ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/WebConfig.java

   1 /*
   2  *  Copyright © 2017-2018 AT&T Intellectual Property.
   3  *  Modifications Copyright © 2018 IBM.
   4  *
   5  *  Licensed under the Apache License, Version 2.0 (the "License");
   6  *  you may not use this file except in compliance with the License.
   7  *  You may obtain a copy of the License at
   8  *
   9  *      http://www.apache.org/licenses/LICENSE-2.0
  10  *
  11  *  Unless required by applicable law or agreed to in writing, software
  12  *  distributed under the License is distributed on an "AS IS" BASIS,
  13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14  *  See the License for the specific language governing permissions and
  15  *  limitations under the License.
  16  */
  17
  18 package org.onap.ccsdk.cds.blueprintsprocessor;
  19
  20 import org.onap.ccsdk.cds.blueprintsprocessor.security.AuthenticationManager;
  21 import org.onap.ccsdk.cds.blueprintsprocessor.security.SecurityContextRepository;
  22 import org.springframework.beans.factory.annotation.Autowired;
  23 import org.springframework.context.annotation.Bean;
  24 import org.springframework.context.annotation.Configuration;
  25 import org.springframework.http.HttpMethod;
  26 import org.springframework.security.config.web.server.ServerHttpSecurity;
  27 import org.springframework.security.web.server.SecurityWebFilterChain;
  28 import org.springframework.web.reactive.config.CorsRegistry;
  29 import org.springframework.web.reactive.config.ResourceHandlerRegistry;
  30 import org.springframework.web.reactive.config.WebFluxConfigurer;
  31
  32 /**
  33  * WebConfig
  34  *
  35  * @author Brinda Santh 8/13/2018
  36  */
  37 @Configuration
  38 public class WebConfig implements WebFluxConfigurer {
  39
  40     @Autowired
  41     private AuthenticationManager authenticationManager;
  42
  43     @Autowired
  44     private SecurityContextRepository securityContextRepository;
  45
  46     @Override
  47     public void addResourceHandlers(ResourceHandlerRegistry registry) {
  48
  49         registry.addResourceHandler("/swagger-ui.html**")
  50             .addResourceLocations("classpath:/META-INF/resources/");
  51
  52         registry.addResourceHandler("/webjars/**")
  53             .addResourceLocations("classpath:/META-INF/resources/webjars/");
  54     }
  55
  56     @Override
  57     public void addCorsMappings(CorsRegistry corsRegistry) {
  58         corsRegistry.addMapping("/**")
  59             .allowedOrigins("*")
  60             .allowedMethods("*")
  61             .allowedHeaders("*")
  62             .maxAge(3600);
  63     }
  64
  65
  66     @Bean
  67     public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
  68         return http.csrf().disable()
  69             .formLogin().disable()
  70             .httpBasic().disable()
  71             .authenticationManager(authenticationManager)
  72             .securityContextRepository(securityContextRepository)
  73             .authorizeExchange()
  74             .pathMatchers(HttpMethod.OPTIONS).permitAll()
  75             .anyExchange().authenticated()
  76             .and().build();
  77
  78     }
  79 }