From 5f59da3414aece2493e10b3c691b99c2fe738558 Mon Sep 17 00:00:00 2001
From: Georg Pfuetzenreuter
Date: Fri, 6 May 2022 10:26:59 +0200
Subject: Touchups, Init SecurityConfig/BeanConfig/Properties

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
---
 .../java/net/libertacasa/pubsh/web/BeanConfig.java | 17 +++++++++
 .../net/libertacasa/pubsh/web/SecurityConfig.java  | 41 ++++++++++++++++++++++
 .../net/libertacasa/pubsh/web/WebApplication.java  |  2 +-
 .../pubsh/web/WebSecurityConfigurer.java           |  5 +++
 src/main/resources/application.properties          |  5 ++-
 5 files changed, 68 insertions(+), 2 deletions(-)
 create mode 100644 src/main/java/net/libertacasa/pubsh/web/BeanConfig.java
 create mode 100644 src/main/java/net/libertacasa/pubsh/web/SecurityConfig.java
 create mode 100644 src/main/java/net/libertacasa/pubsh/web/WebSecurityConfigurer.java

diff --git a/src/main/java/net/libertacasa/pubsh/web/BeanConfig.java b/src/main/java/net/libertacasa/pubsh/web/BeanConfig.java
new file mode 100644
index 0000000..63dce29
--- /dev/null
+++ b/src/main/java/net/libertacasa/pubsh/web/BeanConfig.java
@@ -0,0 +1,17 @@
+package net.libertacasa.pubsh.web;
+
+import org.keycloak.adapters.KeycloakConfigResolver;
+import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class BeanConfig {
+
+	@Bean
+	public KeycloakConfigResolver keycloakConfigResolver() {
+	    return new KeycloakSpringBootConfigResolver();
+	}
+	
+
+}
diff --git a/src/main/java/net/libertacasa/pubsh/web/SecurityConfig.java b/src/main/java/net/libertacasa/pubsh/web/SecurityConfig.java
new file mode 100644
index 0000000..53f83ab
--- /dev/null
+++ b/src/main/java/net/libertacasa/pubsh/web/SecurityConfig.java
@@ -0,0 +1,41 @@
+package net.libertacasa.pubsh.web;
+
+import org.keycloak.adapters.springsecurity.KeycloakConfiguration;
+import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.core.session.SessionRegistry;
+import org.springframework.security.core.session.SessionRegistryImpl;
+import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
+import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
+
+@KeycloakConfiguration
+public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+        auth.authenticationProvider(keycloakAuthenticationProvider());
+    }
+
+    @Bean
+    @Override
+    protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
+        return new RegisterSessionAuthenticationStrategy(buildSessionRegistry());
+    }
+
+    @Bean
+    protected SessionRegistry buildSessionRegistry() {
+        return new SessionRegistryImpl();
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception
+    {
+        super.configure(http); //.anonymous().disable()
+        http
+                .authorizeRequests()
+                .antMatchers("/portal").hasAuthority("devel-user")
+                .anyRequest().permitAll();
+    }
+}
diff --git a/src/main/java/net/libertacasa/pubsh/web/WebApplication.java b/src/main/java/net/libertacasa/pubsh/web/WebApplication.java
index 2a33ea6..b0431fd 100644
--- a/src/main/java/net/libertacasa/pubsh/web/WebApplication.java
+++ b/src/main/java/net/libertacasa/pubsh/web/WebApplication.java
@@ -22,7 +22,7 @@ import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 
-import com.example.demo.Docker;
+import net.libertacasa.pubsh.web.Docker;
 import com.github.dockerjava.api.model.Container;
 import com.github.dockerjava.api.model.Image;
 
diff --git a/src/main/java/net/libertacasa/pubsh/web/WebSecurityConfigurer.java b/src/main/java/net/libertacasa/pubsh/web/WebSecurityConfigurer.java
new file mode 100644
index 0000000..e701033
--- /dev/null
+++ b/src/main/java/net/libertacasa/pubsh/web/WebSecurityConfigurer.java
@@ -0,0 +1,5 @@
+package net.libertacasa.pubsh.web;
+
+public class WebSecurityConfigurer {
+
+}
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 8b13789..6ba5acb 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1 +1,4 @@
-
+keycloak.auth-server-url=http://192.168.5.9:8080/
+keycloak.realm=local-devel
+keycloak.resource=portal-app
+keycloak.public-client=true
\ No newline at end of file
-- 
cgit v1.2.3