Skip to content

Commit

Permalink
Reverted narrowing external URL's
Browse files Browse the repository at this point in the history
  • Loading branch information
oharsta committed Sep 16, 2024
1 parent b53ccbc commit 9ddf8d4
Show file tree
Hide file tree
Showing 8 changed files with 28 additions and 8 deletions.
2 changes: 1 addition & 1 deletion client/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<parent>
<groupId>org.openconext</groupId>
<artifactId>access</artifactId>
<version>0.0.21-SNAPSHOT</version>
<version>0.0.21</version>
<relativePath>../pom.xml</relativePath>
</parent>
<artifactId>access-client</artifactId>
Expand Down
2 changes: 1 addition & 1 deletion pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.openconext</groupId>
<artifactId>access</artifactId>
<version>0.0.21-SNAPSHOT</version>
<version>0.0.21</version>
<packaging>pom</packaging>
<name>access</name>
<description>SURFconext Invite</description>
Expand Down
2 changes: 1 addition & 1 deletion provisioning-mock/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<parent>
<groupId>org.openconext</groupId>
<artifactId>access</artifactId>
<version>0.0.21-SNAPSHOT</version>
<version>0.0.21</version>
<relativePath>../pom.xml</relativePath>
</parent>
<artifactId>provisioning-mock</artifactId>
Expand Down
2 changes: 1 addition & 1 deletion server/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<parent>
<groupId>org.openconext</groupId>
<artifactId>access</artifactId>
<version>0.0.21-SNAPSHOT</version>
<version>0.0.21</version>
<relativePath>../pom.xml</relativePath>
</parent>
<artifactId>access-server</artifactId>
Expand Down
8 changes: 6 additions & 2 deletions server/src/main/java/access/security/SecurityConfig.java
Original file line number Diff line number Diff line change
Expand Up @@ -190,14 +190,18 @@ private OAuth2AuthorizationRequestResolver authorizationRequestResolver(
SecurityFilterChain basicAuthenticationSecurityFilterChain(HttpSecurity http) throws Exception {
http.csrf(c -> c.disable())
.securityMatcher(
"/api/voot/**",
"/api/external/v1/voot/**",
"/api/teams/**",
"/api/external/v1/teams/**",
"/api/profile/**",
"/api/external/v1/profile/**",
"/api/aa/**",
"/api/external/v1/aa/**",
"/api/deprovision/**",
"/api/external/v1/deprovision/**",
"/api/external/v1/sp_dashboard/**"
)
.sessionManagement(c -> c
).sessionManagement(c -> c
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
)
.authorizeHttpRequests(c -> c
Expand Down
2 changes: 1 addition & 1 deletion server/src/main/java/access/voot/VootController.java
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@
import static access.SwaggerOpenIdConfig.BASIC_AUTHENTICATION_SCHEME_NAME;

@RestController
@RequestMapping(value = {"/api/external/v1/voot"}, produces = MediaType.APPLICATION_JSON_VALUE)
@RequestMapping(value = {"/api/voot", "/api/external/v1/voot"}, produces = MediaType.APPLICATION_JSON_VALUE)
@SecurityRequirement(name = BASIC_AUTHENTICATION_SCHEME_NAME)
public class VootController {

Expand Down
16 changes: 16 additions & 0 deletions server/src/test/java/access/voot/VootControllerTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,22 @@ class VootControllerTest extends AbstractTest {

@Test
void getGroupMemberships() {
List<Map<String, String>> groups = given()
.when()
.auth().preemptive().basic("voot", "secret")
.accept(ContentType.JSON)
.contentType(ContentType.JSON)
.pathParam("sub", GUEST_SUB)
.get("/api/voot/{sub}")
.as(new TypeRef<>() {
});
List<String> urns = groups.stream().map(m -> m.get("urn")).sorted().toList();
assertEquals(3, urns.size());
assertTrue(urns.get(0).startsWith("urn:mace:surf.nl:test.surfaccess.nl:"));
}

@Test
void getGroupMembershipsExternal() {
List<Map<String, String>> groups = given()
.when()
.auth().preemptive().basic("voot", "secret")
Expand Down
2 changes: 1 addition & 1 deletion welcome/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<parent>
<groupId>org.openconext</groupId>
<artifactId>access</artifactId>
<version>0.0.21-SNAPSHOT</version>
<version>0.0.21</version>
<relativePath>../pom.xml</relativePath>
</parent>
<artifactId>access-welcome</artifactId>
Expand Down

0 comments on commit 9ddf8d4

Please sign in to comment.