refactor: app doesn't start without oauth2 configuration

2025-12-20 07:23:34 +01:00 · 2021-09-27 15:18:47 +08:00 · 2021-09-27 15:18:47 +08:00 · bb0063fb8d
commit bb0063fb8d
parent 73d8dab60c
2 changed files with 21 additions and 15 deletions
--- a/komga/src/main/kotlin/org/gotson/komga/infrastructure/security/SecurityConfiguration.kt
+++ b/komga/src/main/kotlin/org/gotson/komga/infrastructure/security/SecurityConfiguration.kt
@ -13,6 +13,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 import org.springframework.security.core.session.SessionRegistry
 import org.springframework.security.core.userdetails.UserDetailsService
 import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest
+import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository
 import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest
 import org.springframework.security.oauth2.client.userinfo.OAuth2UserService
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException
@ -30,9 +31,12 @@ class SecurityConfiguration(
  private val komgaUserDetailsLifecycle: UserDetailsService,
  private val oauth2UserService: OAuth2UserService<OAuth2UserRequest, OAuth2User>,
  private val oidcUserService: OAuth2UserService<OidcUserRequest, OidcUser>,
-  private val sessionRegistry: SessionRegistry
+  private val sessionRegistry: SessionRegistry,
+  clientRegistrationRepository: InMemoryClientRegistrationRepository?,
 ) : WebSecurityConfigurerAdapter() {

+  private val oauth2Enabled = clientRegistrationRepository != null
+
  override fun configure(http: HttpSecurity) {
    val userAgentWebAuthenticationDetailsSource = UserAgentWebAuthenticationDetailsSource()

@ -66,7 +70,18 @@ class SecurityConfiguration(
        it.authenticationDetailsSource(userAgentWebAuthenticationDetailsSource)
      }

-      .oauth2Login { oauth2 ->
+      .logout {
+        it.logoutUrl("/api/v1/users/logout")
+        it.deleteCookies("JSESSIONID")
+        it.invalidateHttpSession(true)
+      }
+
+      .sessionManagement()
+      .maximumSessions(10)
+      .sessionRegistry(sessionRegistry)
+
+    if (oauth2Enabled) {
+      http.oauth2Login { oauth2 ->
        oauth2.userInfoEndpoint {
          it.userService(oauth2UserService)
          it.oidcUserService(oidcUserService)
@ -83,16 +98,7 @@ class SecurityConfiguration(
            SimpleUrlAuthenticationFailureHandler(url).onAuthenticationFailure(request, response, exception)
          }
      }
-
-      .logout {
-        it.logoutUrl("/api/v1/users/logout")
-        it.deleteCookies("JSESSIONID")
-        it.invalidateHttpSession(true)
-      }
-
-      .sessionManagement()
-      .maximumSessions(10)
-      .sessionRegistry(sessionRegistry)
+    }

    if (!komgaProperties.rememberMe.key.isNullOrBlank()) {
      logger.info { "RememberMe is active, validity: ${komgaProperties.rememberMe.validity}s" }
--- a/komga/src/main/kotlin/org/gotson/komga/interfaces/rest/OAuth2Controller.kt
+++ b/komga/src/main/kotlin/org/gotson/komga/interfaces/rest/OAuth2Controller.kt
@ -8,12 +8,12 @@ import org.springframework.web.bind.annotation.RestController
@RestController
@RequestMapping("api/v1/oauth2", produces = [MediaType.APPLICATION_JSON_VALUE])
 class OAuth2Controller(
-  clientRegistrationRepository: InMemoryClientRegistrationRepository,
+  clientRegistrationRepository: InMemoryClientRegistrationRepository?,
 ) {

-  val registrationIds = clientRegistrationRepository.map {
+  val registrationIds = clientRegistrationRepository?.map {
    OAuth2ClientDto(it.clientName, it.registrationId)
-  }
+  } ?: emptyList()

  @RequestMapping("providers")
  fun getProviders() = registrationIds