From e79029aeb3315e459bb8ad09f909ab792f63d0bf Mon Sep 17 00:00:00 2001
From: Sonia Zorba <sonia.zorba@inaf.it>
Date: Thu, 4 Jul 2019 17:37:03 +0200
Subject: [PATCH] Added configuration for RAP OIDC connection

---
 .../java/it/inaf/ia2/gms/GmsApplication.java  | 22 +++++++++++++++++++
 .../java/it/inaf/ia2/gms/LoginController.java | 20 +++++++++++++++++
 gms/src/main/resources/application.properties | 10 +++++++++
 3 files changed, 52 insertions(+)
 create mode 100644 gms/src/main/java/it/inaf/ia2/gms/LoginController.java

diff --git a/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java b/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java
index 5833724..a4f87c4 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java
@@ -1,12 +1,34 @@
 package it.inaf.ia2.gms;
 
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
+import org.springframework.security.oauth2.provider.token.store.jwk.JwkTokenStore;
 
 @SpringBootApplication
+@EnableOAuth2Sso
 public class GmsApplication {
 
     public static void main(String[] args) {
         SpringApplication.run(GmsApplication.class, args);
     }
+
+    @Value("${security.oauth2.resource.jwk.key-set-uri}")
+    private String keySetUri;
+
+    @Bean
+    public TokenStore tokenStore() {
+        JwkTokenStore jwkTokenStore = new JwkTokenStore(keySetUri, accessTokenConverter());
+        return jwkTokenStore;
+    }
+
+    @Bean
+    public JwtAccessTokenConverter accessTokenConverter() {
+        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
+        return converter;
+    }
 }
diff --git a/gms/src/main/java/it/inaf/ia2/gms/LoginController.java b/gms/src/main/java/it/inaf/ia2/gms/LoginController.java
new file mode 100644
index 0000000..9b63328
--- /dev/null
+++ b/gms/src/main/java/it/inaf/ia2/gms/LoginController.java
@@ -0,0 +1,20 @@
+package it.inaf.ia2.gms;
+
+import java.security.Principal;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class LoginController {
+
+    @GetMapping("/login")
+    public Principal start(Principal principal) {
+        return principal;
+    }
+    
+    
+    @GetMapping("/")
+    public Principal root(Principal principal) {
+        return principal;
+    }
+}
diff --git a/gms/src/main/resources/application.properties b/gms/src/main/resources/application.properties
index 8b13789..b2167d9 100644
--- a/gms/src/main/resources/application.properties
+++ b/gms/src/main/resources/application.properties
@@ -1 +1,11 @@
+server.port=8081
 
+security.oauth2.client.client-id=gms
+security.oauth2.client.client-secret=gms-secret
+security.oauth2.client.access-token-uri=http://localhost/rap-ia2/auth/oauth2/token
+security.oauth2.client.user-authorization-uri=http://localhost/rap-ia2/auth/oauth2/authorize
+#security.oauth2.resource.token-info-uri=http://localhost/rap-ia2/auth/oauth2/check_token
+security.oauth2.client.scope=email,profile
+security.oauth2.resource.jwk.key-set-uri=http://localhost/rap-ia2/auth/oidc/jwks
+
+logging.level.org.springframework.security=DEBUG
-- 
GitLab