[#3283] Ability to configure the auth entrypoint via properties

* Together with @dlebrero we managed to simplify the code and use `System.properties` (defined in `appengine-web.xml`) and override the default authentication entrypoint `oidc` with `gae`
akvo · Jan 16, 2020 · 9547b9d · 9547b9d
1 parent 90124f0
commit 9547b9d
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 55 deletions.
diff --git a/GAE/src/org/akvo/flow/rest/security/EntryPoint.java b/GAE/src/org/akvo/flow/rest/security/EntryPoint.java
diff --git a/GAE/war/WEB-INF/webapp-security.xml b/GAE/war/WEB-INF/webapp-security.xml
@@ -24,8 +24,8 @@
       <b:constructor-arg ref="oidcConfig"/>
    </b:bean>
 
-    <http use-expressions="true" entry-point-ref="defaultEntryPoint" authentication-manager-ref="authenticationManager"
-        access-decision-manager-ref="accessDecisionManager">
+   <http use-expressions="true" entry-point-ref="#{systemProperties['authEntryPoint'] ?: 'oidcEntryPoint'}"
+          authentication-manager-ref="authenticationManager" access-decision-manager-ref="accessDecisionManager">
         <headers>
             <frame-options policy="SAMEORIGIN" />
         </headers>
@@ -87,9 +87,4 @@
 
     <b:bean id="gaeAuthenticationProvider" class="org.akvo.flow.rest.security.google.GoogleAccountsAuthenticationProvider" />
 
-    <b:bean id="defaultEntryPoint" class="org.akvo.flow.rest.security.EntryPoint">
-        <b:constructor-arg ref="oidcEntryPoint"/> <!-- production -->
-        <b:constructor-arg ref="gaeEntryPoint"/> <!-- development -->
-    </b:bean>
-
 </b:beans>
diff --git a/tests/dev-appengine-web.xml b/tests/dev-appengine-web.xml
@@ -58,5 +58,6 @@
         <property name="serviceAccountId" value="sa-akvoflowsandbox@akvoflowsandbox.iam.gserviceaccount.com"/>
         <property name="hereMapsAppId" value="none"/>
         <property name="hereMapsAppCode" value="neither"/>
+        <property name="authEntryPoint" value="gaeEntryPoint"/>
     </system-properties>
 </appengine-web-app>