Minor refactor for oauth.:wq

This commit is contained in:
Paulo Gustavo Veiga 2022-12-17 17:33:59 -08:00
parent 2592d338bb
commit 16180f4c6d
5 changed files with 32 additions and 26 deletions

View File

@ -62,9 +62,9 @@ Test coverage report of unit and integration test can be found in wisemapping-op
## Google authorization ## Google authorization
You must configure the following wisemapping properties (app.properties) in order to get google authorization working You must configure the following wisemapping properties (app.properties) in order to get google authorization working
* `google.oauth2.callbackUrl`: url where google will redirect after user authentication, tipically {frontendBaseUrl}/c/registration-google. Also, this url must be defined in google app configuration * `security.oauth2.google.callbackUrl`: url where google will redirect after user authentication, tipically {frontendBaseUrl}/c/registration-google. Also, this url must be defined in google app configuration
* `google.oauth2.clientId`: client id from google app * `security.oauth2.google.clientId`: client id from google app
* `google.oauth2.clientSecret`: client secret from google app * `security.oauth2.google.clientSecret`: client secret from google app
You must create a Google Application in [Google Cloud](https://console.cloud.google.com) and complete all the information required by Google. Here are the most important properties. You must create a Google Application in [Google Cloud](https://console.cloud.google.com) and complete all the information required by Google. Here are the most important properties.

View File

@ -54,7 +54,7 @@ public class RequestPropertiesInterceptor implements HandlerInterceptor {
@Value("${security.type}") @Value("${security.type}")
private String securityType; private String securityType;
@Value("${google.oauth2.url}") @Value("${security.oauth2.google.url}")
private String googleOauth2Url; private String googleOauth2Url;
@Override @Override
@ -67,7 +67,7 @@ public class RequestPropertiesInterceptor implements HandlerInterceptor {
request.setAttribute("google.recaptcha2.enabled", recaptcha2Enabled); request.setAttribute("google.recaptcha2.enabled", recaptcha2Enabled);
request.setAttribute("google.recaptcha2.siteKey", recaptcha2SiteKey); request.setAttribute("google.recaptcha2.siteKey", recaptcha2SiteKey);
request.setAttribute("google.oauth2.url", googleOauth2Url); request.setAttribute("security.oauth2.google.url", googleOauth2Url);
request.setAttribute("site.homepage", siteHomepage); request.setAttribute("site.homepage", siteHomepage);
request.setAttribute("site.static.js.url", siteStaticUrl); request.setAttribute("site.static.js.url", siteStaticUrl);

View File

@ -134,22 +134,28 @@ security.ldap.auth.attribute=mail
security.ldap.lastName.attribute=sn security.ldap.lastName.attribute=sn
security.ldap.firstName.attribute=givenName security.ldap.firstName.attribute=givenName
#######################################################################################
# Google OAuth Authentication
#######################################################################################
# Redirect to this url, this url must be configured in the google app {baseurl}/c/registration-google
security.oauth2.google.callbackUrl=https://wisemapping.com/c/registration-google
# Google service for finish registration process, ie. exchange temporal code for user token
security.oauth2.google.confirmUrl=https://oauth2.googleapis.com/token
# Google service for get user data (name, email, etc)
security.oauth2.google.userinfoUrl=https://www.googleapis.com/oauth2/v3/userinfo
# Url for starting auth process with google
security.oauth2.google.url=https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=${security.oauth2.google.callbackUrl}&prompt=consent&response_type=code&client_id=${security.oauth2.google.clientId}&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&access_type=offline&state=wisemapping&include_granted_scopes=true
# Configure the following settings ...
# OAuth Client id
#security.oauth2.google.clientId=
# OAuth Client secret
#security.oauth2.google.clientSecret=
#######################################################################################
# User Account filtering policies # User Account filtering policies
#######################################################################################
# Coma separated list of domains and emails ban # Coma separated list of domains and emails ban
#accounts.exclusion.domain= #accounts.exclusion.domain=
# google will redirect to this url, this url must be configured in the google app
# {baseurl}/c/registration-google
google.oauth2.callbackUrl=https://wisemapping.com/c/registration-google
# google app client id
google.oauth2.clientId=
# google app client secret
google.oauth2.clientSecret=
# google service for finish registration process, ie. exchange temporal code for user token
google.oauth2.confirmUrl=https://oauth2.googleapis.com/token
# google service for get user data (name, email, etc)
google.oauth2.userinfoUrl=https://www.googleapis.com/oauth2/v3/userinfo
# url for starting auth process with google
google.oauth2.url=https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=${google.oauth2.callbackUrl}&prompt=consent&response_type=code&client_id=${google.oauth2.clientId}&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&access_type=offline&state=wisemapping&include_granted_scopes=true

View File

@ -23,11 +23,11 @@
<bean id="googleService" class="com.wisemapping.service.google.GoogleService"> <bean id="googleService" class="com.wisemapping.service.google.GoogleService">
<property name="httpInvoker" ref="httpInvoker"/> <property name="httpInvoker" ref="httpInvoker"/>
<property name="optinConfirmUrl" value="${google.oauth2.confirmUrl}"/> <property name="optinConfirmUrl" value="${security.oauth2.google.confirmUrl}"/>
<property name="accountBasicDataUrl" value="${google.oauth2.userinfoUrl}"/> <property name="accountBasicDataUrl" value="${security.oauth2.google.userinfoUrl}"/>
<property name="clientId" value="${google.oauth2.clientId}"/> <property name="clientId" value="${security.oauth2.google.clientId}"/>
<property name="clientSecret" value="${google.oauth2.clientSecret}"/> <property name="clientSecret" value="${security.oauth2.google.clientSecret}"/>
<property name="callbackUrl" value="${google.oauth2.callbackUrl}"/> <property name="callbackUrl" value="${security.oauth2.google.callbackUrl}"/>
</bean> </bean>
<bean id="userServiceTarget" class="com.wisemapping.service.UserServiceImpl"> <bean id="userServiceTarget" class="com.wisemapping.service.UserServiceImpl">

View File

@ -20,7 +20,7 @@
clientType: 'rest', clientType: 'rest',
recaptcha2Enabled: ${requestScope['google.recaptcha2.enabled']}, recaptcha2Enabled: ${requestScope['google.recaptcha2.enabled']},
recaptcha2SiteKey: '${requestScope['google.recaptcha2.siteKey']}', recaptcha2SiteKey: '${requestScope['google.recaptcha2.siteKey']}',
googleOauth2Url: '${requestScope['google.oauth2.url']}' googleOauth2Url: '${requestScope['security.oauth2.google.url']}'
}; };
</script> </script>