ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/WebConfig.java

   1 /*\r
   2  *  Copyright © 2017-2018 AT&T Intellectual Property.\r
   3  *  Modifications Copyright © 2018 IBM.\r
   4  *\r
   5  *  Licensed under the Apache License, Version 2.0 (the "License");\r
   6  *  you may not use this file except in compliance with the License.\r
   7  *  You may obtain a copy of the License at\r
   8  *\r
   9  *      http://www.apache.org/licenses/LICENSE-2.0\r
  10  *\r
  11  *  Unless required by applicable law or agreed to in writing, software\r
  12  *  distributed under the License is distributed on an "AS IS" BASIS,\r
  13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
  14  *  See the License for the specific language governing permissions and\r
  15  *  limitations under the License.\r
  16  */\r
  17 \r
  18 package org.onap.ccsdk.apps.blueprintsprocessor;\r
  19 \r
  20 import org.onap.ccsdk.apps.blueprintsprocessor.security.AuthenticationManager;\r
  21 import org.onap.ccsdk.apps.blueprintsprocessor.security.SecurityContextRepository;\r
  22 import org.springframework.beans.factory.annotation.Autowired;\r
  23 import org.springframework.context.annotation.Bean;\r
  24 import org.springframework.context.annotation.Configuration;\r
  25 import org.springframework.http.HttpMethod;\r
  26 import org.springframework.security.config.web.server.ServerHttpSecurity;\r
  27 import org.springframework.security.web.server.SecurityWebFilterChain;\r
  28 import org.springframework.web.reactive.config.CorsRegistry;\r
  29 import org.springframework.web.reactive.config.ResourceHandlerRegistry;\r
  30 import org.springframework.web.reactive.config.WebFluxConfigurationSupport;\r
  31 \r
  32 /**\r
  33  * WebConfig\r
  34  *\r
  35  * @author Brinda Santh 8/13/2018\r
  36  */\r
  37 @Configuration\r
  38 public class WebConfig extends WebFluxConfigurationSupport {\r
  39 \r
  40     @Autowired\r
  41     private AuthenticationManager authenticationManager;\r
  42 \r
  43     @Autowired\r
  44     private SecurityContextRepository securityContextRepository;\r
  45 \r
  46     @Override\r
  47     public void addResourceHandlers(ResourceHandlerRegistry registry) {\r
  48         registry.addResourceHandler("swagger-ui.html")\r
  49             .addResourceLocations("classpath:/META-INF/resources/");\r
  50 \r
  51         registry.addResourceHandler("/webjars/**")\r
  52             .addResourceLocations("classpath:/META-INF/resources/webjars/");\r
  53     }\r
  54 \r
  55     @Override\r
  56     public void addCorsMappings(CorsRegistry corsRegistry) {\r
  57         corsRegistry.addMapping("/**")\r
  58             .allowedOrigins("*")\r
  59             .allowedMethods("*")\r
  60             .allowedHeaders("*")\r
  61             .maxAge(3600);\r
  62     }\r
  63 \r
  64 \r
  65     @Bean\r
  66     public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {\r
  67         return http.csrf().disable()\r
  68             .formLogin().disable()\r
  69             .httpBasic().disable()\r
  70             .authenticationManager(authenticationManager)\r
  71             .securityContextRepository(securityContextRepository)\r
  72             .authorizeExchange()\r
  73             .pathMatchers(HttpMethod.OPTIONS).permitAll()\r
  74             .anyExchange().authenticated()\r
  75             .and().build();\r
  76 \r
  77     }\r
  78 }\r