From c3aeb3204597c54d4f86a87346f2e8a2739968d1 Mon Sep 17 00:00:00 2001
From: Andreas Svanberg <andreass@dsv.su.se>
Date: Tue, 26 Nov 2024 13:07:45 +0100
Subject: [PATCH] Allow logging in with the default OAuth 2 principal
The default principal is "dev@localhost", if you run the system with the development profile (DEV) a user with sys-admin role will be created with that principal as username.
---
README.md | 5 +++++
core/src/main/java/se/su/dsv/scipro/DataInitializer.java | 4 ++++
2 files changed, 9 insertions(+)
diff --git a/README.md b/README.md
index 50ed89f290..6928e1b262 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,11 @@
The web GUI is protected by OAuth 2 log in. Run the Docker Compose containers with
`docker compose up` to start the authorization server to be able to log in.
+If you run SciPro in development mode (DEV profile) you will be able to log in
+as the "default" OAuth 2 user populated in the upper form. If you have other
+data in your database you will have to use the lower form and specify a valid
+username in the principal field.
+
## Working with the API
The API is protected by OAuth 2 acting as a [resource server](https://www.oauth.com/oauth2-servers/the-resource-server/)
verifying tokens using [token introspection](https://datatracker.ietf.org/doc/html/rfc7662).
diff --git a/core/src/main/java/se/su/dsv/scipro/DataInitializer.java b/core/src/main/java/se/su/dsv/scipro/DataInitializer.java
index 762ea0c32a..206f95305d 100644
--- a/core/src/main/java/se/su/dsv/scipro/DataInitializer.java
+++ b/core/src/main/java/se/su/dsv/scipro/DataInitializer.java
@@ -200,6 +200,10 @@ public class DataInitializer implements Lifecycle {
admin.addRole(Roles.SYSADMIN);
createBeta(admin);
passwordService.updatePassword(admin, "aey7ru8aefei0jaW2wo9eX8EiShi0aan");
+ Username defaultOAuth2Principal = new Username();
+ defaultOAuth2Principal.setUsername("dev@localhost");
+ defaultOAuth2Principal.setUser(admin);
+ save(defaultOAuth2Principal);
}
private void createBeta(User user) {