Merge pull request #18 from IDSIA/dev

Version 1.6

AdapQuestBackend/pom.xml

@@ -1,22 +1,18 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xmlns="http://maven.apache.org/POM/4.0.0"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+		 xmlns="http://maven.apache.org/POM/4.0.0"
+		 xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 	<parent>
 		<artifactId>adapquest</artifactId>
 		<groupId>ch.idsia.adaptive</groupId>
-		<version>1.5</version>
+		<version>1.6-SNAPSHOT</version>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
 
 	<artifactId>adapquest-backend</artifactId>
 
 	<name>AdapQuestBackend</name>
 
-	<properties>
-		<spring.version>2.5.5</spring.version>
-	</properties>
-
 	<build>
 		<plugins>
 			<plugin>
@@ -53,7 +49,15 @@
 				<!-- Import dependency management from Spring Boot -->
 				<groupId>org.springframework.boot</groupId>
 				<artifactId>spring-boot-dependencies</artifactId>
-				<version>${spring.version}</version>
+				<version>2.7.3</version>
+				<type>pom</type>
+				<scope>import</scope>
+			</dependency>
+
+			<dependency>
+				<groupId>org.keycloak.bom</groupId>
+				<artifactId>keycloak-adapter-bom</artifactId>
+				<version>16.1.1</version>
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>
@@ -119,12 +123,18 @@
 		<dependency>
 			<groupId>org.hibernate</groupId>
 			<artifactId>hibernate-core</artifactId>
-			<version>5.5.7.Final</version>
+			<version>5.6.10.Final</version>
 		</dependency>
 		<dependency>
 			<groupId>org.hibernate</groupId>
 			<artifactId>hibernate-entitymanager</artifactId>
-			<version>5.5.7.Final</version>
+			<version>5.6.10.Final</version>
+		</dependency>
+
+		<!-- https://mvnrepository.com/artifact/org.keycloak/keycloak-spring-boot-starter -->
+		<dependency>
+			<groupId>org.keycloak</groupId>
+			<artifactId>keycloak-spring-boot-starter</artifactId>
 		</dependency>
 
 		<!-- https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-quartz - ->
@@ -162,19 +172,19 @@
 		<dependency>
 			<groupId>com.h2database</groupId>
 			<artifactId>h2</artifactId>
-			<version>1.4.200</version>
+			<version>2.1.214</version>
 		</dependency>
 		<!-- https://mvnrepository.com/artifact/org.postgresql/postgresql -->
 		<dependency>
 			<groupId>org.postgresql</groupId>
 			<artifactId>postgresql</artifactId>
-			<version>42.3.1</version>
+			<version>42.5.0</version>
 		</dependency>
 		<!-- https://mvnrepository.com/artifact/mysql/mysql-connector-java -->
 		<dependency>
 			<groupId>mysql</groupId>
 			<artifactId>mysql-connector-java</artifactId>
-			<version>8.0.25</version>
+			<version>8.0.30</version>
 		</dependency>
 
 		<!-- https://mvnrepository.com/artifact/org.apache.commons/commons-math3 -->
@@ -201,13 +211,13 @@
 		<dependency>
 			<groupId>org.apache.poi</groupId>
 			<artifactId>poi</artifactId>
-			<version>5.0.0</version>
+			<version>5.2.2</version>
 		</dependency>
 		<dependency>
 			<groupId>org.apache.poi</groupId>
 			<artifactId>poi-ooxml</artifactId>
-			<version>5.0.0</version>
+			<version>5.2.2</version>
 		</dependency>
 	</dependencies>
 
-</project>
+</project>

AdapQuestBackend/src/main/java/ch/idsia/adaptive/backend/config/ActiveRoutesInterceptor.java

@@ -0,0 +1,42 @@
+package ch.idsia.adaptive.backend.config;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public class ActiveRoutesInterceptor implements HandlerInterceptor {
+    private static final Logger logger = LoggerFactory.getLogger(ActiveRoutesInterceptor.class);
+
+    @Value("${adapquest.controller.assistant}")
+    private boolean assistant = true;
+    @Value("${adapquest.controller.console}")
+    private boolean console = true;
+    @Value("${adapquest.controller.dashboard}")
+    private boolean dashboard = true;
+    @Value("${adapquest.controller.demo}")
+    private boolean demo = true;
+    @Value("${adapquest.controller.experiments}")
+    private boolean experiments = true;
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        final String path = request.getServletPath();
+
+        if (path.contains("/assistant"))
+            return assistant;
+        if (path.contains("/console"))
+            return console;
+        if (path.contains("/dashboard"))
+            return dashboard;
+        if (path.contains("/demo"))
+            return demo;
+        if (path.contains("/experiments"))
+            return experiments;
+
+        return HandlerInterceptor.super.preHandle(request, response, handler);
+    }
+}

AdapQuestBackend/src/main/java/ch/idsia/adaptive/backend/config/KeycloakConfig.java

@@ -0,0 +1,17 @@
+package ch.idsia.adaptive.backend.config;
+
+import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+@ConditionalOnProperty(name = "keycloak.enabled", havingValue = "true")
+public class KeycloakConfig {
+
+	@Bean
+	public KeycloakSpringBootConfigResolver keycloakConfigResolver() {
+		return new KeycloakSpringBootConfigResolver();
+	}
+
+}

AdapQuestBackend/src/main/java/ch/idsia/adaptive/backend/config/SecurityConfig.java

@@ -8,6 +8,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.AutoConfigureAfter;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -25,6 +26,7 @@
 @Configuration
 @EnableWebSecurity
 @AutoConfigureAfter(PersistenceConfig.class)
+@ConditionalOnProperty(name = "keycloak.enabled", havingValue = "false")
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 	private static final Logger logger = LoggerFactory.getLogger(WebSecurityConfigurerAdapter.class);
 

AdapQuestBackend/src/main/java/ch/idsia/adaptive/backend/config/SecurityKeycloakConfig.java

@@ -0,0 +1,62 @@
+package ch.idsia.adaptive.backend.config;
+
+import org.keycloak.adapters.springsecurity.KeycloakConfiguration;
+import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider;
+import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.autoconfigure.AutoConfigureAfter;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
+import org.springframework.security.core.session.SessionRegistryImpl;
+import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
+import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
+
+@KeycloakConfiguration
+@AutoConfigureAfter(SecurityConfig.class)
+@ConditionalOnProperty(name = "keycloak.enabled", havingValue = "true")
+class SecurityKeycloakConfig extends KeycloakWebSecurityConfigurerAdapter {
+	private static final Logger logger = LoggerFactory.getLogger(SecurityKeycloakConfig.class);
+
+	@Value("${adapquest.keycloak.role}")
+	private String role = "user";
+
+	@Value("${adapquest.keycloak.admin}")
+	private String admin = "admin";
+
+	@Autowired
+	public void configureGlobal(AuthenticationManagerBuilder auth) {
+		final SimpleAuthorityMapper simpleAuthorityMapper = new SimpleAuthorityMapper();
+		simpleAuthorityMapper.setPrefix("ROLE_");
+		simpleAuthorityMapper.setConvertToUpperCase(true);
+
+		final KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
+		keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(simpleAuthorityMapper);
+		auth.authenticationProvider(keycloakAuthenticationProvider);
+	}
+
+	@Bean
+	@Override
+	protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
+		return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
+	}
+
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		super.configure(http);
+		http.authorizeRequests()
+				.antMatchers("/", "/css/**", "/webjars/**", "/img/**").permitAll()
+				.and()
+				.authorizeRequests()
+				.antMatchers("/demo**", "/survey**").hasRole(role)
+				.antMatchers("/console*").hasRole(admin)
+				.anyRequest()
+				.authenticated();
+		;
+	}
+}

AdapQuestBackend/src/main/java/ch/idsia/adaptive/backend/config/WebConfig.java

@@ -2,10 +2,7 @@
 
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.MediaType;
-import org.springframework.web.servlet.config.annotation.ContentNegotiationConfigurer;
-import org.springframework.web.servlet.config.annotation.EnableWebMvc;
-import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import org.springframework.web.servlet.config.annotation.*;
 
 /**
  * Author:  Claudio "Dna" Bonesana
@@ -34,4 +31,9 @@ public void configureContentNegotiation(ContentNegotiationConfigurer configurer)
 				.defaultContentType(MediaType.APPLICATION_JSON)
 				.mediaType("json", MediaType.APPLICATION_JSON);
 	}
+
+	@Override
+	public void addInterceptors(final InterceptorRegistry registry) {
+		registry.addInterceptor(new ActiveRoutesInterceptor());
+	}
 }

AdapQuestBackend/src/main/java/ch/idsia/adaptive/backend/controller/HomeController.java

@@ -34,10 +34,10 @@ public String home(Model model) {
 		model.addAttribute("demo", demo);
 		model.addAttribute("experiments", experiments);
 
-		logger.info("assistant flag={}", assistant);
-		logger.info("dashboard flag={}", dashboard);
-		logger.info("demo flag={}", demo);
-		logger.info("experiments flag={}", experiments);
+		logger.debug("assistant flag={}", assistant);
+		logger.debug("dashboard flag={}", dashboard);
+		logger.debug("demo flag={}", demo);
+		logger.debug("experiments flag={}", experiments);
 
 		return "home";
 	}

AdapQuestBackend/src/main/java/ch/idsia/adaptive/backend/controller/SurveyController.java

@@ -12,18 +12,23 @@
 import ch.idsia.adaptive.backend.services.SurveyManagerService;
 import ch.idsia.adaptive.backend.services.commons.SurveyException;
 import ch.idsia.adaptive.backend.utils.Convert;
+import org.keycloak.KeycloakPrincipal;
+import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
+import org.keycloak.representations.IDToken;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
 
 import javax.persistence.EntityManagerFactory;
 import javax.servlet.http.HttpServletRequest;
 import javax.transaction.Transactional;
+import java.security.Principal;
 import java.util.*;
 import java.util.stream.Collectors;
 

AdapQuestBackend/src/main/java/ch/idsia/adaptive/backend/persistence/dao/SurveyRepository.java

@@ -20,6 +20,6 @@ public interface SurveyRepository extends CrudRepository<Survey, Long> {
 	@Query("SELECT accessCode FROM Survey")
 	Collection<String> findAllAccessCodes();
 
-	@Query("SELECT accessCode FROM Survey WHERE isAdaptive = 1")
+	@Query("SELECT accessCode FROM Survey WHERE isAdaptive = true")
 	Collection<String> findAllAccessCodesAdaptive();
 }

AdapQuestBackend/src/main/java/ch/idsia/adaptive/backend/persistence/model/Session.java

@@ -49,6 +49,11 @@ public class Session {
 	 */
 	private String accessCode;
 
+	/**
+	 * Group id from keaycloak (if used).
+	 */
+	private String groupId;
+
 	/**
 	 * When this session started. This is also used as a seed for the randomness.
 	 */