forked from cBioPortal/cbioportal
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
WIP data access token mechanism and tests
- Loading branch information
1 parent
5e49fbf
commit 0fd0d4f
Showing
1 changed file
with
58 additions
and
0 deletions.
There are no files selected for viewing
58 changes: 58 additions & 0 deletions
58
src/main/java/org/cbioportal/security/config/DatAccessApiSecurityConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| package org.cbioportal.security.config; | ||
|
|
||
| import org.cbioportal.security.token.TokenAuthenticationFilter; | ||
| import org.cbioportal.security.token.TokenAuthenticationSuccessHandler; | ||
| import org.springframework.beans.factory.annotation.Autowired; | ||
| import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; | ||
| import org.springframework.boot.autoconfigure.security.SecurityProperties; | ||
| import org.springframework.context.annotation.Bean; | ||
| import org.springframework.context.annotation.Configuration; | ||
| import org.springframework.core.annotation.Order; | ||
| import org.springframework.security.authentication.AuthenticationManager; | ||
| import org.springframework.security.authentication.AuthenticationProvider; | ||
| import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; | ||
| import org.springframework.security.config.annotation.web.builders.HttpSecurity; | ||
| import org.springframework.security.web.SecurityFilterChain; | ||
| import org.springframework.security.web.context.SecurityContextPersistenceFilter; | ||
|
|
||
| @Configuration | ||
| @Order(SecurityProperties.BASIC_AUTH_ORDER - 2) | ||
| @ConditionalOnExpression("'${authenticate}' ne 'false' && '${authenticate}' ne 'noauthsessionservice' && '${dat.method:none}' ne 'none'") | ||
| public class DatAccessApiSecurityConfig extends ApiSecurityConfig { | ||
|
|
||
| @Autowired | ||
| private AuthenticationProvider tokenAuthenticationProvider; | ||
|
|
||
| @Autowired | ||
| private TokenAuthenticationSuccessHandler tokenAuthenticationSuccessHandler; | ||
|
|
||
| @Autowired | ||
| private AuthenticationManager authenticationManager; | ||
|
|
||
| // Update the Spring Boot AuthenticationManager to contain a tokenAuthenticationProvider | ||
| // (see: "Customizing Authentication Managers" @ https://spring.io/guides/topicals/spring-security-architecture | ||
| @Autowired | ||
| public void initialize(AuthenticationManagerBuilder builder) { | ||
| if (tokenAuthenticationProvider != null) { | ||
| builder.authenticationProvider(tokenAuthenticationProvider); | ||
| } | ||
| } | ||
|
|
||
| @Bean | ||
| public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { | ||
| super.filterChain(http); | ||
| http | ||
| .addFilterAfter(tokenAuthenticationFilter(), SecurityContextPersistenceFilter.class); | ||
| return http.build(); | ||
| } | ||
|
|
||
| @Bean | ||
| public TokenAuthenticationFilter tokenAuthenticationFilter() throws Exception { | ||
| TokenAuthenticationFilter tokenAuthenticationFilter = | ||
| new TokenAuthenticationFilter("/**", authenticationManager()); | ||
| tokenAuthenticationFilter.setAuthenticationSuccessHandler( | ||
| tokenAuthenticationSuccessHandler); | ||
| return tokenAuthenticationFilter; | ||
| } | ||
|
|
||
| } |