From fc498a7e95abef230a93ef1c26ef28d49fa5bbab Mon Sep 17 00:00:00 2001 From: Alexey Nesterov Date: Thu, 27 Feb 2020 15:07:31 +0000 Subject: [PATCH] Rename local profile to oauth2login --- README.md | 4 ++-- backend/{build-local.gradle => build-oauth2login.gradle} | 0 backend/build.gradle | 6 +++--- ...tion.java => LocalOAuth2LoginSecurityConfiguration.java} | 4 ++-- .../{application-local.yml => application-oauth2login.yml} | 0 scripts/local.sh | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) rename backend/{build-local.gradle => build-oauth2login.gradle} (100%) rename backend/src/main/java/io/spring/cloud/samples/animalrescue/backend/{LocalRunSecurityConfiguration.java => LocalOAuth2LoginSecurityConfiguration.java} (92%) rename backend/src/main/resources/{application-local.yml => application-oauth2login.yml} (100%) diff --git a/README.md b/README.md index 22dcb884..3594f99c 100644 --- a/README.md +++ b/README.md @@ -71,13 +71,13 @@ Use the following commands to manage the local lifecycle of animal-rescue ``` #### Local security configuration -Backend uses Form login for local development with two test accounts - `mysterious_adopter / test` and `test / test`. You can optionally run the app with OAuth2 login flow using `LOGIN_MODE` param: `LOGIN_MODE="oauth2" ./scripts/local.sh start`. This command will build and start Docker container with CloudFoundry User Account and Authentication (UAA) to act as a authorization server. +Backend uses Form login for local development with two test accounts - `mysterious_adopter / test` and `test / test`. You can optionally run the app with OAuth2 login flow using `LOGIN_MODE` param: `LOGIN_MODE="oauth2" ./scripts/local.sh start`. This command will build and start Docker container with CloudFoundry User Account and Authentication (UAA) to act as a authorization server. Test account is `test / test`. > You have to have Docker installed locally if you want to run the app with OAuth2 login using UAA. For more details, please refer to the official Docker [documentation](https://www.docker.com/products/docker-desktop). Note that in a real deployment with Gateway, OAuth2 login will be managed by the gateway itself, and your app should use `TokenRelay` filter to receive OpenID ID Token in `Authorization` header. See `CloudFoundrySecurityConfiguration` class for an example of Spring Security 5 configuration to handle token relay correctly. -When `LOGIN_MODE` is set to `oauth2`, Gradle `local` profile will be activated. It adds `spring-security-oauth2-client` to the dependencies list, and configure `oauth2Login` in it's security configuration. After a successful login, the redirect uri is set to `${frontendUrl/rescue/login}` to mimic the user flow with gateway redirect. `auth` module contains a `uaa` Dockerfile which acts as an authorization server the oauth2 login flow. +When `LOGIN_MODE` is set to `oauth2`, Gradle `oauth2login` profile will be activated. It adds `spring-security-oauth2-client` to the dependencies list, and configure `oauth2Login` in it's security configuration. After a successful login, the redirect uri is set to `${frontendUrl/rescue/login}` to mimic the user flow with gateway redirect. `auth` module contains a `uaa` Dockerfile which acts as an authorization server the oauth2 login flow. #### Tests Execute the following script to run all tests: diff --git a/backend/build-local.gradle b/backend/build-oauth2login.gradle similarity index 100% rename from backend/build-local.gradle rename to backend/build-oauth2login.gradle diff --git a/backend/build.gradle b/backend/build.gradle index d411df98..a417672e 100644 --- a/backend/build.gradle +++ b/backend/build.gradle @@ -20,9 +20,9 @@ repositories { } def propertyDrivenProfiles; -if (project.hasProperty('local')) { - propertyDrivenProfiles = 'local' - apply from: rootProject.file('build-local.gradle'); +if (project.hasProperty('oauth2login')) { + propertyDrivenProfiles = 'oauth2login' + apply from: rootProject.file('build-oauth2login.gradle'); } bootRun { diff --git a/backend/src/main/java/io/spring/cloud/samples/animalrescue/backend/LocalRunSecurityConfiguration.java b/backend/src/main/java/io/spring/cloud/samples/animalrescue/backend/LocalOAuth2LoginSecurityConfiguration.java similarity index 92% rename from backend/src/main/java/io/spring/cloud/samples/animalrescue/backend/LocalRunSecurityConfiguration.java rename to backend/src/main/java/io/spring/cloud/samples/animalrescue/backend/LocalOAuth2LoginSecurityConfiguration.java index 024b69b1..5a3a33c1 100644 --- a/backend/src/main/java/io/spring/cloud/samples/animalrescue/backend/LocalRunSecurityConfiguration.java +++ b/backend/src/main/java/io/spring/cloud/samples/animalrescue/backend/LocalOAuth2LoginSecurityConfiguration.java @@ -8,8 +8,8 @@ import org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler; @Configuration -@Profile("local") -public class LocalRunSecurityConfiguration { +@Profile("oauth2login") +public class LocalOAuth2LoginSecurityConfiguration { @Bean public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity httpSecurity) { diff --git a/backend/src/main/resources/application-local.yml b/backend/src/main/resources/application-oauth2login.yml similarity index 100% rename from backend/src/main/resources/application-local.yml rename to backend/src/main/resources/application-oauth2login.yml diff --git a/scripts/local.sh b/scripts/local.sh index 3233b0dd..951cdb46 100755 --- a/scripts/local.sh +++ b/scripts/local.sh @@ -43,7 +43,7 @@ startBackend() { local gradle_opts='' if [[ $LOGIN_MODE == 'oauth2' ]]; then - gradle_opts='-Plocal' + gradle_opts='-Poauth2login' fi if [[ $1 == '--quiet' ]]; then