Merge pull request #8 from ls1intum/add-basic-auth

Add basic auth to secure GET requests to api/telemetry

README.md

@@ -23,4 +23,11 @@ artemis:
     enabled: true
     sendAdminDetails: true
     destination: http://localhost:8081
+```
+
+We use basic authentication for getting the data from the telemetry service. You will need to adjust the `application.yml` of the telemetry service accordingly:
+```
+telemetry:
+    user: <user>
+    password: <password>
 ```

build.gradle

@@ -20,6 +20,7 @@ repositories {
 dependencies {
     implementation "org.springframework.boot:spring-boot-starter-data-jpa"
     implementation "org.springframework.boot:spring-boot-starter-web"
+    implementation "org.springframework.boot:spring-boot-starter-security"
     implementation "org.hibernate.orm:hibernate-community-dialects:${hibernate_version}"
     implementation "org.apache.commons:commons-lang3"
     implementation "com.zaxxer:HikariCP"

src/main/java/de/tum/cit/ase/artemistelemetry/security/SecurityConfig.java

@@ -0,0 +1,50 @@
+package de.tum.cit.ase.artemistelemetry.security;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig {
+
+    @Value("${telemetry.user}")
+    private String telemetryUser;
+
+    @Value("${telemetry.password}")
+    private String telemetryPassword;
+
+
+
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http
+                .csrf(csrf -> csrf.disable())
+                .authorizeHttpRequests(auth -> auth
+                        .requestMatchers(HttpMethod.GET, "/api/telemetry/**").authenticated()
+                        .anyRequest().permitAll()
+                )
+                .httpBasic(httpBasic -> {});
+
+        return http.build();
+    }
+
+    @Bean
+    public UserDetailsService userDetailsService() {
+        UserDetails user = User.withDefaultPasswordEncoder()
+                .username(telemetryUser)
+                .password(telemetryPassword)
+                .roles("USER")
+                .build();
+
+        return new InMemoryUserDetailsManager(user);
+    }
+}