[SHIBUI-808]

WIP initial configuration
TIER · Sep 20, 2018 · c8f07f6 · c8f07f6
1 parent 37e8347
commit c8f07f6
Show file tree

Hide file tree

Showing 7 changed files with 109 additions and 1 deletion.
diff --git a/pac4j-module/Dockerfile b/pac4j-module/Dockerfile
diff --git a/pac4j-module/build.gradle b/pac4j-module/build.gradle
@@ -0,0 +1,37 @@
+plugins {
+    id 'java'
+    id 'org.springframework.boot' version '2.0.0.RELEASE'
+    id 'com.palantir.docker' version '0.20.1'
+    id 'jacoco'
+    id 'io.franzbecker.gradle-lombok' version '1.13'
+}
+
+apply plugin: 'io.spring.dependency-management'
+
+sourceCompatibility = 1.8
+targetCompatibility = 1.8
+
+repositories {
+    jcenter()
+    maven {
+        url 'https://build.shibboleth.net/nexus/content/groups/public'
+        artifactUrls = ['https://build.shibboleth.net/nexus/content/repositories/thirdparty-snapshots']
+    }
+}
+
+lombok {
+    version = "1.16.20"
+    sha256 = "c5178b18caaa1a15e17b99ba5e4023d2de2ebc18b58cde0f5a04ca4b31c10e6d"
+}
+
+dependencies {
+    compileOnly project(':backend')
+
+    compile "org.pac4j:spring-security-pac4j:3.0.0"
+    compile "org.pac4j:pac4j-saml:2.2.1", {
+        // opensaml libraries are provided
+        exclude group: 'org.opensaml'
+    }
+
+    annotationProcessor "org.springframework.boot:spring-boot-configuration-processor"
+}
diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java
@@ -0,0 +1,33 @@
+package net.unicon.shibui.pac4j;
+
+import org.pac4j.core.client.Clients;
+import org.pac4j.core.config.Config;
+import org.pac4j.saml.client.SAML2Client;
+import org.pac4j.saml.client.SAML2ClientConfiguration;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class Pac4jConfiguration {
+    @Bean
+    public Config config(final Pac4jConfigurationProperties pac4jConfigurationProperties) {
+        final SAML2ClientConfiguration saml2ClientConfiguration = new SAML2ClientConfiguration();
+        saml2ClientConfiguration.setKeystorePath(pac4jConfigurationProperties.getKeystorePath());
+        saml2ClientConfiguration.setKeystorePassword(pac4jConfigurationProperties.getKeystorePassword());
+        saml2ClientConfiguration.setPrivateKeyPassword(pac4jConfigurationProperties.getPrivateKeyPassword());
+        saml2ClientConfiguration.setIdentityProviderMetadataPath(pac4jConfigurationProperties.getIdentityProviderMetadataPath());
+        saml2ClientConfiguration.setMaximumAuthenticationLifetime(pac4jConfigurationProperties.getMaximumAuthenticationLifetime());
+        saml2ClientConfiguration.setServiceProviderEntityId(pac4jConfigurationProperties.getServiceProviderEntityId());
+        saml2ClientConfiguration.setServiceProviderMetadataPath(pac4jConfigurationProperties.getServiceProviderMetadataPath());
+        saml2ClientConfiguration.setForceServiceProviderMetadataGeneration(pac4jConfigurationProperties.isForceServiceProviderMetadataGeneration());
+        saml2ClientConfiguration.setWantsAssertionsSigned(pac4jConfigurationProperties.isWantAssertionsSigned());
+
+        final SAML2Client saml2Client = new SAML2Client(saml2ClientConfiguration);
+        saml2Client.setName("Saml2Client");
+
+        final Clients clients = new Clients(pac4jConfigurationProperties.getCallbackUrl(), saml2Client);
+
+        final Config config = new Config(clients);
+        return config;
+    }
+}
diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfigurationProperties.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfigurationProperties.java
@@ -0,0 +1,23 @@
+package net.unicon.shibui.pac4j;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+@Component
+@ConfigurationProperties(prefix = "shibui.pac4j")
+@Getter
+@Setter
+public class Pac4jConfigurationProperties {
+    private String keystorePath = "/tmp/samlKeystore.jks";
+    private String keystorePassword = "changeit";
+    private String privateKeyPassword = "changeit";
+    private String identityProviderMetadataPath = "/tmp/idp-metadata.xml";
+    private int maximumAuthenticationLifetime = 3600;
+    private String serviceProviderEntityId = "https://unicon.net/shibui";
+    private String serviceProviderMetadataPath = "/tmp/sp-metadata.xml";
+    private boolean forceServiceProviderMetadataGeneration = false;
+    private String callbackUrl;
+    private boolean wantAssertionsSigned = true;
+}
diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java
@@ -0,0 +1,14 @@
+package net.unicon.shibui.pac4j;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurity {
+    @Configuration
+    public static class Pac4jSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter {
+
+    }
+}
diff --git a/pac4j-module/src/main/resources/META-INF/spring.factories b/pac4j-module/src/main/resources/META-INF/spring.factories
@@ -0,0 +1 @@
+org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer = net.unicon.shibui.pac4j.WebSecurity.Pac4jSecurityConfigurationAdapter
diff --git a/settings.gradle b/settings.gradle
@@ -1 +1 @@
-include 'backend', 'ui'
+include 'backend', 'ui', 'pac4j-module'