Merge branch 'master' into stage

DDH-RD · May 30, 2024 · 2c737f6 · 2c737f6
2 parents 56e633a + 498b258
commit 2c737f6
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 7 deletions.
diff --git a/paladins-webservice/src/main/java/dev/luzifer/spring/config/ApiKeyAuthFilter.java b/paladins-webservice/src/main/java/dev/luzifer/spring/config/ApiKeyAuthFilter.java
@@ -49,4 +49,10 @@ protected void successfulAuthentication(
     SecurityContextHolder.getContext().setAuthentication(authResult);
     chain.doFilter(request, response);
   }
+
+  @Override
+  protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException, ServletException {
+    SecurityContextHolder.clearContext();
+    super.unsuccessfulAuthentication(request, response, failed);
+  }
 }
diff --git a/paladins-webservice/src/main/java/dev/luzifer/spring/config/WebSecurityConfig.java b/paladins-webservice/src/main/java/dev/luzifer/spring/config/WebSecurityConfig.java
@@ -1,19 +1,29 @@
 package dev.luzifer.spring.config;
 
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.core.Ordered;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
 
 @Configuration
 @EnableWebSecurity
@@ -24,7 +34,7 @@ public class WebSecurityConfig {
   private final String apiKeyHeader;
 
   public WebSecurityConfig(
-      @Value("${api.key}") String apiKey, @Value("${api.key.header}") String apiKeyHeader) {
+          @Value("${api.key}") String apiKey, @Value("${api.key.header}") String apiKeyHeader) {
     this.apiKey = apiKey;
     this.apiKeyHeader = apiKeyHeader;
   }
@@ -34,12 +44,34 @@ public ApiKeyAuthFilter apiKeyAuthFilter(AuthenticationManager authenticationMan
     return new ApiKeyAuthFilter(apiKeyHeader, authenticationManager);
   }
 
+  @Bean
+  public FilterRegistrationBean<OncePerRequestFilter> apiKeyAuthFilterRegistrationBean(AuthenticationManager authenticationManager) {
+    FilterRegistrationBean<OncePerRequestFilter> registrationBean = new FilterRegistrationBean<>();
+
+    registrationBean.setFilter(new OncePerRequestFilter() {
+      @Override
+      protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+        if (SecurityContextHolder.getContext().getAuthentication() == null) {
+          ApiKeyAuthFilter apiKeyAuthFilter = new ApiKeyAuthFilter(apiKeyHeader, authenticationManager);
+          apiKeyAuthFilter.doFilter(request, response, filterChain);
+        } else {
+          filterChain.doFilter(request, response);
+        }
+      }
+    });
+
+    registrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE);
+
+    return registrationBean;
+  }
+
   @Bean
   public SecurityFilterChain securityFilterChain(
           HttpSecurity http, AuthenticationManager authenticationManager) throws Exception {
     http.csrf(AbstractHttpConfigurer::disable)
             .formLogin(AbstractHttpConfigurer::disable)
-            .authorizeRequests(authorize -> authorize.anyRequest().authenticated())
+            .anonymous(AbstractHttpConfigurer::disable)
+            .authorizeHttpRequests(authorize -> authorize.anyRequest().authenticated())
             .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
             .addFilterBefore(apiKeyAuthFilter(authenticationManager), BasicAuthenticationFilter.class);
 
@@ -51,7 +83,7 @@ public SecurityFilterChain securityFilterChain(
 
   @Bean
   public AuthenticationManager authenticationManager(
-      AuthenticationConfiguration authenticationConfiguration) throws Exception {
+          AuthenticationConfiguration authenticationConfiguration) throws Exception {
     return authenticationConfiguration.getAuthenticationManager();
   }
 
@@ -62,8 +94,8 @@ public ApiKeyAuthenticationProvider apiKeyAuthenticationProvider() {
 
   @Autowired
   public void configureGlobal(
-      AuthenticationManagerBuilder auth,
-      ApiKeyAuthenticationProvider apiKeyAuthenticationProvider) {
+          AuthenticationManagerBuilder auth,
+          ApiKeyAuthenticationProvider apiKeyAuthenticationProvider) {
     auth.authenticationProvider(apiKeyAuthenticationProvider);
   }
-}
+}
diff --git a/paladins-webservice/src/main/resources/application.properties b/paladins-webservice/src/main/resources/application.properties
@@ -18,7 +18,8 @@ spring.data.redis.port=6379
 # Hurensohn
 spring.main.allow-circular-references=true
 # API-Requests
-web.authentication.apikey=API-KEY
+api.key=THV6aSBpc3QgZWluIFPDvMOfaQ==
+api.key.header=API-KEY
 # API-Paths
 api.match=api/match
 api.match.count=api/match/count