From a4ebf93b9997a9f076cd77b6ab6e341456849497 Mon Sep 17 00:00:00 2001
From: Bogdan Kostov <kostobog@fel.cvut.cz>
Date: Tue, 7 May 2024 14:41:59 +0200
Subject: [PATCH] Refactor security configuration - remove unused properties -
 renamed some properties according to record manager

---
 .../kbss/analysis/config/conf/JwtConf.java    | 20 -------------------
 .../analysis/config/conf/SecurityConf.java    | 19 ++++++++++--------
 .../security/OAuth2SecurityConfig.java        |  1 -
 src/main/resources/application.yml            | 15 ++++++--------
 4 files changed, 17 insertions(+), 38 deletions(-)
 delete mode 100755 src/main/java/cz/cvut/kbss/analysis/config/conf/JwtConf.java

diff --git a/src/main/java/cz/cvut/kbss/analysis/config/conf/JwtConf.java b/src/main/java/cz/cvut/kbss/analysis/config/conf/JwtConf.java
deleted file mode 100755
index be0e0660..00000000
--- a/src/main/java/cz/cvut/kbss/analysis/config/conf/JwtConf.java
+++ /dev/null
@@ -1,20 +0,0 @@
-package cz.cvut.kbss.analysis.config.conf;
-
-import lombok.Getter;
-import lombok.Setter;
-import org.springframework.boot.context.properties.ConfigurationProperties;
-import org.springframework.boot.context.properties.EnableConfigurationProperties;
-import org.springframework.context.annotation.Configuration;
-
-@Setter
-@Getter
-@Configuration
-@EnableConfigurationProperties
-@ConfigurationProperties("security.jwt")
-public class JwtConf {
-
-    private String secretKey;
-
-    private Long expiryMs;
-
-}
diff --git a/src/main/java/cz/cvut/kbss/analysis/config/conf/SecurityConf.java b/src/main/java/cz/cvut/kbss/analysis/config/conf/SecurityConf.java
index 2bae7cd5..fe726397 100644
--- a/src/main/java/cz/cvut/kbss/analysis/config/conf/SecurityConf.java
+++ b/src/main/java/cz/cvut/kbss/analysis/config/conf/SecurityConf.java
@@ -2,9 +2,11 @@
 
 import lombok.Getter;
 import lombok.Setter;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.core.env.Environment;
 
 @Setter
 @Getter
@@ -12,15 +14,16 @@
 @EnableConfigurationProperties
 @ConfigurationProperties("security")
 public class SecurityConf {
-        private String allowedOrigins;
+    private String allowedOrigins;
 
-        private String appContext;
+    private String appContext;
 
-        private String issuerUri;
+    private String roleClaim;
 
-        private String secretKey;
-
-        private Long expiryMs;
-
-        private String roleClaim;
+    @Autowired
+    public SecurityConf(Environment env) {
+        allowedOrigins = env.getProperty("cors.allowedOrigins");
+        appContext = env.getProperty("appContext");
+        roleClaim = env.getProperty("oidc.RoleClaim");
+    }
 }
diff --git a/src/main/java/cz/cvut/kbss/analysis/security/OAuth2SecurityConfig.java b/src/main/java/cz/cvut/kbss/analysis/security/OAuth2SecurityConfig.java
index e8fd35c8..db5939b2 100644
--- a/src/main/java/cz/cvut/kbss/analysis/security/OAuth2SecurityConfig.java
+++ b/src/main/java/cz/cvut/kbss/analysis/security/OAuth2SecurityConfig.java
@@ -3,7 +3,6 @@
 
 import cz.cvut.kbss.analysis.config.SecurityConfig;
 import cz.cvut.kbss.analysis.config.conf.SecurityConf;
-import cz.cvut.kbss.analysis.service.ConfigReader;
 import cz.cvut.kbss.analysis.util.OidcGrantedAuthoritiesExtractor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index a3271278..25c4008d 100755
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -11,13 +11,10 @@ persistence:
 
 security:
   provider: oidc
-  oidcRoleClaim: realm_access.roles
-  appContext: http://localhost:3000/fta-fmea
-  cors:
-    allowedOrigins:
-  jwt:
-    secretKey: lwrUj5PmCE6X8ekbLd9wDTRlBkEJA0HB
-    expiryMs: 28800000 # 8 hours
+
+appContext: http://localhost:5173
+oidc.RoleClaim: realm_access.roles
+cors.allowedOrigins:
 
 logging:
   pattern:
@@ -37,6 +34,6 @@ spring:
     oauth2:
       resourceserver:
         jwt:
-          issuer-uri: http://localhost/services/auth/realms/record-manager
-          jwk-set-uri: http://localhost/services/auth/realms/record-manager/protocol/openid-connect/certs
+          issuer-uri: http://localhost/ava/services/auth/realms/record-manager
+          jwt-set-uri: http://localhost/ava/services/auth/realms/record-manager/protocol/openid-connect/certs