From a7bfbae3d33a3921ae41083a5d8dd4134b7797c4 Mon Sep 17 00:00:00 2001 From: soimugeoWB <149394944+soimugeoWB@users.noreply.github.com> Date: Thu, 4 Jul 2024 10:59:02 +0300 Subject: [PATCH] Update main who (#16) updated with changes from main --------- Co-authored-by: silag Co-authored-by: Matthew Horridge Co-authored-by: github-actions[bot] Co-authored-by: Gheorghe Soimu --- .../gateway/KeycloakLogoutHandler.java | 2 +- .../webprotege/gateway/SecurityConfig.java | 18 ++++++++++++++---- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/src/main/java/edu/stanford/protege/webprotege/gateway/KeycloakLogoutHandler.java b/src/main/java/edu/stanford/protege/webprotege/gateway/KeycloakLogoutHandler.java index 6616bf6..70b2f5f 100644 --- a/src/main/java/edu/stanford/protege/webprotege/gateway/KeycloakLogoutHandler.java +++ b/src/main/java/edu/stanford/protege/webprotege/gateway/KeycloakLogoutHandler.java @@ -25,7 +25,7 @@ public KeycloakLogoutHandler() { public void logout(HttpServletRequest request, HttpServletResponse response, Authentication auth) { logoutFromKeycloak((Jwt) auth.getPrincipal()); - super.logout(request, response,auth); + super.logout(request, response, auth); } private void logoutFromKeycloak(Jwt token) { diff --git a/src/main/java/edu/stanford/protege/webprotege/gateway/SecurityConfig.java b/src/main/java/edu/stanford/protege/webprotege/gateway/SecurityConfig.java index 7bb3ca2..c9c9f0b 100644 --- a/src/main/java/edu/stanford/protege/webprotege/gateway/SecurityConfig.java +++ b/src/main/java/edu/stanford/protege/webprotege/gateway/SecurityConfig.java @@ -1,21 +1,31 @@ package edu.stanford.protege.webprotege.gateway; -import org.springframework.context.annotation.*; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper; import org.springframework.security.core.session.SessionRegistryImpl; +import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter; import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority; import org.springframework.security.oauth2.core.user.OAuth2UserAuthority; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.access.intercept.AuthorizationFilter; import org.springframework.security.web.authentication.logout.LogoutFilter; -import org.springframework.security.web.authentication.session.*; +import org.springframework.security.web.authentication.logout.LogoutHandler; +import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler; +import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy; +import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy; -import java.util.*; +import java.util.Collection; +import java.util.HashSet; +import java.util.Map; +import java.util.Set; import java.util.stream.Collectors; /** @@ -61,7 +71,7 @@ public SecurityFilterChain resourceServerFilterChain(HttpSecurity http) throws E .jwt(Customizer.withDefaults())); http.oauth2Login(Customizer.withDefaults()) .logout(AbstractHttpConfigurer::disable); - + return http.build(); }