From e60e8a7aa86e8337c74d65a8e714bd8b2c71cd5b Mon Sep 17 00:00:00 2001 From: weiping Date: Fri, 7 Sep 2018 17:23:21 +0800 Subject: [PATCH 1/5] allow login with github --- pom.xml | 13 +++++++ .../controller/MainController.java | 15 +++++++- .../security/WebSecurityConfig.java | 12 ++++++- src/main/resources/application.yml | 8 +++++ src/main/resources/static/js/auth.js | 34 +++++++++++++++++++ src/main/resources/templates/home.mustache | 16 +++++++++ 6 files changed, 96 insertions(+), 2 deletions(-) create mode 100644 src/main/resources/static/js/auth.js diff --git a/pom.xml b/pom.xml index 68abe08..39ce7a0 100644 --- a/pom.xml +++ b/pom.xml @@ -74,6 +74,19 @@ azure-storage-spring-boot-starter + + org.springframework.boot + spring-boot-starter-security + + + org.springframework.security + spring-security-oauth2-client + + + org.springframework.security + spring-security-oauth2-jose + + org.springframework.boot spring-boot-devtools diff --git a/src/main/java/com/microsoft/azure/springcloudplayground/controller/MainController.java b/src/main/java/com/microsoft/azure/springcloudplayground/controller/MainController.java index e88d759..171e62d 100644 --- a/src/main/java/com/microsoft/azure/springcloudplayground/controller/MainController.java +++ b/src/main/java/com/microsoft/azure/springcloudplayground/controller/MainController.java @@ -11,11 +11,18 @@ import org.apache.tools.ant.Project; import org.apache.tools.ant.taskdefs.Zip; import org.apache.tools.ant.types.ZipFileSet; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.ResponseEntity; import org.springframework.lang.NonNull; +import org.springframework.security.core.annotation.AuthenticationPrincipal; +import org.springframework.security.oauth2.client.OAuth2AuthorizedClient; +import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService; +import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; +import org.springframework.security.oauth2.core.user.OAuth2User; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.util.StreamUtils; +import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.*; import org.springframework.web.servlet.resource.ResourceUrlProvider; @@ -35,6 +42,9 @@ public class MainController extends AbstractPlaygroundController { private final TelemetryProxy telemetryProxy; private final ProjectGenerator projectGenerator; + @Autowired + private OAuth2AuthorizedClientService authorizedClientService; + private static final String TELEMETRY_EVENT_ACCESS = "SpringCloudPlaygroundAccess"; private static final String TELEMETRY_EVENT_GENERATE = "SpringCloudPlaygroundGenerate"; private static final String TELEMETRY_EVENT_LOGIN = "SpringCloudPlaygroundLogin"; @@ -108,7 +118,10 @@ private void triggerLoginEvent(@NonNull String accountType) { } @RequestMapping(path = "/", produces = "text/html") - public String home(Map model) { + public String home(Map model, OAuth2AuthenticationToken token) { + if (token != null && !StringUtils.isEmpty(token.getName())) { + model.put("loggedInUser", token.getPrincipal().getAttributes().get("login")); + } this.addBuildInformation(model); this.renderHome(model); diff --git a/src/main/java/com/microsoft/azure/springcloudplayground/security/WebSecurityConfig.java b/src/main/java/com/microsoft/azure/springcloudplayground/security/WebSecurityConfig.java index 48ae55a..21eaf53 100644 --- a/src/main/java/com/microsoft/azure/springcloudplayground/security/WebSecurityConfig.java +++ b/src/main/java/com/microsoft/azure/springcloudplayground/security/WebSecurityConfig.java @@ -9,6 +9,16 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter{ @Override protected void configure(HttpSecurity http) throws Exception { - http.authorizeRequests().anyRequest().permitAll(); + http.authorizeRequests() + .anyRequest() + .permitAll() + .and() + .oauth2Login(); +// http +// .authorizeRequests() +// .anyRequest().authenticated() +// .and() +// .oauth2Login(); + } } diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 3641485..4f9dbb5 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -1,6 +1,14 @@ spring: mustache: expose-request-attributes: true + security: + oauth2: + client: + registration: + github: + client-id: xxxxxx + client-secret: xxxxxxx + scope: user, public_repo playground: env: diff --git a/src/main/resources/static/js/auth.js b/src/main/resources/static/js/auth.js new file mode 100644 index 0000000..05b07bc --- /dev/null +++ b/src/main/resources/static/js/auth.js @@ -0,0 +1,34 @@ +(function() { + var $signInButton = $("#login_link"); + var $signOutButton = $("#logout_link"); + var $userDropdown = $("#user_dropdown"); + var $loggedUser = $("#logged_user"); + + $signOutButton.on("click", function() { + logout(); + }); + + function logout() { + var csrfToken = $("input[name='_csrf']").val(); + var csrfTokenHeader = $("input[name='_csrf_header']").val(); + + var xhttp = new XMLHttpRequest(); + + xhttp.onreadystatechange = function () { + if(this.readyState == XMLHttpRequest.DONE && this.status == 200) { + loggedOutSuccess(); + } + } + + xhttp.open("POST", '/logout'); + xhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); + xhttp.setRequestHeader(csrfTokenHeader, csrfToken); + xhttp.send(null); + } + + function loggedOutSuccess() { + $signInButton.removeClass("hidden"); + $userDropdown.addClass("hidden"); + $loggedUser.text(undefined); + } +}()) \ No newline at end of file diff --git a/src/main/resources/templates/home.mustache b/src/main/resources/templates/home.mustache index 15a55b0..b1c670b 100644 --- a/src/main/resources/templates/home.mustache +++ b/src/main/resources/templates/home.mustache @@ -30,6 +30,21 @@ Spring Cloud Azure Playground + + @@ -84,6 +99,7 @@ + From 2627089cd883159f99b617b64e7fd5758823847e Mon Sep 17 00:00:00 2001 From: Weiping Date: Sun, 9 Sep 2018 15:30:20 +0800 Subject: [PATCH 2/5] increase z-index to show on top --- .../security/WebSecurityConfig.java | 15 +++++---------- src/main/resources/static/css/customize.css | 1 + 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/src/main/java/com/microsoft/azure/springcloudplayground/security/WebSecurityConfig.java b/src/main/java/com/microsoft/azure/springcloudplayground/security/WebSecurityConfig.java index 21eaf53..a77070c 100644 --- a/src/main/java/com/microsoft/azure/springcloudplayground/security/WebSecurityConfig.java +++ b/src/main/java/com/microsoft/azure/springcloudplayground/security/WebSecurityConfig.java @@ -3,22 +3,17 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.web.util.matcher.AntPathRequestMatcher; @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter{ @Override protected void configure(HttpSecurity http) throws Exception { - http.authorizeRequests() - .anyRequest() - .permitAll() - .and() - .oauth2Login(); -// http -// .authorizeRequests() -// .anyRequest().authenticated() -// .and() -// .oauth2Login(); + http.authorizeRequests().anyRequest().permitAll().and().oauth2Login(); + + http.logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")) + .logoutSuccessUrl("/").deleteCookies("JSESSIONID").invalidateHttpSession(true); } } diff --git a/src/main/resources/static/css/customize.css b/src/main/resources/static/css/customize.css index 854b9bc..9c6670c 100644 --- a/src/main/resources/static/css/customize.css +++ b/src/main/resources/static/css/customize.css @@ -121,6 +121,7 @@ body, button, input, p, select, textarea, label, h1, h2, h3, h4 { top: 0; right: 0; border: 0; + z-index: 1000; } .start-video { From 6bb0d78355322bf0beaaf02a80f306dd6cf4030b Mon Sep 17 00:00:00 2001 From: weiping Date: Mon, 10 Sep 2018 10:43:24 +0800 Subject: [PATCH 3/5] remove redundant dependency --- pom.xml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/pom.xml b/pom.xml index 39ce7a0..fd32fd3 100644 --- a/pom.xml +++ b/pom.xml @@ -74,10 +74,6 @@ azure-storage-spring-boot-starter - - org.springframework.boot - spring-boot-starter-security - org.springframework.security spring-security-oauth2-client From a28b1e11884b363cb82e29149e3595f4da446662 Mon Sep 17 00:00:00 2001 From: weiping Date: Mon, 10 Sep 2018 10:43:59 +0800 Subject: [PATCH 4/5] disable basic and redirect default oauth2 login page --- .../springcloudplayground/security/WebSecurityConfig.java | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/microsoft/azure/springcloudplayground/security/WebSecurityConfig.java b/src/main/java/com/microsoft/azure/springcloudplayground/security/WebSecurityConfig.java index a77070c..35e4dc5 100644 --- a/src/main/java/com/microsoft/azure/springcloudplayground/security/WebSecurityConfig.java +++ b/src/main/java/com/microsoft/azure/springcloudplayground/security/WebSecurityConfig.java @@ -10,10 +10,12 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter{ @Override protected void configure(HttpSecurity http) throws Exception { - http.authorizeRequests().anyRequest().permitAll().and().oauth2Login(); + http.authorizeRequests().anyRequest().permitAll().and().oauth2Login().loginPage("/"); - http.logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")) + http.formLogin().disable() + .logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")) .logoutSuccessUrl("/").deleteCookies("JSESSIONID").invalidateHttpSession(true); + http.httpBasic().disable(); } } From 811b1c92d4701309340707eb14ec03d08f9d908d Mon Sep 17 00:00:00 2001 From: weiping Date: Mon, 10 Sep 2018 10:46:07 +0800 Subject: [PATCH 5/5] remove unused imports and variable --- .../springcloudplayground/controller/MainController.java | 6 ------ 1 file changed, 6 deletions(-) diff --git a/src/main/java/com/microsoft/azure/springcloudplayground/controller/MainController.java b/src/main/java/com/microsoft/azure/springcloudplayground/controller/MainController.java index 171e62d..7c3f00d 100644 --- a/src/main/java/com/microsoft/azure/springcloudplayground/controller/MainController.java +++ b/src/main/java/com/microsoft/azure/springcloudplayground/controller/MainController.java @@ -14,11 +14,8 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.ResponseEntity; import org.springframework.lang.NonNull; -import org.springframework.security.core.annotation.AuthenticationPrincipal; -import org.springframework.security.oauth2.client.OAuth2AuthorizedClient; import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; -import org.springframework.security.oauth2.core.user.OAuth2User; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.util.StreamUtils; @@ -42,9 +39,6 @@ public class MainController extends AbstractPlaygroundController { private final TelemetryProxy telemetryProxy; private final ProjectGenerator projectGenerator; - @Autowired - private OAuth2AuthorizedClientService authorizedClientService; - private static final String TELEMETRY_EVENT_ACCESS = "SpringCloudPlaygroundAccess"; private static final String TELEMETRY_EVENT_GENERATE = "SpringCloudPlaygroundGenerate"; private static final String TELEMETRY_EVENT_LOGIN = "SpringCloudPlaygroundLogin";