Next

docs/en/security/authentication.md

@@ -5,5 +5,5 @@ Connexion to the identity provider (an Open LDAP directory) is made in this clas
 
 ### SecurityContext.java
 
-[include](../../../src/main/java/fr/insee/pogues/config/SecurityContext.java)
+[include](../../../src/main/java/fr/insee/pogues/configuration/SecurityContext.java)
 

docs/fr/security/authentication.md

@@ -5,5 +5,5 @@ Les informations de configuration d'annuaire sont récupérée dans le fichier p
 
 ### Le fichier SecurityContext.java
 
-[include](../../../src/main/java/fr/insee/pogues/config/SecurityContext.java)
+[include](../../../src/main/java/fr/insee/pogues/configuration/SecurityContext.java)
 

pom.xml

@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>2.7.18</version>
+		<version>3.2.4</version>
 		<relativePath/>
 		<!-- lookup parent from repository -->
 	</parent>
@@ -28,9 +28,6 @@
 		<jacoco.version>0.8.11</jacoco.version>
 		<saxon.version>12.4</saxon.version>
 		<commons.io.version>2.15.1</commons.io.version>
-		<!-- Temp version due to security issues in version used in springdoc-openapi-ui: -->
-		<snakeyaml.version>2.2</snakeyaml.version>
-
 		<sonar.core.codeCoveragePlugin>jacoco</sonar.core.codeCoveragePlugin>
 		<sonar.java.coveragePlugin>jacoco</sonar.java.coveragePlugin>
 		<sonar.dynamicAnalysis>reuseReports</sonar.dynamicAnalysis>
@@ -62,6 +59,12 @@
 			<artifactId>spring-boot-starter-jersey</artifactId>
 		</dependency>
 
+		<!-- Web-Client-->
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-webflux</artifactId>
+		</dependency>
+
 
 		<dependency>
 			<groupId>com.fasterxml.jackson.jaxrs</groupId>
@@ -118,14 +121,6 @@
 			<artifactId>json-simple</artifactId>
 			<version>${json-simple.version}</version>
 		</dependency>
-		<dependency>
-			<groupId>org.apache.httpcomponents</groupId>
-			<artifactId>httpclient</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>org.apache.httpcomponents</groupId>
-			<artifactId>httpmime</artifactId>
-		</dependency>
 		<dependency>
 			<groupId>org.apache.xmlgraphics</groupId>
 			<artifactId>fop</artifactId>
@@ -153,8 +148,6 @@
 			<scope>provided</scope>
 		</dependency>
 
-
-
 		<!-- SWAGGER -->
 		<dependency>
 			<groupId>org.springdoc</groupId>
@@ -181,7 +174,7 @@
 		<dependency>
 			<groupId>org.eclipse.persistence</groupId>
 			<artifactId>org.eclipse.persistence.moxy</artifactId>
-			<version>2.7.14</version>			<!-- 4.0.2 -->
+			<version>4.0.2</version>			<!-- 4.0.2 -->
 		</dependency>
 		<dependency>
 			<groupId>javax.xml.bind</groupId>			<!-- jakarta.xml.bind -->

src/main/java/fr/insee/pogues/configuration/AppConfiguration.java

@@ -0,0 +1,40 @@
+package fr.insee.pogues.configuration;
+
+import fr.insee.pogues.configuration.rest.AuthenticationHelper;
+import fr.insee.pogues.configuration.rest.WebClientTokenInterceptor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.cache.annotation.EnableCaching;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+import org.springframework.transaction.annotation.EnableTransactionManagement;
+import org.springframework.web.reactive.function.client.WebClient;
+
+@Configuration
+@EnableConfigurationProperties
+@ComponentScan(basePackages = { "fr.insee.pogues" })
+@EnableTransactionManagement
+@EnableCaching
+@Slf4j
+public class AppConfiguration {
+
+    @Autowired
+    private AuthenticationHelper authenticationHelper;
+
+    @Bean
+    public WebClient webClient(
+            @Value("${feature.oidc.enabled}") boolean oidcEnabled,
+            WebClient.Builder builder) {
+        builder
+                .defaultHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE)
+                .defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE);
+        if(oidcEnabled)  builder.filter(new WebClientTokenInterceptor(authenticationHelper));
+        return builder.build();
+    }
+
+}

src/main/java/fr/insee/pogues/configuration/CorsConfig.java

@@ -0,0 +1,29 @@
+package fr.insee.pogues.configuration;
+
+import fr.insee.pogues.configuration.properties.ApplicationProperties;
+import lombok.AllArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+
+import java.util.List;
+
+/** Cors configuration */
+@Configuration
+@AllArgsConstructor
+public class CorsConfig {
+    @Bean
+    protected CorsConfigurationSource corsConfigurationSource(ApplicationProperties applicationProperties) {
+        org.springframework.web.cors.CorsConfiguration configuration = new org.springframework.web.cors.CorsConfiguration();
+        configuration.setAllowedOriginPatterns(applicationProperties.corsOrigins());
+        configuration.setAllowedMethods(List.of("GET", "PUT", "POST", "DELETE", "OPTIONS"));
+        configuration.setAllowedHeaders(List.of("Authorization", "Content-Type"));
+        configuration.addExposedHeader("Content-Disposition");
+        configuration.setMaxAge(3600L);
+        configuration.setAllowCredentials(true);
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", configuration);
+        return source;
+    }
+}