Makefile

@@ -1,10 +1,7 @@
 help:
-	@echo "make [clean dev-front prod dev-back dev]"
+	@echo "make [clean dev-front prod dev-back]"
 
 clean: 
-	@cp config/frontdev.env front/MyINPulse-front/.env
-	@cp config/frontdev.env .env
-	@cp config/frontdev.env MyINPulse-back/.env
 	@cp config/prod.docker-compose.yaml docker-compose.yaml
 	@docker compose down
 	@rm -f docker-compose.yaml
@@ -45,13 +42,4 @@ dev-back:
 	@docker compose up -d --build
 	@echo "cd MyINPulse-back" && echo 'export $$(cat .env | xargs)'
 	@echo "./gradlew bootRun --args='--server.port=8081'"
-	
+	
-dev: clean vite
-	@cp config/dev.env front/MyINPulse-front/.env
-	@cp config/dev.env .env
-	@cp config/dev.env MyINPulse-back/.env
-	@cp config/dev.docker-compose.yaml docker-compose.yaml
-	@docker compose up -d --build
-	@echo "cd MyINPulse-back" && echo 'export $$(cat .env | xargs)'
-	@echo "./gradlew bootRun --args='--server.port=8081'"
-	@cd ./front/MyINPulse-front/ && npm run dev &

MyINPulse-back/src/main/java/enseirb/myinpulse/api/GetUserInfo.java

@@ -1,24 +1,43 @@
 package enseirb.myinpulse.api;
 
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.CrossOrigin;
+
+import java.security.Principal;
 
 @SpringBootApplication
 @RestController
 public class GetUserInfo {
-    @GetMapping("/unauth/random")
+    // TODO: understand how to get data
+    @GetMapping("/getUserInfo")
+    public Object user(Principal principal) {
+        System.out.println("GetUserInfo + " + principal);
+        System.out.println(SecurityContextHolder.getContext().getAuthentication());
+        return SecurityContextHolder.getContext().getAuthentication().getPrincipal();
+    }
+
+    @CrossOrigin(methods = {RequestMethod.GET, RequestMethod.OPTIONS})
+    @GetMapping("/random")
     public boolean rand() {
+        System.err.println("HELLO");
         return Math.random() > 0.5;
     }
 
-    @GetMapping("/admin/random")
+    @CrossOrigin(methods = {RequestMethod.GET, RequestMethod.OPTIONS})
+    @GetMapping("/random2")
     public boolean rand2() {
+        System.err.println("HELLO2");
         return Math.random() > 0.5;
     }
 
-    @GetMapping("/entrepreneur/random")
+    @CrossOrigin(methods = {RequestMethod.GET, RequestMethod.OPTIONS})
+    @GetMapping("/random3")
     public boolean rand3() {
+        System.err.println("HELLO");
         return Math.random() > 0.5;
     }
 }

MyINPulse-back/src/main/java/enseirb/myinpulse/config/WebSecurityCustomConfiguration.java

@@ -1,7 +1,6 @@
 package enseirb.myinpulse.config;
 
 import enseirb.myinpulse.security.KeycloakJwtRolesConverter;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -15,55 +14,37 @@ import java.util.List;
 
 import static org.springframework.security.authorization.AuthorityAuthorizationManager.hasRole;
 
-
 @Configuration
-public class WebSecurityCustomConfiguration {
+public class WebSecurityCustomConfiguration{
     // CORS configuration
-
+    // TODO: make sure to only accept our own domains
-    @Value("${VITE_APP_URL}")
-    private String frontendUrl;
-
-    /**
-     * Configure the CORS (Cross Origin Ressource Sharing -- a security feature) configuration.
-     * The only allowed website is the frontend, defined in the .env file.
-     *
-     * @return the CORS configuration used by the backend
-     */
     @Bean
     public CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration configuration = new CorsConfiguration();
-        configuration.setAllowedOrigins(List.of(frontendUrl));
+        configuration.setAllowedOrigins(List.of("*"));
         configuration.setAllowedMethods(Arrays.asList("GET", "OPTIONS"));
         configuration.setAllowedHeaders(
                 Arrays.asList(
                         "authorization",
                         "content-type",
-                        "x-auth-token"));
+                        "x-auth-token")); // Do not remove, this fixes the CORS errors when
+        // unauthenticated
         UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
         source.registerCorsConfiguration("/**", configuration);
 
         return source;
     }
 
-    /**
-     * Configure the authorisation required for each path.
-     * admin endpoints are under /admin/* and entrepreneur are under /entrepreneur/*
-     * If endpoints dont require authentication, they are under /unauth/
-     *
-     * @param http automatically filled in by spring.
-     * @return a securityfilterchain, automatically used by spring.
-     * @throws Exception TODO: figure out when the exception are raised
-     */
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http.authorizeHttpRequests(
                         authorize ->
                                 authorize
-                                        .requestMatchers("/entrepreneur/**")
+                                        .requestMatchers("/random2")
                                         .access(hasRole("REALM_MyINPulse-entrepreneur"))
-                                        .requestMatchers("/admin/**")
+                                        .requestMatchers("/random")
                                         .access(hasRole("REALM_MyINPulse-admin"))
-                                        .requestMatchers("/unauth/**")
+                                        .requestMatchers("/random3")
                                         .permitAll()
                                         .anyRequest()
                                         .authenticated())

MyINPulse-back/src/main/resources/application.properties

@@ -6,3 +6,4 @@ spring.datasource.url=jdbc:postgresql://${DATABASE_URL}/${BACKEND_DB}
 spring.datasource.username=${BACKEND_USER}
 spring.datasource.password=${BACKEND_PASSWORD}
 spring.jpa.hibernate.ddl-auto=update
+spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect

config/dev.docker-compose.yaml

@@ -1,52 +0,0 @@
-services:
-  postgres:
-    env_file: .env
-    build:
-      context: postgres/
-      dockerfile: Dockerfile
-    container_name: MyINPulse-DB
-    ports:
-      - 5433:5432
-    volumes:
-      - ./postgres/data:/var/lib/postgresql/data
-
-
-  keycloak:
-    container_name: MyINPulse-keycloak
-    build:
-      context: ./keycloak
-      dockerfile: Dockerfile
-      args:
-        KC_DB: postgres
-        KC_DB_URL: jdbc:postgresql://postgres/${POSTGRES_DB}
-        KC_DB_USERNAME: ${POSTGRES_USER}
-        KC_DB_PASSWORD: ${POSTGRES_PASSWORD}
-    environment:
-      KC_HOSTNAME_PORT: 7080
-      KC_HOSTNAME_STRICT_BACKCHANNEL: "true"
-      KC_BOOTSTRAP_ADMIN_USERNAME: ${KEYCLOAK_ADMIN}
-      KC_BOOTSTRAP_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
-      KC_LOG_LEVEL: info
-    command: ["start-dev", "--http-port", "7080", "--https-port", "7443", "--hostname", "${KEYCLOAK_HOSTNAME}"]
-    ports:
-      - "7080:7080"
-      - "7443:7443"
-    depends_on:
-      - postgres
-
-  #front:
-  #  build:
-  #    context: ./front/
-  #    dockerfile: Dockerfile
-  #  container_name: MyINPulse-front
-  #  ports:
-  #    - "8080:80"
-
-  #back:
-  #  build:
-  #    context: ./MyINPulse-back/
-  #    dockerfile: Dockerfile
-  #  container_name: MyINPulse-back
-  #  ports:
-  #    - "8081:8080"
-  

config/dev.env

@@ -1,22 +0,0 @@
-POSTGRES_DB=postgres_db
-POSTGRES_USER=postgres
-POSTGRES_PASSWORD=postgres_db_user_password
-
-KEYCLOAK_ADMIN=admin
-KEYCLOAK_ADMIN_PASSWORD=admin
-KEYCLOAK_HOSTNAME=localhost
-KEYCLOAK_DB=keycloak_db
-KEYCLOAK_USER=keycloak_db_user
-KEYCLOAK_PASSWORD=keycloak_db_user_password
-
-BACKEND_DB=backend_db
-BACKEND_USER=backend_db_user
-BACKEND_PASSWORD=backend_db_user_password
-
-DATABASE_URL=localhost:5433
-
-VITE_KEYCLOAK_URL=http://localhost:7080
-VITE_KEYCLOAK_CLIENT_ID=myinpulse-dev
-VITE_KEYCLOAK_REALM=test
-VITE_APP_URL=http://localhost:5173
-VITE_BACKEND_URL=http://localhost:8081/

config/prod.docker-compose.yaml

@@ -30,10 +30,10 @@ services:
       KC_BOOTSTRAP_ADMIN_USERNAME: ${KEYCLOAK_ADMIN}
       KC_BOOTSTRAP_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
       KC_LOG_LEVEL: info
-    command: ["start-dev", "--http-port", "7080", "--https-port", "7443", "--hostname", "${KEYCLOAK_HOSTNAME}"] # TODO: remove start-dev
+    command: ["start-dev", "--http-port", "7080", "--https-port", "7443", "--hostname", "${KEYCLOAK_HOSTNAME}"]
-    #ports:
+    ports:
-    #  - "7080:7080"
+      - "7080:7080"
-    #  - "7443:7443"
+      - "7443:7443"
     depends_on:
       - postgres
 
@@ -50,6 +50,6 @@ services:
       context: ./MyINPulse-back/
       dockerfile: Dockerfile
     container_name: MyINPulse-back
-    #ports:
+    ports:
-    #  - "8081:8080"
+      - "8081:8080"