ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/WebConfig.java

   1 /*
   2  *  Copyright © 2017-2018 AT&T Intellectual Property.
   3  *  Modifications Copyright © 2018 IBM.
   4  *
   5  *  Licensed under the Apache License, Version 2.0 (the "License");
   6  *  you may not use this file except in compliance with the License.
   7  *  You may obtain a copy of the License at
   8  *
   9  *      http://www.apache.org/licenses/LICENSE-2.0
  10  *
  11  *  Unless required by applicable law or agreed to in writing, software
  12  *  distributed under the License is distributed on an "AS IS" BASIS,
  13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14  *  See the License for the specific language governing permissions and
  15  *  limitations under the License.
  16  */
  17
  18 package org.onap.ccsdk.cds.blueprintsprocessor;
  19
  20 import org.onap.ccsdk.cds.blueprintsprocessor.security.AuthenticationManager;
  21 import org.onap.ccsdk.cds.blueprintsprocessor.security.SecurityContextRepository;
  22 import org.springframework.beans.factory.annotation.Autowired;
  23 import org.springframework.context.annotation.Bean;
  24 import org.springframework.context.annotation.Configuration;
  25 import org.springframework.http.HttpMethod;
  26 import org.springframework.security.config.web.server.ServerHttpSecurity;
  27 import org.springframework.security.web.server.SecurityWebFilterChain;
  28 import org.springframework.web.reactive.config.CorsRegistry;
  29 import org.springframework.web.reactive.config.ResourceHandlerRegistry;
  30 import org.springframework.web.reactive.config.WebFluxConfigurationSupport;
  31
  32 /**
  33  * WebConfig
  34  *
  35  * @author Brinda Santh 8/13/2018
  36  */
  37 @Configuration
  38 public class WebConfig extends WebFluxConfigurationSupport {
  39
  40     @Autowired
  41     private AuthenticationManager authenticationManager;
  42
  43     @Autowired
  44     private SecurityContextRepository securityContextRepository;
  45
  46     @Override
  47     public void addResourceHandlers(ResourceHandlerRegistry registry) {
  48         registry.addResourceHandler("swagger-ui.html")
  49             .addResourceLocations("classpath:/META-INF/resources/");
  50
  51         registry.addResourceHandler("/webjars/**")
  52             .addResourceLocations("classpath:/META-INF/resources/webjars/");
  53     }
  54
  55     @Override
  56     public void addCorsMappings(CorsRegistry corsRegistry) {
  57         corsRegistry.addMapping("/**")
  58             .allowedOrigins("*")
  59             .allowedMethods("*")
  60             .allowedHeaders("*")
  61             .maxAge(3600);
  62     }
  63
  64
  65     @Bean
  66     public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
  67         return http.csrf().disable()
  68             .formLogin().disable()
  69             .httpBasic().disable()
  70             .authenticationManager(authenticationManager)
  71             .securityContextRepository(securityContextRepository)
  72             .authorizeExchange()
  73             .pathMatchers(HttpMethod.OPTIONS).permitAll()
  74             .anyExchange().authenticated()
  75             .and().build();
  76
  77     }
  78 }