Merge pull request #199 from integratedmodelling/IM-429-Set-up-keyclo…

…ak-and-kHub-in-testing-environment

Im 429 set up keycloak and k hub in testing environment

api/org.integratedmodelling.klab.api/src/org/integratedmodelling/klab/api/API.java

@@ -470,6 +470,10 @@ public static interface HUB {
          * Base URL path for custom properties related to a single user.
          */
         public static final String USER_ID_CUSTOM_PROPERTIES = USER_BASE_ID + "/custom-properties";
+        /**
+         * URL path for get SPA pages
+         */
+        public static final String UI = "/ui/*";
 
         public static interface PARAMETERS {
             /**

klab.hub/src/main/java/org/integratedmodelling/klab/hub/security/HubRequestMatchers.java

@@ -3,55 +3,23 @@
 import org.integratedmodelling.klab.api.API;
 
 public final class HubRequestMatchers {
-
-	private static final String[] authentication = new String[] {
-			API.HUB.AUTHENTICATE_ENGINE,
-			API.HUB.AUTHENTICATE_LEVER,
-			API.HUB.AUTHENTICATE_NODE,
-			API.HUB.AUTHENTICATE_USER,
-	};
-
-	private static final String[] usersPost = new String[] {
-			API.HUB.USER_BASE+".*" + API.HUB.PARAMETERS.USER_ACTIVATION + ".*",
-			API.HUB.USER_BASE+".*" + API.HUB.PARAMETERS.USER_LOST_PASSWORD + ".*",
-			API.HUB.USER_BASE+".*" + API.HUB.PARAMETERS.USER_SET_PASSWORD + ".*",
-			API.HUB.USER_BASE+".*" + API.HUB.PARAMETERS.USER_VERIFICATION + ".*",
-			API.HUB.USER_BASE+"$"
-	};
-
-	private static final String[] usersPut = new String[] {
-			API.HUB.USER_BASE+".*" + API.HUB.PARAMETERS.USER_SET_EMAIL + ".*",			
-			API.HUB.USER_BASE+"$"
-	};
-
-	private static final String[] agreements = new String[] {
-	        API.HUB.AGREEMENT_TEMPLATE_TYPE_LEVEL+"*"            
-    };
-
-	private static final String[] usersGet = new String[] {
-			API.HUB.USER_BASE_NOAUTH+".*" + API.HUB.PARAMETERS.USER_GET + ".*",			
-			API.HUB.USER_BASE+"$"
-	};
-
-	public static String[] getAuthentication() {
-		return authentication;
-	}
-
-	public static String[] getUsersPost() {
-		return usersPost;
-	}
-
-	public static String[] getAgreements() {
-        return agreements;
-    }
 
-	public static String[] getUsersGet() {
-		return usersGet;
-	}
+    private static final String[] authentication = new String[]{API.HUB.AUTHENTICATE_ENGINE, API.HUB.AUTHENTICATE_LEVER,
+            API.HUB.AUTHENTICATE_NODE};
+
+    private static final String[] agreements = new String[]{API.HUB.AGREEMENT_TEMPLATE_TYPE_LEVEL + "*"};
 
-	public static String[] getUsersPut() {
-		return usersPut;
-	}
+    private static final String[] ui = new String[]{API.HUB.UI + "*"};
+
+    public static String[] getAuthentication() {
+        return authentication;
+    }
 
-
+    public static String[] getAgreements() {
+        return agreements;
+    }
+
+    public static String[] getUi() {
+        return ui;
+    }
 }

klab.hub/src/main/java/org/integratedmodelling/klab/hub/security/WebSecurityConfiguration.java

@@ -11,9 +11,11 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
+import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
 import org.springframework.security.crypto.password.LdapShaPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
@@ -53,27 +55,17 @@ public KeycloakConfigResolver KeycloakConfigResolver() {
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         super.configure(http);
-        http.cors().and().csrf().disable().authorizeRequests().anyRequest().permitAll();
-
+        http.cors().and().csrf().disable().authorizeRequests().antMatchers(HttpMethod.GET, HubRequestMatchers.getAgreements())
+                .permitAll().antMatchers(HttpMethod.POST, HubRequestMatchers.getAuthentication()).permitAll()
+                .antMatchers(HttpMethod.GET, HubRequestMatchers.getUi()).permitAll().anyRequest().authenticated().and()
+                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
     }
 
-//    @Override
-//    protected void configure(HttpSecurity http) throws Exception {
-//        super.configure(http);
-//        http.cors().and().csrf().disable().authorizeRequests().antMatchers(HttpMethod.GET, HubRequestMatchers.getAgreements())
-//                .permitAll().antMatchers(HttpMethod.POST, HubRequestMatchers.getAuthentication()).permitAll()
-//                .regexMatchers(HttpMethod.POST, HubRequestMatchers.getUsersPost()).permitAll()
-//                .regexMatchers(HttpMethod.GET, HubRequestMatchers.getUsersGet()).permitAll()
-//                .regexMatchers(HttpMethod.PUT, HubRequestMatchers.getUsersPut()).permitAll().anyRequest().authenticated().and()
-//                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
-//    }
-
     @Bean
     CorsConfigurationSource corsConfigurationSource() {
         final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
         final CorsConfiguration config = new CorsConfiguration();
         config.setAllowCredentials(false);
-
         config.setAllowedOrigins(Arrays.asList(corsHostsAllow));
         config.setAllowedHeaders(Collections.singletonList("*"));
         config.addExposedHeader("Content-disposition");

klab.hub/src/main/resources/static/ui/index.html

@@ -1 +1,2 @@
-<!DOCTYPE html><html><head><base href=/hub/ui/ ><title>k.Hub</title><meta charset=utf-8><meta name=description content=""><meta name=format-detection content="telephone=no"><meta name=msapplication-tap-highlight content=no><meta name=viewport content="user-scalable=no,initial-scale=1,maximum-scale=1,minimum-scale=1,width=device-width"><link rel=icon type=image/png href=khub-logo.png><link rel=icon type=image/ico href=favicon.ico><link rel=apple-touch-icon sizes=57x57 href=icons/apple-icon-57x57.png><link rel=apple-touch-icon sizes=60x60 href=icons/apple-icon-60x60.png><link rel=apple-touch-icon sizes=72x72 href=icons/apple-icon-72x72.png><link rel=apple-touch-icon sizes=76x76 href=icons/apple-icon-76x76.png><link rel=apple-touch-icon sizes=114x114 href=icons/apple-icon-114x114.png><link rel=apple-touch-icon sizes=120x120 href=icons/apple-icon-120x120.png><link rel=apple-touch-icon sizes=144x144 href=icons/apple-icon-144x144.png><link rel=apple-touch-icon sizes=152x152 href=icons/apple-icon-152x152.png><link rel=apple-touch-icon sizes=180x180 href=icons/apple-icon-180x180.png><link rel=icon type=image/png sizes=192x192 href=icons/android-icon-192x192.png><link rel=icon type=image/png sizes=32x32 href=icons/favicon-32x32.png><link rel=icon type=image/png sizes=96x96 href=icons/favicon-96x96.png><link rel=icon type=image/png sizes=16x16 href=icons/favicon-16x16.png><link rel=manifest href=icons/manifest.json><meta name=msapplication-TileColor content=#ffffff><meta name=msapplication-TileImage content=icons/ms-icon-144x144.png><meta name=theme-color content=#ffffff><script src=./environments></script><link href=/hub/ui/css/vendor.d5f84891.css rel=stylesheet><link href=/hub/ui/css/app.d2a88fe9.css rel=stylesheet></head><body><div id=q-app></div><script src=/hub/ui/js/vendor.43e6402e.js></script><script src=/hub/ui/js/app.cf864f95.js></script></body></html>
+<!DOCTYPE html><html><head><base href=/hub/ui/ ><title>k.Hub</title><meta charset=utf-8><meta name=description content=""><meta name=format-detection content="telephone=no"><meta name=msapplication-tap-highlight content=no><meta name=viewport content="user-scalable=no,initial-scale=1,maximum-scale=1,minimum-scale=1,width=device-width"><link rel=icon type=image/png href=khub-logo.png><link rel=icon type=image/ico href=favicon.ico><link rel=apple-touch-icon sizes=57x57 href=icons/apple-icon-57x57.png><link rel=apple-touch-icon sizes=60x60 href=icons/apple-icon-60x60.png><link rel=apple-touch-icon sizes=72x72 href=icons/apple-icon-72x72.png><link rel=apple-touch-icon sizes=76x76 href=icons/apple-icon-76x76.png><link rel=apple-touch-icon sizes=114x114 href=icons/apple-icon-114x114.png><link rel=apple-touch-icon sizes=120x120 href=icons/apple-icon-120x120.png><link rel=apple-touch-icon sizes=144x144 href=icons/apple-icon-144x144.png><link rel=apple-touch-icon sizes=152x152 href=icons/apple-icon-152x152.png><link rel=apple-touch-icon sizes=180x180 href=icons/apple-icon-180x180.png><link rel=icon type=image/png sizes=192x192 href=icons/android-icon-192x192.png><link rel=icon type=image/png sizes=32x32 href=icons/favicon-32x32.png><link rel=icon type=image/png sizes=96x96 href=icons/favicon-96x96.png><link rel=icon type=image/png sizes=16x16 href=icons/favicon-16x16.png><link rel=manifest href=icons/manifest.json><meta name=msapplication-TileColor content=#ffffff><meta name=msapplication-TileImage content=icons/ms-icon-144x144.png><meta name=theme-color content=#ffffff><script>var environmentPath = "false" === "true" ? "/environments" : "./environments";
+    document.write("<script src='" + environmentPath + "' type='text/javascript'><\/script>");</script><link href=/hub/ui/css/vendor.d5f84891.css rel=stylesheet><link href=/hub/ui/css/app.d2a88fe9.css rel=stylesheet></head><body><div id=q-app></div><script src=/hub/ui/js/vendor.43e6402e.js></script><script src=/hub/ui/js/app.27ebeff1.js></script></body></html>