Browse Source

ws protection

cloud-keycloak
Dmitriy Sim 3 years ago
parent
commit
42ccdc3a5f
3 changed files with 31 additions and 1 deletions
  1. +2
    -1
      demo-client-app/src/App.js
  2. +7
    -0
      demo-resource-server/src/main/java/ru/digitalbanana/demoresourceserver/config/WebSocketConfig.java
  3. +22
    -0
      demo-resource-server/src/main/java/ru/digitalbanana/demoresourceserver/config/WebSocketSecurityConfig.java

+ 2
- 1
demo-client-app/src/App.js View File

@ -28,9 +28,10 @@ const connect = async (token) => {
stomp = Stomp.over(sock); stomp = Stomp.over(sock);
// disable stomp logging // disable stomp logging
stomp.debug = (msg) => {}
stomp.debug = (msg) => {};
stomp.connect( stomp.connect(
// { "X-Authorization": token.split(".").slice(0, 2).join(".") + "alkdjalskdjals" },
{ "X-Authorization": token }, { "X-Authorization": token },
(frame) => { (frame) => {
console.log("Connected", frame); console.log("Connected", frame);


+ 7
- 0
demo-resource-server/src/main/java/ru/digitalbanana/demoresourceserver/config/WebSocketConfig.java View File

@ -4,6 +4,8 @@ import java.util.List;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.messaging.Message; import org.springframework.messaging.Message;
import org.springframework.messaging.MessageChannel; import org.springframework.messaging.MessageChannel;
import org.springframework.messaging.simp.config.ChannelRegistration; import org.springframework.messaging.simp.config.ChannelRegistration;
@ -25,6 +27,7 @@ import org.springframework.web.socket.config.annotation.WebSocketTransportRegist
* Created by dima on 8/12/16. * Created by dima on 8/12/16.
*/ */
@Configuration @Configuration
@Order(Ordered.HIGHEST_PRECEDENCE + 99)
@EnableWebSocketMessageBroker @EnableWebSocketMessageBroker
public class WebSocketConfig implements WebSocketMessageBrokerConfigurer { public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {
@ -40,6 +43,10 @@ public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {
MessageHeaderAccessor.getAccessor(message, StompHeaderAccessor.class); MessageHeaderAccessor.getAccessor(message, StompHeaderAccessor.class);
if (StompCommand.CONNECT.equals(accessor.getCommand())) { if (StompCommand.CONNECT.equals(accessor.getCommand())) {
List<String> authorization = accessor.getNativeHeader("X-Authorization"); List<String> authorization = accessor.getNativeHeader("X-Authorization");
if (authorization == null || authorization.isEmpty()) {
return null;
}
String accessToken = authorization.get(0); String accessToken = authorization.get(0);
Jwt jwt = jwtDecoder.decode(accessToken); Jwt jwt = jwtDecoder.decode(accessToken);


+ 22
- 0
demo-resource-server/src/main/java/ru/digitalbanana/demoresourceserver/config/WebSocketSecurityConfig.java View File

@ -0,0 +1,22 @@
package ru.digitalbanana.demoresourceserver.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry;
import org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer;
/**
* Simple web socket security Created by dima on 8/13/16.
*/
@Configuration
public class WebSocketSecurityConfig extends AbstractSecurityWebSocketMessageBrokerConfigurer {
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
messages.anyMessage().authenticated();
}
@Override
protected boolean sameOriginDisabled() {
return true;
}
}

Loading…
Cancel
Save