feat: first code refactor for security

InseeFr · Jan 22, 2024 · 3a14656 · 3a14656
1 parent f7c78f6
commit 3a14656
Show file tree

Hide file tree

Showing 19 changed files with 152 additions and 295 deletions.
diff --git a/arc-utils/pom.xml b/arc-utils/pom.xml
@@ -44,12 +44,6 @@
 	</build>
 
 	<dependencies>
-		<!-- https://mvnrepository.com/artifact/org.apache.commons/commons-lang3 -->
-		<dependency>
-			<groupId>org.apache.commons</groupId>
-			<artifactId>commons-lang3</artifactId>
-			<version>3.8.1</version>
-		</dependency>
 		<dependency>
 			<groupId>joda-time</groupId>
 			<artifactId>joda-time</artifactId>
@@ -60,21 +54,6 @@
 			<artifactId>commons-collections4</artifactId>
 			<version>4.1</version>
 		</dependency>
-
-
-		<!-- oauth2 Keycloak -->
-		<dependency>
-		    <groupId>org.springframework.security</groupId>
-		    <artifactId>spring-security-oauth2-client</artifactId>
-		</dependency>
-        <dependency>
-            <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-oauth2-jose</artifactId>
-        </dependency>
-   		<dependency>
-		    <groupId>org.springframework.security</groupId>
-		    <artifactId>spring-security-oauth2-resource-server</artifactId>
-		</dependency>
 	</dependencies>
 
 </project>
diff --git a/arc-utils/src/main/java/fr/insee/arc/utils/webutils/CheckKeycloak.java b/arc-utils/src/main/java/fr/insee/arc/utils/webutils/CheckKeycloak.java
@@ -0,0 +1,19 @@
+package fr.insee.arc.utils.webutils;
+
+import org.springframework.beans.factory.annotation.Value;
+
+public class CheckKeycloak {
+
+	@Value("${fr.insee.keycloak.realm}")
+	private String keycloakRealm;
+
+	public boolean isKeycloakActive()
+	{
+		return keycloakRealm!=null;
+	}
+
+	protected void setKeycloak(String keycloakRealm) {
+		this.keycloakRealm = keycloakRealm;
+	}
+
+}
diff --git a/...e/arc/utils/webutils/WebSecurityTest.java → ...arc/utils/webutils/CheckKeycloakTest.java b/...e/arc/utils/webutils/WebSecurityTest.java → ...arc/utils/webutils/CheckKeycloakTest.java
@@ -1,24 +1,23 @@
 package fr.insee.arc.utils.webutils;
 
-import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.*;
 
 import org.junit.Test;
 
-public class WebSecurityTest {
-	
+public class CheckKeycloakTest {
+
 	@Test
 	public void isKeycloakActiveFalse()
 	{
-		WebSecurity w = new WebSecurity();
+		CheckKeycloak w = new CheckKeycloak();
 		assertEquals(false, w.isKeycloakActive());
 	}
 
 	@Test
 	public void isKeycloakActiveTrue()
 	{
-		WebSecurity w = new WebSecurity();
-		w.setKeycloak("realm", "url", "arc", "credentials");
+		CheckKeycloak w = new CheckKeycloak();
+		w.setKeycloak("realm");
 		assertEquals(true, w.isKeycloakActive());
 	}
-
 }
diff --git a/arc-web/pom.xml b/arc-web/pom.xml
@@ -69,7 +69,7 @@
 		<dependency>
 			<groupId>commons-fileupload</groupId>
 			<artifactId>commons-fileupload</artifactId>
-			<version>[1.4,)</version>
+			<version>${project.commons.fileupload.version}</version>
 			<type>jar</type>
 			<scope>compile</scope>
 		</dependency>
@@ -90,18 +90,6 @@
 			</exclusions>
 		</dependency>
 
-		<dependency>
-			<groupId>org.springframework</groupId>
-			<artifactId>spring-web</artifactId>
-			<version>${project.spring.version}</version>
-		</dependency>
-
-		<dependency>
-			<groupId>org.springframework</groupId>
-			<artifactId>spring-webmvc</artifactId>
-			<version>${project.spring.version}</version>
-		</dependency>
-
 		<dependency>
 		    <groupId>org.springframework.boot</groupId>
 		    <artifactId>spring-boot-starter-webflux</artifactId>
@@ -114,34 +102,30 @@
 		    </exclusions>
 		</dependency>
 
+		<!-- web security libs -->
 		<dependency>
 			<groupId>org.springframework.security</groupId>
 			<artifactId>spring-security-web</artifactId>
 		</dependency>
-
 		<dependency>
 			<groupId>org.springframework.security</groupId>
 			<artifactId>spring-security-config</artifactId>
 		</dependency>
-
-		<!-- https://mvnrepository.com/artifact/org.apache.commons/commons-lang3 -->
-		<dependency>
-			<groupId>org.apache.commons</groupId>
-			<artifactId>commons-lang3</artifactId>
-			<version>3.9</version>
-		</dependency>
-
+		<!-- Keycloak oauth2 client -->
 		<dependency>
-			<groupId>org.apache.commons</groupId>
-			<artifactId>commons-configuration2</artifactId>
-			<version>2.8.0</version>
+		    <groupId>org.springframework.security</groupId>
+		    <artifactId>spring-security-oauth2-client</artifactId>
 		</dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-oauth2-jose</artifactId>
+        </dependency>
 
-		<!-- https://mvnrepository.com/artifact/org.apache.commons/commons-lang3 -->
+		<!-- jakarta -->
 		<dependency>
 		    <groupId>jakarta.servlet</groupId>
 		    <artifactId>jakarta.servlet-api</artifactId>
-		    <version>6.1.0-M1</version>
+		    <version>${project.jakarta.version}</version>
 		    <scope>provided</scope>
 		</dependency>
         <dependency>
@@ -159,21 +143,6 @@
             <artifactId>jakarta.servlet.jsp.jstl</artifactId>
             <version>3.0.0</version>
         </dependency>
-
-
-
-		<dependency>
-		    <groupId>com.fasterxml.jackson.core</groupId>
-		    <artifactId>jackson-annotations</artifactId>
-		    <version>${project.jackson.version}</version>
-		</dependency>
-
-		<dependency>
-		    <groupId>com.fasterxml.jackson.core</groupId>
-		    <artifactId>jackson-core</artifactId>
-		    <version>${project.jackson.version}</version>
-		</dependency>
-
 	</dependencies>
 
 	<build>

diff --git a/...insee/arc/utils/webutils/WebSecurity.java → ...nsee/arc/web/Oauth2ClientForKeycloak.java b/...insee/arc/utils/webutils/WebSecurity.java → ...nsee/arc/web/Oauth2ClientForKeycloak.java
@@ -1,4 +1,4 @@
-package fr.insee.arc.utils.webutils;
+package fr.insee.arc.web;
 
 import java.util.HashSet;
 import java.util.List;
@@ -14,8 +14,8 @@
 import org.springframework.security.oauth2.core.oidc.OidcUserInfo;
 import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority;
 
-public class WebSecurity {
-
+public class Oauth2ClientForKeycloak {
+	
 	@Value("${fr.insee.keycloak.realm}")
 	private String keycloakRealm;
 
@@ -28,15 +28,6 @@ public class WebSecurity {
 	@Value("${fr.insee.keycloak.credentials.secret}")
 	private String keycloakCredential;
 
-
-	protected void setKeycloak(String keycloakRealm, String keycloakServer, String keycloakResource,
-			String keycloakCredential) {
-		this.keycloakRealm = keycloakRealm;
-		this.keycloakServer = keycloakServer;
-		this.keycloakResource = keycloakResource;
-		this.keycloakCredential = keycloakCredential;
-	}
-
 	protected ClientRegistration keycloakClientRegistration(ClientAuthenticationMethod method) {
 
 		String realmUri = keycloakServer + "/realms/" + keycloakRealm;
@@ -59,31 +50,15 @@ protected ClientRegistration keycloakClientRegistration(ClientAuthenticationMeth
 				.build();
 	}
 
-
-	protected boolean isKeycloakActive()
-	{
-		return keycloakRealm!=null;
-	}
-
 	protected GrantedAuthoritiesMapper userAuthoritiesMapper() {
 	    return (authorities) -> {
-
-	    	System.out.println("§§§§§§§§§§§§");
-	      System.out.println("authorities check");
-	      System.out.println(authorities);
-
 	      Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
 
 	      authorities.forEach(
 	          authority -> {
 	            if (authority instanceof OidcUserAuthority) {
 	              OidcUserAuthority oidcUserAuthority = (OidcUserAuthority) authority;
 	              OidcUserInfo userInfo = oidcUserAuthority.getUserInfo();
-
-	              System.out.println("§§§§§§§§§§§§");
-	              System.out.println(oidcUserAuthority);
-	              System.out.println(userInfo.getFullName());
-	              System.out.println(userInfo.getClaims());
 
 	              List<String> roles = userInfo.getClaimAsStringList("roles");
 	              if (roles==null)
@@ -136,5 +111,4 @@ public void setKeycloakCredential(String keycloakCredential) {
 		this.keycloakCredential = keycloakCredential;
 	}
 
-
 }
diff --git a/arc-web/src/main/java/fr/insee/arc/web/SecurityConfiguration.java b/arc-web/src/main/java/fr/insee/arc/web/SecurityConfiguration.java
diff --git a/...main/java/fr/insee/arc/web/WebConfig.java → ...va/fr/insee/arc/web/WebConfiguration.java b/...main/java/fr/insee/arc/web/WebConfig.java → ...va/fr/insee/arc/web/WebConfiguration.java
@@ -33,7 +33,7 @@
 @Configuration
 @ImportResource("classpath:applicationContext.xml")
 @ComponentScan(basePackages = {"fr.insee.arc.web", "fr.insee.arc.core", "fr.insee.arc.utils"})
-public class WebConfig implements WebMvcConfigurer {
+public class WebConfiguration implements WebMvcConfigurer {
 
 	@Bean
 	public PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer(ConfigurableEnvironment env) throws IOException {

diff --git a/arc-web/src/main/java/fr/insee/arc/web/WebInitializer.java b/arc-web/src/main/java/fr/insee/arc/web/WebInitializer.java
@@ -9,12 +9,12 @@ public class WebInitializer extends AbstractAnnotationConfigDispatcherServletIni
 
 	@Override
     protected Class<?>[] getRootConfigClasses() {
-        return new Class<?>[] { WebConfig.class };
+        return new Class<?>[] { WebConfiguration.class };
     }
 
     @Override
     protected Class<?>[] getServletConfigClasses() {
-        return new Class<?>[] { SecurityConfiguration.class };
+        return new Class<?>[] { WebSecurityConfiguration.class };
     }
 
     @Override