diff --git a/.gitignore b/.gitignore index 3866aae..663df8c 100644 --- a/.gitignore +++ b/.gitignore @@ -34,3 +34,4 @@ out/ .flooignore /mysql/db/storage/ +/mysql/keycloak/ diff --git a/docker-compose.yaml b/docker-compose.yaml index 0769adf..fcbd46b 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -4,20 +4,47 @@ services: image: mysql:8.0 container_name: 'dbmysql' environment: - MYSQL_DATABASE: 'gruppen2' - MYSQL_USER: 'root' - MYSQL_ROOT_PASSWORD: 'geheim' + MYSQL_DATABASE: 'gruppen' + MYSQL_USER: 'gruppen' + MYSQL_PASSWORD: 'password' + MYSQL_ROOT_PASSWORD: 'root' restart: always volumes: - './mysql/db/storage:/var/lib/mysql' - './mysql/db/entrypoint:/docker-entrypoint-initdb.d/' + + keymysql: + image: mysql:8.0 + container_name: 'keymysql' + environment: + MYSQL_DATABASE: 'keycloak' + MYSQL_USER: 'keycloak' + MYSQL_PASSWORD: 'password' + MYSQL_ROOT_PASSWORD: 'root' + volumes: + - './mysql/keycloak/storage:/var/lib/mysql' + keycloak: + image: jboss/keycloak + container_name: 'keycloak' + depends_on: + - keymysql + environment: + DB_VENDOR: 'MYSQL' + DB_ADDR: 'keymysql' + DB_DATABASE: 'keycloak' + DB_USER: 'keycloak' + DB_PASSWORD: 'password' + KEYCLOAK_USER: 'admin' + KEYCLOAK_PASSWORD: 'admin' ports: - - '3306:3306' + - 8082:8080 + gruppenapp: build: . container_name: 'gruppenapp' depends_on: - dbmysql + - keycloak command: ["/app/wait-for-it.sh", "dbmysql:3306", "--", "java", "-Dspring.profiles.active=docker", "-jar", "/app/gruppen2.jar"] ports: - '8081:8080' diff --git a/src/main/java/mops/gruppen2/config/KeycloakConfig.java b/src/main/java/mops/gruppen2/config/KeycloakConfig.java index 9cadde5..b8c70cc 100644 --- a/src/main/java/mops/gruppen2/config/KeycloakConfig.java +++ b/src/main/java/mops/gruppen2/config/KeycloakConfig.java @@ -2,6 +2,7 @@ package mops.gruppen2.config; import org.keycloak.OAuth2Constants; import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver; +import org.keycloak.adapters.springsecurity.KeycloakConfiguration; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -15,12 +16,13 @@ import org.springframework.web.client.RestTemplate; */ @Configuration +@KeycloakConfiguration public class KeycloakConfig { @Value("${keycloak.resource}") private String clientId; - @Value("${keycloak.credentials.secret}") + @Value("1a13cd9e-5242-4c29-8c50-45ee53464010") private String clientSecret; @Value("${hhu_keycloak.token-uri}") diff --git a/src/main/java/mops/gruppen2/config/SecurityConfig.java b/src/main/java/mops/gruppen2/config/SecurityConfig.java index 8477c6d..8690556 100644 --- a/src/main/java/mops/gruppen2/config/SecurityConfig.java +++ b/src/main/java/mops/gruppen2/config/SecurityConfig.java @@ -29,7 +29,7 @@ import javax.servlet.http.HttpServletRequest; @Configuration @EnableWebSecurity @ComponentScan(basePackageClasses = KeycloakSecurityComponents.class) -class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter { +public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter { @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) { diff --git a/src/main/resources/application-dev.properties b/src/main/resources/application-dev.properties index 53d9de2..824d245 100644 --- a/src/main/resources/application-dev.properties +++ b/src/main/resources/application-dev.properties @@ -1,7 +1,4 @@ # Logging -logging.application.name = gruppen2 -logging.pattern.console = [${logging.application.name}], %magenta(%-5level), %d{dd-MM-yyyy HH:mm:ss.SSS},\t%blue(%msg)\t%thread,%logger.%M%n -spring.output.ansi.enabled = always logging.level.mops.gruppen2 = trace logging.level.org.springframework.jdbc.core = info @@ -15,18 +12,6 @@ spring.datasource.password = spring.jpa.database-platform = org.hibernate.dialect.H2Dialect spring.h2.console.enabled = false -# Security -keycloak.principal-attribute = preferred_username -keycloak.auth-server-url = https://keycloak.cs.hhu.de/auth -keycloak.realm = MOPS -hhu_keycloak.token-uri = https://keycloak.cs.hhu.de/auth/realms/MOPS/protocol/openid-connect/token -keycloak.resource = gruppenfindung -keycloak.credentials.secret = fc6ebf10-8c63-4e71-a667-4eae4e8209a1 -keycloak.verify-token-audience = true -keycloak.use-resource-role-mappings = true -keycloak.autodetect-bearer-only = true -keycloak.confidential-port = 443 - # Misc server.error.include-stacktrace = always management.endpoints.web.exposure.include = info,health diff --git a/src/main/resources/application-docker.properties b/src/main/resources/application-docker.properties index 1b12d91..a9faa16 100644 --- a/src/main/resources/application-docker.properties +++ b/src/main/resources/application-docker.properties @@ -1,7 +1,4 @@ # Logging -logging.application.name = gruppen2 -logging.pattern.console = [${logging.application.name}], %magenta(%-5level), %d{dd-MM-yyyy HH:mm:ss.SSS},\t%blue(%msg)\t%thread,%logger.%M%n -spring.output.ansi.enabled = always logging.level.mops.gruppen2 = info logging.level.org.springframework.jdbc.core = info @@ -9,21 +6,9 @@ logging.level.org.springframework.jdbc.core = info spring.datasource.platform = mysql spring.datasource.driver-class-name = com.mysql.cj.jdbc.Driver spring.datasource.initialization-mode = never -spring.datasource.url = jdbc:mysql://dbmysql:3306/gruppen2 -spring.datasource.username = root -spring.datasource.password = geheim - -# Security -keycloak.principal-attribute = preferred_username -keycloak.auth-server-url = https://keycloak.cs.hhu.de/auth -keycloak.realm = MOPS -hhu_keycloak.token-uri = https://keycloak.cs.hhu.de/auth/realms/MOPS/protocol/openid-connect/token -keycloak.resource = gruppenfindung -keycloak.credentials.secret = fc6ebf10-8c63-4e71-a667-4eae4e8209a1 -keycloak.verify-token-audience = true -keycloak.use-resource-role-mappings = true -keycloak.autodetect-bearer-only = true -keycloak.confidential-port = 443 +spring.datasource.url = jdbc:mysql://dbmysql:3306/gruppen +spring.datasource.username = gruppen +spring.datasource.password = password # Misc management.endpoints.web.exposure.include = info,health diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 8deb882..68b259c 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1,2 +1,28 @@ -spring.profiles.active = dev +spring.profiles.active = dev +# Security +#keycloak.principal-attribute = preferred_username +#keycloak.auth-server-url = https://keycloak.cs.hhu.de/auth +#keycloak.realm = MOPS +#hhu_keycloak.token-uri = https://keycloak.cs.hhu.de/auth/realms/MOPS/protocol/openid-connect/token +#keycloak.resource = gruppenfindung +#keycloak.credentials.secret = fc6ebf10-8c63-4e71-a667-4eae4e8209a1 +#keycloak.verify-token-audience = true +#keycloak.use-resource-role-mappings = true +#keycloak.autodetect-bearer-only = true +#keycloak.confidential-port = 443 +keycloak.principal-attribute = preferred_username +keycloak.auth-server-url = http://localhost:8082/auth +keycloak.realm = Gruppen +hhu_keycloak.token-uri = http://localhost:8082/auth/realms/Gruppen/protocol/openid-connect/token +keycloak.resource = gruppen-app +keycloak.credentials.secret = 1a13cd9e-5242-4c29-8c50-45ee53464010 +keycloak.verify-token-audience = true +keycloak.use-resource-role-mappings = true +keycloak.autodetect-bearer-only = true +keycloak.confidential-port = 443 + +# Logging +logging.application.name = gruppen2 +logging.pattern.console = [${logging.application.name}], %magenta(%-5level), %d{dd-MM-yyyy HH:mm:ss.SSS},\t%blue(%msg)\t%thread,%logger.%M%n +spring.output.ansi.enabled = always