diff --git a/pom.xml b/pom.xml index dbe116b..141a0c1 100644 --- a/pom.xml +++ b/pom.xml @@ -28,6 +28,10 @@ org.springframework.boot spring-boot-starter-web + + org.springframework.boot + spring-boot-starter-security + org.springframework.boot spring-boot-starter-quartz @@ -36,10 +40,6 @@ org.flywaydb flyway-core - - - - org.hibernate.validator hibernate-validator @@ -181,5 +181,4 @@ - - + \ No newline at end of file diff --git a/src/main/java/it/cnr/iit/epas/timesheet/ugovpj/config/SecurityConfig.java b/src/main/java/it/cnr/iit/epas/timesheet/ugovpj/config/SecurityConfig.java new file mode 100644 index 0000000..952069d --- /dev/null +++ b/src/main/java/it/cnr/iit/epas/timesheet/ugovpj/config/SecurityConfig.java @@ -0,0 +1,46 @@ +/* + * Copyright (C) 2024 Consiglio Nazionale delle Ricerche + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package it.cnr.iit.epas.timesheet.ugovpj.config; + +import lombok.Data; +import lombok.EqualsAndHashCode; +import lombok.ToString; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +import jakarta.validation.constraints.NotNull; + +/** + * Contenitore dei parametri di configurazione per l'autenticazione + * con i servizi REST dell'applicazione. + * + * @author Cristian Lucchesi + * + */ +@Data +@EqualsAndHashCode +@ToString +@Configuration +@ConfigurationProperties(prefix = "security") +public class SecurityConfig { + + @NotNull + private String username; + @NotNull + private String password; + +} \ No newline at end of file diff --git a/src/main/java/it/cnr/iit/epas/timesheet/ugovpj/config/SecurityFilter.java b/src/main/java/it/cnr/iit/epas/timesheet/ugovpj/config/SecurityFilter.java new file mode 100644 index 0000000..bf52a21 --- /dev/null +++ b/src/main/java/it/cnr/iit/epas/timesheet/ugovpj/config/SecurityFilter.java @@ -0,0 +1,75 @@ +/* + * Copyright (C) 2024 Consiglio Nazionale delle Ricerche + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package it.cnr.iit.epas.timesheet.ugovpj.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.Customizer; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.core.userdetails.User; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.provisioning.InMemoryUserDetailsManager; +import org.springframework.security.web.SecurityFilterChain; + +import lombok.RequiredArgsConstructor; + +/** + * Configurazione della catena di filtri necessaria per la security dell'applicazione. + * + * @author Cristian Lucchesi + * + */ +@RequiredArgsConstructor +@EnableWebSecurity +@Configuration +public class SecurityFilter { + + private final SecurityConfig securityConfig; + + // User Creation + @Bean + public UserDetailsService userDetailsService(PasswordEncoder encoder) { + + // InMemoryUserDetailsManager + UserDetails admin = User.withUsername(securityConfig.getUsername()) + .password(encoder.encode(securityConfig.getPassword())) + .build(); + return new InMemoryUserDetailsManager(admin); + } + + /** + * Configurazione della catena di filtri di autenticazione da applicare ai metodi REST. + */ + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + http + .authorizeHttpRequests(authorize -> authorize + .requestMatchers("/v3/api-docs/**", "/swagger-ui/**").permitAll() + .anyRequest().authenticated()) + .httpBasic(Customizer.withDefaults()); + return http.build(); + } + + @Bean + public PasswordEncoder passwordEncoder() { + return new BCryptPasswordEncoder(8); + } +} \ No newline at end of file diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index ab4cc11..8ea5b69 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -21,9 +21,15 @@ logging.level.it.cnr.iit.epas=DEBUG #Impostazioni dell'applicazione +# Informazioni per l'accesso di questo servizio ai servizi REST di ePAS epas.server-url=http://localhost:9000 -epas.username= -epas.password= +epas.username=epas.timesheet +epas.password=timesheet +# Informazioni interne al servizio per la gestione dei dati delle presenze/assenze timesheet.stampings-type=N -timesheet.days-in-the-past=90 \ No newline at end of file +timesheet.days-in-the-past=90 + +# Utilizzata per autenticare le chiamate REST a questo servizio +security.username=epas.timesheet +security.password=timesheet \ No newline at end of file