From 75d2d5f6468338515291de619ca78c47a8b7a613 Mon Sep 17 00:00:00 2001 From: Raul Metsma Date: Tue, 19 Mar 2024 22:04:09 +0200 Subject: [PATCH 01/14] Update copyright year WE2-887 Signed-off-by: Raul Metsma --- .../eu/webeid/example/WebEidSpringbootExampleApplication.java | 2 +- .../java/eu/webeid/example/config/ApplicationConfiguration.java | 2 +- .../eu/webeid/example/config/SameSiteCookieConfiguration.java | 2 +- .../webeid/example/config/SessionBackedChallengeNonceStore.java | 2 +- .../java/eu/webeid/example/config/ValidationConfiguration.java | 2 +- src/main/java/eu/webeid/example/config/YAMLConfig.java | 2 +- .../example/security/AuthTokenDTOAuthenticationProvider.java | 2 +- .../example/security/WebEidAjaxLoginProcessingFilter.java | 2 +- .../java/eu/webeid/example/security/WebEidAuthentication.java | 2 +- .../example/security/ajax/AjaxAuthenticationFailureHandler.java | 2 +- .../example/security/ajax/AjaxAuthenticationSuccessHandler.java | 2 +- src/main/java/eu/webeid/example/security/dto/AuthTokenDTO.java | 2 +- src/main/java/eu/webeid/example/service/SigningService.java | 2 +- src/main/java/eu/webeid/example/service/dto/CertificateDTO.java | 2 +- src/main/java/eu/webeid/example/service/dto/ChallengeDTO.java | 2 +- src/main/java/eu/webeid/example/service/dto/DigestDTO.java | 2 +- src/main/java/eu/webeid/example/service/dto/FileDTO.java | 2 +- .../eu/webeid/example/service/dto/SignatureAlgorithmDTO.java | 2 +- src/main/java/eu/webeid/example/service/dto/SignatureDTO.java | 2 +- src/main/java/eu/webeid/example/web/WelcomeController.java | 2 +- .../java/eu/webeid/example/web/rest/ChallengeController.java | 2 +- src/main/java/eu/webeid/example/web/rest/SigningController.java | 2 +- src/main/resources/static/js/errors.js | 2 +- .../eu/webeid/example/AuthenticationRestControllerTest.java | 2 +- src/test/java/eu/webeid/example/WebApplicationTest.java | 2 +- src/test/java/eu/webeid/example/testutil/Dates.java | 2 +- src/test/java/eu/webeid/example/testutil/HttpHelper.java | 2 +- src/test/java/eu/webeid/example/testutil/ObjectMother.java | 2 +- 28 files changed, 28 insertions(+), 28 deletions(-) diff --git a/src/main/java/eu/webeid/example/WebEidSpringbootExampleApplication.java b/src/main/java/eu/webeid/example/WebEidSpringbootExampleApplication.java index 2af43ab..f82bac0 100644 --- a/src/main/java/eu/webeid/example/WebEidSpringbootExampleApplication.java +++ b/src/main/java/eu/webeid/example/WebEidSpringbootExampleApplication.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java index 96430c1..9fba315 100644 --- a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java +++ b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/config/SameSiteCookieConfiguration.java b/src/main/java/eu/webeid/example/config/SameSiteCookieConfiguration.java index 1b87329..7940165 100644 --- a/src/main/java/eu/webeid/example/config/SameSiteCookieConfiguration.java +++ b/src/main/java/eu/webeid/example/config/SameSiteCookieConfiguration.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/config/SessionBackedChallengeNonceStore.java b/src/main/java/eu/webeid/example/config/SessionBackedChallengeNonceStore.java index 00e0b9f..c94a324 100644 --- a/src/main/java/eu/webeid/example/config/SessionBackedChallengeNonceStore.java +++ b/src/main/java/eu/webeid/example/config/SessionBackedChallengeNonceStore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/config/ValidationConfiguration.java b/src/main/java/eu/webeid/example/config/ValidationConfiguration.java index f1f78f7..83f0f47 100644 --- a/src/main/java/eu/webeid/example/config/ValidationConfiguration.java +++ b/src/main/java/eu/webeid/example/config/ValidationConfiguration.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/config/YAMLConfig.java b/src/main/java/eu/webeid/example/config/YAMLConfig.java index e8fecd3..35905f0 100644 --- a/src/main/java/eu/webeid/example/config/YAMLConfig.java +++ b/src/main/java/eu/webeid/example/config/YAMLConfig.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/security/AuthTokenDTOAuthenticationProvider.java b/src/main/java/eu/webeid/example/security/AuthTokenDTOAuthenticationProvider.java index 95ea1ee..03e535f 100644 --- a/src/main/java/eu/webeid/example/security/AuthTokenDTOAuthenticationProvider.java +++ b/src/main/java/eu/webeid/example/security/AuthTokenDTOAuthenticationProvider.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java b/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java index 16bf0c4..ac43205 100644 --- a/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java +++ b/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/security/WebEidAuthentication.java b/src/main/java/eu/webeid/example/security/WebEidAuthentication.java index 1726ff1..4a67020 100644 --- a/src/main/java/eu/webeid/example/security/WebEidAuthentication.java +++ b/src/main/java/eu/webeid/example/security/WebEidAuthentication.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationFailureHandler.java b/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationFailureHandler.java index d7c308e..8580bca 100644 --- a/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationFailureHandler.java +++ b/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationFailureHandler.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationSuccessHandler.java b/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationSuccessHandler.java index e1e0db0..19d0410 100644 --- a/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationSuccessHandler.java +++ b/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationSuccessHandler.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/security/dto/AuthTokenDTO.java b/src/main/java/eu/webeid/example/security/dto/AuthTokenDTO.java index c0f4cd2..9321c4c 100644 --- a/src/main/java/eu/webeid/example/security/dto/AuthTokenDTO.java +++ b/src/main/java/eu/webeid/example/security/dto/AuthTokenDTO.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/service/SigningService.java b/src/main/java/eu/webeid/example/service/SigningService.java index 1307bd0..a7d71b4 100644 --- a/src/main/java/eu/webeid/example/service/SigningService.java +++ b/src/main/java/eu/webeid/example/service/SigningService.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/service/dto/CertificateDTO.java b/src/main/java/eu/webeid/example/service/dto/CertificateDTO.java index 4148165..6050c85 100644 --- a/src/main/java/eu/webeid/example/service/dto/CertificateDTO.java +++ b/src/main/java/eu/webeid/example/service/dto/CertificateDTO.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/service/dto/ChallengeDTO.java b/src/main/java/eu/webeid/example/service/dto/ChallengeDTO.java index a882db2..dd95d42 100644 --- a/src/main/java/eu/webeid/example/service/dto/ChallengeDTO.java +++ b/src/main/java/eu/webeid/example/service/dto/ChallengeDTO.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/service/dto/DigestDTO.java b/src/main/java/eu/webeid/example/service/dto/DigestDTO.java index 483a71b..4e56d36 100644 --- a/src/main/java/eu/webeid/example/service/dto/DigestDTO.java +++ b/src/main/java/eu/webeid/example/service/dto/DigestDTO.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/service/dto/FileDTO.java b/src/main/java/eu/webeid/example/service/dto/FileDTO.java index af2e24e..dca653b 100644 --- a/src/main/java/eu/webeid/example/service/dto/FileDTO.java +++ b/src/main/java/eu/webeid/example/service/dto/FileDTO.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/service/dto/SignatureAlgorithmDTO.java b/src/main/java/eu/webeid/example/service/dto/SignatureAlgorithmDTO.java index 94d1b8c..bef5ba4 100644 --- a/src/main/java/eu/webeid/example/service/dto/SignatureAlgorithmDTO.java +++ b/src/main/java/eu/webeid/example/service/dto/SignatureAlgorithmDTO.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/service/dto/SignatureDTO.java b/src/main/java/eu/webeid/example/service/dto/SignatureDTO.java index 5a416cc..68742fc 100644 --- a/src/main/java/eu/webeid/example/service/dto/SignatureDTO.java +++ b/src/main/java/eu/webeid/example/service/dto/SignatureDTO.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/web/WelcomeController.java b/src/main/java/eu/webeid/example/web/WelcomeController.java index dcd09da..deb7ab8 100644 --- a/src/main/java/eu/webeid/example/web/WelcomeController.java +++ b/src/main/java/eu/webeid/example/web/WelcomeController.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/web/rest/ChallengeController.java b/src/main/java/eu/webeid/example/web/rest/ChallengeController.java index a81aa68..9640fe6 100644 --- a/src/main/java/eu/webeid/example/web/rest/ChallengeController.java +++ b/src/main/java/eu/webeid/example/web/rest/ChallengeController.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/java/eu/webeid/example/web/rest/SigningController.java b/src/main/java/eu/webeid/example/web/rest/SigningController.java index abdda22..14ecfae 100644 --- a/src/main/java/eu/webeid/example/web/rest/SigningController.java +++ b/src/main/java/eu/webeid/example/web/rest/SigningController.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/main/resources/static/js/errors.js b/src/main/resources/static/js/errors.js index 1665e6d..95220bb 100644 --- a/src/main/resources/static/js/errors.js +++ b/src/main/resources/static/js/errors.js @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/test/java/eu/webeid/example/AuthenticationRestControllerTest.java b/src/test/java/eu/webeid/example/AuthenticationRestControllerTest.java index fcd4214..aa6f5df 100644 --- a/src/test/java/eu/webeid/example/AuthenticationRestControllerTest.java +++ b/src/test/java/eu/webeid/example/AuthenticationRestControllerTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/test/java/eu/webeid/example/WebApplicationTest.java b/src/test/java/eu/webeid/example/WebApplicationTest.java index 643734e..4d95f43 100644 --- a/src/test/java/eu/webeid/example/WebApplicationTest.java +++ b/src/test/java/eu/webeid/example/WebApplicationTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/test/java/eu/webeid/example/testutil/Dates.java b/src/test/java/eu/webeid/example/testutil/Dates.java index 9ab1260..c44118d 100644 --- a/src/test/java/eu/webeid/example/testutil/Dates.java +++ b/src/test/java/eu/webeid/example/testutil/Dates.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/test/java/eu/webeid/example/testutil/HttpHelper.java b/src/test/java/eu/webeid/example/testutil/HttpHelper.java index 03ae120..fec2621 100644 --- a/src/test/java/eu/webeid/example/testutil/HttpHelper.java +++ b/src/test/java/eu/webeid/example/testutil/HttpHelper.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal diff --git a/src/test/java/eu/webeid/example/testutil/ObjectMother.java b/src/test/java/eu/webeid/example/testutil/ObjectMother.java index e6de802..ad048fd 100644 --- a/src/test/java/eu/webeid/example/testutil/ObjectMother.java +++ b/src/test/java/eu/webeid/example/testutil/ObjectMother.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2023 Estonian Information System Authority + * Copyright (c) 2020-2024 Estonian Information System Authority * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal From f68448094fc61e0c64c5401802d0dc62217ceedb Mon Sep 17 00:00:00 2001 From: Raul Metsma Date: Mon, 25 Mar 2024 13:51:53 +0200 Subject: [PATCH 02/14] Step1 to Spring boot 2.7 latest and spring securtiy 5.8.9 WE2-860 Signed-off-by: Raul Metsma --- pom.xml | 3 +- .../config/ApplicationConfiguration.java | 33 +++++++++++-------- 2 files changed, 21 insertions(+), 15 deletions(-) diff --git a/pom.xml b/pom.xml index 3568a9c..4fb30ec 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ org.springframework.boot spring-boot-starter-parent - 2.7.15 + 2.7.18 org.webeid.example @@ -22,6 +22,7 @@ 3.0.0 5.2.0 1.44 + 5.8.9 diff --git a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java index 9fba315..e179c17 100644 --- a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java +++ b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java @@ -24,12 +24,14 @@ import eu.webeid.example.security.AuthTokenDTOAuthenticationProvider; import eu.webeid.example.security.WebEidAjaxLoginProcessingFilter; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; -import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; +import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler; import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; @@ -37,30 +39,32 @@ @Configuration @EnableWebSecurity -@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, jsr250Enabled = true) -public class ApplicationConfiguration extends WebSecurityConfigurerAdapter implements WebMvcConfigurer { +@EnableMethodSecurity(securedEnabled = true, jsr250Enabled = true) +public class ApplicationConfiguration implements WebMvcConfigurer { final AuthTokenDTOAuthenticationProvider authTokenDTOAuthenticationProvider; public ApplicationConfiguration(AuthTokenDTOAuthenticationProvider authTokenDTOAuthenticationProvider) { this.authTokenDTOAuthenticationProvider = authTokenDTOAuthenticationProvider; } - @Override - protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) { - authenticationManagerBuilder.authenticationProvider(authTokenDTOAuthenticationProvider); + @Bean + public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception { + return authenticationConfiguration.getAuthenticationManager(); } - @Override - protected void configure(HttpSecurity http) throws Exception { + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http + .authenticationProvider(authTokenDTOAuthenticationProvider) .addFilterBefore( - new WebEidAjaxLoginProcessingFilter("/auth/login", authenticationManager()), + new WebEidAjaxLoginProcessingFilter("/auth/login", + authenticationManager(http.getSharedObject(AuthenticationConfiguration.class))), UsernamePasswordAuthenticationFilter.class) - .authorizeRequests() - .antMatchers("/auth/challenge", "/auth/login", "/") + .authorizeHttpRequests() + .requestMatchers("/auth/challenge", "/auth/login", "/") .permitAll() - .antMatchers("/welcome") + .requestMatchers("/welcome") .authenticated() .and() .logout() @@ -68,6 +72,7 @@ protected void configure(HttpSecurity http) throws Exception { .and() .headers() .frameOptions().sameOrigin(); + return http.build(); // @formatter:on } From 53e4b9b07b8b5e93042dfd0750f7d6ed10ca266d Mon Sep 17 00:00:00 2001 From: Raul Metsma Date: Mon, 25 Mar 2024 13:53:20 +0200 Subject: [PATCH 03/14] Upgrade to spring boot 3.* WE2-860 Signed-off-by: Raul Metsma --- pom.xml | 5 ++- .../config/ApplicationConfiguration.java | 31 +++++++------------ .../SessionBackedChallengeNonceStore.java | 2 +- .../config/ValidationConfiguration.java | 2 +- .../WebEidAjaxLoginProcessingFilter.java | 4 +-- .../AjaxAuthenticationFailureHandler.java | 6 ++-- .../AjaxAuthenticationSuccessHandler.java | 4 +-- .../example/service/SigningService.java | 4 +-- .../webeid/example/web/WelcomeController.java | 2 +- src/main/resources/templates/index.html | 2 +- .../eu/webeid/example/WebApplicationTest.java | 2 +- .../WebEidAjaxLoginProcessingFilterTest.java | 4 +-- .../webeid/example/testutil/ObjectMother.java | 2 +- 13 files changed, 30 insertions(+), 40 deletions(-) diff --git a/pom.xml b/pom.xml index 4fb30ec..0e63ea8 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ org.springframework.boot spring-boot-starter-parent - 2.7.18 + 3.1.9 org.webeid.example @@ -20,9 +20,8 @@ 11 2.22.1 3.0.0 - 5.2.0 + 5.3.0 1.44 - 5.8.9 diff --git a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java index e179c17..4d7eb9a 100644 --- a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java +++ b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java @@ -31,6 +31,7 @@ import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler; @@ -54,28 +55,18 @@ public AuthenticationManager authenticationManager(AuthenticationConfiguration a @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - // @formatter:off - http - .authenticationProvider(authTokenDTOAuthenticationProvider) - .addFilterBefore( - new WebEidAjaxLoginProcessingFilter("/auth/login", - authenticationManager(http.getSharedObject(AuthenticationConfiguration.class))), - UsernamePasswordAuthenticationFilter.class) - .authorizeHttpRequests() - .requestMatchers("/auth/challenge", "/auth/login", "/") - .permitAll() - .requestMatchers("/welcome") - .authenticated() - .and() - .logout() - .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()) - .and() - .headers() - .frameOptions().sameOrigin(); - return http.build(); - // @formatter:on + return http + .authenticationProvider(authTokenDTOAuthenticationProvider) + .addFilterBefore( + new WebEidAjaxLoginProcessingFilter("/auth/login", + authenticationManager(http.getSharedObject(AuthenticationConfiguration.class))), + UsernamePasswordAuthenticationFilter.class) + .logout(logout -> logout.logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler())) + .headers(headers -> headers.frameOptions(options -> options.sameOrigin())) + .build(); } + @Override public void addViewControllers(ViewControllerRegistry registry) { registry.addViewController("/").setViewName("index"); registry.addViewController("/welcome").setViewName("welcome"); diff --git a/src/main/java/eu/webeid/example/config/SessionBackedChallengeNonceStore.java b/src/main/java/eu/webeid/example/config/SessionBackedChallengeNonceStore.java index c94a324..cb4654d 100644 --- a/src/main/java/eu/webeid/example/config/SessionBackedChallengeNonceStore.java +++ b/src/main/java/eu/webeid/example/config/SessionBackedChallengeNonceStore.java @@ -26,7 +26,7 @@ import eu.webeid.security.challenge.ChallengeNonce; import eu.webeid.security.challenge.ChallengeNonceStore; -import javax.servlet.http.HttpSession; +import jakarta.servlet.http.HttpSession; public class SessionBackedChallengeNonceStore implements ChallengeNonceStore { diff --git a/src/main/java/eu/webeid/example/config/ValidationConfiguration.java b/src/main/java/eu/webeid/example/config/ValidationConfiguration.java index 83f0f47..dbe21ee 100644 --- a/src/main/java/eu/webeid/example/config/ValidationConfiguration.java +++ b/src/main/java/eu/webeid/example/config/ValidationConfiguration.java @@ -37,7 +37,7 @@ import eu.webeid.security.validator.AuthTokenValidator; import eu.webeid.security.validator.AuthTokenValidatorBuilder; -import javax.servlet.http.HttpSession; +import jakarta.servlet.http.HttpSession; import java.io.IOException; import java.io.InputStream; import java.net.URI; diff --git a/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java b/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java index ac43205..5c2ffaf 100644 --- a/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java +++ b/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java @@ -24,8 +24,8 @@ import com.fasterxml.jackson.databind.ObjectMapper; import java.io.IOException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import eu.webeid.example.security.ajax.AjaxAuthenticationFailureHandler; import eu.webeid.example.security.ajax.AjaxAuthenticationSuccessHandler; diff --git a/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationFailureHandler.java b/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationFailureHandler.java index 8580bca..647698f 100644 --- a/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationFailureHandler.java +++ b/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationFailureHandler.java @@ -27,9 +27,9 @@ import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpSession; import java.io.IOException; public class AjaxAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler { diff --git a/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationSuccessHandler.java b/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationSuccessHandler.java index 19d0410..b7b70b9 100644 --- a/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationSuccessHandler.java +++ b/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationSuccessHandler.java @@ -29,8 +29,8 @@ import java.util.Collection; import java.util.List; import java.util.stream.Collectors; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.core.Authentication; diff --git a/src/main/java/eu/webeid/example/service/SigningService.java b/src/main/java/eu/webeid/example/service/SigningService.java index a7d71b4..69adc1c 100644 --- a/src/main/java/eu/webeid/example/service/SigningService.java +++ b/src/main/java/eu/webeid/example/service/SigningService.java @@ -46,8 +46,8 @@ import org.springframework.core.io.ByteArrayResource; import org.springframework.stereotype.Service; -import javax.servlet.http.HttpSession; -import javax.xml.bind.DatatypeConverter; +import jakarta.servlet.http.HttpSession; +import jakarta.xml.bind.DatatypeConverter; import java.io.IOException; import java.io.InputStream; import java.security.NoSuchAlgorithmException; diff --git a/src/main/java/eu/webeid/example/web/WelcomeController.java b/src/main/java/eu/webeid/example/web/WelcomeController.java index deb7ab8..e61fcc2 100644 --- a/src/main/java/eu/webeid/example/web/WelcomeController.java +++ b/src/main/java/eu/webeid/example/web/WelcomeController.java @@ -29,7 +29,7 @@ import org.springframework.ui.Model; import org.springframework.web.bind.annotation.GetMapping; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; import java.security.Principal; import static eu.webeid.example.security.AuthTokenDTOAuthenticationProvider.ROLE_USER; diff --git a/src/main/resources/templates/index.html b/src/main/resources/templates/index.html index 429b6b3..5204bae 100644 --- a/src/main/resources/templates/index.html +++ b/src/main/resources/templates/index.html @@ -57,7 +57,7 @@

Usage

  • on Ubuntu Linux, for Firefox and Chrome, download and execute the
    download-install-web-eid.sh script from the console with
    - wget -O - https:///scripts/download-install-web-eid.sh + wget -O - https:///scripts/download-install-web-eid.sh | bash
    Note that Firefox is installed with Snap in Ubuntu 22.04 or later by default and as the Snap sandbox does not allow communication with the external native messaging host, Web diff --git a/src/test/java/eu/webeid/example/WebApplicationTest.java b/src/test/java/eu/webeid/example/WebApplicationTest.java index 4d95f43..d6e343b 100644 --- a/src/test/java/eu/webeid/example/WebApplicationTest.java +++ b/src/test/java/eu/webeid/example/WebApplicationTest.java @@ -59,7 +59,7 @@ public class WebApplicationTest { private WebApplicationContext context; @Autowired - private javax.servlet.Filter[] springSecurityFilterChain; + private jakarta.servlet.Filter[] springSecurityFilterChain; private static DefaultMockMvcBuilder mvcBuilder; diff --git a/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java b/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java index 0640a4d..794bf34 100644 --- a/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java +++ b/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java @@ -4,8 +4,8 @@ import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.BufferedReader; import java.io.StringReader; diff --git a/src/test/java/eu/webeid/example/testutil/ObjectMother.java b/src/test/java/eu/webeid/example/testutil/ObjectMother.java index ad048fd..f6103d5 100644 --- a/src/test/java/eu/webeid/example/testutil/ObjectMother.java +++ b/src/test/java/eu/webeid/example/testutil/ObjectMother.java @@ -33,7 +33,7 @@ import eu.webeid.example.service.dto.CertificateDTO; import eu.webeid.example.service.dto.SignatureDTO; -import javax.xml.bind.DatatypeConverter; +import jakarta.xml.bind.DatatypeConverter; import java.io.FileInputStream; import java.security.GeneralSecurityException; import java.security.KeyStore; From cb190d31f11d06b69b26e7597e6331f529c05820 Mon Sep 17 00:00:00 2001 From: Lauris Kaplinski Date: Wed, 27 Mar 2024 10:12:16 +0200 Subject: [PATCH 04/14] Play with persistence --- .../config/ApplicationConfiguration.java | 32 ++++++++++++++----- .../WebEidAjaxLoginProcessingFilter.java | 16 +++++++++- src/main/resources/application.properties | 2 +- 3 files changed, 40 insertions(+), 10 deletions(-) diff --git a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java index e179c17..813a70a 100644 --- a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java +++ b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java @@ -34,6 +34,9 @@ import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler; +import org.springframework.security.web.context.HttpSessionSecurityContextRepository; +import org.springframework.security.web.context.SecurityContextPersistenceFilter; +import org.springframework.security.web.context.SecurityContextRepository; import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @@ -42,9 +45,11 @@ @EnableMethodSecurity(securedEnabled = true, jsr250Enabled = true) public class ApplicationConfiguration implements WebMvcConfigurer { final AuthTokenDTOAuthenticationProvider authTokenDTOAuthenticationProvider; + final HttpSessionSecurityContextRepository repo; public ApplicationConfiguration(AuthTokenDTOAuthenticationProvider authTokenDTOAuthenticationProvider) { this.authTokenDTOAuthenticationProvider = authTokenDTOAuthenticationProvider; + repo = new HttpSessionSecurityContextRepository(); } @Bean @@ -52,21 +57,32 @@ public AuthenticationManager authenticationManager(AuthenticationConfiguration a return authenticationConfiguration.getAuthenticationManager(); } + @Bean SecurityContextRepository securityContextRepository() { + return repo; + } + @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off + AuthenticationManager manager = authenticationManager(http.getSharedObject(AuthenticationConfiguration.class)); + SecurityContextRepository repo = securityContextRepository(); + http .authenticationProvider(authTokenDTOAuthenticationProvider) .addFilterBefore( - new WebEidAjaxLoginProcessingFilter("/auth/login", - authenticationManager(http.getSharedObject(AuthenticationConfiguration.class))), + new WebEidAjaxLoginProcessingFilter("/auth/login", manager, repo), UsernamePasswordAuthenticationFilter.class) - .authorizeHttpRequests() - .requestMatchers("/auth/challenge", "/auth/login", "/") - .permitAll() - .requestMatchers("/welcome") - .authenticated() - .and() + .authorizeHttpRequests((authz) -> authz + .requestMatchers("/auth/challenge", "/auth/login", "/") + .permitAll() + .requestMatchers("/welcome") + .authenticated() + ) + .securityContext((securityContext) -> securityContext + .requireExplicitSave(true) + ) + //.addFilter(new SecurityContextPersistenceFilter()) + .logout() .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()) .and() diff --git a/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java b/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java index ac43205..799b229 100644 --- a/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java +++ b/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java @@ -30,6 +30,8 @@ import eu.webeid.example.security.ajax.AjaxAuthenticationFailureHandler; import eu.webeid.example.security.ajax.AjaxAuthenticationSuccessHandler; import eu.webeid.example.security.dto.AuthTokenDTO; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.http.HttpMethod; @@ -37,22 +39,27 @@ import org.springframework.security.authentication.AuthenticationServiceException; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken; import org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy; +import org.springframework.security.web.context.SecurityContextRepository; public class WebEidAjaxLoginProcessingFilter extends AbstractAuthenticationProcessingFilter { private static final Logger LOG = LoggerFactory.getLogger(WebEidAjaxLoginProcessingFilter.class); + private final SecurityContextRepository repo; public WebEidAjaxLoginProcessingFilter( String defaultFilterProcessesUrl, - AuthenticationManager authenticationManager + AuthenticationManager authenticationManager, + SecurityContextRepository repo ) { super(defaultFilterProcessesUrl); this.setAuthenticationManager(authenticationManager); this.setAuthenticationSuccessHandler(new AjaxAuthenticationSuccessHandler()); this.setAuthenticationFailureHandler(new AjaxAuthenticationFailureHandler()); setSessionAuthenticationStrategy(new SessionFixationProtectionStrategy()); + this.repo = repo; } @Override @@ -76,4 +83,11 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ LOG.info("attemptAuthentication(): Calling authentication manager"); return getAuthenticationManager().authenticate(token); } + + @Override + protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException { + super.successfulAuthentication(request, response, chain, authResult); // Generated from nbfs://nbhost/SystemFileSystem/Templates/Classes/Code/OverriddenMethodBody + //SecurityContextHolder.setContext(securityContext); + repo.saveContext(SecurityContextHolder.getContext(), request, response); + } } diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 7d70ac4..93e5d7a 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1,2 +1,2 @@ -spring.profiles.active=dev +spring.profiles.active=prod server.servlet.session.cookie.name=__Host-JSESSIONID \ No newline at end of file From 290fa1a51979b325c85c08108877485221ba58b4 Mon Sep 17 00:00:00 2001 From: Lauris Kaplinski Date: Wed, 27 Mar 2024 10:14:35 +0200 Subject: [PATCH 05/14] Fixed test --- .../example/security/WebEidAjaxLoginProcessingFilterTest.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java b/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java index 0640a4d..f8210dc 100644 --- a/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java +++ b/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java @@ -12,6 +12,7 @@ import static org.junit.jupiter.api.Assertions.assertDoesNotThrow; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; +import org.springframework.security.web.context.SecurityContextRepository; class WebEidAjaxLoginProcessingFilterTest { @@ -31,9 +32,10 @@ void testAttemptAuthentication() throws Exception { when(request.getReader()).thenReturn(new BufferedReader(new StringReader(AUTH_TOKEN))); final AuthenticationManager authenticationManager = mock(AuthenticationManager.class); + final SecurityContextRepository repo = mock(SecurityContextRepository.class); assertDoesNotThrow(() -> - new WebEidAjaxLoginProcessingFilter("/auth/login", authenticationManager) + new WebEidAjaxLoginProcessingFilter("/auth/login", authenticationManager, repo) .attemptAuthentication(request, response)); } } \ No newline at end of file From f455e3f8c4df185a97cc8312177e6b56fb896dc4 Mon Sep 17 00:00:00 2001 From: Lauris Kaplinski Date: Wed, 27 Mar 2024 11:58:01 +0200 Subject: [PATCH 06/14] Fixed missing httpServletRequest in ThymeLeaf 3.1 --- .../eu/webeid/example/web/IndexController.java | 15 +++++++++++++++ src/main/resources/templates/index.html | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 src/main/java/eu/webeid/example/web/IndexController.java diff --git a/src/main/java/eu/webeid/example/web/IndexController.java b/src/main/java/eu/webeid/example/web/IndexController.java new file mode 100644 index 0000000..a41170f --- /dev/null +++ b/src/main/java/eu/webeid/example/web/IndexController.java @@ -0,0 +1,15 @@ +package eu.webeid.example.web; + +import jakarta.servlet.http.HttpServletRequest; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.GetMapping; + +@Controller +public class IndexController { + @GetMapping("/") + public String welcome(Model model, HttpServletRequest request) { + model.addAttribute("serverName", request.getServerName()); + return "index"; + } +} diff --git a/src/main/resources/templates/index.html b/src/main/resources/templates/index.html index 5204bae..759d337 100644 --- a/src/main/resources/templates/index.html +++ b/src/main/resources/templates/index.html @@ -57,7 +57,7 @@

    Usage

  • on Ubuntu Linux, for Firefox and Chrome, download and execute the
    download-install-web-eid.sh script from the console with
    - wget -O - https:///scripts/download-install-web-eid.sh + wget -O - https:///scripts/download-install-web-eid.sh | bash
    Note that Firefox is installed with Snap in Ubuntu 22.04 or later by default and as the Snap sandbox does not allow communication with the external native messaging host, Web From d68f1c8355f6605be39608a3fff82c2d66a9c5cd Mon Sep 17 00:00:00 2001 From: Lauris Kaplinski Date: Wed, 27 Mar 2024 13:27:21 +0200 Subject: [PATCH 07/14] Fixed Java version Signed-off-by: Lauris Kaplinski --- pom.xml | 2 +- .../java/eu/webeid/example/config/ApplicationConfiguration.java | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 0e63ea8..49761fe 100644 --- a/pom.xml +++ b/pom.xml @@ -17,7 +17,7 @@ - 11 + 17 2.22.1 3.0.0 5.3.0 diff --git a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java index fa08b0f..5e974e4 100644 --- a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java +++ b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java @@ -31,7 +31,6 @@ import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler; From 24add0b1761acb9ca3297b6e14ba321c46c59317 Mon Sep 17 00:00:00 2001 From: Raul Metsma Date: Mon, 25 Mar 2024 13:51:53 +0200 Subject: [PATCH 08/14] Step1 to Spring boot 2.7 latest and spring securtiy 5.8.9 WE2-860 Signed-off-by: Raul Metsma --- pom.xml | 3 +- .../config/ApplicationConfiguration.java | 33 +++++++++++-------- 2 files changed, 21 insertions(+), 15 deletions(-) diff --git a/pom.xml b/pom.xml index 3568a9c..4fb30ec 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ org.springframework.boot spring-boot-starter-parent - 2.7.15 + 2.7.18 org.webeid.example @@ -22,6 +22,7 @@ 3.0.0 5.2.0 1.44 + 5.8.9 diff --git a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java index 9fba315..e179c17 100644 --- a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java +++ b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java @@ -24,12 +24,14 @@ import eu.webeid.example.security.AuthTokenDTOAuthenticationProvider; import eu.webeid.example.security.WebEidAjaxLoginProcessingFilter; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; -import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; +import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler; import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; @@ -37,30 +39,32 @@ @Configuration @EnableWebSecurity -@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, jsr250Enabled = true) -public class ApplicationConfiguration extends WebSecurityConfigurerAdapter implements WebMvcConfigurer { +@EnableMethodSecurity(securedEnabled = true, jsr250Enabled = true) +public class ApplicationConfiguration implements WebMvcConfigurer { final AuthTokenDTOAuthenticationProvider authTokenDTOAuthenticationProvider; public ApplicationConfiguration(AuthTokenDTOAuthenticationProvider authTokenDTOAuthenticationProvider) { this.authTokenDTOAuthenticationProvider = authTokenDTOAuthenticationProvider; } - @Override - protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) { - authenticationManagerBuilder.authenticationProvider(authTokenDTOAuthenticationProvider); + @Bean + public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception { + return authenticationConfiguration.getAuthenticationManager(); } - @Override - protected void configure(HttpSecurity http) throws Exception { + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http + .authenticationProvider(authTokenDTOAuthenticationProvider) .addFilterBefore( - new WebEidAjaxLoginProcessingFilter("/auth/login", authenticationManager()), + new WebEidAjaxLoginProcessingFilter("/auth/login", + authenticationManager(http.getSharedObject(AuthenticationConfiguration.class))), UsernamePasswordAuthenticationFilter.class) - .authorizeRequests() - .antMatchers("/auth/challenge", "/auth/login", "/") + .authorizeHttpRequests() + .requestMatchers("/auth/challenge", "/auth/login", "/") .permitAll() - .antMatchers("/welcome") + .requestMatchers("/welcome") .authenticated() .and() .logout() @@ -68,6 +72,7 @@ protected void configure(HttpSecurity http) throws Exception { .and() .headers() .frameOptions().sameOrigin(); + return http.build(); // @formatter:on } From 71e7488909070a87beec5d7aa73f3f00bd945abd Mon Sep 17 00:00:00 2001 From: Raul Metsma Date: Mon, 25 Mar 2024 13:53:20 +0200 Subject: [PATCH 09/14] Upgrade to spring boot 3.* WE2-860 Signed-off-by: Raul Metsma --- pom.xml | 5 ++- .../config/ApplicationConfiguration.java | 31 +++++++------------ .../SessionBackedChallengeNonceStore.java | 2 +- .../config/ValidationConfiguration.java | 2 +- .../WebEidAjaxLoginProcessingFilter.java | 4 +-- .../AjaxAuthenticationFailureHandler.java | 6 ++-- .../AjaxAuthenticationSuccessHandler.java | 4 +-- .../example/service/SigningService.java | 4 +-- .../webeid/example/web/WelcomeController.java | 2 +- src/main/resources/templates/index.html | 2 +- .../eu/webeid/example/WebApplicationTest.java | 2 +- .../WebEidAjaxLoginProcessingFilterTest.java | 4 +-- .../webeid/example/testutil/ObjectMother.java | 2 +- 13 files changed, 30 insertions(+), 40 deletions(-) diff --git a/pom.xml b/pom.xml index 4fb30ec..0e63ea8 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ org.springframework.boot spring-boot-starter-parent - 2.7.18 + 3.1.9 org.webeid.example @@ -20,9 +20,8 @@ 11 2.22.1 3.0.0 - 5.2.0 + 5.3.0 1.44 - 5.8.9 diff --git a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java index e179c17..4d7eb9a 100644 --- a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java +++ b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java @@ -31,6 +31,7 @@ import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler; @@ -54,28 +55,18 @@ public AuthenticationManager authenticationManager(AuthenticationConfiguration a @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - // @formatter:off - http - .authenticationProvider(authTokenDTOAuthenticationProvider) - .addFilterBefore( - new WebEidAjaxLoginProcessingFilter("/auth/login", - authenticationManager(http.getSharedObject(AuthenticationConfiguration.class))), - UsernamePasswordAuthenticationFilter.class) - .authorizeHttpRequests() - .requestMatchers("/auth/challenge", "/auth/login", "/") - .permitAll() - .requestMatchers("/welcome") - .authenticated() - .and() - .logout() - .logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()) - .and() - .headers() - .frameOptions().sameOrigin(); - return http.build(); - // @formatter:on + return http + .authenticationProvider(authTokenDTOAuthenticationProvider) + .addFilterBefore( + new WebEidAjaxLoginProcessingFilter("/auth/login", + authenticationManager(http.getSharedObject(AuthenticationConfiguration.class))), + UsernamePasswordAuthenticationFilter.class) + .logout(logout -> logout.logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler())) + .headers(headers -> headers.frameOptions(options -> options.sameOrigin())) + .build(); } + @Override public void addViewControllers(ViewControllerRegistry registry) { registry.addViewController("/").setViewName("index"); registry.addViewController("/welcome").setViewName("welcome"); diff --git a/src/main/java/eu/webeid/example/config/SessionBackedChallengeNonceStore.java b/src/main/java/eu/webeid/example/config/SessionBackedChallengeNonceStore.java index c94a324..cb4654d 100644 --- a/src/main/java/eu/webeid/example/config/SessionBackedChallengeNonceStore.java +++ b/src/main/java/eu/webeid/example/config/SessionBackedChallengeNonceStore.java @@ -26,7 +26,7 @@ import eu.webeid.security.challenge.ChallengeNonce; import eu.webeid.security.challenge.ChallengeNonceStore; -import javax.servlet.http.HttpSession; +import jakarta.servlet.http.HttpSession; public class SessionBackedChallengeNonceStore implements ChallengeNonceStore { diff --git a/src/main/java/eu/webeid/example/config/ValidationConfiguration.java b/src/main/java/eu/webeid/example/config/ValidationConfiguration.java index 83f0f47..dbe21ee 100644 --- a/src/main/java/eu/webeid/example/config/ValidationConfiguration.java +++ b/src/main/java/eu/webeid/example/config/ValidationConfiguration.java @@ -37,7 +37,7 @@ import eu.webeid.security.validator.AuthTokenValidator; import eu.webeid.security.validator.AuthTokenValidatorBuilder; -import javax.servlet.http.HttpSession; +import jakarta.servlet.http.HttpSession; import java.io.IOException; import java.io.InputStream; import java.net.URI; diff --git a/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java b/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java index ac43205..5c2ffaf 100644 --- a/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java +++ b/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java @@ -24,8 +24,8 @@ import com.fasterxml.jackson.databind.ObjectMapper; import java.io.IOException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import eu.webeid.example.security.ajax.AjaxAuthenticationFailureHandler; import eu.webeid.example.security.ajax.AjaxAuthenticationSuccessHandler; diff --git a/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationFailureHandler.java b/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationFailureHandler.java index 8580bca..647698f 100644 --- a/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationFailureHandler.java +++ b/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationFailureHandler.java @@ -27,9 +27,9 @@ import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpSession; import java.io.IOException; public class AjaxAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler { diff --git a/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationSuccessHandler.java b/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationSuccessHandler.java index 19d0410..b7b70b9 100644 --- a/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationSuccessHandler.java +++ b/src/main/java/eu/webeid/example/security/ajax/AjaxAuthenticationSuccessHandler.java @@ -29,8 +29,8 @@ import java.util.Collection; import java.util.List; import java.util.stream.Collectors; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.core.Authentication; diff --git a/src/main/java/eu/webeid/example/service/SigningService.java b/src/main/java/eu/webeid/example/service/SigningService.java index a7d71b4..69adc1c 100644 --- a/src/main/java/eu/webeid/example/service/SigningService.java +++ b/src/main/java/eu/webeid/example/service/SigningService.java @@ -46,8 +46,8 @@ import org.springframework.core.io.ByteArrayResource; import org.springframework.stereotype.Service; -import javax.servlet.http.HttpSession; -import javax.xml.bind.DatatypeConverter; +import jakarta.servlet.http.HttpSession; +import jakarta.xml.bind.DatatypeConverter; import java.io.IOException; import java.io.InputStream; import java.security.NoSuchAlgorithmException; diff --git a/src/main/java/eu/webeid/example/web/WelcomeController.java b/src/main/java/eu/webeid/example/web/WelcomeController.java index deb7ab8..e61fcc2 100644 --- a/src/main/java/eu/webeid/example/web/WelcomeController.java +++ b/src/main/java/eu/webeid/example/web/WelcomeController.java @@ -29,7 +29,7 @@ import org.springframework.ui.Model; import org.springframework.web.bind.annotation.GetMapping; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; import java.security.Principal; import static eu.webeid.example.security.AuthTokenDTOAuthenticationProvider.ROLE_USER; diff --git a/src/main/resources/templates/index.html b/src/main/resources/templates/index.html index 429b6b3..5204bae 100644 --- a/src/main/resources/templates/index.html +++ b/src/main/resources/templates/index.html @@ -57,7 +57,7 @@

    Usage

  • on Ubuntu Linux, for Firefox and Chrome, download and execute the
    download-install-web-eid.sh script from the console with
    - wget -O - https:///scripts/download-install-web-eid.sh + wget -O - https:///scripts/download-install-web-eid.sh | bash
    Note that Firefox is installed with Snap in Ubuntu 22.04 or later by default and as the Snap sandbox does not allow communication with the external native messaging host, Web diff --git a/src/test/java/eu/webeid/example/WebApplicationTest.java b/src/test/java/eu/webeid/example/WebApplicationTest.java index 4d95f43..d6e343b 100644 --- a/src/test/java/eu/webeid/example/WebApplicationTest.java +++ b/src/test/java/eu/webeid/example/WebApplicationTest.java @@ -59,7 +59,7 @@ public class WebApplicationTest { private WebApplicationContext context; @Autowired - private javax.servlet.Filter[] springSecurityFilterChain; + private jakarta.servlet.Filter[] springSecurityFilterChain; private static DefaultMockMvcBuilder mvcBuilder; diff --git a/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java b/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java index 0640a4d..794bf34 100644 --- a/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java +++ b/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java @@ -4,8 +4,8 @@ import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.BufferedReader; import java.io.StringReader; diff --git a/src/test/java/eu/webeid/example/testutil/ObjectMother.java b/src/test/java/eu/webeid/example/testutil/ObjectMother.java index ad048fd..f6103d5 100644 --- a/src/test/java/eu/webeid/example/testutil/ObjectMother.java +++ b/src/test/java/eu/webeid/example/testutil/ObjectMother.java @@ -33,7 +33,7 @@ import eu.webeid.example.service.dto.CertificateDTO; import eu.webeid.example.service.dto.SignatureDTO; -import javax.xml.bind.DatatypeConverter; +import jakarta.xml.bind.DatatypeConverter; import java.io.FileInputStream; import java.security.GeneralSecurityException; import java.security.KeyStore; From 791a390c468999db3a5a3bef566206c6b6766af6 Mon Sep 17 00:00:00 2001 From: Lauris Kaplinski Date: Wed, 27 Mar 2024 10:12:16 +0200 Subject: [PATCH 10/14] Play with persistence Signed-off-by: Lauris Kaplinski --- .../example/config/ApplicationConfiguration.java | 14 +++++++++++--- .../WebEidAjaxLoginProcessingFilter.java | 16 +++++++++++++++- 2 files changed, 26 insertions(+), 4 deletions(-) diff --git a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java index 4d7eb9a..6fbf1f2 100644 --- a/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java +++ b/src/main/java/eu/webeid/example/config/ApplicationConfiguration.java @@ -31,10 +31,11 @@ import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler; +import org.springframework.security.web.context.HttpSessionSecurityContextRepository; +import org.springframework.security.web.context.SecurityContextRepository; import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @@ -43,9 +44,11 @@ @EnableMethodSecurity(securedEnabled = true, jsr250Enabled = true) public class ApplicationConfiguration implements WebMvcConfigurer { final AuthTokenDTOAuthenticationProvider authTokenDTOAuthenticationProvider; + final HttpSessionSecurityContextRepository repo; public ApplicationConfiguration(AuthTokenDTOAuthenticationProvider authTokenDTOAuthenticationProvider) { this.authTokenDTOAuthenticationProvider = authTokenDTOAuthenticationProvider; + repo = new HttpSessionSecurityContextRepository(); } @Bean @@ -53,13 +56,18 @@ public AuthenticationManager authenticationManager(AuthenticationConfiguration a return authenticationConfiguration.getAuthenticationManager(); } + @Bean SecurityContextRepository securityContextRepository() { + return repo; + } + @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + AuthenticationManager manager = authenticationManager(http.getSharedObject(AuthenticationConfiguration.class)); + SecurityContextRepository repo = securityContextRepository(); return http .authenticationProvider(authTokenDTOAuthenticationProvider) .addFilterBefore( - new WebEidAjaxLoginProcessingFilter("/auth/login", - authenticationManager(http.getSharedObject(AuthenticationConfiguration.class))), + new WebEidAjaxLoginProcessingFilter("/auth/login", manager, repo), UsernamePasswordAuthenticationFilter.class) .logout(logout -> logout.logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler())) .headers(headers -> headers.frameOptions(options -> options.sameOrigin())) diff --git a/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java b/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java index 5c2ffaf..25c573d 100644 --- a/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java +++ b/src/main/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilter.java @@ -24,6 +24,8 @@ import com.fasterxml.jackson.databind.ObjectMapper; import java.io.IOException; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; @@ -37,22 +39,27 @@ import org.springframework.security.authentication.AuthenticationServiceException; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken; import org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy; +import org.springframework.security.web.context.SecurityContextRepository; public class WebEidAjaxLoginProcessingFilter extends AbstractAuthenticationProcessingFilter { private static final Logger LOG = LoggerFactory.getLogger(WebEidAjaxLoginProcessingFilter.class); + private final SecurityContextRepository repo; public WebEidAjaxLoginProcessingFilter( String defaultFilterProcessesUrl, - AuthenticationManager authenticationManager + AuthenticationManager authenticationManager, + SecurityContextRepository repo ) { super(defaultFilterProcessesUrl); this.setAuthenticationManager(authenticationManager); this.setAuthenticationSuccessHandler(new AjaxAuthenticationSuccessHandler()); this.setAuthenticationFailureHandler(new AjaxAuthenticationFailureHandler()); setSessionAuthenticationStrategy(new SessionFixationProtectionStrategy()); + this.repo = repo; } @Override @@ -76,4 +83,11 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ LOG.info("attemptAuthentication(): Calling authentication manager"); return getAuthenticationManager().authenticate(token); } + + @Override + protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException { + super.successfulAuthentication(request, response, chain, authResult); // Generated from nbfs://nbhost/SystemFileSystem/Templates/Classes/Code/OverriddenMethodBody + //SecurityContextHolder.setContext(securityContext); + repo.saveContext(SecurityContextHolder.getContext(), request, response); + } } From 09951d8361818022b3c597c398f45d27f597d542 Mon Sep 17 00:00:00 2001 From: Lauris Kaplinski Date: Wed, 27 Mar 2024 10:14:35 +0200 Subject: [PATCH 11/14] Fixed test Signed-off-by: Lauris Kaplinski --- .../example/security/WebEidAjaxLoginProcessingFilterTest.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java b/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java index 794bf34..e17441f 100644 --- a/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java +++ b/src/test/java/eu/webeid/example/security/WebEidAjaxLoginProcessingFilterTest.java @@ -12,6 +12,7 @@ import static org.junit.jupiter.api.Assertions.assertDoesNotThrow; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; +import org.springframework.security.web.context.SecurityContextRepository; class WebEidAjaxLoginProcessingFilterTest { @@ -31,9 +32,10 @@ void testAttemptAuthentication() throws Exception { when(request.getReader()).thenReturn(new BufferedReader(new StringReader(AUTH_TOKEN))); final AuthenticationManager authenticationManager = mock(AuthenticationManager.class); + final SecurityContextRepository repo = mock(SecurityContextRepository.class); assertDoesNotThrow(() -> - new WebEidAjaxLoginProcessingFilter("/auth/login", authenticationManager) + new WebEidAjaxLoginProcessingFilter("/auth/login", authenticationManager, repo) .attemptAuthentication(request, response)); } } \ No newline at end of file From 737b789b008b3ae803c1298aa303255ec0580d6c Mon Sep 17 00:00:00 2001 From: Lauris Kaplinski Date: Wed, 27 Mar 2024 11:58:01 +0200 Subject: [PATCH 12/14] Fixed missing httpServletRequest in ThymeLeaf 3.1 Signed-off-by: Lauris Kaplinski --- .../webeid/example/web/IndexController.java | 37 +++++++++++++++++++ src/main/resources/templates/index.html | 2 +- 2 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 src/main/java/eu/webeid/example/web/IndexController.java diff --git a/src/main/java/eu/webeid/example/web/IndexController.java b/src/main/java/eu/webeid/example/web/IndexController.java new file mode 100644 index 0000000..e464a50 --- /dev/null +++ b/src/main/java/eu/webeid/example/web/IndexController.java @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2020-2024 Estonian Information System Authority + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ + +package eu.webeid.example.web; + +import jakarta.servlet.http.HttpServletRequest; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.GetMapping; + +@Controller +public class IndexController { + @GetMapping("/") + public String welcome(Model model, HttpServletRequest request) { + model.addAttribute("serverName", request.getServerName()); + return "index"; + } +} diff --git a/src/main/resources/templates/index.html b/src/main/resources/templates/index.html index 5204bae..759d337 100644 --- a/src/main/resources/templates/index.html +++ b/src/main/resources/templates/index.html @@ -57,7 +57,7 @@

    Usage

  • on Ubuntu Linux, for Firefox and Chrome, download and execute the
    download-install-web-eid.sh script from the console with
    - wget -O - https:///scripts/download-install-web-eid.sh + wget -O - https:///scripts/download-install-web-eid.sh | bash
    Note that Firefox is installed with Snap in Ubuntu 22.04 or later by default and as the Snap sandbox does not allow communication with the external native messaging host, Web From ed93ef7999da928428db1f92d67008874485e438 Mon Sep 17 00:00:00 2001 From: Lauris Kaplinski Date: Wed, 27 Mar 2024 13:27:21 +0200 Subject: [PATCH 13/14] Fixed Java version Signed-off-by: Lauris Kaplinski --- .github/workflows/maven-build.yml | 12 ++++++------ pom.xml | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml index 7b3120c..14becab 100644 --- a/.github/workflows/maven-build.yml +++ b/.github/workflows/maven-build.yml @@ -7,19 +7,19 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - - uses: actions/setup-java@v3 + - uses: actions/setup-java@v4 with: distribution: zulu - java-version: 11 + java-version: 17 - name: Cache Maven packages - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: ~/.m2 - key: ${{ runner.os }}-m2-v11-${{ secrets.CACHE_VERSION }}-${{ hashFiles('**/pom.xml') }} - restore-keys: ${{ runner.os }}-m2-v11-${{ secrets.CACHE_VERSION }} + key: ${{ runner.os }}-m2-v17-${{ secrets.CACHE_VERSION }}-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2-v17-${{ secrets.CACHE_VERSION }} - name: Build run: mvn --batch-mode compile diff --git a/pom.xml b/pom.xml index 0e63ea8..49761fe 100644 --- a/pom.xml +++ b/pom.xml @@ -17,7 +17,7 @@ - 11 + 17 2.22.1 3.0.0 5.3.0 From 4937f18cf38ea393815d973e34fe69aac311fb4b Mon Sep 17 00:00:00 2001 From: Lauris Kaplinski Date: Thu, 28 Mar 2024 09:56:42 +0200 Subject: [PATCH 14/14] Fixed Java version in README.md Signed-off-by: Lauris Kaplinski --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 55049e7..008357d 100644 --- a/README.md +++ b/README.md @@ -49,7 +49,7 @@ You can specify the profile as a command-line argument to the Maven wrapper comm ### 5. Run the application -Spring Boot web applications can be run from the command-line. You need to have the Java Development Kit 8 installed for building the application package and running the application. +Spring Boot web applications can be run from the command-line. You need to have the Java Development Kit 17 installed for building the application package and running the application. Build and run the application with the following command in a terminal window: