Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found
Select Git revision

Target

Select target project
  • perun/perun-proxyidp/v1/OpenID-Connect-Java-Spring-Server
1 result
Select Git revision
Show changes
Commits on Source (3)
# [17.3.0](https://gitlab.ics.muni.cz/perun/perun-proxyidp/v1/OpenID-Connect-Java-Spring-Server/compare/v17.2.2...v17.3.0) (2024-03-13)
### Features
* 🎸 Log incomming requests ([b28c941](https://gitlab.ics.muni.cz/perun/perun-proxyidp/v1/OpenID-Connect-Java-Spring-Server/commit/b28c941d6a155143b11e615b39eba5a8a5b06caa))
## [17.2.2](https://gitlab.ics.muni.cz/perun/perun-proxyidp/v1/OpenID-Connect-Java-Spring-Server/compare/v17.2.1...v17.2.2) (2024-03-13)
......
......@@ -21,7 +21,7 @@
<parent>
<groupId>cz.muni.ics</groupId>
<artifactId>perun-oidc-parent</artifactId>
<version>17.2.2</version>
<version>17.3.0</version>
<relativePath>../pom.xml</relativePath>
</parent>
......
......@@ -116,6 +116,8 @@
<security:expression-handler ref="oauthExpressionHandler" />
</security:global-method-security>
<bean id="logRequestFilter" class="cz.muni.ics.oidc.web.LogRequestFilter"/>
<!-- Token endpoint -->
<security:http pattern="/token"
create-session="stateless"
......@@ -127,6 +129,7 @@
<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
<!-- include this only if you need to authenticate clients via request parameters -->
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
<security:custom-filter ref="clientCredentialsEndpointFilter" after="BASIC_AUTH_FILTER" />
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
......@@ -140,6 +143,7 @@
entry-point-ref="oauthAuthenticationEntryPoint"
create-session="stateless">
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
<security:expression-handler ref="oauthWebExpressionHandler" />
......@@ -154,6 +158,7 @@
authentication-manager-ref="clientAuthenticationManager">
<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
......@@ -167,6 +172,7 @@
entry-point-ref="oauthAuthenticationEntryPoint"
create-session="stateless">
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
<security:expression-handler ref="oauthWebExpressionHandler" />
......@@ -181,6 +187,7 @@
authentication-manager-ref="clientAuthenticationManager">
<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
......@@ -197,6 +204,7 @@
<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
<!-- include this only if you need to authenticate clients via request parameters -->
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
<security:custom-filter ref="clientCredentialsEndpointFilter" after="BASIC_AUTH_FILTER" />
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
......@@ -211,6 +219,7 @@
create-session="stateless">
<security:intercept-url pattern="/#{T(cz.muni.ics.openid.connect.web.endpoint.JWKSetPublishingEndpoint).URL}**" access="permitAll"/>
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
<security:csrf disabled="true"/>
</security:http>
......@@ -222,6 +231,7 @@
create-session="stateless">
<security:intercept-url pattern="/#{T(cz.muni.ics.discovery.web.DiscoveryEndpoint).WELL_KNOWN_URL}/**" access="permitAll"/>
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
<security:csrf disabled="true"/>
</security:http>
......@@ -268,6 +278,7 @@
access="permitAll()"/>
<security:intercept-url pattern="/**" access="hasAnyRole('ROLE_USER','ROLE_EXCEPTION')"/>
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="metadataGeneratorFilter" before="CHANNEL_FILTER"/>
<security:custom-filter ref="clearSessionFilter" after="CHANNEL_FILTER"/>
<security:custom-filter ref="samlFilter" before="CSRF_FILTER"/>
......
......@@ -22,7 +22,7 @@
<parent>
<groupId>cz.muni.ics</groupId>
<artifactId>perun-oidc-parent</artifactId>
<version>17.2.2</version>
<version>17.3.0</version>
<relativePath>../pom.xml</relativePath>
</parent>
......
package cz.muni.ics.oidc.web;
import cz.muni.ics.oidc.server.configurations.PerunOidcConfig;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
@Slf4j
public class LogRequestFilter extends OncePerRequestFilter {
public static final String SEPARATOR = "---------------------------------------------------------------------\n";
public static final String WRAPPER = "#####################################################################\n";
public static final String MSG = WRAPPER +
"Incoming request: {} {}\n" +
SEPARATOR +
"PARAMETERS: {}\n" +
SEPARATOR +
"HEADERS: {}" +
WRAPPER;
@Override
protected void doFilterInternal(final HttpServletRequest req,
HttpServletResponse response,
FilterChain filterChain)
throws ServletException, IOException
{
log.trace(MSG, req.getMethod(), req.getRequestURL(),
Collections.list(req.getParameterNames())
.stream()
.collect(
Collectors.toMap(
parameter -> parameter,
parameter -> List.of(req.getParameterValues((String) parameter))
)
),
Collections.list(req.getHeaderNames())
.stream()
.collect(
Collectors.toMap(
header -> header,
header -> List.of(req.getHeaders((String)header))
)
)
);
filterChain.doFilter(req, response);
}
}
......@@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>cz.muni.ics</groupId>
<artifactId>perun-oidc-parent</artifactId>
<version>17.2.2</version>
<version>17.3.0</version>
<packaging>pom</packaging>
<modules>
......