Skip to content

Commit

Permalink
Merge pull request #1608 from steve-community/1540-store-web-api-key-…
Browse files Browse the repository at this point in the history 
…in-database-addendum

migrate "header value" as "api password" to database (#1540)
  • Loading branch information
@goekay
goekay authored Oct 28, 2024
2 parents 279db3c + 014f5ae commit f8aab9d
Showing 1 changed file with 15 additions and 7 deletions.
22 changes: 15 additions & 7 deletions src/main/java/de/rwth/idsg/steve/service/WebUserService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,12 +26,14 @@
import de.rwth.idsg.steve.repository.WebUserRepository;
import jooq.steve.db.tables.records.WebUserRecord;
import lombok.RequiredArgsConstructor;
import org.apache.commons.lang3.StringUtils;
import org.jooq.JSON;
import org.springframework.context.event.ContextRefreshedEvent;
import org.springframework.context.event.EventListener;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolderStrategy;
import org.springframework.security.core.userdetails.User;
Expand Down Expand Up @@ -80,14 +82,20 @@ public void afterStart(ContextRefreshedEvent event) {
return;
}

var user = User
.withUsername(SteveConfiguration.CONFIG.getAuth().getUserName())
.password(SteveConfiguration.CONFIG.getAuth().getEncodedPassword())
.disabled(false)
.authorities("ADMIN")
.build();
var headerVal = SteveConfiguration.CONFIG.getWebApi().getHeaderValue();

var encodedApiPassword = StringUtils.isEmpty(headerVal)
? null
: SteveConfiguration.CONFIG.getAuth().getPasswordEncoder().encode(headerVal);

var user = new WebUserRecord()
.setUsername(SteveConfiguration.CONFIG.getAuth().getUserName())
.setPassword(SteveConfiguration.CONFIG.getAuth().getEncodedPassword())
.setApiPassword(encodedApiPassword)
.setEnabled(true)
.setAuthorities(toJson(AuthorityUtils.createAuthorityList("ADMIN")));

this.createUser(user);
webUserRepository.createUser(user);
}

@Override
Expand Down

0 comments on commit f8aab9d

Please sign in to comment.