refactor: public urls

InseeFr · Nov 15, 2023 · 510b895 · 510b895
1 parent b3586fb
commit 510b895
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 21 deletions.
diff --git a/...fr/insee/survey/datacollectionmanagement/config/auth/security/DefaultSecurityContext.java b/...fr/insee/survey/datacollectionmanagement/config/auth/security/DefaultSecurityContext.java
@@ -58,22 +58,13 @@ SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
     @Bean
     @Order(1)
     SecurityFilterChain filterPublicUrlsChain(HttpSecurity http) throws Exception {
-        System.out.println(publicUrls());
-        return publicSecurityFilterChainConfiguration.buildSecurityPublicFilterChain(http, publicUrls());
+        return publicSecurityFilterChainConfiguration.buildSecurityPublicFilterChain(http);
     }
     @Bean
     public UserProvider getUserProvider() {
         return auth -> new User();
     }
 
-    private String[] publicUrls(){
-        String[] str = new String[config.getPublicUrls().size()];
-        for (int i = 0; i < config.getPublicUrls().size(); i++) {
-            str[i] = config.getPublicUrls().get(i);
-        }
-        return str;
-
-    }
 
 
 

diff --git a/...ee/survey/datacollectionmanagement/config/auth/security/OpenIDConnectSecurityContext.java b/...ee/survey/datacollectionmanagement/config/auth/security/OpenIDConnectSecurityContext.java
@@ -80,7 +80,7 @@ SecurityFilterChain filterPublicUrlsChain(HttpSecurity http) throws Exception {
         String tokenUrl = config.getKeyCloakUrl() + "/realms/" + config.getKeycloakRealm() + "/protocol/openid-connect/token";
         String authorizedConnectionHost = config.getAuthType().equals("OIDC") ?
                 " " + tokenUrl : "";
-        return publicSecurityFilterChainConfiguration.buildSecurityPublicFilterChain(http, publicUrls(), authorizedConnectionHost);
+        return publicSecurityFilterChainConfiguration.buildSecurityPublicFilterChain(http, authorizedConnectionHost);
     }
 
     @Bean
@@ -95,11 +95,6 @@ public UserProvider getUserProvider() {
         };
     }
 
-    private String[] publicUrls() {
-        return new String[]{"/csrf", "/", "/webjars/**", "/swagger-resources/**", "/environnement", Constants.API_HEALTHCHECK, "/actuator/**",
-                "/swagger-ui/*", "/swagger-ui/html", "/v3/api-docs/swagger-config", "/v3/api-docs", "/openapi.json"};
-    }
-
     @Bean
     JwtAuthenticationConverter jwtAuthenticationConverter(ApplicationConfig applicationConfig) {
         JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();

diff --git a/...insee/survey/datacollectionmanagement/config/auth/security/PublicSecurityFilterChain.java b/...insee/survey/datacollectionmanagement/config/auth/security/PublicSecurityFilterChain.java
@@ -17,13 +17,13 @@ public class PublicSecurityFilterChain {
 
     @Autowired
     ApplicationConfig config;
-    SecurityFilterChain buildSecurityPublicFilterChain(HttpSecurity http, String[] publicUrls) throws Exception {
-        return buildSecurityPublicFilterChain(http, publicUrls, "");
+    SecurityFilterChain buildSecurityPublicFilterChain(HttpSecurity http) throws Exception {
+        return buildSecurityPublicFilterChain(http, "");
     }
 
-    SecurityFilterChain buildSecurityPublicFilterChain(HttpSecurity http, String[] publicUrls, String authorizedConnectionHost) throws Exception {
+    SecurityFilterChain buildSecurityPublicFilterChain(HttpSecurity http, String authorizedConnectionHost) throws Exception {
         return http
-                .securityMatcher(publicUrls)
+                .securityMatcher(publicUrls())
                 .csrf(AbstractHttpConfigurer::disable)
                 .cors(Customizer.withDefaults())
                 .headers(headers -> headers
@@ -41,11 +41,20 @@ SecurityFilterChain buildSecurityPublicFilterChain(HttpSecurity http, String[] p
                         ))
                 .authorizeHttpRequests(auth -> auth
                         .requestMatchers(HttpMethod.OPTIONS).permitAll()
-                        .requestMatchers(publicUrls).permitAll()
+                        .requestMatchers(publicUrls()).permitAll()
                         .anyRequest()
                         .authenticated()
                 )
                 .sessionManagement(sess -> sess.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                 .build();
     }
+
+    private String[] publicUrls(){
+        String[] str = new String[config.getPublicUrls().size()];
+        for (int i = 0; i < config.getPublicUrls().size(); i++) {
+            str[i] = config.getPublicUrls().get(i);
+        }
+        return str;
+
+    }
 }