OZG-164 spring configuration

6c5db2dd · OZGCloud · de1d54fe · 6c5db2dd · 6c5db2dd · 6c5db2dd
Commit 6c5db2dd authored Jan 22, 2021 by OZGCloud
--- a/goofy-client/apps/goofy/src/app/app.component.ts
+++ b/goofy-client/apps/goofy/src/app/app.component.ts
@@ -8,6 +8,7 @@ import { JwksValidationHandler } from 'angular-oauth2-oidc-jwks';
 import { NavigationEnd, Router } from '@angular/router';
 import { filter } from 'rxjs/operators';
 import { ENVIRONMENT_CONFIG } from '@goofy-client/environment-shared';
+import { Environment } from 'libs/environment-shared/src/lib/environment.model';

 @Component({
 	selector: 'goofy-client-root',
@@ -17,27 +18,6 @@ import { ENVIRONMENT_CONFIG } from '@goofy-client/environment-shared';
 export class AppComponent implements OnInit, OnDestroy {
 	title = 'goofy';

-	authConfig: AuthConfig = {
-		// Url of the Identity Provider
-		//issuer: this.envConfig.authServer + '/realms/sh-kiel',
-		//issuer: 'http://localhost:8088/auth/realms/ozg',
-		issuer: 'https://sso.ozg-sh.de:443/auth/realms/sh-kiel',
-
-		// URL of the SPA to redirect the user to after login
-		redirectUri: window.location.origin + window.location.pathname,
-
-		// URL of the SPA to redirect the user after silent refresh
-		silentRefreshRedirectUri: window.location.origin + '/silent-refresh.html',
-
-		// The SPA's id. The SPA is registerd with this id at the auth-server
-		clientId: 'goofy',
-
-		// set the scope for the permissions the client should request
-		// The first three are defined by OIDC. The 4th is a usecase-specific one
-		scope: 'openid profile email',
-		requireHttps: false
-	};
-
 	apiRoot$: Observable<StateResource<ApiRootResource>>;
 	subscriptions = new Subscription();

@@ -48,7 +28,7 @@ export class AppComponent implements OnInit, OnDestroy {
 		private router: Router,
 		private navigationService: NavigationService,
 		private oAuthService: OAuthService,
-		@Inject(ENVIRONMENT_CONFIG) private envConfig,
+		@Inject(ENVIRONMENT_CONFIG) private envConfig: Environment,
 	) {
 		this.iconService.registerIcons();
 	}
@@ -69,12 +49,37 @@ export class AppComponent implements OnInit, OnDestroy {
 	}

 	private configureWithNewConfigApi() {
-		this.oAuthService.configure(this.authConfig);
+		this.oAuthService.configure(this.buildConfiguration());
 		this.oAuthService.setupAutomaticSilentRefresh();
 		this.oAuthService.tokenValidationHandler = new JwksValidationHandler();
 		this.oAuthService.loadDiscoveryDocumentAndLogin().then(() => {
 			this.apiRoot$ = this.apiRootService.getApiRoot();
 		});
 	}
+
+	private buildConfiguration(): AuthConfig {
+		const authConfig: AuthConfig = {
+			// Url of the Identity Provider
+			//issuer: this.envConfig.authServer + '/realms/sh-kiel',
+			//issuer: 'http://localhost:8088/auth/realms/ozg',
+			issuer: this.envConfig.authServer + '/realms/' + this.envConfig.realm,
+
+			// URL of the SPA to redirect the user to after login
+			redirectUri: window.location.origin + window.location.pathname,
+
+			// URL of the SPA to redirect the user after silent refresh
+			silentRefreshRedirectUri: window.location.origin + '/silent-refresh.html',
+
+			// The SPA's id. The SPA is registerd with this id at the auth-server
+			clientId: 'goofy',
+
+			// set the scope for the permissions the client should request
+			// The first three are defined by OIDC. The 4th is a usecase-specific one
+			scope: 'openid profile email',
+			requireHttps: false
+		};
+
+		return authConfig;
+	}
 }

--- a/goofy-client/apps/goofy/src/environments/environment.ts
+++ b/goofy-client/apps/goofy/src/environments/environment.ts
@@ -2,9 +2,12 @@
 // `ng build --prod` replaces `environment.ts` with `environment.prod.ts`.
 // The list of file replacements can be found in `angular.json`.

+import { isFakeMousedownFromScreenReader } from '@angular/cdk/a11y';
+import { Environment } from 'libs/environment-shared/src/lib/environment.model';
+
 export const environment = {
 	production: false,
-	environmentUrl: null,
+	environmentUrl: null
 };

 /*

--- a/goofy-client/libs/environment-shared/src/lib/environment.model.ts
+++ b/goofy-client/libs/environment-shared/src/lib/environment.model.ts
@@ -3,6 +3,6 @@ import { ResourceUri } from '@ngxp/rest/lib/resource.model';
 export interface Environment {
 	production: boolean,
 	remoteHost: ResourceUri,
-	authServier: String,
+	authServer: String,
 	realm: String
 }
\ No newline at end of file
--- a/goofy-client/libs/environment-shared/test/environment.ts
+++ b/goofy-client/libs/environment-shared/test/environment.ts
@@ -7,7 +7,7 @@ const baseUrl = faker.internet.url();
 const environment: Environment = {
 	production: false,
 	remoteHost: baseUrl,
-	authServier: faker.internet.url(),
+	authServer: faker.internet.url(),
 	realm: faker.random.word()
 };


--- a/goofy-server/src/main/resources/application.yml
+++ b/goofy-server/src/main/resources/application.yml
 logging:
  level:
    ROOT: WARN
-    '[de.itvsh]': INFO
+    '[de.itvsh]': INFO,
+    '[org.springframework.security]': WARN
+    '[org.keycloak.adapters]': WARN

 spring:
  application:
@@ -34,11 +36,8 @@ grpc:
      
 keycloak:
  auth-server-url: http://localhost:8088/auth
-  realm: sh-kiel
+  realm: sh-kiel-dev
  resource: goofy
  principal-attribute: preferred_username
  public-client: true
-  security-constraints[0]:
-    authRoles[0]: user
-    securityCollections[0]:
-      patterns[0]: /*
+
--- a/pom.xml
+++ b/pom.xml
@@ -17,7 +17,7 @@
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
-		<java.version>15</java.version>
+		<java.version>11</java.version>

 		<spring.boot.version>2.4.2</spring.boot.version>