diff --git a/docker/hangar/application.yml b/docker/hangar/application.yml index 85db82012..3f99302a9 100644 --- a/docker/hangar/application.yml +++ b/docker/hangar/application.yml @@ -96,7 +96,7 @@ hangar: secure: false unsafe-download-max-age: 600000 api: - url: "http://localhost:8000" + url: "http://auth:8000" avatar-url: "http://localhost:8000/avatar/%s?size=120x120" # only comment in if you run auth locally # avatar-url: "https://paper.readthedocs.io/en/latest/_images/papermc_logomark_500.png" key: changeme diff --git a/src/main/java/io/papermc/hangar/config/SecurityConfig.java b/src/main/java/io/papermc/hangar/config/SecurityConfig.java index ee25bbdd7..0b901dd37 100644 --- a/src/main/java/io/papermc/hangar/config/SecurityConfig.java +++ b/src/main/java/io/papermc/hangar/config/SecurityConfig.java @@ -41,7 +41,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { http.csrf().ignoringAntMatchers( - "/api/v2/authenticate", "/api/v2/sessions/current", "/api/v2/keys", "/api/v2/sync_sso" + "/api/v2/authenticate", "/api/v2/sessions/current", "/api/v2/keys", "/api/sync_sso" ); http.addFilter(new HangarAuthenticationFilter()); diff --git a/src/main/java/io/papermc/hangar/controller/Apiv1Controller.java b/src/main/java/io/papermc/hangar/controller/Apiv1Controller.java index b20b2c0d9..51f1d0023 100644 --- a/src/main/java/io/papermc/hangar/controller/Apiv1Controller.java +++ b/src/main/java/io/papermc/hangar/controller/Apiv1Controller.java @@ -34,6 +34,8 @@ import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; import org.springframework.security.access.annotation.Secured; import org.springframework.stereotype.Controller; +import org.springframework.util.LinkedMultiValueMap; +import org.springframework.util.MultiValueMap; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PostMapping; @@ -300,7 +302,7 @@ public class Apiv1Controller extends HangarController { } @PostMapping(value = "/sync_sso") - public ResponseEntity syncSso(@RequestParam String sso, @RequestParam String sig, @RequestParam String apiKey) { + public ResponseEntity> syncSso(@RequestParam String sso, @RequestParam String sig, @RequestParam("api_key") String apiKey) { if (!apiKey.equals(hangarConfig.sso.getApiKey())) { log.warn("SSO sync failed: bad API key (" + apiKey + " provided, " + hangarConfig.sso.getApiKey() + " expected)"); return new ResponseEntity<>(HttpStatus.BAD_REQUEST); @@ -310,7 +312,9 @@ public class Apiv1Controller extends HangarController { SsoSyncData data = SsoSyncData.fromSignedPayload(map); userService.ssoSyncUser(data); log.debug("SSO sync successful: " + map.toString()); - return new ResponseEntity<>(mapper.createObjectNode().set("status", mapper.valueToTree("success")), HttpStatus.OK); + MultiValueMap ssoResponse = new LinkedMultiValueMap<>(); + ssoResponse.set("status", "success"); + return new ResponseEntity<>(ssoResponse, HttpStatus.OK); } catch (SignatureException e) { log.warn("SSO sync failed: invalid signature (" + sig + " for data " + sso + ")"); return new ResponseEntity<>(HttpStatus.BAD_REQUEST); diff --git a/src/main/java/io/papermc/hangar/controller/UsersController.java b/src/main/java/io/papermc/hangar/controller/UsersController.java index 77dac6e5d..f2fd1be6d 100644 --- a/src/main/java/io/papermc/hangar/controller/UsersController.java +++ b/src/main/java/io/papermc/hangar/controller/UsersController.java @@ -153,7 +153,7 @@ public class UsersController extends HangarController { public ModelAndView logout(HttpSession session) { // TODO flash session.invalidate(); - return new ModelAndView("redirect:" + hangarConfig.security.api.getUrl() + "/accounts/logout/"); + return new ModelAndView("redirect:" + hangarConfig.getAuthUrl() + "/accounts/logout/"); } @Secured("ROLE_USER") diff --git a/src/main/java/io/papermc/hangar/service/OrgFactory.java b/src/main/java/io/papermc/hangar/service/OrgFactory.java index e25391179..9e2398a43 100644 --- a/src/main/java/io/papermc/hangar/service/OrgFactory.java +++ b/src/main/java/io/papermc/hangar/service/OrgFactory.java @@ -1,17 +1,15 @@ package io.papermc.hangar.service; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.node.ObjectNode; import io.papermc.hangar.config.hangar.HangarConfig; import io.papermc.hangar.db.dao.HangarDao; import io.papermc.hangar.db.dao.OrganizationDao; import io.papermc.hangar.db.dao.UserDao; import io.papermc.hangar.db.model.OrganizationsTable; -import io.papermc.hangar.db.model.UsersTable; import io.papermc.hangar.model.NotificationType; -import io.papermc.hangar.model.Prompt; import io.papermc.hangar.model.Role; import io.papermc.hangar.model.viewhelpers.UserData; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.node.ObjectNode; import io.papermc.hangar.service.sso.AuthUser; import io.papermc.hangar.util.HangarException; import org.springframework.beans.factory.annotation.Autowired; @@ -23,7 +21,6 @@ import org.springframework.util.LinkedMultiValueMap; import org.springframework.util.MultiValueMap; import org.springframework.web.client.RestTemplate; -import java.util.List; import java.util.Locale; import java.util.Map; @@ -73,9 +70,7 @@ public class OrgFactory { } else { authOrgUser = new AuthUser(-100, name, dummyEmail, "", Locale.ENGLISH, null); } - - // TODO this will happen via /api/sync_sso, but I have no idea how to get that whole system working with Docker - userDao.get().insert(new UsersTable(authOrgUser.getId(), null, name, dummyEmail, null, List.of(), false, authOrgUser.getLang().toLanguageTag())); + // Just a note, the /api/sync_sso creates the org user here, so it will already be created when the above response is returned OrganizationsTable org = new OrganizationsTable(name, ownerId, authOrgUser.getId()); org = organizationDao.get().insert(org); long orgId = org.getId(); diff --git a/src/main/java/io/papermc/hangar/service/SsoService.java b/src/main/java/io/papermc/hangar/service/SsoService.java index 2e3e7e3bb..898f4154f 100644 --- a/src/main/java/io/papermc/hangar/service/SsoService.java +++ b/src/main/java/io/papermc/hangar/service/SsoService.java @@ -72,7 +72,7 @@ public class SsoService { String payload = generatePayload( returnUrl, generatedNonce); String sig = sign(payload); String urlEncoded = URLEncoder.encode(payload, StandardCharsets.UTF_8); - return new UrlWithNonce(String.format("%s?sso=%s&sig=%s", hangarConfig.security.api.getUrl() + baseUrl, urlEncoded, sig), generatedNonce); + return new UrlWithNonce(String.format("%s?sso=%s&sig=%s", hangarConfig.getAuthUrl() + baseUrl, urlEncoded, sig), generatedNonce); } private String nonce() {