Compare commits
5 Commits
cfe40735e6
...
acaef2e704
| Author | SHA1 | Date | |
|---|---|---|---|
| acaef2e704 | |||
| d2d8e74ba9 | |||
| c8a25cf438 | |||
| 79ffd41add | |||
| ffe151b59c |
@ -14,6 +14,7 @@ services:
|
|||||||
- HOST_PORT=${HOST_PORT}
|
- HOST_PORT=${HOST_PORT}
|
||||||
- POSTGRES_USER=${POSTGRES_USERNAME}
|
- POSTGRES_USER=${POSTGRES_USERNAME}
|
||||||
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
||||||
|
- SWAGGER_OAUTH_CLIENT_ID=${SWAGGER_OAUTH_CLIENT_ID}
|
||||||
env_file:
|
env_file:
|
||||||
- stack.env
|
- stack.env
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|||||||
@ -1,6 +1,8 @@
|
|||||||
package com.hithomelabs.CFTunnels.Config;
|
package com.hithomelabs.CFTunnels.Config;
|
||||||
|
|
||||||
|
import io.swagger.v3.oas.models.Components;
|
||||||
import io.swagger.v3.oas.models.OpenAPI;
|
import io.swagger.v3.oas.models.OpenAPI;
|
||||||
|
import io.swagger.v3.oas.models.security.*;
|
||||||
import io.swagger.v3.oas.models.servers.Server;
|
import io.swagger.v3.oas.models.servers.Server;
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
@ -16,13 +18,37 @@ public class OpenApiConfig {
|
|||||||
@Value("${api.baseUrl}")
|
@Value("${api.baseUrl}")
|
||||||
private String baseUrl;
|
private String baseUrl;
|
||||||
|
|
||||||
|
@Value("${springdoc.swagger-ui.oauth.authorization-url}")
|
||||||
|
private String authorizationUri;
|
||||||
|
|
||||||
|
@Value("${springdoc.swagger-ui.oauth.token-url}")
|
||||||
|
private String tokenUri;
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public OpenAPI openAPI(){
|
public OpenAPI openAPI() {
|
||||||
Server httpsServer = new Server().url(baseUrl);
|
Server httpsServer = new Server().url(baseUrl);
|
||||||
OpenAPI openApi = new OpenAPI();
|
OpenAPI openApi = new OpenAPI();
|
||||||
ArrayList<Server> servers = new ArrayList<>();
|
ArrayList<Server> servers = new ArrayList<>();
|
||||||
servers.add(httpsServer);
|
servers.add(httpsServer);
|
||||||
openApi.setServers(servers);
|
openApi.setServers(servers);
|
||||||
|
openApi.addSecurityItem(new SecurityRequirement().addList("oidcAuth"))
|
||||||
|
.components(new Components()
|
||||||
|
.addSecuritySchemes("oidcAuth",
|
||||||
|
new SecurityScheme()
|
||||||
|
.type(SecurityScheme.Type.OAUTH2)
|
||||||
|
.flows(new OAuthFlows()
|
||||||
|
.authorizationCode(new OAuthFlow()
|
||||||
|
.authorizationUrl(authorizationUri)
|
||||||
|
.tokenUrl(tokenUri)
|
||||||
|
.scopes(new Scopes()
|
||||||
|
.addString("openid", "OpenID scope")
|
||||||
|
.addString("profile", "OpenID profile")
|
||||||
|
.addString("email", "OpenID email"))
|
||||||
|
)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
.addSecurityItem(new SecurityRequirement().addList("oidcAuth"));
|
||||||
return openApi;
|
return openApi;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -28,6 +28,7 @@ public class SecuirtyConfig {
|
|||||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeHttpRequests(auth -> auth
|
.authorizeHttpRequests(auth -> auth
|
||||||
|
//.requestMatchers( "/v3/api-docs/**", "/swagger-ui/**", "/swagger-ui.html" ).permitAll()
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
).csrf(csrf -> csrf.disable())
|
).csrf(csrf -> csrf.disable())
|
||||||
.with(new OAuth2LoginConfigurer<>(),
|
.with(new OAuth2LoginConfigurer<>(),
|
||||||
|
|||||||
@ -11,22 +11,6 @@ public class HomeController implements ErrorController {
|
|||||||
|
|
||||||
private static final String ERROR_PATH = "/error";
|
private static final String ERROR_PATH = "/error";
|
||||||
|
|
||||||
/**
|
|
||||||
* Redirects the root (including any query params like ?continue=…)
|
|
||||||
* straight into Swagger UI.
|
|
||||||
*/
|
|
||||||
@GetMapping("/")
|
|
||||||
public String rootRedirect() {
|
|
||||||
return "redirect:/swagger-ui/index.html";
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Catches any errors (404s, unhandled paths) and punts them
|
|
||||||
* into the same Swagger UI page.
|
|
||||||
*/
|
|
||||||
@RequestMapping(ERROR_PATH)
|
|
||||||
public String onError() {
|
|
||||||
return "redirect:/swagger-ui/index.html";
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -18,6 +18,13 @@ spring.security.oauth2.client.provider.cftunnels.user-info-uri=https://auth.hith
|
|||||||
spring.security.oauth2.client.provider.cftunnels.jwk-set-uri=https://auth.hithomelabs.com/application/o/cftunnels/jwks/
|
spring.security.oauth2.client.provider.cftunnels.jwk-set-uri=https://auth.hithomelabs.com/application/o/cftunnels/jwks/
|
||||||
spring.security.oauth2.client.provider.cftunnels.issuer-uri=https://auth.hithomelabs.com/application/o/cftunnels/
|
spring.security.oauth2.client.provider.cftunnels.issuer-uri=https://auth.hithomelabs.com/application/o/cftunnels/
|
||||||
|
|
||||||
|
springdoc.swagger-ui.oauth.client-id=${SWAGGER_OAUTH_CLIENT_ID}
|
||||||
|
springdoc.swagger-ui.oauth.client-secret= # leave empty for public client
|
||||||
|
springdoc.swagger-ui.oauth.use-pkce=true
|
||||||
|
springdoc.swagger-ui.oauth.scopes=openid,profile,email
|
||||||
|
springdoc.swagger-ui.oauth.authorization-url=https://auth.hithomelabs.com/application/o/authorize/
|
||||||
|
springdoc.swagger-ui.oauth.token-url=https://auth.hithomelabs.com/application/o/token/
|
||||||
|
|
||||||
spring.datasource.url=jdbc:postgresql://192.168.0.100:5432/cftunnel
|
spring.datasource.url=jdbc:postgresql://192.168.0.100:5432/cftunnel
|
||||||
spring.datasource.username=${POSTGRES_USERNAME}
|
spring.datasource.username=${POSTGRES_USERNAME}
|
||||||
spring.datasource.password=${POSTGRES_PASSWORD}
|
spring.datasource.password=${POSTGRES_PASSWORD}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user