Compare commits
No commits in common. "develop" and "about-and-progress-bar" have entirely different histories.
develop
...
about-and-
compose-oauth.yamlcompose.yaml
src
main
java/se/su/dsv/seshat
resources
test/java/se/su/dsv/seshat
@ -1,12 +0,0 @@
|
||||
services:
|
||||
oauth2:
|
||||
build:
|
||||
context: https://gitea.dsv.su.se/DMC/oauth2-authorization-server.git#20cd09737d4c57bc1ee8098637cbad1a618bf49e
|
||||
|
||||
ports:
|
||||
- '51337:8080'
|
||||
environment:
|
||||
- CLIENT_ID=seshat
|
||||
- CLIENT_SECRET=n0tS3cr3t
|
||||
- CLIENT_REDIRECT_URI=http://localhost:8181/login/oauth2/code/seshat
|
||||
- CLIENT_SCOPES=openid email profile
|
||||
13
compose.yaml
13
compose.yaml
@ -11,8 +11,17 @@ services:
|
||||
volumes:
|
||||
- mariadb_data:/var/lib/mysql
|
||||
|
||||
include:
|
||||
- compose-oauth.yaml
|
||||
oauth2:
|
||||
build:
|
||||
context: https://github.com/dsv-su/toker.git
|
||||
dockerfile: embedded.Dockerfile
|
||||
|
||||
ports:
|
||||
- '51337:8080'
|
||||
environment:
|
||||
- CLIENT_ID=seshat
|
||||
- CLIENT_SECRET=n0tS3cr3t
|
||||
- CLIENT_REDIRECT_URI=http://localhost:8181/login/oauth2/code/seshat
|
||||
|
||||
volumes:
|
||||
mariadb_data:
|
||||
|
||||
@ -1,42 +0,0 @@
|
||||
package se.su.dsv.seshat;
|
||||
|
||||
import org.springframework.core.convert.converter.Converter;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.RequestEntity;
|
||||
import org.springframework.security.oauth2.client.registration.ClientRegistration;
|
||||
import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
|
||||
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
||||
import org.springframework.util.LinkedMultiValueMap;
|
||||
import org.springframework.util.MultiValueMap;
|
||||
import org.springframework.web.util.UriComponentsBuilder;
|
||||
|
||||
import java.net.URI;
|
||||
import java.util.Collections;
|
||||
|
||||
public class TokenIntrospectionRequestEntityConverter implements Converter<OAuth2UserRequest, RequestEntity<?>> {
|
||||
private static final MediaType FORM_URL_ENCODED = MediaType.valueOf(
|
||||
MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8"
|
||||
);
|
||||
|
||||
@Override
|
||||
public RequestEntity<?> convert(OAuth2UserRequest userRequest) {
|
||||
ClientRegistration clientRegistration = userRequest.getClientRegistration();
|
||||
|
||||
URI uri = UriComponentsBuilder.fromUriString(
|
||||
clientRegistration.getProviderDetails().getUserInfoEndpoint().getUri()
|
||||
)
|
||||
.build()
|
||||
.toUri();
|
||||
|
||||
HttpHeaders headers = new HttpHeaders();
|
||||
headers.setBasicAuth(clientRegistration.getClientId(), clientRegistration.getClientSecret());
|
||||
headers.setAccept(Collections.singletonList(MediaType.ALL));
|
||||
headers.setContentType(FORM_URL_ENCODED);
|
||||
|
||||
MultiValueMap<String, String> formParameters = new LinkedMultiValueMap<>();
|
||||
formParameters.add(OAuth2ParameterNames.TOKEN, userRequest.getAccessToken().getTokenValue());
|
||||
return new RequestEntity<>(formParameters, headers, HttpMethod.POST, uri);
|
||||
}
|
||||
}
|
||||
@ -1,25 +0,0 @@
|
||||
package se.su.dsv.seshat.configuration;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
|
||||
import se.su.dsv.seshat.TokenIntrospectionRequestEntityConverter;
|
||||
|
||||
@Configuration
|
||||
public class SeshatConfiguration {
|
||||
|
||||
// Stop gap measure to switch to Token Introspection instead of OIDC UserInfo
|
||||
// endpoint. This is necessary because the UserInfo endpoint will in soon require
|
||||
// the "openid" scope, which is not granted to our clients. Unfortunately we can't
|
||||
// request the scope because that makes Spring require an id token in the token
|
||||
// exchange which is not granted at the moment.
|
||||
//
|
||||
// Once a new authorization server is in place we can remove this bean and use
|
||||
// straight up id tokens with "openid" scope.
|
||||
@Bean
|
||||
public DefaultOAuth2UserService defaultOAuth2UserService() {
|
||||
DefaultOAuth2UserService defaultOAuth2UserService = new DefaultOAuth2UserService();
|
||||
defaultOAuth2UserService.setRequestEntityConverter(new TokenIntrospectionRequestEntityConverter());
|
||||
return defaultOAuth2UserService;
|
||||
}
|
||||
}
|
||||
@ -10,12 +10,9 @@ import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.annotation.AuthenticationPrincipal;
|
||||
import org.springframework.security.oauth2.core.user.OAuth2User;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
@ -186,11 +183,6 @@ public class FileController {
|
||||
return "redirect:/files/manage";
|
||||
}
|
||||
|
||||
@ModelAttribute("displayName")
|
||||
public String getDisplayName(@AuthenticationPrincipal OAuth2User oauth2User) {
|
||||
return oauth2User.getAttribute("name");
|
||||
}
|
||||
|
||||
private static List<FileMetadata> getFileUploadStatuses(List<FileMetadata> uploaded) {
|
||||
return uploaded.stream()
|
||||
.filter(file -> file.getJobStatus() != null)
|
||||
|
||||
@ -25,7 +25,7 @@ public class AppUser {
|
||||
@Column(nullable = false, unique = true)
|
||||
private String username;
|
||||
|
||||
@Column(nullable = false)
|
||||
@Column(nullable = false, unique = true)
|
||||
private String email;
|
||||
|
||||
@Column(nullable = false)
|
||||
|
||||
@ -12,7 +12,6 @@ import org.springframework.security.web.authentication.AuthenticationSuccessHand
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Objects;
|
||||
|
||||
@Service
|
||||
public class CustomOAuth2loginSuccessHandler implements AuthenticationSuccessHandler {
|
||||
@ -33,13 +32,11 @@ public class CustomOAuth2loginSuccessHandler implements AuthenticationSuccessHan
|
||||
|
||||
String username = oAuth2User.getName();
|
||||
// If the user does not have an email, set it to "no-email". We will not send any eamil notifications to this user.
|
||||
String email = Objects.requireNonNullElse(oAuth2User.getAttribute("email"), "no-email");
|
||||
String email = oAuth2User.getAttribute("mail") != null ? oAuth2User.getAttribute("mail") : "no-email";
|
||||
|
||||
|
||||
if(!userService.existsByUsername(username)) {
|
||||
if(!userService.existsByUsername(oAuth2User.getAttribute("principal"))) {
|
||||
userService.registerUser(username, email);
|
||||
} else {
|
||||
userService.updateEmail(username, email);
|
||||
}
|
||||
response.sendRedirect(redirectUrl);
|
||||
}
|
||||
|
||||
@ -17,6 +17,9 @@ public class UserService {
|
||||
if (appUserRepository.existsByUsername(username)) {
|
||||
throw new IllegalArgumentException("Username already exists");
|
||||
}
|
||||
if (appUserRepository.existsByEmail(email)) {
|
||||
throw new IllegalArgumentException("Email already exists");
|
||||
}
|
||||
|
||||
AppUser newUser = new AppUser(username, email, "USER");
|
||||
appUserRepository.save(newUser);
|
||||
@ -27,18 +30,6 @@ public class UserService {
|
||||
.orElseThrow(() -> new IllegalArgumentException("User not found"));
|
||||
}
|
||||
|
||||
public void updateEmail(String username, String newEmail) {
|
||||
AppUser user = appUserRepository.findByUsername(username)
|
||||
.orElseThrow(() -> new IllegalArgumentException("User not found"));
|
||||
|
||||
if(newEmail.equalsIgnoreCase("no-email")) {
|
||||
return;
|
||||
}
|
||||
|
||||
user.setEmail(newEmail);
|
||||
appUserRepository.save(user);
|
||||
}
|
||||
|
||||
public boolean existsByUsername(String username) {
|
||||
return appUserRepository.existsByUsername(username);
|
||||
}
|
||||
|
||||
@ -30,11 +30,12 @@ spring.jpa.hibernate.ddl-auto=update
|
||||
spring.jpa.show-sql=false
|
||||
|
||||
# OAuth2 properties, remember if you change the registration.provider the provider properties must be updated
|
||||
spring.security.oauth2.client.provider.docker.issuer-uri=http://localhost:51337
|
||||
|
||||
spring.security.oauth2.client.provider.docker.authorization-uri=http://localhost:51337/authorize
|
||||
spring.security.oauth2.client.provider.docker.token-uri=http://localhost:51337/exchange
|
||||
spring.security.oauth2.client.provider.docker.user-info-uri=http://localhost:51337/verify
|
||||
spring.security.oauth2.client.provider.docker.user-name-attribute=sub
|
||||
spring.security.oauth2.client.registration.seshat.client-id=seshat
|
||||
spring.security.oauth2.client.registration.seshat.client-secret=n0tS3cr3t
|
||||
spring.security.oauth2.client.registration.seshat.authorization-grant-type=authorization_code
|
||||
spring.security.oauth2.client.registration.seshat.provider=docker
|
||||
spring.security.oauth2.client.registration.seshat.redirect-uri={baseUrl}/login/oauth2/code/{registrationId}
|
||||
spring.security.oauth2.client.registration.seshat.scope=openid,profile,email
|
||||
spring.security.oauth2.client.registration.seshat.redirect-uri={baseUrl}/login/oauth2/code/{registrationId}
|
||||
@ -3,7 +3,7 @@
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<title>Seshat Audio Transcriber</title>
|
||||
<title>Seshat Auido Transcriber</title>
|
||||
<link th:rel="stylesheet" th:href="@{/3p/bootstrap-5.3.3-dist/css/bootstrap.min.css}" />
|
||||
<link th:rel="stylesheet" th:href="@{/3p/bootstrap-icons-1.11.3/font/bootstrap-icons.min.css}" />
|
||||
<link th:rel="stylesheet" th:href="@{/css/styles.css}" />
|
||||
@ -33,10 +33,8 @@
|
||||
<main class="container mt-4">
|
||||
<h2>About Seshat Audio Transcriber</h2>
|
||||
<p>This tool allows you to upload audio files and transcribe them into text using whisperAI.</p>
|
||||
<p>The application runs a local instance of <a href="https://github.com/openai/whisper" target="_blank">Whisper AI</a>,
|
||||
using the turbo model on one NVIDIA RTX A4000 graphics card.</p>
|
||||
<p>All processing is done locally at the Department of Computer and Systems Sciences (DSV), Stockholm University, Sweden.
|
||||
<br>No information is transmitted to external servers or cloud services, ensuring your privacy and data security.</p>
|
||||
<p>The application runs a local instance of <a href="https://github.com/openai/whisper" target="_blank">Whisper AI</a>, using the turbo model on one NVIDIA RTX A4000 graphics card.</p>
|
||||
<p>All processing is done locally, and no data is sent to the cloud, ensuring your privacy and data security.</p>
|
||||
</main>
|
||||
<footer class="bg-primary text-white py-4">
|
||||
<div class="container">
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<title>Seshat Audio Transcriber</title>
|
||||
<title>Seshat Auido Transcriber</title>
|
||||
<link th:rel="stylesheet" th:href="@{/3p/bootstrap-5.3.3-dist/css/bootstrap.min.css}" />
|
||||
<link th:rel="stylesheet" th:href="@{/3p/bootstrap-icons-1.11.3/font/bootstrap-icons.min.css}" />
|
||||
<link th:rel="stylesheet" th:href="@{/css/styles.css}" />
|
||||
@ -17,7 +17,7 @@
|
||||
<a class="user-menu text-white text-decoration-none dropdown-toggle" href="#" id="userMenu" role="button"
|
||||
data-bs-toggle="dropdown" aria-expanded="false">
|
||||
<i class="bi bi-person-circle"></i>
|
||||
<span th:text="${displayName}">Username</span>
|
||||
<span th:text="${#authentication.getName()}">Username</span>
|
||||
</a>
|
||||
<ul class="dropdown-menu dropdown-menu-end" aria-labelledby="userMenu">
|
||||
<li><a class="dropdown-item" th:href="@{/logout}">Logout</a></li>
|
||||
|
||||
@ -3,21 +3,11 @@ package se.su.dsv.seshat;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.boot.testcontainers.service.connection.ServiceConnection;
|
||||
import org.testcontainers.containers.ComposeContainer;
|
||||
import org.testcontainers.containers.GenericContainer;
|
||||
import org.testcontainers.junit.jupiter.Container;
|
||||
import org.testcontainers.junit.jupiter.Testcontainers;
|
||||
|
||||
import java.io.File;
|
||||
|
||||
@Testcontainers
|
||||
@SpringBootTest
|
||||
class SeshatApplicationTests {
|
||||
@ServiceConnection
|
||||
private static org.testcontainers.containers.MariaDBContainer<?> dbContainer = new org.testcontainers.containers.MariaDBContainer<>("mariadb:10.11");
|
||||
|
||||
@Container
|
||||
private static ComposeContainer oauth2Container = new ComposeContainer(new File("compose-oauth.yaml"));
|
||||
@Test
|
||||
void contextLoads() {
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user