diff --git a/Dockerfile b/Dockerfile index 47d4184..cf75fef 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,10 +1,12 @@ FROM gradle:jdk11 AS build COPY --chown=gradle:gradle . /home/gradle/src WORKDIR /home/gradle/src +RUN chmod +x ./pull-wait-for-it.sh RUN gradle bootJar --no-daemon FROM openjdk:11-jre-slim RUN mkdir /app COPY --from=build /home/gradle/src/build/libs/*.jar /app/gruppen2.jar -ENTRYPOINT ["java"] -CMD ["-Dspring.profiles.active=docker", "-jar", "/app/gruppen2.jar"] +COPY --from=build /home/gradle/src/wait-for-it.sh /app/wait-for-it.sh +#ENTRYPOINT ["java"] +#CMD ["-Dspring.profiles.active=docker", "-jar", "/app/gruppen2.jar"] diff --git a/build.gradle b/build.gradle index c401fe5..f65225b 100644 --- a/build.gradle +++ b/build.gradle @@ -59,8 +59,8 @@ dependencies { implementation 'org.springframework.boot:spring-boot-starter-security' implementation 'org.springframework.boot:spring-boot-starter-thymeleaf' implementation 'org.springframework.boot:spring-boot-starter-web' - - compile group: 'org.springframework.boot', name: 'spring-boot-starter-oauth2-client', version: '2.2.5.RELEASE' + implementation 'org.springframework.boot:spring-boot-starter-oauth2-client' + implementation 'org.springframework.security.oauth:spring-security-oauth2:2.4.0.RELEASE' implementation 'org.keycloak:keycloak-spring-boot-starter:9.0.0' implementation 'org.keycloak.bom:keycloak-adapter-bom:9.0.0' @@ -68,7 +68,7 @@ dependencies { implementation 'io.springfox:springfox-swagger2:2.9.2' implementation 'io.springfox:springfox-swagger-ui:2.9.2' implementation 'com.github.javafaker:javafaker:1.0.2' - implementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-csv:2.10.2' + implementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-csv:2.10.3' compileOnly 'org.projectlombok:lombok' annotationProcessor 'org.projectlombok:lombok' @@ -76,10 +76,6 @@ dependencies { runtimeOnly 'com.h2database:h2' runtimeOnly 'mysql:mysql-connector-java' - compile group: 'org.springframework.security.oauth', name: 'spring-security-oauth2', version: '2.4.0.RELEASE' - - compile 'com.fasterxml.jackson.dataformat:jackson-dataformat-csv:2.10.3' - testImplementation 'org.assertj:assertj-core:3.15.0' testImplementation('org.springframework.boot:spring-boot-starter-test') { exclude group: 'org.junit.vintage', module: 'junit-vintage-engine' diff --git a/docker-compose.yaml b/docker-compose.yaml index 0b833ba..f1dea7a 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -10,12 +10,14 @@ services: restart: always volumes: - './mysql/db/storage:/var/lib/mysql' + - './mysql/db/entrypoint:/docker-entrypoint-initdb.d/' ports: - '3306:3306' - gruppen2app: + gruppenapp: build: . - container_name: 'gruppen2app' + container_name: 'gruppenapp' depends_on: - dbmysql + command: ["/app/wait-for-it.sh", "dbmysql:3306", "--", "java", "-Dspring.profiles.active=docker", "-jar", "/app/gruppen2.jar"] ports: - '8081:8080' diff --git a/src/main/java/mops/gruppen2/security/SecurityConfig.java b/src/main/java/mops/gruppen2/security/SecurityConfig.java index f597e47..981103e 100644 --- a/src/main/java/mops/gruppen2/security/SecurityConfig.java +++ b/src/main/java/mops/gruppen2/security/SecurityConfig.java @@ -48,7 +48,7 @@ class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter { @Bean @Scope(scopeName = WebApplicationContext.SCOPE_REQUEST, - proxyMode = ScopedProxyMode.TARGET_CLASS) + proxyMode = ScopedProxyMode.TARGET_CLASS) public AccessToken getAccessToken() { HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder @@ -61,17 +61,14 @@ class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { super.configure(http); http.authorizeRequests() - .antMatchers("/actuator/**") - .hasRole("monitoring") - .and() - .authorizeRequests() - .antMatchers("/h2-console/**") - .permitAll() - .anyRequest() - .permitAll(); - - http.csrf().disable(); - http.headers().frameOptions().disable(); + .antMatchers("/actuator/**") + .hasRole("monitoring") + .anyRequest() + .permitAll() + .and() + .csrf() + .ignoringAntMatchers("/gruppen2/createOrga") + .ignoringAntMatchers("/gruppen2/details/members/addUsersFromCsv"); } /** diff --git a/src/main/resources/application-dev.properties b/src/main/resources/application-dev.properties index 6e40c9e..b18e217 100644 --- a/src/main/resources/application-dev.properties +++ b/src/main/resources/application-dev.properties @@ -1,12 +1,13 @@ application.name=gruppen2 logging.pattern.console=[${application.name}],%magenta(%-5level), %d{dd-MM-yyyy HH:mm:ss.SSS}, %highlight(%msg),%thread,%logger.%M%n +spring.datasource.platform=h2 spring.datasource.url=jdbc:h2:mem:blogdb -spring.datasource.driverClassName=org.h2.Driver +spring.datasource.driver-class-name=org.h2.Driver spring.datasource.username=sa spring.datasource.password= spring.jpa.database-platform=org.hibernate.dialect.H2Dialect -spring.h2.console.enabled=true -logging.level.org.springframework.jdbc.core=DEBUG +spring.h2.console.enabled=false +logging.level.org.springframework.jdbc.core=INFO keycloak.principal-attribute=preferred_username keycloak.auth-server-url=https://keycloak.cs.hhu.de/auth keycloak.realm=MOPS @@ -18,4 +19,3 @@ keycloak.use-resource-role-mappings=true keycloak.autodetect-bearer-only=true keycloak.confidential-port=443 server.error.include-stacktrace=always -server.port=8080 diff --git a/src/main/resources/application-docker.properties b/src/main/resources/application-docker.properties index 52656f7..253b9c9 100644 --- a/src/main/resources/application-docker.properties +++ b/src/main/resources/application-docker.properties @@ -1,17 +1,17 @@ application.name=gruppen2 logging.pattern.console=[${application.name}],%magenta(%-5level), %d{dd-MM-yyyy HH:mm:ss.SSS}, %highlight(%msg),%thread,%logger.%M%n - -spring.datasource.initialization-mode=always +spring.datasource.platform=mysql +spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver +spring.datasource.initialization-mode=NEVER spring.datasource.url=jdbc:mysql://dbmysql:3306/gruppen2 spring.datasource.username=root spring.datasource.password=geheim - keycloak.principal-attribute=preferred_username keycloak.auth-server-url=https://keycloak.cs.hhu.de/auth keycloak.realm=MOPS hhu_keycloak.token-uri=https://keycloak.cs.hhu.de/auth/realms/MOPS/protocol/openid-connect/token keycloak.resource=gruppenfindung -keycloak.credentials.secret= fc6ebf10-8c63-4e71-a667-4eae4e8209a1 +keycloak.credentials.secret=fc6ebf10-8c63-4e71-a667-4eae4e8209a1 keycloak.verify-token-audience=true keycloak.use-resource-role-mappings=true keycloak.autodetect-bearer-only=true diff --git a/src/main/resources/schema-h2.sql b/src/main/resources/schema-h2.sql new file mode 100644 index 0000000..5616313 --- /dev/null +++ b/src/main/resources/schema-h2.sql @@ -0,0 +1,10 @@ +DROP TABLE IF EXISTS event; + +CREATE TABLE event +( + event_id INT PRIMARY KEY AUTO_INCREMENT, + group_id VARCHAR(36) NOT NULL, + user_id VARCHAR(50), + event_type VARCHAR(32), + event_payload VARCHAR(2500) +); diff --git a/src/main/resources/schema.sql b/src/main/resources/schema.sql deleted file mode 100644 index a750aa3..0000000 --- a/src/main/resources/schema.sql +++ /dev/null @@ -1,14 +0,0 @@ --- noinspection SqlDialectInspectionForFile - --- noinspection SqlNoDataSourceInspectionForFile - -DROP TABLE IF EXISTS event; - -CREATE TABLE event -( - event_id INT PRIMARY KEY AUTO_INCREMENT, - group_id VARCHAR(36) NOT NULL, - user_id VARCHAR(50), - event_type VARCHAR(32), - event_payload VARCHAR(2500) -);