diff --git a/notification-service/src/main/java/com/redhat/parodos/notification/config/SecurityProperties.java b/notification-service/src/main/java/com/redhat/parodos/notification/config/SecurityProperties.java new file mode 100644 index 000000000..bc744ac05 --- /dev/null +++ b/notification-service/src/main/java/com/redhat/parodos/notification/config/SecurityProperties.java @@ -0,0 +1,14 @@ +package com.redhat.parodos.notification.config; + +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.boot.context.properties.ConfigurationPropertiesScan; +import lombok.Data; + +@ConfigurationProperties(prefix = "spring.security") +@ConfigurationPropertiesScan +@Data +public class SecurityProperties { + + Boolean authentication; + +} \ No newline at end of file diff --git a/notification-service/src/main/java/com/redhat/parodos/notification/security/SecurityConfiguration.java b/notification-service/src/main/java/com/redhat/parodos/notification/security/SecurityConfiguration.java index 78a7d85cd..9b394064b 100644 --- a/notification-service/src/main/java/com/redhat/parodos/notification/security/SecurityConfiguration.java +++ b/notification-service/src/main/java/com/redhat/parodos/notification/security/SecurityConfiguration.java @@ -17,6 +17,7 @@ import static org.springframework.security.config.Customizer.withDefaults; +import com.redhat.parodos.notification.config.SecurityProperties; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -48,11 +49,18 @@ public class SecurityConfiguration { @Autowired private LdapConnectionProperties ldapConnectionProperties; + @Autowired + private SecurityProperties securityProperties; + public HttpSecurity setHttpSecurity(HttpSecurity http) throws Exception { // @formatter:off http .csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()); + if (!securityProperties.getAuthentication()) { + return http; + } + http .authorizeRequests() .mvcMatchers(HttpMethod.OPTIONS, "/**") @@ -78,6 +86,9 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti @Autowired public void configure(AuthenticationManagerBuilder auth) throws Exception { + if (!securityProperties.getAuthentication()) { + return; + } // @formatter:off auth.ldapAuthentication() .userDnPatterns(this.ldapConnectionProperties.getUserDNPatterns()) diff --git a/notification-service/src/main/resources/application.yml b/notification-service/src/main/resources/application.yml index 1e02e55dd..548455608 100644 --- a/notification-service/src/main/resources/application.yml +++ b/notification-service/src/main/resources/application.yml @@ -1,7 +1,6 @@ spring: application: name: parodos-notification-service - jackson: default-property-inclusion: non_null main: @@ -10,6 +9,9 @@ spring: config: enabled: false + security: + authentication: ${PARODOS_AUTH:true} + springdoc: writer-with-order-by-keys: true writer-with-default-pretty-printer: true diff --git a/workflow-service/src/main/java/com/redhat/parodos/config/properties/SecurityProperties.java b/workflow-service/src/main/java/com/redhat/parodos/config/properties/SecurityProperties.java new file mode 100644 index 000000000..dcf71e4b3 --- /dev/null +++ b/workflow-service/src/main/java/com/redhat/parodos/config/properties/SecurityProperties.java @@ -0,0 +1,14 @@ +package com.redhat.parodos.config.properties; + +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.boot.context.properties.ConfigurationPropertiesScan; +import lombok.Data; + +@ConfigurationProperties(prefix = "spring.security") +@ConfigurationPropertiesScan +@Data +public class SecurityProperties { + + Boolean authentication; + +} \ No newline at end of file diff --git a/workflow-service/src/main/java/com/redhat/parodos/security/SecurityConfiguration.java b/workflow-service/src/main/java/com/redhat/parodos/security/SecurityConfiguration.java index 3869acdd8..0ebb2c762 100644 --- a/workflow-service/src/main/java/com/redhat/parodos/security/SecurityConfiguration.java +++ b/workflow-service/src/main/java/com/redhat/parodos/security/SecurityConfiguration.java @@ -16,6 +16,7 @@ package com.redhat.parodos.security; import com.redhat.parodos.config.properties.LdapConnectionProperties; +import com.redhat.parodos.config.properties.SecurityProperties; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -49,11 +50,17 @@ public class SecurityConfiguration { @Autowired private LdapConnectionProperties ldapConnectionProperties; + @Autowired + private SecurityProperties securityProperties; + public HttpSecurity setHttpSecurity(HttpSecurity http) throws Exception { + http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()); + + if (!this.securityProperties.getAuthentication()) { + return http; + } + // @formatter:off - http - .csrf() - .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()); http .authorizeRequests() .mvcMatchers(HttpMethod.OPTIONS, "/**") @@ -79,6 +86,9 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti @Autowired public void configure(AuthenticationManagerBuilder auth) throws Exception { + if (!this.securityProperties.getAuthentication()) { + return; + } // @formatter:off auth.ldapAuthentication() .userDnPatterns(this.ldapConnectionProperties.getUserDNPatterns()) diff --git a/workflow-service/src/main/resources/application.yml b/workflow-service/src/main/resources/application.yml index bbf28a346..2c7a0a898 100644 --- a/workflow-service/src/main/resources/application.yml +++ b/workflow-service/src/main/resources/application.yml @@ -4,6 +4,8 @@ spring: title: Parodos Workflow Service version: 1.0.9-SNAPSHOT + + jackson: serialization: indent-output: true @@ -39,10 +41,7 @@ spring: allow-bean-definition-overriding: true security: - oauth2: - resourceserver: - jwt: - jwk-set-uri: ${keycloak_url:http://localhost:3434/realms/Parodos/protocol/openid-connect/certs} + authentication: ${PARODOS_AUTH:true} lifecycle: timeout-per-shutdown-phase: "25s"