Add application properties to disable specific parts of the Authoriza…

…tion Server auto-configuration jmix-framework#3381
kernelmix · Jun 10, 2024 · 2275917 · 2275917
1 parent c77ecef
commit 2275917
Showing 1 changed file with 29 additions and 26 deletions.
diff --git a/...r-starter/src/main/java/io/jmix/autoconfigure/authserver/AuthServerAutoConfiguration.java b/...r-starter/src/main/java/io/jmix/autoconfigure/authserver/AuthServerAutoConfiguration.java
@@ -60,13 +60,16 @@
 @ConditionalOnProperty(name = "jmix.authserver.use-default-configuration", matchIfMissing = true)
 public class AuthServerAutoConfiguration {
 
- @Configuration
- @Order(AuthorizationServerLoginPageConfiguration.ORDER)
- public static class AuthorizationServerLoginPageConfiguration implements WebMvcConfigurer {
+ @Configuration(proxyBeanMethods = false)
+ @Order(LoginPageConfiguration.ORDER)
+ @ConditionalOnProperty(name = "jmix.authserver.use-default-login-page-configuration", matchIfMissing = true)
+ public static class LoginPageConfiguration implements WebMvcConfigurer {
+
+ public static final String SECURITY_CONFIGURER_QUALIFIER = "authorization-server-login-form";
 
  private final AuthServerProperties authServerProperties;
 
- public AuthorizationServerLoginPageConfiguration(AuthServerProperties authServerProperties) {
+ public LoginPageConfiguration(AuthServerProperties authServerProperties) {
  this.authServerProperties = authServerProperties;
  }
 
@@ -77,17 +80,33 @@ public void addViewControllers(ViewControllerRegistry registry) {
  registry.addViewController(authServerProperties.getLoginPageUrl())
  .setViewName(authServerProperties.getLoginPageViewName());
  }
+
+ @Bean("authsr_LoginFormSecurityFilterChain")
+ @Order(JmixSecurityFilterChainOrder.AUTHSERVER_LOGIN_FORM)
+ public SecurityFilterChain loginFormSecurityFilterChain(HttpSecurity http)
+ throws Exception {
+ http
+ .securityMatcher(authServerProperties.getLoginPageUrl(), "/aslogin/styles/**")
+ .authorizeHttpRequests(authorize -> {
+ authorize.anyRequest().permitAll();
+ })
+ .formLogin(form -> {
+ form.loginPage(authServerProperties.getLoginPageUrl());
+ });
+
+ SecurityConfigurers.applySecurityConfigurersWithQualifier(http, SECURITY_CONFIGURER_QUALIFIER);
+ return http.build();
+ }
  }
 
  @Configuration(proxyBeanMethods = false)
- public static class AuthorizationServerSecurityConfiguration {
+ @ConditionalOnProperty(name = "jmix.authserver.use-default-authorization-server-configuration", matchIfMissing = true)
+ public static class AuthorizationServerConfiguration {
 
  public static final String SECURITY_CONFIGURER_QUALIFIER = "authorization-server";
- public static final String LOGIN_FORM_SECURITY_CONFIGURER_QUALIFIER = "authorization-server-login-form";
-
  private final AuthServerProperties authServerProperties;
 
- public AuthorizationServerSecurityConfiguration(AuthServerProperties authServerProperties) {
+ public AuthorizationServerConfiguration(AuthServerProperties authServerProperties) {
  this.authServerProperties = authServerProperties;
  }
 
@@ -121,23 +140,6 @@ public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity h
  return http.build();
  }
 
- @Bean("authsr_LoginFormSecurityFilterChain")
- @Order(JmixSecurityFilterChainOrder.AUTHSERVER_LOGIN_FORM)
- public SecurityFilterChain loginFormSecurityFilterChain(HttpSecurity http)
- throws Exception {
- http
- .securityMatcher(authServerProperties.getLoginPageUrl(), "/aslogin/styles/**")
- .authorizeHttpRequests(authorize -> {
- authorize.anyRequest().permitAll();
- })
- .formLogin(form -> {
- form.loginPage(authServerProperties.getLoginPageUrl());
- });
-
- SecurityConfigurers.applySecurityConfigurersWithQualifier(http, LOGIN_FORM_SECURITY_CONFIGURER_QUALIFIER);
- return http.build();
- }
-
  @Bean
  @ConditionalOnMissingBean
  public OAuth2AuthorizationService oAuth2AuthorizationService() {
@@ -165,7 +167,8 @@ AuthServerAuthenticationPrincipalResolver authServerAuthenticationPrincipalResol
  }
 
  @Configuration(proxyBeanMethods = false)
- public static class ResourceServerSecurityConfiguration {
+ @ConditionalOnProperty(name = "jmix.authserver.use-default-resource-server-configuration", matchIfMissing = true)
+ public static class ResourceServerConfiguration {
 
  public static final String SECURITY_CONFIGURER_QUALIFIER = "authorization-server-resource-server";