentService {
 //			annotation.setStartOffset(start_off + Constants.POINTS_INT);
 //			annotation.setEndOffset(start_off + Constants.POINTS_INT + text_size);
 //			return this.generateFindingSnippet3(subtext, findingSelected, start_annotation_aux);
-			Annotation annotation = findingSelected.getRelevant_text();
+			
+			//I removed relevant text as atribute so ...
+			//Annotation annotation = findingSelected.getRelevant_text();
+			Annotation annotation = sentenceRelevantText;
 			int text_size = annotation.getEndOffset() - annotation.getStartOffset();
 			int start_ = 0;
 			int start_off = 0;

--- a/src/main/resources/application-prod.properties
+++ b/src/main/resources/application-prod.properties
@@ -4,4 +4,5 @@ server.servlet.context-path=/pretoxapi
 server.port = ${SERVER_PORT}
 #PRETOX Database
 spring.data.mongodb.uri=${MONGO_URI}
-
+#KEYCLOCK configuration
+spring.security.oauth2.resourceserver.jwt.jwk-set-uri=${OAUTH2_RS_CERTS}