From 13da938658e0f799a7c89faadcfbbfee95a220d8 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Thu, 11 May 2023 12:34:27 +0200 Subject: feat(spring): add authorisation configuration for multi-modul projects --- .../security/AuthorizationConfiguration.java | 40 +++++++++++++++++ .../security/IBasicAuthSecurityCollector.java | 32 +++++++++++++ .../security/IBasicAuthUserCollector.java | 24 ---------- .../springboot/test/utils/BasicAuthUserTest.java | 41 ----------------- .../test/utils/BasicSecurityConfigTest.java | 52 ++++++++++++++++++++++ 5 files changed, 124 insertions(+), 65 deletions(-) create mode 100644 eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/security/AuthorizationConfiguration.java create mode 100644 eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/security/IBasicAuthSecurityCollector.java delete mode 100644 eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/security/IBasicAuthUserCollector.java delete mode 100644 eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/utils/BasicAuthUserTest.java create mode 100644 eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/utils/BasicSecurityConfigTest.java diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/security/AuthorizationConfiguration.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/security/AuthorizationConfiguration.java new file mode 100644 index 00000000..b62d4761 --- /dev/null +++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/security/AuthorizationConfiguration.java @@ -0,0 +1,40 @@ +package at.gv.egiz.eaaf.utils.springboot.security; + +import java.util.List; + +import lombok.Builder; +import lombok.Getter; +import lombok.Singular; + +/** + * Configuration holder for Spring Security end-point authorization. + * + * @author tlenz + * + */ +@Builder +@Getter +public class AuthorizationConfiguration { + + /** + * Role String that is required for that end-points. + */ + private final String role; + + /** + * List of end-points. + */ + @Singular + private List endpoints; + + /** + * List of end-points as Java Array. + * + * @return end-points. + */ + public String[] getEndPointsArray() { + return endpoints.stream().toArray(String[]::new); + + } + +} diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/security/IBasicAuthSecurityCollector.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/security/IBasicAuthSecurityCollector.java new file mode 100644 index 00000000..2bf65af7 --- /dev/null +++ b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/security/IBasicAuthSecurityCollector.java @@ -0,0 +1,32 @@ +package at.gv.egiz.eaaf.utils.springboot.security; + +import java.util.List; + +import javax.annotation.Nonnull; + +/** + * Extension interface to collect Spring Security Basic Auth. users in + * multi-module projects. + * + * @author tlenz + * + */ +public interface IBasicAuthSecurityCollector { + + /** + * Get all users that shall be added for Spring Security Basic-Auth. + * + * @return + */ + @Nonnull + List getEnabledUsers(); + + /** + * Get end-point security configuration for Spring Security antMatchers. + * + * @return List of end-point security configuration-elements + */ + @Nonnull + List getAntMatchersConfiguration(); + +} diff --git a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/security/IBasicAuthUserCollector.java b/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/security/IBasicAuthUserCollector.java deleted file mode 100644 index 1986d52b..00000000 --- a/eaaf-springboot-utils/src/main/java/at/gv/egiz/eaaf/utils/springboot/security/IBasicAuthUserCollector.java +++ /dev/null @@ -1,24 +0,0 @@ -package at.gv.egiz.eaaf.utils.springboot.security; - -import java.util.List; - -import javax.annotation.Nonnull; - -/** - * Extension interface to collect Spring Security Basic Auth. users in - * multi-module projects. - * - * @author tlenz - * - */ -public interface IBasicAuthUserCollector { - - /** - * Get all users that shall be added for Spring Security Basic-Auth. - * - * @return - */ - @Nonnull - List getEnabledUsers(); - -} diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/utils/BasicAuthUserTest.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/utils/BasicAuthUserTest.java deleted file mode 100644 index 95bd5dcb..00000000 --- a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/utils/BasicAuthUserTest.java +++ /dev/null @@ -1,41 +0,0 @@ -package at.gv.egiz.eaaf.utils.springboot.test.utils; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; - -import org.apache.commons.lang3.RandomStringUtils; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.junit.runners.BlockJUnit4ClassRunner; - -import at.gv.egiz.eaaf.utils.springboot.security.BasicAuthUser; - -@RunWith(BlockJUnit4ClassRunner.class) -public class BasicAuthUserTest { - - @Test - public void simpleTest() { - assertFalse("username", - BasicAuthUser.builder().password(rand()).role(rand()).build().isValid()); - assertFalse("password", - BasicAuthUser.builder().username(rand()).role(rand()).build().isValid()); - assertFalse("role", - BasicAuthUser.builder().password(rand()).username(rand()).build().isValid()); - - assertTrue("valid", - BasicAuthUser.builder().username(rand()).password(rand()).role(rand()).build().isValid()); - - assertEquals("role size", 2, - BasicAuthUser.builder().username(rand()).password(rand()) - .role(rand()).role(rand()).build() - .getRolesArray().length); - - } - - private String rand() { - return RandomStringUtils.randomAlphanumeric(5); - - } - -} diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/utils/BasicSecurityConfigTest.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/utils/BasicSecurityConfigTest.java new file mode 100644 index 00000000..83117253 --- /dev/null +++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/utils/BasicSecurityConfigTest.java @@ -0,0 +1,52 @@ +package at.gv.egiz.eaaf.utils.springboot.test.utils; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.gv.egiz.eaaf.utils.springboot.security.AuthorizationConfiguration; +import at.gv.egiz.eaaf.utils.springboot.security.BasicAuthUser; + +@RunWith(BlockJUnit4ClassRunner.class) +public class BasicSecurityConfigTest { + + @Test + public void userConfig() { + assertFalse("username", + BasicAuthUser.builder().password(rand()).role(rand()).build().isValid()); + assertFalse("password", + BasicAuthUser.builder().username(rand()).role(rand()).build().isValid()); + assertFalse("role", + BasicAuthUser.builder().password(rand()).username(rand()).build().isValid()); + + assertTrue("valid", + BasicAuthUser.builder().username(rand()).password(rand()).role(rand()).build().isValid()); + + assertEquals("role size", 2, + BasicAuthUser.builder().username(rand()).password(rand()) + .role(rand()).role(rand()).build() + .getRolesArray().length); + + } + + @Test + public void authoriseConfig() { + + assertEquals("endpoint size", 2, + AuthorizationConfiguration.builder().role(rand()) + .endpoint(rand()).endpoint(rand()).build() + .getEndPointsArray().length); + + } + + private String rand() { + return RandomStringUtils.randomAlphanumeric(5); + + } + +} -- cgit v1.2.3