Clover icon

sunshower-core

  1. Project Clover database Fri Apr 6 2018 03:27:42 UTC
  2. Package io.sunshower.service.security

File SecurityConfiguration.java

 

Coverage histogram

../../../../img/srcFileCovDistChart8.png
14% of files have more coverage

Code metrics

0
35
29
1
219
186
29
0.83
1.21
29
1

Classes

Class Line # Actions
SecurityConfiguration 51 35 29
0.7812578.1%
 

Contributing tests

No tests hitting this source file were found.

Source view

1    package io.sunshower.service.security;
2   
3    import io.sunshower.common.rs.ClassParameterProviderFactory;
4    import io.sunshower.core.security.AuthenticationService;
5    import io.sunshower.core.security.RoleService;
6    import io.sunshower.core.security.UserService;
7    import io.sunshower.core.security.crypto.EncryptionService;
8    import io.sunshower.model.core.vault.KeyProvider;
9    import io.sunshower.service.application.DefaultApplicationService;
10    import io.sunshower.service.security.crypto.InstanceSecureKeyGenerator;
11    import io.sunshower.service.security.crypto.MessageAuthenticationCode;
12    import io.sunshower.service.security.crypto.StrongEncryptionService;
13    import io.sunshower.service.security.jaxrs.AuthenticationContextProvider;
14    import io.sunshower.service.security.user.DefaultUserService;
15    import io.sunshower.service.signup.SignupService;
16    import javax.inject.Inject;
17    import javax.inject.Named;
18    import javax.inject.Singleton;
19    import javax.sql.DataSource;
20    import org.apache.ignite.cache.spring.SpringCacheManager;
21    import org.jasypt.util.text.StrongTextEncryptor;
22    import org.jasypt.util.text.TextEncryptor;
23    import org.slf4j.Logger;
24    import org.slf4j.LoggerFactory;
25    import org.springframework.cache.Cache;
26    import org.springframework.cache.CacheManager;
27    import org.springframework.cache.annotation.EnableCaching;
28    import org.springframework.context.annotation.Bean;
29    import org.springframework.context.annotation.Configuration;
30    import org.springframework.jdbc.core.JdbcTemplate;
31    import org.springframework.security.access.PermissionEvaluator;
32    import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
33    import org.springframework.security.acls.domain.*;
34    import org.springframework.security.acls.jdbc.LookupStrategy;
35    import org.springframework.security.acls.model.AclCache;
36    import org.springframework.security.acls.model.AclService;
37    import org.springframework.security.acls.model.MutableAclService;
38    import org.springframework.security.acls.model.PermissionGrantingStrategy;
39    import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
40    import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
41    import org.springframework.security.config.annotation.web.builders.HttpSecurity;
42    import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
43    import org.springframework.security.core.GrantedAuthority;
44    import org.springframework.security.core.userdetails.UserDetailsService;
45    import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
46    import org.springframework.security.crypto.password.PasswordEncoder;
47   
48    @Configuration
49    @EnableCaching
50    @EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true, securedEnabled = true)
 
51    public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
52   
53    static final Logger logger = LoggerFactory.getLogger(SecurityConfiguration.class);
54   
 
55  1 toggle @Bean
56    public ApplicationService applicationService() {
57  1 return new DefaultApplicationService();
58    }
59   
 
60  1 toggle @Bean
61    public TokenManager tokenManager() {
62  1 return new GridTokenManager();
63    }
64   
 
65  0 toggle @Override
66    protected void configure(HttpSecurity http) throws Exception {
67  0 logger.info("disabling web security in favor of method security");
68  0 http.anonymous().configure(http);
69  0 http.authorizeRequests().anyRequest().permitAll();
70    }
71   
72    @Inject private UserService userService;
73   
 
74  1 toggle @Bean
75    public Session userFacade() {
76  1 return new AuthenticationSession();
77    }
78   
 
79  1 toggle @Bean
80    public ClassParameterProviderFactory classParameterProviderFactory() {
81  1 return new ClassParameterProviderFactory();
82    }
83   
 
84  1 toggle @Bean
85    public AuthenticationContextProvider authenticationProvider() {
86  1 return new AuthenticationContextProvider();
87    }
88   
 
89  0 toggle @Override
90    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
91  0 auth.userDetailsService((UserDetailsService) userService);
92    }
93   
 
94  1 toggle @Bean(name = "caches:spring:acl")
95    public Cache springAclCache(CacheManager cacheManager) {
96  1 return cacheManager.getCache("caches:spring:acl");
97    }
98   
 
99  1 toggle @Bean
100    public UserService userService() {
101  1 return new DefaultUserService();
102    }
103   
 
104  1 toggle @Bean
105    public TokenAuthenticationFilter tokenAuthenticationFilter() {
106  1 return new TokenAuthenticationFilter();
107    }
108   
 
109  1 toggle @Bean
110    public RoleService roleService() {
111  1 return new DefaultRoleService();
112    }
113   
 
114  1 toggle @Bean
115    public KeyProvider keyProvider() {
116  1 return new InstanceSecureKeyGenerator();
117    }
118   
 
119  0 toggle @Bean
120    @Singleton
121    public MessageAuthenticationCode messageAuthenticationCode(KeyProvider keyProvider) {
122  0 return new MessageAuthenticationCode(
123    MessageAuthenticationCode.Algorithm.SHA256, keyProvider.getKey());
124    }
125   
 
126  1 toggle @Bean
127    public SignupService signupService() {
128  1 return new DefaultSignupService();
129    }
130   
 
131  1 toggle @Bean
132    public EncryptionService encryptionService() {
133  1 return new StrongEncryptionService();
134    }
135   
 
136  1 toggle @Bean
137    public PasswordEncoder passwordEncoder() {
138  1 return new BCryptPasswordEncoder();
139    }
140   
 
141  1 toggle @Bean
142    public AuthenticationService authenticationService() {
143  1 return new DefaultAuthenticationService();
144    }
145   
 
146  0 toggle @Bean
147    public TextEncryptor textEncryptor(KeyProvider keyProvider) {
148  0 final StrongTextEncryptor result = new StrongTextEncryptor();
149  0 result.setPassword(keyProvider.getKey());
150  0 return result;
151    }
152   
 
153  1 toggle @Bean
154    public MutableAclService jdbcAclService(
155    JdbcTemplate template, LookupStrategy lookupStrategy, AclCache aclCache) {
156  1 return new IdentifierJdbcMutableAclService(template, lookupStrategy, aclCache, "SUNSHOWER");
157    }
158   
 
159  0 toggle @Bean
160    public JdbcTemplate jdbcTemplate(DataSource dataSource) {
161  0 return new JdbcTemplate(dataSource);
162    }
163   
 
164  1 toggle @Bean
165    public RoleHierarchy roleHierarchy() {
166  1 return new CachingRoleHierarchy();
167    }
168   
 
169  1 toggle @Bean
170    public PermissionEvaluator permissionEvaluator(AclService aclService) {
171  1 return new MultitenantedHierarchicalPermissionEvaluator(aclService);
172    }
173   
 
174  1 toggle @Bean
175    public SpringCacheManager springCacheManager() {
176  1 final SpringCacheManager springCacheManager = new SpringCacheManager();
177  1 springCacheManager.setIgniteInstanceName("sunshower-data-fabric");
178  1 return springCacheManager;
179    }
180   
 
181  1 toggle @Bean
182    public AclCache aclCache(
183    @Named("caches:spring:acl") Cache cache,
184    PermissionGrantingStrategy permissionGrantingStrategy,
185    AclAuthorizationStrategy aclAuthorizationStrategy) {
186  1 return new SpringCacheBasedAclCache(
187    cache, permissionGrantingStrategy, aclAuthorizationStrategy);
188    }
189   
 
190  1 toggle @Bean
191    public LookupStrategy aclLookupStrategy(
192    DataSource dataSource,
193    AclCache aclCache,
194    AclAuthorizationStrategy aclAuthorizationStrategy,
195    PermissionGrantingStrategy permissionGrantingStrategy) {
196  1 return new IdentifierEnabledLookupStrategy(
197    "SUNSHOWER", dataSource, aclCache, aclAuthorizationStrategy, permissionGrantingStrategy);
198    }
199   
 
200  1 toggle @Bean
201    public static GrantedAuthority administratorRole() {
202  1 return DefaultRoles.SITE_ADMINISTRATOR.toRole();
203    }
204   
 
205  1 toggle @Bean
206    public AclAuthorizationStrategy aclAuthorizationStrategy(GrantedAuthority role) {
207  1 return new MultitenantedAclAuthorizationStrategy(role);
208    }
209   
 
210  1 toggle @Bean
211    public PermissionGrantingStrategy permissionGrantingStrategy(AuditLogger logger) {
212  1 return new DefaultPermissionGrantingStrategy(logger);
213    }
214   
 
215  1 toggle @Bean
216    public AuditLogger securityAuditLogger() {
217  1 return new ConsoleAuditLogger();
218    }
219    }