Skip to content

Commit

Permalink
fix: update Security Configuration
Browse files Browse the repository at this point in the history
  • Loading branch information
@igorvargaextvi
igorvargaextvi committed Feb 5, 2025
1 parent d256e2a commit ff45796
Showing 1 changed file with 2 additions and 15 deletions.
17 changes: 2 additions & 15 deletions src/main/java/de/caritas/cob/uploadservice/config/SecurityConfig.java
View file
Original file line number Diff line number Diff line change
@@ -1,23 +1,20 @@
package de.caritas.cob.uploadservice.config;

import de.caritas.cob.uploadservice.api.authorization.RoleAuthorizationAuthorityMapper;
import de.caritas.cob.uploadservice.filter.HttpTenantFilter;
import de.caritas.cob.uploadservice.filter.StatelessCsrfFilter;
import lombok.RequiredArgsConstructor;
import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
import org.keycloak.adapters.springsecurity.KeycloakConfiguration;
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider;
import org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticatedActionsFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Primary;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
import org.springframework.security.oauth2.server.resource.web.authentication.BearerTokenAuthenticationFilter;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
Expand Down Expand Up @@ -88,7 +85,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
CsrfFilter.class);

if (multitenancy && httpTenantFilter != null) {
http.addFilterAfter(httpTenantFilter, KeycloakAuthenticatedActionsFilter.class);
http.addFilterAfter(httpTenantFilter, BearerTokenAuthenticationFilter.class);
}

http.sessionManagement(
Expand Down Expand Up @@ -127,14 +124,4 @@ public JwtAuthenticationConverter jwtAuthenticationConverter() {
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
return new NullAuthenticatedSessionStrategy();
}

/** Register Keycloak's AuthenticationProvider with a custom GrantedAuthoritiesMapper. */
@Autowired
public void configureGlobal(
AuthenticationManagerBuilder auth, RoleAuthorizationAuthorityMapper authorityMapper) {
KeycloakAuthenticationProvider keycloakProvider = new KeycloakAuthenticationProvider();
keycloakProvider.setGrantedAuthoritiesMapper(authorityMapper);

auth.authenticationProvider(keycloakProvider);
}
}

0 comments on commit ff45796

Please sign in to comment.