Merge pull request #135 from kakawait/develop

Release 1.0.1

Author: kakawait

CHANGELOG.md

@@ -2,6 +2,11 @@
 
 All notable changes to this project will be documented in this file.
 
+## [1.0.1](https://github.com/kakawait/cas-security-spring-boot-starter/milestone/24) - 31 jan 2020
+
+- Happy new year :tada:
+- Move some method to become `public` in order to facilate customization (https://github.com/kakawait/cas-security-spring-boot-starter/pull/135/commits/02e1e805998f92216753cc87c6f3e99d6f6ff17e)
+
 ## [1.0.0](https://github.com/kakawait/cas-security-spring-boot-starter/milestone/9) - 5 sept 2019
 
 - First release that supporting Spring boot 2 ([#32](https://github.com/kakawait/cas-security-spring-boot-starter/issues/32))

README.md

@@ -1,7 +1,7 @@
 # Spring Security CAS starter
 
 [![Travis](https://img.shields.io/travis/kakawait/cas-security-spring-boot-starter.svg)](https://travis-ci.org/kakawait/cas-security-spring-boot-starter)
-[![Maven Central](https://img.shields.io/maven-central/v/com.kakawait/cas-security-spring-boot-starter.svg)](https://search.maven.org/#artifactdetails%7Ccom.kakawait%7Ccas-security-spring-boot-starter%7C1.0.0%7Cjar)
+[![Maven Central](https://img.shields.io/maven-central/v/com.kakawait/cas-security-spring-boot-starter.svg)](https://search.maven.org/#artifactdetails%7Ccom.kakawait%7Ccas-security-spring-boot-starter%7C1.0.1%7Cjar)
 [![License](https://img.shields.io/github/license/kakawait/cas-security-spring-boot-starter.svg)](https://github.com/kakawait/cas-security-spring-boot-starter/blob/master/LICENSE.md)
 [![Codecov](https://img.shields.io/codecov/c/github/kakawait/cas-security-spring-boot-starter.svg)](https://codecov.io/gh/kakawait/cas-security-spring-boot-starter)
 [![SonarQube Tech Debt](https://img.shields.io/sonar/https/sonarcloud.io/com.kakawait%3Acas-security-spring-boot-parent/tech_debt.svg)](https://sonarcloud.io/dashboard?id=com.kakawait%3Acas-security-spring-boot-parent)
@@ -26,7 +26,7 @@ Add the Spring boot starter to your project
 <dependency>
   <groupId>com.kakawait</groupId>
   <artifactId>cas-security-spring-boot-starter</artifactId>
-  <version>1.0.0</version>
+  <version>1.0.1</version>
 </dependency>
 ```
 

cas-security-spring-boot-autoconfigure/pom.xml

@@ -10,7 +10,7 @@
     <parent>
         <groupId>com.kakawait</groupId>
         <artifactId>cas-security-spring-boot-parent</artifactId>
-        <version>1.0.0</version>
+        <version>1.0.1</version>
     </parent>
 
     <name>Cas security spring boot autoconfigure</name>

cas-security-spring-boot-autoconfigure/src/main/java/com/kakawait/spring/boot/security/cas/autoconfigure/CasTicketValidatorBuilder.java

@@ -26,11 +26,7 @@
 @Slf4j
 public class CasTicketValidatorBuilder {
 
-    private int protocolVersion = 3;
-
-    private Boolean proxyTicketValidator;
-
-    final String casServerUrlPrefix;
+    private final String casServerUrlPrefix;
 
     String proxyCallbackUrl;
 
@@ -50,10 +46,18 @@ public class CasTicketValidatorBuilder {
 
     Boolean allowEmptyProxyChain;
 
+    private int protocolVersion = 3;
+
+    private Boolean proxyTicketValidator;
+
     CasTicketValidatorBuilder(String casServerUrlPrefix) {
         this.casServerUrlPrefix = casServerUrlPrefix;
     }
 
+    public String getCasServerUrlPrefix() {
+        return casServerUrlPrefix;
+    }
+
     public TicketValidator build() {
         CasTicketValidatorBuilder builder;
         if (proxyTicketValidator == null && protocolVersion > 1) {
@@ -148,7 +152,7 @@ private static class Cas10TicketValidatorBuilder extends AbstractTicketValidator
 
         @Override
         public TicketValidator build() {
-            Cas10TicketValidator ticketValidator = new Cas10TicketValidator(casServerUrlPrefix);
+            Cas10TicketValidator ticketValidator = new Cas10TicketValidator(getCasServerUrlPrefix());
             if (StringUtils.hasText(proxyCallbackUrl)) {
                 logger.warn(OMISSION_MESSAGE_TEMPLATE, "proxyCallbackUrl");
             }
@@ -184,7 +188,7 @@ private static class Cas20ServiceTicketValidatorBuilder
 
         @Override
         public TicketValidator build() {
-            Cas20ServiceTicketValidator ticketValidator = new Cas20ServiceTicketValidator(casServerUrlPrefix);
+            Cas20ServiceTicketValidator ticketValidator = new Cas20ServiceTicketValidator(getCasServerUrlPrefix());
             if (proxyChainsValidation != null) {
                 logger.warn(OMISSION_MESSAGE_TEMPLATE, "proxyChainsValidation");
             }
@@ -221,7 +225,7 @@ private static class Cas20ProxyTicketValidatorBuilder extends Cas20ServiceTicket
 
         @Override
         public TicketValidator build() {
-            Cas20ProxyTicketValidator ticketValidator = new Cas20ProxyTicketValidator(casServerUrlPrefix);
+            Cas20ProxyTicketValidator ticketValidator = new Cas20ProxyTicketValidator(getCasServerUrlPrefix());
             super.configure(ticketValidator);
 
             if (proxyChainsValidation != null) {
@@ -246,7 +250,7 @@ private static class Cas30ServiceTicketValidatorBuilder extends Cas20ServiceTick
 
         @Override
         public TicketValidator build() {
-            Cas30ServiceTicketValidator ticketValidator = new Cas30ServiceTicketValidator(casServerUrlPrefix);
+            Cas30ServiceTicketValidator ticketValidator = new Cas30ServiceTicketValidator(getCasServerUrlPrefix());
             if (proxyChainsValidation != null) {
                 logger.warn(OMISSION_MESSAGE_TEMPLATE, "proxyChainsValidation");
             }
@@ -269,7 +273,7 @@ private static class Cas30ProxyTicketValidatorBuilder extends Cas20ServiceTicket
 
         @Override
         public Cas30ProxyTicketValidator build() {
-            Cas30ProxyTicketValidator ticketValidator = new Cas30ProxyTicketValidator(casServerUrlPrefix);
+            Cas30ProxyTicketValidator ticketValidator = new Cas30ProxyTicketValidator(getCasServerUrlPrefix());
             super.configure(ticketValidator);
 
             if (proxyChainsValidation != null) {

cas-security-spring-boot-sample/Dockerfile

@@ -5,6 +5,6 @@ RUN mvn clean install && mvn -f cas-security-spring-boot-sample/pom.xml clean in
 
 FROM openjdk:8-jre-alpine
 WORKDIR /app
-COPY --from=build /src/cas-security-spring-boot-sample/target/cas-security-spring-boot-sample-1.0.0.jar /app
+COPY --from=build /src/cas-security-spring-boot-sample/target/cas-security-spring-boot-sample-1.0.1.jar /app
 ENV JAVA_OPTS=""
-CMD [ "sh", "-c", "java $JAVA_OPTS -jar /app/cas-security-spring-boot-sample-1.0.0.jar" ]
+CMD [ "sh", "-c", "java $JAVA_OPTS -jar /app/cas-security-spring-boot-sample-1.0.1.jar" ]

cas-security-spring-boot-sample/docker-compose.yml

@@ -19,7 +19,7 @@ services:
     build:
       context: ../
       dockerfile: cas-security-spring-boot-sample/Dockerfile
-    image: cas-security-spring-boot-sample:1.0.0
+    image: cas-security-spring-boot-sample:1.0.1
     ports:
       - "8081:8081"
       - "5005"

cas-security-spring-boot-sample/pom.xml

@@ -6,14 +6,14 @@
 
     <groupId>com.kakawait</groupId>
     <artifactId>cas-security-spring-boot-sample</artifactId>
-    <version>1.0.0</version>
+    <version>1.0.1</version>
 
     <name>Cas security spring boot sample</name>
 
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>2.1.7.RELEASE</version>
+        <version>2.2.4.RELEASE</version>
     </parent>
 
     <properties>

cas-security-spring-boot-sample/src/main/java/com/kakawait/sample/CasSecuritySpringBootSampleApplication.java

@@ -3,6 +3,7 @@
 import com.kakawait.spring.boot.security.cas.autoconfigure.CasHttpSecurityConfigurer;
 import com.kakawait.spring.boot.security.cas.autoconfigure.CasSecurityCondition;
 import com.kakawait.spring.boot.security.cas.autoconfigure.CasSecurityConfigurerAdapter;
+import com.kakawait.spring.boot.security.cas.autoconfigure.CasSecurityProperties;
 import com.kakawait.spring.security.cas.client.CasAuthorizationInterceptor;
 import com.kakawait.spring.security.cas.client.ticket.ProxyTicketProvider;
 import com.kakawait.spring.security.cas.client.validation.AssertionProvider;
@@ -16,6 +17,7 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.core.Ordered;
+import org.springframework.core.annotation.Order;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.access.annotation.Secured;
 import org.springframework.security.authentication.AuthenticationManager;
@@ -25,6 +27,7 @@
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.web.authentication.HttpStatusEntryPoint;
@@ -77,6 +80,37 @@ RestTemplate casRestTemplate(ServiceProperties serviceProperties, ProxyTicketPro
         return restTemplate;
     }
 
+    @Configuration
+    @Order(CasSecurityProperties.CAS_AUTH_ORDER + 1)
+    static class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+        /**
+         * Ignoring path by completely remove security filter on /ignored endpoint.
+         * That method should be use when you really need security/authentication.
+         * For example for resources/static endpoints
+         * <p>
+         * If you would just like to {@code permitAll()} an endpoint you should instead check
+         * {@see OverrideDefaultCasSecurity#configure} method.
+         */
+        @Override
+        public void configure(WebSecurity web) {
+            web.ignoring().antMatchers("/ignored");
+        }
+    }
+
+    @Configuration
+    @Conditional(CasSecurityCondition.class)
+    static class OverrideDefaultCasSecurity extends CasSecurityConfigurerAdapter {
+
+        /**
+         * Permit all an specific endpoint
+         */
+        @Override
+        public void configure(HttpSecurity http) throws Exception {
+            http.authorizeRequests().antMatchers("/permit-all").permitAll();
+        }
+    }
+
     @Profile("!custom-logout")
     @Configuration
     @Conditional(CasSecurityCondition.class)
@@ -139,6 +173,7 @@ public void configure(HttpSecurity http) throws Exception {
     @Profile("custom-logout")
     @Configuration
     static class WebMvcConfiguration implements WebMvcConfigurer {
+
         @Override
         public void addViewControllers(ViewControllerRegistry registry) {
             registry.addViewController("/logout.html").setViewName("logout");
@@ -232,6 +267,11 @@ public String hello(Authentication authentication, Model model) {
             return casRestTemplate.getForEntity("http://httpbin.org/get", String.class).getBody();
         }
 
+        @RequestMapping(path = "/permit-all")
+        public String permitAll() {
+            return "index";
+        }
+
         @RequestMapping(path = "/ignored")
         public String ignored() {
             return "index";

cas-security-spring-boot-starter/pom.xml

@@ -10,7 +10,7 @@
     <parent>
         <groupId>com.kakawait</groupId>
         <artifactId>cas-security-spring-boot-parent</artifactId>
-        <version>1.0.0</version>
+        <version>1.0.1</version>
     </parent>
 
     <name>Cas security spring boot starter</name>

pom.xml

@@ -7,7 +7,7 @@
     <groupId>com.kakawait</groupId>
     <artifactId>cas-security-spring-boot-parent</artifactId>
     <packaging>pom</packaging>
-    <version>1.0.0</version>
+    <version>1.0.1</version>
 
     <name>Cas security spring boot parent</name>
     <description>Spring boot starter for Apereo CAS client fully integrated with Spring security</description>
@@ -49,22 +49,22 @@
         <maven.compiler.target>1.8</maven.compiler.target>
 
         <!-- spring managed version -->
-        <jackson.version>2.9.9</jackson.version>
-        <jackson-databind.version>2.9.9.3</jackson-databind.version>
+        <jackson.version>2.10.2</jackson.version>
+        <jackson-databind.version>2.10.2</jackson-databind.version>
 
         <!-- dependencies -->
-        <spring-boot-dependencies.version>2.1.7.RELEASE</spring-boot-dependencies.version>
+        <spring-boot-dependencies.version>2.2.4.RELEASE</spring-boot-dependencies.version>
 
         <!-- provided dependencies -->
-        <lombok.version>1.18.8</lombok.version>
+        <lombok.version>1.18.10</lombok.version>
 
         <!-- test dependencies -->
-        <assertj-core.version>3.13.2</assertj-core.version>
-        <mockito-core.version>3.0.0</mockito-core.version>
+        <assertj-core.version>3.15.0</assertj-core.version>
+        <mockito-core.version>3.2.4</mockito-core.version>
 
         <!-- plugins -->
         <jacoco-maven-plugin.version>0.8.4</jacoco-maven-plugin.version>
-        <maven-source-plugin.version>3.1.0</maven-source-plugin.version>
+        <maven-source-plugin.version>3.2.1</maven-source-plugin.version>
         <maven-javadoc-plugin.version>3.1.1</maven-javadoc-plugin.version>
         <maven-gpg-plugin.version>1.6</maven-gpg-plugin.version>
         <nexus-staging-maven-plugin.version>1.6.8</nexus-staging-maven-plugin.version>

spring-security-cas-extension/pom.xml

@@ -10,7 +10,7 @@
     <parent>
         <groupId>com.kakawait</groupId>
         <artifactId>cas-security-spring-boot-parent</artifactId>
-        <version>1.0.0</version>
+        <version>1.0.1</version>
     </parent>
 
     <name>Spring security cas extension</name>

spring-security-cas-extension/src/main/java/com/kakawait/spring/security/cas/LaxServiceProperties.java

@@ -19,7 +19,7 @@ public LaxServiceProperties(boolean dynamicServiceResolution) {
     }
 
     @Override
-    public void afterPropertiesSet() throws Exception {
+    public void afterPropertiesSet() {
         if (!dynamicServiceResolution) {
             super.afterPropertiesSet();
         } else {