Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bugfix/idporten cors #3653

Merged
merged 8 commits into from
Oct 15, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -133,4 +133,4 @@ private Function<PredicateSpec, Buildable<Route>> createRoute(String segment, St
.filters(filter, addUserJwtHeaderFilter())
).uri(host);
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationRequestResolver;
import org.springframework.security.web.server.SecurityWebFilterChain;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;
import reactor.core.publisher.Mono;


@Slf4j
Expand Down Expand Up @@ -59,7 +60,8 @@ public SecurityWebFilterChain configure(ServerHttpSecurity http, ServerOAuth2Aut
var logoutSuccessHandler = new LogoutSuccessHandler();
logoutSuccessHandler.applyOn("idporten", new IdportenOcidLogoutUrlResolver(wellKnownUrl, postLogoutRedirectUri));

return http.cors(ServerHttpSecurity.CorsSpec::disable)
return http
.cors(ServerHttpSecurity.CorsSpec::disable)
.csrf(ServerHttpSecurity.CsrfSpec::disable)
.authorizeExchange(authorizeExchangeSpec -> authorizeExchangeSpec.pathMatchers(
"/internal/isReady",
Expand All @@ -78,10 +80,17 @@ public SecurityWebFilterChain configure(ServerHttpSecurity http, ServerOAuth2Aut
).permitAll()
.anyExchange().authenticated())
.oauth2Login(oAuth2LoginSpec -> oAuth2LoginSpec
.authenticationFailureHandler((webFilterExchange, exception) -> {
log.error("Failed to authenticate user", exception);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Supert 👍

return Mono.error(exception);
})
.authenticationManager(authenticationManager)
.authorizationRequestResolver(requestResolver)
.authenticationSuccessHandler(authenticationSuccessHandler))
.formLogin(formLoginSpec -> formLoginSpec.loginPage(LOGIN))
.formLogin(formLoginSpec -> formLoginSpec.loginPage(LOGIN).authenticationFailureHandler((webFilterExchange, exception) -> {
log.error("Failed to authenticate user", exception);
return Mono.error(exception);
}))
.logout(logoutSpec -> logoutSpec
.logoutUrl(LOGOUT)
.requiresLogout(ServerWebExchangeMatchers.pathMatchers(HttpMethod.GET, LOGOUT))
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@

import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import no.nav.dolly.web.domain.LogEvent;
import no.nav.dolly.web.provider.web.dto.LogEventDTO;
import no.nav.dolly.web.service.LogService;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PostMapping;
Expand All @@ -12,10 +15,6 @@
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

import no.nav.dolly.web.domain.LogEvent;
import no.nav.dolly.web.provider.web.dto.LogEventDTO;
import no.nav.dolly.web.service.LogService;


@Slf4j
@RestController
Expand All @@ -34,6 +33,6 @@ public Mono<ResponseEntity<HttpStatus>> logg(
) {
return logService
.log(new LogEvent(dto, userAgent, host), exchange)
.map(response -> ResponseEntity.noContent().build());
.then(Mono.fromCallable(() -> ResponseEntity.noContent().build()));
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ public Mono<ResponseEntity<?>> delete(ServerWebExchange exchange) {
public Mono<ResponseEntity<?>> addUserToSession(@RequestParam String organisasjonsnummer, ServerWebExchange exchange) {
return personOrganisasjonTilgangConsumer
.hasAccess(organisasjonsnummer, exchange)
.doOnError(e -> log.error("Feil ved sjekk av tilgang til org {}", organisasjonsnummer, e))
.flatMap(hasAccess -> {
if (Boolean.FALSE.equals(hasAccess)) {
log.error("Bruker mangler tilgang til org {}", organisasjonsnummer);
Expand All @@ -55,6 +56,7 @@ public Mono<ResponseEntity<?>> addUserToSession(@RequestParam String organisasjo
}
return brukerService.getId(organisasjonsnummer, exchange).flatMap(id -> exchange
.getSession()
.doOnError(e -> log.error("Feil ved lagring av bruker i session", e))
.doOnSuccess(session -> session.getAttributes().put(UserSessionConstant.SESSION_USER_ID_KEY, id))
.map(value -> ResponseEntity.ok().build())
).switchIfEmpty(Mono.just(ResponseEntity.notFound().build()));
Expand Down
12 changes: 6 additions & 6 deletions apps/dolly-frontend/src/main/js/src/RootComponent.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -67,9 +67,9 @@ const ErrorView = () => {
}

export const RootComponent = () => (
<Provider store={store}>
<Router history={history}>
<ErrorBoundary>
<ErrorBoundary>
<Provider store={store}>
<Router history={history}>
<SWRConfig
value={{
dedupingInterval: 5000,
Expand All @@ -82,7 +82,7 @@ export const RootComponent = () => (
<Route errorElement={<ErrorView />} path="*" element={<App />} />
</FaroRoutes>
</SWRConfig>
</ErrorBoundary>
</Router>
</Provider>
</Router>
</Provider>
</ErrorBoundary>
)
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,11 @@ export const AppError = ({ error, stackTrace, style }: Props) => {
]

useEffect(() => {
console.error('Ukjent error i Dolly: ' + error)
if (errorsRequiringReload.some((e) => error?.toString()?.includes(e))) {
navigate(0)
}
}, [])
}, [error])

return (
<div className="application-error" style={style}>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
export const navigateToLogin = (feilmelding?: string) => {
console.error(feilmelding)
console.error('Ukjent feil i Dolly, feilmelding: ' + feilmelding)
window.location.href = '/login'
}
3 changes: 3 additions & 0 deletions apps/dolly-frontend/src/main/js/vite.config.js
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,9 @@ export default defineConfig(({ mode }) => ({
outDir: 'build',
sourcemap: true,
cssCodeSplit: false,
rollupOptions: {
external: ['./nais.js'],
},
},
optimizeDeps: { exclude: ['node_modules/.cache'] },
resolve: {
Expand Down
Loading