migrate from CAS to Oauth2-JWT Auth (#197)

Co-authored-by: Michael Hoennig <michael@hoennig.de> Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/197 Reviewed-by: Marc Sandlus <marc.sandlus@hostsharing.net>
2025-09-08 15:27:28 +02:00
parent bc06001ce9
commit d7a78d0a79
125 changed files with 1537 additions and 1549 deletions
@@ -54,12 +54,16 @@ spring:
    liquibase:
        contexts: ${spring.profiles.active}

+    security:
+        oauth2:
+            resourceserver:
+                jwt:
+                    issuer-uri: ${HSADMINNG_JWT_ISSUER:}
+                    jwk-set-uri: ${HSADMINNG_JWT_JWKS_URL:}
+
 hsadminng:
    postgres:
        leakproof:
-    cas:
-        server: https://login.hostsharing.net/cas # use empty string to bypass CAS-validation and directly use current-subject
-        service: https://hsadminng.hostsharing.net:443 # TODO.conf: deployment target + matching CAS service ID

 metrics:
    distribution:
@@ -78,3 +82,17 @@ logging:
 # HOWTO configure logging, e.g. logging to a separate file, see:
 #   https://docs.spring.io/spring-boot/reference/features/logging.html

+---
+
+spring:
+    config:
+        activate:
+            on-profile: fake-jwt
+    security:
+        oauth2:
+            resourceserver:
+                jwt:
+                    issuer-uri: "http://localhost:${server.port}/fake-jwt"
+                    jwk-set-uri: "http://localhost:${server.port}/fake-jwt/.well-known/jwks.json"
+
+