#28 Add configurable redirect uri

indigo-dc · Nov 28, 2019 · 34d8414 · 34d8414
1 parent 57f1e10
commit 34d8414
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 2 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -6,6 +6,8 @@ ENV IAM_URL 'https://iam-test.indigo-datacloud.eu'
 ENV IAM_AUTHORIZE_URL 'https://iam-test.indigo-datacloud.eu/authorize'
 ENV IAM_CLIENT_ID '53b937c5-fd53-4626-9400-8b21838d7de2'
 ENV IAM_CLIENT_SECRET 'fcqrPQYZtR-CETMdvxrNoQAKtDw-Qy8hb0ItHd4cX6IJpi6f7124YDYV8SAuL99KfkWMQchQalBP2fJAlhRB7Q'
+ENV SET_CURRENT_URI 'True'
+ENV AUTH_RETURN_POINT ''
 ENV CMDB_URL 'http://indigo.cloud.plgrid.pl'
 ENV ONEDATA_URL 'https://onedata.org'
 ENV MYSQL_ADDRESS 'mysql'

diff --git a/docker/indigo-slam.sh b/docker/indigo-slam.sh
@@ -16,6 +16,8 @@ java -Dserver.address=0.0.0.0 \
      -Dunity.server.authorize=$IAM_AUTHORIZE_URL \
      -Dunity.server.clientId=$IAM_CLIENT_ID \
      -Dunity.server.clientSecret=$IAM_CLIENT_SECRET \
+     -Dauth.setCurrentUri=$SET_CURRENT_URI \
+     -Dauth.returnPoint.iam=$AUTH_RETURN_POINT \
      -Dcmdb.url=$CMDB_URL \
      -Donedata.url=$ONEDATA_URL \
      -Dadmin.emails=$PROVIDER_EMAIL \

diff --git a/src/main/java/pl/cyfronet/indigo/security/ClientApplication.java b/src/main/java/pl/cyfronet/indigo/security/ClientApplication.java
@@ -35,6 +35,12 @@ public class ClientApplication {
     @Value("${unity.server.clientSecret}")
     private String clientSecret;
 
+    @Value("${auth.returnPoint.iam}")
+    private String preEstablishedRedirectUri;
+
+    @Value("${auth.setCurrentUri:true}")
+    private boolean useCurrentUri;
+
     @Value("#{'${unity.scopes}'.split(',')}")
     private List<String> scopesList;
 
@@ -49,7 +55,10 @@ public OAuth2ProtectedResourceDetails resource() {
         resource.setClientSecret(clientSecret);
         resource.setUserAuthorizationUri(authorize);
         resource.setAccessTokenUri(token);
-        resource.setUseCurrentUri(true);
+        resource.setUseCurrentUri(useCurrentUri);
+        if (!useCurrentUri) {
+            resource.setPreEstablishedRedirectUri(preEstablishedRedirectUri);
+        }
         resource.setScope(scopesList);
         return resource;
     }

diff --git a/src/main/resources/auth.properties b/src/main/resources/auth.properties
@@ -12,4 +12,7 @@ unity.server.userInfoAction=/userinfo
 unity.entryPointUnityUrl=/auth
 unity.entryPointAuthUrl=/auth
 unity.unauthorizedAction=/unauthorized
-
+#this variable is overloaded in docker (see docker/indigo-slam.sh
+auth.returnPoint.iam=https://localhost:8443/auth
+#this variable is overloaded in docker (see docker/indigo-slam.sh
+auth.setCurrentUri=false