Touch ups

2025-04-19 14:19:52 +03:00 · 2024-02-05 21:09:59 +02:00 · 2024-02-05 21:09:59 +02:00 · 4f9d99170a
commit 4f9d99170a
parent 932bd923d7
7 changed files with 38 additions and 28 deletions
--- a/pefi-api-gateway/src/main/java/dev/mvvasilev/gateway/SecurityConfiguration.java
+++ b/pefi-api-gateway/src/main/java/dev/mvvasilev/gateway/SecurityConfiguration.java
@ -17,9 +17,11 @@ import org.springframework.security.oauth2.client.registration.ReactiveClientReg
 import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestCustomizers;
 import org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver;
 import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationRequestResolver;
+import org.springframework.security.web.authentication.HttpStatusEntryPoint;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 import org.springframework.security.web.server.ServerAuthenticationEntryPoint;
 import org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint;
+import org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint;
 import org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler;
 import org.springframework.session.data.redis.config.annotation.web.server.EnableRedisWebSession;
 import org.springframework.web.server.WebSession;
@ -47,6 +49,7 @@ public class SecurityConfiguration implements BeanClassLoaderAware {
    @Bean
    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http, ServerOAuth2AuthorizationRequestResolver resolver) {
        http
+                .httpBasic(ServerHttpSecurity.HttpBasicSpec::disable)
                .csrf(ServerHttpSecurity.CsrfSpec::disable)
                .authorizeExchange(c -> {
                    c.pathMatchers("/**").permitAll();
@ -93,7 +96,8 @@ public class SecurityConfiguration implements BeanClassLoaderAware {

                        return ex.getExchange().getSession().flatMap(WebSession::invalidate);
                    });
-                });
+                })
+                .exceptionHandling(e -> e.authenticationEntryPoint(new HttpStatusServerEntryPoint(HttpStatus.UNAUTHORIZED)));

        return http.build();
    }
--- a/pefi-api-gateway/src/main/resources/application-development.yml
+++ b/pefi-api-gateway/src/main/resources/application-development.yml
@ -2,17 +2,9 @@ spring:
  cloud:
    gateway:
      routes:
-        - id: core-api
-          uri: ${CORE_API_URI}
-          order: 1
-          predicates:
-            - Path=/api/**
-          filters:
-            - RewritePath=/api/(?<segment>.*), /$\{segment}
-            - TokenRelay=
        - id: statements-api
          uri: ${STATEMENTS_API_URI}
-          order: 2
+          order: 1
          predicates:
            - Path=/api/statements/**
          filters:
@ -20,12 +12,20 @@ spring:
            - TokenRelay=
        - id: widgets-api
          uri: ${WIDGETS_API_URI}
-          order: 3
+          order: 2
          predicates:
            - Path=/api/widgets/**
          filters:
            - RewritePath=/api/(?<segment>.*), /$\{segment}
            - TokenRelay=
+        - id: core-api
+          uri: ${CORE_API_URI}
+          order: 3
+          predicates:
+            - Path=/api/**
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - TokenRelay=
        - id: spa
          order: 4
          uri: ${FRONTEND_URI}
--- a/pefi-api-gateway/src/main/resources/application.yml
+++ b/pefi-api-gateway/src/main/resources/application.yml
@ -26,17 +26,9 @@ spring:
      set-status:
        original-status-header-name: Original-Status
      routes:
-        - id: core-api
-          uri: ${CORE_API_URI}
-          order: 1
-          predicates:
-            - Path=/api/**
-          filters:
-            - RewritePath=/api/(?<segment>.*), /$\{segment}
-            - TokenRelay=
        - id: statements-api
          uri: ${STATEMENTS_API_URI}
-          order: 2
+          order: 1
          predicates:
            - Path=/api/statements/**
          filters:
@ -44,12 +36,20 @@ spring:
            - TokenRelay=
        - id: widgets-api
          uri: ${WIDGETS_API_URI}
-          order: 3
+          order: 2
          predicates:
            - Path=/api/widgets/**
          filters:
            - RewritePath=/api/(?<segment>.*), /$\{segment}
            - TokenRelay=
+        - id: core-api
+          uri: ${CORE_API_URI}
+          order: 3
+          predicates:
+            - Path=/api/**
+          filters:
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
+            - TokenRelay=

 server:
  ssl:
--- a/pefi-core-api/src/main/java/dev/mvvasilev/finances/configuration/SecurityConfiguration.java
+++ b/pefi-core-api/src/main/java/dev/mvvasilev/finances/configuration/SecurityConfiguration.java
@ -14,7 +14,6 @@ import org.springframework.transaction.annotation.EnableTransactionManagement;
 import org.springframework.web.filter.CommonsRequestLoggingFilter;

@Configuration
-@Import(CommonSwaggerConfiguration.class)
-@EnableTransactionManagement
+@Import(CommonSecurityConfiguration.class)
 public class SecurityConfiguration {
 }
--- a/pefi-frontend/src/utils.js
+++ b/pefi-frontend/src/utils.js
@ -7,7 +7,14 @@ let LEV_FORMAT = new Intl.NumberFormat('bg-BG', {

 let utils = {
    performRequest: async (url, options) => {
-        return await fetch(url, options).then(resp => {
+        let opts = options ?? { headers: {} };
+        return await fetch(url, {
+            ...opts,
+            headers: {
+                ...opts.headers,
+                'X-Requested-With': 'XMLHttpRequest'
+            }
+        }).then(resp => {
            if (resp.status === 401) {
                window.location.replace(`${window.location.origin}/oauth2/authorization/authentik`)

--- a/pefi-statements-api/src/main/java/dev/mvvasilev/statements/configuration/SecurityConfiguration.java
+++ b/pefi-statements-api/src/main/java/dev/mvvasilev/statements/configuration/SecurityConfiguration.java
@ -1,12 +1,12 @@
 package dev.mvvasilev.statements.configuration;

+import dev.mvvasilev.common.configuration.CommonSecurityConfiguration;
 import dev.mvvasilev.common.configuration.CommonSwaggerConfiguration;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
 import org.springframework.transaction.annotation.EnableTransactionManagement;

@Configuration
-@Import(CommonSwaggerConfiguration.class)
-@EnableTransactionManagement
+@Import(CommonSecurityConfiguration.class)
 public class SecurityConfiguration {
 }
--- a/pefi-widgets-api/src/main/java/dev/mvvasilev/widgets/configurations/SecurityConfiguration.java
+++ b/pefi-widgets-api/src/main/java/dev/mvvasilev/widgets/configurations/SecurityConfiguration.java
@ -1,12 +1,12 @@
 package dev.mvvasilev.widgets.configurations;

+import dev.mvvasilev.common.configuration.CommonSecurityConfiguration;
 import dev.mvvasilev.common.configuration.CommonSwaggerConfiguration;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
 import org.springframework.transaction.annotation.EnableTransactionManagement;

@Configuration
-@Import(CommonSwaggerConfiguration.class)
-@EnableTransactionManagement
+@Import(CommonSecurityConfiguration.class)
 public class SecurityConfiguration {
 }