Add optional authentication (#67)

* Add optional authentication * Add example config for Google OAuth
2020-07-07 14:46:33 +03:00 · 2020-07-07 14:46:33 +03:00 · 4ed5f2dd10
commit 4ed5f2dd10
parent 7b61a9b51d
4 changed files with 45 additions and 1 deletions
--- a/kafka-ui-api/pom.xml
+++ b/kafka-ui-api/pom.xml
@ -34,6 +34,14 @@
                </exclusion>
            </exclusions>
        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-oauth2-client</artifactId>
+        </dependency>
        <dependency>
            <groupId>com.provectus</groupId>
            <artifactId>kafka-ui-contract</artifactId>
--- a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/cluster/config/SecurityConfig.java
+++ b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/cluster/config/SecurityConfig.java
@ -0,0 +1,24 @@
+package com.provectus.kafka.ui.cluster.config;
+
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
+import org.springframework.security.config.web.server.ServerHttpSecurity;
+import org.springframework.security.web.server.SecurityWebFilterChain;
+
+@Configuration
+@EnableWebFluxSecurity
+@ConditionalOnProperty(value = "auth.enabled", havingValue = "false")
+public class SecurityConfig {
+
+	@Bean
+	public SecurityWebFilterChain configure(ServerHttpSecurity http) {
+		return http.authorizeExchange()
+				.anyExchange().permitAll()
+				.and()
+				.csrf().disable()
+				.build();
+	}
+
+}
--- a/kafka-ui-api/src/main/resources/application-gauth.yml
+++ b/kafka-ui-api/src/main/resources/application-gauth.yml
@ -0,0 +1,10 @@
+auth:
+  enabled: true
+spring:
+  security:
+    oauth2:
+      client:
+        registration:
+          google:
+            client-id: [put your client id here]
+            client-secret: [put your client secret here]
--- a/kafka-ui-api/src/main/resources/application-local.yml
+++ b/kafka-ui-api/src/main/resources/application-local.yml
@ -22,4 +22,6 @@ zookeeper:
  connection-timeout: 1000
 spring:
  jmx:
-    enabled: true
+    enabled: true
+auth:
+  enabled: false