diff --git a/app/Dockerfile b/app/Dockerfile
index 614c1a67a51978574d32bf5e400817ee2f4a5de2..ba49eaddbe492346846e9c8dc4c706322d658928 100644
--- a/app/Dockerfile
+++ b/app/Dockerfile
@@ -1,3 +1,3 @@
-FROM openjdk:11
+FROM openjdk:17
COPY /target/auth-app-1.1.0-SNAPSHOT.jar auth-app-1.1.0-SNAPSHOT.jar
ENTRYPOINT ["java", "-jar", "/auth-app-1.1.0-SNAPSHOT.jar"]
diff --git a/app/src/main/java/eu/gaiax/difs/aas/config/SecurityConfig.java b/app/src/main/java/eu/gaiax/difs/aas/config/SecurityConfig.java
index 96a5e4bb792aea3f35e0f370117d7e1477364cd3..e044c5dfd0b1518a63e2aa5a073a231bd713ca37 100644
--- a/app/src/main/java/eu/gaiax/difs/aas/config/SecurityConfig.java
+++ b/app/src/main/java/eu/gaiax/difs/aas/config/SecurityConfig.java
@@ -5,6 +5,7 @@ import jakarta.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -13,6 +14,7 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.access.AccessDeniedHandler;
+@Configuration
@EnableWebSecurity //(debug=true)
public class SecurityConfig {
diff --git a/demo/Dockerfile b/demo/Dockerfile
index 614c1a67a51978574d32bf5e400817ee2f4a5de2..aedc38cfa19eb065a4ab5a58a3f66a2953aff7eb 100644
--- a/demo/Dockerfile
+++ b/demo/Dockerfile
@@ -1,3 +1,3 @@
-FROM openjdk:11
+FROM openjdk:17-alpine
COPY /target/auth-app-1.1.0-SNAPSHOT.jar auth-app-1.1.0-SNAPSHOT.jar
ENTRYPOINT ["java", "-jar", "/auth-app-1.1.0-SNAPSHOT.jar"]
diff --git a/service/Dockerfile b/service/Dockerfile
index 0bfb06ca3e26ed09cbc05c49189da73a0e8b6c2c..542501ec1eb37da261bbcfe60375031020cf1ffc 100644
--- a/service/Dockerfile
+++ b/service/Dockerfile
@@ -1,3 +1,3 @@
-FROM openjdk:11
+FROM openjdk:17
COPY /target/auth-service-1.1.0-SNAPSHOT.jar auth-service-1.1.0-SNAPSHOT.jar
ENTRYPOINT ["java", "-jar", "/auth-service-1.1.0-SNAPSHOT.jar"]
diff --git a/service/src/main/java/eu/gaiax/difs/aas/config/SecurityConfig.java b/service/src/main/java/eu/gaiax/difs/aas/config/SecurityConfig.java
index 4ee9033afb49c4111db12ee8b43b7a23c20ef857..d7053029c7c6be0570ccaf384e756082575b6ff7 100644
--- a/service/src/main/java/eu/gaiax/difs/aas/config/SecurityConfig.java
+++ b/service/src/main/java/eu/gaiax/difs/aas/config/SecurityConfig.java
@@ -35,6 +35,7 @@ import org.springframework.security.oauth2.server.authorization.token.JwtEncodin
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenCustomizer;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
+import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
import eu.gaiax.difs.aas.service.SsiAuthProvider;
@@ -52,6 +53,9 @@ public class SecurityConfig {
@Bean
public SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http, HandlerMappingIntrospector introspector) throws Exception {
log.debug("defaultSecurityFilterChain.enter");
+ HttpSessionRequestCache requestCache = new HttpSessionRequestCache();
+ requestCache.setRequestMatcher(antMatcher("/oauth2/**"));
+ requestCache.setMatchingRequestParameterName(null);
http
.csrf()
.disable()
@@ -80,7 +84,9 @@ public class SecurityConfig {
.and()
.logout()
.logoutSuccessUrl("/ssi/login?logout")
- .invalidateHttpSession(true);
+ .invalidateHttpSession(true)
+ .and()
+ .requestCache(cache -> cache.requestCache(requestCache));
log.debug("defaultSecurityFilterChain.exit");
return http.build();
}
diff --git a/service/src/main/resources/templates/login-template.html b/service/src/main/resources/templates/login-template.html
index c8997cf99f60264e8653c850479f2a1febb5d6b1..bff675c342e2701ecd889ba71f572625b7ce71dd 100644
--- a/service/src/main/resources/templates/login-template.html
+++ b/service/src/main/resources/templates/login-template.html
@@ -24,8 +24,8 @@
</div>
<div class="navigation-bar">
<div class="navigation-links">
- <!--<a class="navigation-link" th:text="#{data}"></a>
- <a class="navigation-link" th:text="#{provider}"></a>-->
+ <a class="navigation-link" th:text="#{data}"></a>
+ <a class="navigation-link" th:text="#{provider}"></a>
<div class="language-component">
<div class="display-language-component navigation-link">
<span id="display-language" th:text="#{displayLanguage}">
@@ -39,10 +39,10 @@
</ul>
</div>
</div>
- <div class="mobile-header">
+ <!--div class="mobile-header">
<h1 th:text="#{title}">Welcome to Gaia-X</h1>
<p th:text="#{subtitle}">Sign in to continue</p>
- </div>
+ </div-->
</div>
</header>
<main>
@@ -56,7 +56,7 @@
<div class="card-bottom-contents">
<h2 id="greeting" th:text="#{qrTitle}">Scan the QR code with your mobile device</h2>
<img th:src="${qrUrl}" alt="QR Code">
- <form id="login" th:action="@{/ssi/login}" method="post">
+ <form id="login" th:action="@{/login}" method="post">
<table>
<tr>
<td><input class="input-box" type='hidden' name='username' th:value='${requestId}'/></td>
@@ -68,18 +68,18 @@
<td><input id="sign-in-button" class="action_button" name="qr-smartphone-button" type="button"
onclick="openApp(this)" th:urlarg='${mobileUrl}' th:value="#{scanWithPcm}"/></td>
</tr>
- <!--<tr>
+ <!--tr>
<td><input id="scan-qr-browser-button" class="action_button" name="qr-browser-button" type="button"
th:value="#{scanWithBrowser}"/></td>
- </tr>-->
- <!-- <tr>
+ </tr-->
+ <!--tr>
<td><input id="back-to-standard-login-button" class="action_button bottom-button" name="back" onclick="history.back()"
type="button" th:value="#{faq}"/></td>
- </tr>-->
+ </tr-->
</table>
</form>
- <!--<p class="account-registration" th:text="#{noAccount}"></p>
- <a class="account-registration-link" th:text="#{register}"></a>-->
+ <p class="account-registration" th:text="#{noAccount}"></p>
+ <a class="account-registration-link" th:text="#{register}"></a>
</div>
</div>
</div>
@@ -99,37 +99,33 @@
<script type="application/javascript">
const interval = window.setInterval(async function submitForm() {
try {
- const response = await fetch(window.location.origin + "/ssi/login/status",{ credentials: 'same-origin' });
-
- if(response.status == 302)
- {
+ const response = await fetch(window.location.origin + "/ssi/login/status", { credentials: 'same-origin' });
+ if(response.status == 302) {
clearInterval(interval);
document.forms["login"].submit()
}
-
} catch (err) {
console.log(err);
}
- },5000);
-
-
- /* window.onload = function() {
-
- var auto = setTimeout(function() { submitForm(); }, 5000);
-
- async function submitForm() {
- document.forms["login"].submit();
- }
-
- function autoRefresh() {
- clearTimeout(auto);
- auto = setTimeout(function() { submitForm(); autoRefresh(); }, 7000);
- }
- }*/
+ }, 5000);
</script>
<footer>
<hr class="footer-divider">
+ <div class="footer-bottom">
+ <!--p class="copyright">© 2022 T-Systems International GmbH</p-->
+ <div class="bottom-nav-bar">
+ <a th:text="#{imprint}"></a>
+ <a th:text="#{privacyPolicy}"></a>
+ <a th:text="#{cookies}"></a>
+ <a th:text="#{terms}"></a>
+ <a th:text="#{contact}"></a>
+ <a th:text="#{help}"></a>
+ </div>
+ </div>
+ <div class="footer-end-of-page">
+ <p th:text="#{footnote}"></p>
+ </div>
</footer>
</body>
</html>