diff options
Diffstat (limited to 'opendc-web/opendc-web-api/src')
| -rw-r--r-- | opendc-web/opendc-web-api/src/main/kotlin/org/opendc/web/api/util/DevSecurityOverrideFilter.kt | 51 | ||||
| -rw-r--r-- | opendc-web/opendc-web-api/src/main/resources/application-dev.properties | 12 |
2 files changed, 59 insertions, 4 deletions
diff --git a/opendc-web/opendc-web-api/src/main/kotlin/org/opendc/web/api/util/DevSecurityOverrideFilter.kt b/opendc-web/opendc-web-api/src/main/kotlin/org/opendc/web/api/util/DevSecurityOverrideFilter.kt new file mode 100644 index 00000000..ba2cf2ae --- /dev/null +++ b/opendc-web/opendc-web-api/src/main/kotlin/org/opendc/web/api/util/DevSecurityOverrideFilter.kt @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2022 AtLarge Research + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ + +package org.opendc.web.api.util + +import io.quarkus.arc.properties.IfBuildProperty +import java.security.Principal +import javax.ws.rs.container.ContainerRequestContext +import javax.ws.rs.container.ContainerRequestFilter +import javax.ws.rs.container.PreMatching +import javax.ws.rs.core.SecurityContext +import javax.ws.rs.ext.Provider + +/** + * Helper class to disable security for the OpenDC web API when in development mode. + */ +@Provider +@PreMatching +@IfBuildProperty(name = "opendc.security.enabled", stringValue = "false") +class DevSecurityOverrideFilter : ContainerRequestFilter { + override fun filter(requestContext: ContainerRequestContext) { + requestContext.securityContext = object : SecurityContext { + override fun getUserPrincipal(): Principal = Principal { "anon" } + + override fun isSecure(): Boolean = false + + override fun isUserInRole(role: String): Boolean = true + + override fun getAuthenticationScheme(): String = "basic" + } + } +} diff --git a/opendc-web/opendc-web-api/src/main/resources/application-dev.properties b/opendc-web/opendc-web-api/src/main/resources/application-dev.properties index 1c1c6950..08d11609 100644 --- a/opendc-web/opendc-web-api/src/main/resources/application-dev.properties +++ b/opendc-web/opendc-web-api/src/main/resources/application-dev.properties @@ -27,10 +27,14 @@ quarkus.hibernate-orm.dialect=org.hibernate.dialect.H2Dialect quarkus.hibernate-orm.database.generation=drop-and-create quarkus.hibernate-orm.sql-load-script=init-dev.sql +# OpenID +quarkus.oidc.enabled=false +quarkus.oidc.auth-server-url= +quarkus.oidc.client-id= + # OpenDC web UI quarkus.opendc-ui.path=/ -quarkus.opendc-ui.auth.domain=${OPENDC_AUTH0_DOMAIN} -quarkus.opendc-ui.auth.client-id=${OPENDC_AUTH0_CLIENT_ID} -quarkus.opendc-ui.auth.audience=${OPENDC_AUTH0_AUDIENCE} - quarkus.resteasy.path=/api + +opendc.security.enabled=false + |