Skip to content

Commit

Permalink
Add configuration for not deployed profile
Browse files Browse the repository at this point in the history
Added changes to disable CSRF for localhost only
to make fab54d7 work.

JIRA:LIGHTY-213
Signed-off-by: tobias.pobocik <tobias.pobocik@pantheon.tech>
  • Loading branch information
Tobianas committed Apr 14, 2023
1 parent fab54d7 commit c685ce7
Show file tree
Hide file tree
Showing 2 changed files with 53 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,15 @@
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
* and is available at https://www.eclipse.org/legal/epl-v10.html
*/

package io.lighty.core.controller.springboot.config;

import io.lighty.core.controller.springboot.services.UserAccessService;
import org.casbin.jcasbin.main.Enforcer;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
Expand All @@ -21,13 +23,14 @@

@EnableWebSecurity
@Configuration
public class SecurityConfiguration {
@Profile("deployed")
public class SecurityConfigurationDeployed {

private final Enforcer enforcer;
private final UserAccessService userAccessService;

@Autowired
public SecurityConfiguration(Enforcer enforcer, UserAccessService userAccessService) {
public SecurityConfigurationDeployed(Enforcer enforcer, UserAccessService userAccessService) {
this.enforcer = enforcer;
this.userAccessService = userAccessService;
}
Expand All @@ -43,4 +46,5 @@ protected SecurityFilterChain auth0FilterChain(HttpSecurity httpSecurity) throws
.securityMatcher("/services/data/**")
.build();
}

}
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
/*
* Copyright (c) 2018-2021 PANTHEON.tech s.r.o. All Rights Reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
* and is available at https://www.eclipse.org/legal/epl-v10.html
*/
package io.lighty.core.controller.springboot.config;

import io.lighty.core.controller.springboot.services.UserAccessService;
import org.casbin.jcasbin.main.Enforcer;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;

@EnableWebSecurity
@Configuration
@Profile("!deployed") //Not(!) deployed profile
public class SecurityConfigurationNotDeployed {

private final Enforcer enforcer;
private final UserAccessService userAccessService;

@Autowired
public SecurityConfigurationNotDeployed(Enforcer enforcer, UserAccessService userAccessService) {
this.enforcer = enforcer;
this.userAccessService = userAccessService;
}

@Bean
@Order(1)
protected SecurityFilterChain auth0FilterChain(HttpSecurity httpSecurity) throws Exception {
return httpSecurity
.addFilterBefore(new JCasBinFilter(enforcer, userAccessService), BasicAuthenticationFilter.class)
.securityMatcher("/services/data/**")
.csrf()
.disable()
.build();
}
}

0 comments on commit c685ce7

Please sign in to comment.