-
Notifications
You must be signed in to change notification settings - Fork 102
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
1639 - added s2s token support (#1646)
- Loading branch information
Showing
9 changed files
with
149 additions
and
28 deletions.
There are no files selected for viewing
29 changes: 29 additions & 0 deletions
29
odd-platform-api/src/main/java/org/opendatadiscovery/oddplatform/auth/S2sTokenProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
package org.opendatadiscovery.oddplatform.auth; | ||
|
||
import jakarta.annotation.PostConstruct; | ||
import org.apache.commons.lang3.StringUtils; | ||
import org.springframework.beans.factory.annotation.Value; | ||
import org.springframework.stereotype.Component; | ||
|
||
@Component | ||
public class S2sTokenProvider { | ||
@Value("${auth.s2s.token:#{null}}") | ||
private String s2sToken; | ||
@Value("${auth.s2s.enabled:false}") | ||
private boolean s2sEnabled; | ||
|
||
public boolean isValidToken(final String token) { | ||
if (StringUtils.isBlank(token)) { | ||
return false; | ||
} | ||
|
||
return s2sToken.equals(token); | ||
} | ||
|
||
@PostConstruct | ||
public void validate() { | ||
if (s2sEnabled && StringUtils.isBlank(s2sToken)) { | ||
throw new IllegalStateException("Long Term Token is not defined"); | ||
} | ||
} | ||
} |
49 changes: 49 additions & 0 deletions
49
.../src/main/java/org/opendatadiscovery/oddplatform/auth/filter/S2sAuthenticationFilter.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
package org.opendatadiscovery.oddplatform.auth.filter; | ||
|
||
import java.util.List; | ||
import lombok.RequiredArgsConstructor; | ||
import org.opendatadiscovery.oddplatform.auth.S2sTokenProvider; | ||
import org.opendatadiscovery.oddplatform.auth.mapper.GrantedAuthorityExtractor; | ||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; | ||
import org.springframework.security.core.context.ReactiveSecurityContextHolder; | ||
import org.springframework.security.core.userdetails.User; | ||
import org.springframework.security.core.userdetails.UserDetails; | ||
import org.springframework.stereotype.Component; | ||
import org.springframework.web.server.ServerWebExchange; | ||
import org.springframework.web.server.WebFilter; | ||
import org.springframework.web.server.WebFilterChain; | ||
import reactor.core.publisher.Mono; | ||
|
||
@Component | ||
@RequiredArgsConstructor | ||
public class S2sAuthenticationFilter implements WebFilter { | ||
private static final String X_API_KEY_HEADER = "X-API-Key"; | ||
|
||
private final GrantedAuthorityExtractor grantedAuthorityExtractor; | ||
private final S2sTokenProvider s2sTokenProvider; | ||
|
||
@Override | ||
public Mono<Void> filter(final ServerWebExchange exchange, final WebFilterChain chain) { | ||
if (!s2sTokenProvider.isValidToken(extractTokenFromRequest(exchange))) { | ||
return chain.filter(exchange); | ||
} | ||
|
||
final UserDetails userDetails = User.withUsername("ADMIN") | ||
.password("") | ||
.roles("ADMIN") | ||
.build(); | ||
|
||
return chain.filter(exchange) | ||
.contextWrite(ReactiveSecurityContextHolder.withAuthentication( | ||
new UsernamePasswordAuthenticationToken(userDetails, null, | ||
grantedAuthorityExtractor.getAuthorities(true)))); | ||
} | ||
|
||
private String extractTokenFromRequest(final ServerWebExchange exchange) { | ||
final List<String> authorizationHeaders = exchange.getRequest().getHeaders().get(X_API_KEY_HEADER); | ||
if (authorizationHeaders != null && !authorizationHeaders.isEmpty()) { | ||
return authorizationHeaders.get(0); | ||
} | ||
return null; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
12 changes: 12 additions & 0 deletions
12
...pi/src/main/java/org/opendatadiscovery/oddplatform/config/properties/GenAIProperties.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
package org.opendatadiscovery.oddplatform.config.properties; | ||
|
||
import lombok.Data; | ||
import org.springframework.boot.context.properties.ConfigurationProperties; | ||
|
||
@ConfigurationProperties("genai") | ||
@Data | ||
public class GenAIProperties { | ||
private boolean enabled; | ||
private String url; | ||
private int requestTimeout; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters