diff --git a/src/main/java/de/thm/arsnova/config/SecurityConfig.java b/src/main/java/de/thm/arsnova/config/SecurityConfig.java
index 624a628b9ff54974d673dec58a5eb08f9aa83a47..cf549a2f5389167769197a7188a70d2e9977b16b 100644
--- a/src/main/java/de/thm/arsnova/config/SecurityConfig.java
+++ b/src/main/java/de/thm/arsnova/config/SecurityConfig.java
@@ -36,6 +36,7 @@ import org.slf4j.LoggerFactory;
import org.slf4j.event.Level;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointProperties;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.AdviceMode;
import org.springframework.context.annotation.Bean;
@@ -163,7 +164,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
if (providerProperties.getOidc().stream().anyMatch(p -> p.isEnabled())
|| providerProperties.getOauth().values().stream().anyMatch(p -> p.isEnabled())) {
- http.addFilterAfter(oauthCallbackFilter(), CasAuthenticationFilter.class);
+ http.addFilterAfter(oauthCallbackFilter(), UsernamePasswordAuthenticationFilter.class);
}
}
}
@@ -373,6 +374,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
// LDAP Authentication Configuration
@Bean
+ @ConditionalOnProperty(
+ name = "ldap[0].enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public LdapAuthenticationProvider ldapAuthenticationProvider() {
final LdapAuthenticationProvider ldapAuthenticationProvider =
new LdapAuthenticationProvider(ldapAuthenticator(), ldapAuthoritiesPopulator());
@@ -382,6 +387,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
}
@Bean
+ @ConditionalOnProperty(
+ name = "ldap[0].enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public LdapContextSource ldapContextSource() {
final AuthenticationProviderProperties.Ldap ldapProperties = providerProperties.getLdap().get(0);
final DefaultSpringSecurityContextSource contextSource =
@@ -397,6 +406,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
}
@Bean
+ @ConditionalOnProperty(
+ name = "ldap[0].enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public LdapAuthenticator ldapAuthenticator() {
final AuthenticationProviderProperties.Ldap ldapProperties = providerProperties.getLdap().get(0);
final BindAuthenticator authenticator = new BindAuthenticator(ldapContextSource());
@@ -414,11 +427,19 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
}
@Bean
+ @ConditionalOnProperty(
+ name = "ldap[0].enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public LdapAuthoritiesPopulator ldapAuthoritiesPopulator() {
return new NullLdapAuthoritiesPopulator();
}
@Bean
+ @ConditionalOnProperty(
+ name = "ldap[0].enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public LdapUserDetailsMapper customLdapUserDetailsMapper() {
final AuthenticationProviderProperties.Ldap ldapProperties = providerProperties.getLdap().get(0);
logger.debug("ldapUserIdAttr: {}", ldapProperties.getUserIdAttribute());
@@ -429,6 +450,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
// CAS Authentication Configuration
@Bean
+ @ConditionalOnProperty(
+ name = "cas.enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public CasAuthenticationProvider casAuthenticationProvider() {
final CasAuthenticationProvider authProvider = new CasAuthenticationProvider();
authProvider.setAuthenticationUserDetailsService(casUserDetailsService());
@@ -440,11 +465,19 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
}
@Bean
+ @ConditionalOnProperty(
+ name = "cas.enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public CasUserDetailsService casUserDetailsService() {
return new CasUserDetailsService();
}
@Bean
+ @ConditionalOnProperty(
+ name = "cas.enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public ServiceProperties casServiceProperties() {
final ServiceProperties properties = new ServiceProperties();
properties.setService(rootUrl + apiPath + CAS_LOGIN_PATH_SUFFIX);
@@ -454,11 +487,19 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
}
@Bean
+ @ConditionalOnProperty(
+ name = "cas.enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public Cas20ProxyTicketValidator casTicketValidator() {
return new Cas20ProxyTicketValidator(providerProperties.getCas().getHostUrl());
}
@Bean
+ @ConditionalOnProperty(
+ name = "cas.enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public CasAuthenticationEntryPoint casAuthenticationEntryPoint() {
final CasAuthenticationEntryPoint entryPoint = new CasAuthenticationEntryPoint();
entryPoint.setLoginUrl(providerProperties.getCas().getHostUrl() + "/login");
@@ -468,6 +509,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
}
@Bean
+ @ConditionalOnProperty(
+ name = "cas.enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public CasAuthenticationFilter casAuthenticationFilter() throws Exception {
final CasAuthenticationFilter filter = new CasAuthenticationFilter();
filter.setAuthenticationManager(authenticationManager());
@@ -480,6 +525,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
}
@Bean
+ @ConditionalOnProperty(
+ name = "cas.enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public LogoutFilter casLogoutFilter() {
final LogoutFilter filter = new LogoutFilter(casLogoutSuccessHandler(), logoutHandler());
filter.setLogoutRequestMatcher(new AntPathRequestMatcher("/**" + CAS_LOGOUT_PATH_SUFFIX));
@@ -488,6 +537,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
}
@Bean
+ @ConditionalOnProperty(
+ name = "cas.enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public LogoutSuccessHandler casLogoutSuccessHandler() {
final CasLogoutSuccessHandler handler = new CasLogoutSuccessHandler();
handler.setCasUrl(providerProperties.getCas().getHostUrl());
@@ -535,6 +588,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
}
@Bean
+ @ConditionalOnProperty(
+ name = "oidc[0].enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public OidcClient oidcClient() {
final AuthenticationProviderProperties.Oidc oidcProperties = providerProperties.getOidc().get(0);
final OidcConfiguration config = new OidcConfiguration();
@@ -549,6 +606,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
}
@Bean
+ @ConditionalOnProperty(
+ name = "oauth.facebook.enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public FacebookClient facebookClient() {
final AuthenticationProviderProperties.Oauth oauthProperties =
providerProperties.getOauth().get(FACEBOOK_PROVIDER_ID);
@@ -559,6 +620,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
}
@Bean
+ @ConditionalOnProperty(
+ name = "oauth.twitter.enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public TwitterClient twitterClient() {
final AuthenticationProviderProperties.Oauth oauthProperties =
providerProperties.getOauth().get(TWITTER_PROVIDER_ID);
@@ -569,6 +634,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
}
@Bean
+ @ConditionalOnProperty(
+ name = "oauth.google.enabled",
+ prefix = AuthenticationProviderProperties.PREFIX,
+ havingValue = "true")
public GoogleOidcClient googleClient() {
final AuthenticationProviderProperties.Oauth oauthProperties =
providerProperties.getOauth().get(GOOGLE_PROVIDER_ID);
diff --git a/src/main/java/de/thm/arsnova/config/properties/AuthenticationProviderProperties.java b/src/main/java/de/thm/arsnova/config/properties/AuthenticationProviderProperties.java
index 23f16cf1cf63b039522706593e45100d660750f8..4c68035d9210771addf461a177c7e750c0ae4d89 100644
--- a/src/main/java/de/thm/arsnova/config/properties/AuthenticationProviderProperties.java
+++ b/src/main/java/de/thm/arsnova/config/properties/AuthenticationProviderProperties.java
@@ -24,8 +24,10 @@ import java.util.Set;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.core.style.ToStringCreator;
-@ConfigurationProperties("security.authentication-providers")
+@ConfigurationProperties(AuthenticationProviderProperties.PREFIX)
public class AuthenticationProviderProperties {
+ public static final String PREFIX = SecurityProperties.PREFIX + ".authentication-providers";
+
public abstract static class Provider {
public enum Role {
MODERATOR,
diff --git a/src/main/java/de/thm/arsnova/config/properties/CouchDbProperties.java b/src/main/java/de/thm/arsnova/config/properties/CouchDbProperties.java
index e4c807f54add5a619478d0b8c0c4e552bf11f846..674dec13ea1a5f2451dde4f74f79e17ab88f29c2 100644
--- a/src/main/java/de/thm/arsnova/config/properties/CouchDbProperties.java
+++ b/src/main/java/de/thm/arsnova/config/properties/CouchDbProperties.java
@@ -20,8 +20,9 @@ package de.thm.arsnova.config.properties;
import org.springframework.boot.context.properties.ConfigurationProperties;
-@ConfigurationProperties("system.couchdb")
+@ConfigurationProperties(CouchDbProperties.PREFIX)
public class CouchDbProperties {
+ public static final String PREFIX = SystemProperties.PREFIX + ".couchdb";
private String host;
private int port;
private String dbName;
diff --git a/src/main/java/de/thm/arsnova/config/properties/MessageBrokerProperties.java b/src/main/java/de/thm/arsnova/config/properties/MessageBrokerProperties.java
index a8a549b539de131ea59c2cffc660aad2dac7776e..d884c84d65bdc6f7ebbad8546acf88a061b62f78 100644
--- a/src/main/java/de/thm/arsnova/config/properties/MessageBrokerProperties.java
+++ b/src/main/java/de/thm/arsnova/config/properties/MessageBrokerProperties.java
@@ -20,8 +20,10 @@ package de.thm.arsnova.config.properties;
import org.springframework.boot.context.properties.ConfigurationProperties;
-@ConfigurationProperties("system.message-broker")
+@ConfigurationProperties(MessageBrokerProperties.PREFIX)
public class MessageBrokerProperties {
+ public static final String PREFIX = SystemProperties.PREFIX + ".message-broker";
+
public static class Relay {
private boolean enabled;
private String host;
diff --git a/src/main/java/de/thm/arsnova/config/properties/SecurityProperties.java b/src/main/java/de/thm/arsnova/config/properties/SecurityProperties.java
index 90a8a30706358e812ef041c1017b2fa52f9c36b0..7257b7fa0b18c83140aeb7c67b4dfaea4e64dc1f 100644
--- a/src/main/java/de/thm/arsnova/config/properties/SecurityProperties.java
+++ b/src/main/java/de/thm/arsnova/config/properties/SecurityProperties.java
@@ -24,8 +24,10 @@ import java.util.List;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.boot.convert.DurationUnit;
-@ConfigurationProperties("security")
+@ConfigurationProperties(SecurityProperties.PREFIX)
public class SecurityProperties {
+ public static final String PREFIX = "security";
+
public static class Jwt {
private String serverId;
private String secret;
diff --git a/src/main/java/de/thm/arsnova/config/properties/SystemProperties.java b/src/main/java/de/thm/arsnova/config/properties/SystemProperties.java
index b06182ddf8e454c5ff7adfc3d34fbd8f5ac345f3..46aa88cd8819b8592bc4d83393a979199e613616 100644
--- a/src/main/java/de/thm/arsnova/config/properties/SystemProperties.java
+++ b/src/main/java/de/thm/arsnova/config/properties/SystemProperties.java
@@ -20,8 +20,10 @@ package de.thm.arsnova.config.properties;
import org.springframework.boot.context.properties.ConfigurationProperties;
-@ConfigurationProperties("system")
+@ConfigurationProperties(SystemProperties.PREFIX)
public class SystemProperties {
+ public static final String PREFIX = "system";
+
public static class Api {
private String path;
private boolean indentResponseBody;
diff --git a/src/main/java/de/thm/arsnova/security/CasUserDetailsService.java b/src/main/java/de/thm/arsnova/security/CasUserDetailsService.java
index 59dce24a0a2362e78071cc48ad711d1fcfee0e81..99dafe370e32423cf870e7c5d8e040763954d79d 100644
--- a/src/main/java/de/thm/arsnova/security/CasUserDetailsService.java
+++ b/src/main/java/de/thm/arsnova/security/CasUserDetailsService.java
@@ -26,7 +26,6 @@ import org.springframework.security.cas.userdetails.AbstractCasAssertionUserDeta
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.stereotype.Service;
import de.thm.arsnova.model.UserProfile;
import de.thm.arsnova.service.UserService;
@@ -34,7 +33,6 @@ import de.thm.arsnova.service.UserService;
/**
* Class to load a user based on the results from CAS.
*/
-@Service
public class CasUserDetailsService extends AbstractCasAssertionUserDetailsService {
@Autowired
private UserService userService;
diff --git a/src/main/java/de/thm/arsnova/security/pac4j/OauthCallbackFilter.java b/src/main/java/de/thm/arsnova/security/pac4j/OauthCallbackFilter.java
index c6dc76eafad0c0dc5ca3acaaed560d5a15c4130f..61d39df76e7625b8e1b46dc61312db8a90d74527 100644
--- a/src/main/java/de/thm/arsnova/security/pac4j/OauthCallbackFilter.java
+++ b/src/main/java/de/thm/arsnova/security/pac4j/OauthCallbackFilter.java
@@ -40,14 +40,12 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
-import org.springframework.stereotype.Component;
/**
* Handles callback requests by login redirects from OAuth providers.
*
* @author Daniel Gerhardt
*/
-@Component
public class OauthCallbackFilter extends AbstractAuthenticationProcessingFilter {
private static final Logger logger = LoggerFactory.getLogger(OauthCallbackFilter.class);
private final ClientFinder clientFinder = new DefaultCallbackClientFinder();