Refactor security configuration

- remove unused properties - renamed some properties according to record manager
kbss-cvut · May 7, 2024 · a4ebf93 · a4ebf93
1 parent 2667d00
commit a4ebf93
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 38 deletions.
diff --git a/src/main/java/cz/cvut/kbss/analysis/config/conf/JwtConf.java b/src/main/java/cz/cvut/kbss/analysis/config/conf/JwtConf.java
diff --git a/src/main/java/cz/cvut/kbss/analysis/config/conf/SecurityConf.java b/src/main/java/cz/cvut/kbss/analysis/config/conf/SecurityConf.java
@@ -2,25 +2,28 @@
 
 import lombok.Getter;
 import lombok.Setter;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.core.env.Environment;
 
 @Setter
 @Getter
 @Configuration
 @EnableConfigurationProperties
 @ConfigurationProperties("security")
 public class SecurityConf {
-        private String allowedOrigins;
+    private String allowedOrigins;
 
-        private String appContext;
+    private String appContext;
 
-        private String issuerUri;
+    private String roleClaim;
 
-        private String secretKey;
-
-        private Long expiryMs;
-
-        private String roleClaim;
+    @Autowired
+    public SecurityConf(Environment env) {
+        allowedOrigins = env.getProperty("cors.allowedOrigins");
+        appContext = env.getProperty("appContext");
+        roleClaim = env.getProperty("oidc.RoleClaim");
+    }
 }
diff --git a/src/main/java/cz/cvut/kbss/analysis/security/OAuth2SecurityConfig.java b/src/main/java/cz/cvut/kbss/analysis/security/OAuth2SecurityConfig.java
@@ -3,7 +3,6 @@
 
 import cz.cvut.kbss.analysis.config.SecurityConfig;
 import cz.cvut.kbss.analysis.config.conf.SecurityConf;
-import cz.cvut.kbss.analysis.service.ConfigReader;
 import cz.cvut.kbss.analysis.util.OidcGrantedAuthoritiesExtractor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;

diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -11,13 +11,10 @@ persistence:
 
 security:
   provider: oidc
-  oidcRoleClaim: realm_access.roles
-  appContext: http://localhost:3000/fta-fmea
-  cors:
-    allowedOrigins:
-  jwt:
-    secretKey: lwrUj5PmCE6X8ekbLd9wDTRlBkEJA0HB
-    expiryMs: 28800000 # 8 hours
+
+appContext: http://localhost:5173
+oidc.RoleClaim: realm_access.roles
+cors.allowedOrigins:
 
 logging:
   pattern:
@@ -37,6 +34,6 @@ spring:
     oauth2:
       resourceserver:
         jwt:
-          issuer-uri: http://localhost/services/auth/realms/record-manager
-          jwk-set-uri: http://localhost/services/auth/realms/record-manager/protocol/openid-connect/certs
+          issuer-uri: http://localhost/ava/services/auth/realms/record-manager
+          jwt-set-uri: http://localhost/ava/services/auth/realms/record-manager/protocol/openid-connect/certs