Minor refactor for oauth.:wq

main
Paulo Gustavo Veiga 2022-12-17 17:33:59 -08:00
parent 2592d338bb
commit 16180f4c6d
5 changed files with 32 additions and 26 deletions

View File

@ -62,9 +62,9 @@ Test coverage report of unit and integration test can be found in wisemapping-op
## Google authorization
You must configure the following wisemapping properties (app.properties) in order to get google authorization working
* `google.oauth2.callbackUrl`: url where google will redirect after user authentication, tipically {frontendBaseUrl}/c/registration-google. Also, this url must be defined in google app configuration
* `google.oauth2.clientId`: client id from google app
* `google.oauth2.clientSecret`: client secret from google app
* `security.oauth2.google.callbackUrl`: url where google will redirect after user authentication, tipically {frontendBaseUrl}/c/registration-google. Also, this url must be defined in google app configuration
* `security.oauth2.google.clientId`: client id from google app
* `security.oauth2.google.clientSecret`: client secret from google app
You must create a Google Application in [Google Cloud](https://console.cloud.google.com) and complete all the information required by Google. Here are the most important properties.

View File

@ -54,7 +54,7 @@ public class RequestPropertiesInterceptor implements HandlerInterceptor {
@Value("${security.type}")
private String securityType;
@Value("${google.oauth2.url}")
@Value("${security.oauth2.google.url}")
private String googleOauth2Url;
@Override
@ -67,7 +67,7 @@ public class RequestPropertiesInterceptor implements HandlerInterceptor {
request.setAttribute("google.recaptcha2.enabled", recaptcha2Enabled);
request.setAttribute("google.recaptcha2.siteKey", recaptcha2SiteKey);
request.setAttribute("google.oauth2.url", googleOauth2Url);
request.setAttribute("security.oauth2.google.url", googleOauth2Url);
request.setAttribute("site.homepage", siteHomepage);
request.setAttribute("site.static.js.url", siteStaticUrl);

View File

@ -134,22 +134,28 @@ security.ldap.auth.attribute=mail
security.ldap.lastName.attribute=sn
security.ldap.firstName.attribute=givenName
#######################################################################################
# Google OAuth Authentication
#######################################################################################
# Redirect to this url, this url must be configured in the google app {baseurl}/c/registration-google
security.oauth2.google.callbackUrl=https://wisemapping.com/c/registration-google
# Google service for finish registration process, ie. exchange temporal code for user token
security.oauth2.google.confirmUrl=https://oauth2.googleapis.com/token
# Google service for get user data (name, email, etc)
security.oauth2.google.userinfoUrl=https://www.googleapis.com/oauth2/v3/userinfo
# Url for starting auth process with google
security.oauth2.google.url=https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=${security.oauth2.google.callbackUrl}&prompt=consent&response_type=code&client_id=${security.oauth2.google.clientId}&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&access_type=offline&state=wisemapping&include_granted_scopes=true
# Configure the following settings ...
# OAuth Client id
#security.oauth2.google.clientId=
# OAuth Client secret
#security.oauth2.google.clientSecret=
#######################################################################################
# User Account filtering policies
#######################################################################################
# Coma separated list of domains and emails ban
#accounts.exclusion.domain=
# google will redirect to this url, this url must be configured in the google app
# {baseurl}/c/registration-google
google.oauth2.callbackUrl=https://wisemapping.com/c/registration-google
# google app client id
google.oauth2.clientId=
# google app client secret
google.oauth2.clientSecret=
# google service for finish registration process, ie. exchange temporal code for user token
google.oauth2.confirmUrl=https://oauth2.googleapis.com/token
# google service for get user data (name, email, etc)
google.oauth2.userinfoUrl=https://www.googleapis.com/oauth2/v3/userinfo
# url for starting auth process with google
google.oauth2.url=https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=${google.oauth2.callbackUrl}&prompt=consent&response_type=code&client_id=${google.oauth2.clientId}&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&access_type=offline&state=wisemapping&include_granted_scopes=true

View File

@ -23,11 +23,11 @@
<bean id="googleService" class="com.wisemapping.service.google.GoogleService">
<property name="httpInvoker" ref="httpInvoker"/>
<property name="optinConfirmUrl" value="${google.oauth2.confirmUrl}"/>
<property name="accountBasicDataUrl" value="${google.oauth2.userinfoUrl}"/>
<property name="clientId" value="${google.oauth2.clientId}"/>
<property name="clientSecret" value="${google.oauth2.clientSecret}"/>
<property name="callbackUrl" value="${google.oauth2.callbackUrl}"/>
<property name="optinConfirmUrl" value="${security.oauth2.google.confirmUrl}"/>
<property name="accountBasicDataUrl" value="${security.oauth2.google.userinfoUrl}"/>
<property name="clientId" value="${security.oauth2.google.clientId}"/>
<property name="clientSecret" value="${security.oauth2.google.clientSecret}"/>
<property name="callbackUrl" value="${security.oauth2.google.callbackUrl}"/>
</bean>
<bean id="userServiceTarget" class="com.wisemapping.service.UserServiceImpl">

View File

@ -20,7 +20,7 @@
clientType: 'rest',
recaptcha2Enabled: ${requestScope['google.recaptcha2.enabled']},
recaptcha2SiteKey: '${requestScope['google.recaptcha2.siteKey']}',
googleOauth2Url: '${requestScope['google.oauth2.url']}'
googleOauth2Url: '${requestScope['security.oauth2.google.url']}'
};
</script>