inteligr8/auth-activiti-app-ext
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

removed Bootstrapper in favor of multiext

Browse Source
This commit is contained in:
Brian Long
2025-05-05 11:17:40 -04:00
parent dde6dbcdb0
commit 790836194e
4 changed files with 334 additions and 362 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@@ -29,6 +29,10 @@ grant codeBase "file:${catalina.base}/ext/-" {
} }
``` ```
### Dependencies
This extension requires the [`multiext-activiti-app-ext`](https://git.inteligr8.com/inteligr8/multiext-activiti-app-ext). Without it, APS will fail to startup. It is very small and requires no additional configuration.
## Support Matrix ## Support Matrix
| Auth Activiti App Extension | Activiti App | | Auth Activiti App Extension | Activiti App |

590
pom.xml
View File

@@ -1,295 +1,295 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" <project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"> xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion> <modelVersion>4.0.0</modelVersion>
<groupId>com.inteligr8.activiti</groupId> <groupId>com.inteligr8.activiti</groupId>
<artifactId>auth-activiti-app-ext</artifactId> <artifactId>auth-activiti-app-ext</artifactId>
<version>2.0-SNAPSHOT</version> <version>2.0-SNAPSHOT</version>
<name>Authentication &amp; Authorization for APS</name> <name>Authentication &amp; Authorization for APS</name>
<description>An Alfresco Process Service App extension providing improved authentication and authorization support.</description> <description>An Alfresco Process Service App extension providing improved authentication and authorization support.</description>
<url>https://git.inteligr8.com/inteligr8/auth-activiti-app-ext</url> <url>https://git.inteligr8.com/inteligr8/auth-activiti-app-ext</url>
<licenses> <licenses>
<license> <license>
<name>GNU GENERAL PUBLIC LICENSE, Version 3, 29 June 2007</name> <name>GNU GENERAL PUBLIC LICENSE, Version 3, 29 June 2007</name>
<url>https://www.gnu.org/licenses/lgpl-3.0.txt</url> <url>https://www.gnu.org/licenses/lgpl-3.0.txt</url>
</license> </license>
</licenses> </licenses>
<scm> <scm>
<connection>scm:git:https://git.inteligr8.com/inteligr8/auth-activiti-app-ext.git</connection> <connection>scm:git:https://git.inteligr8.com/inteligr8/auth-activiti-app-ext.git</connection>
<developerConnection>scm:git:git@git.inteligr8.com:inteligr8/auth-activiti-app-ext.git</developerConnection> <developerConnection>scm:git:git@git.inteligr8.com:inteligr8/auth-activiti-app-ext.git</developerConnection>
<url>https://git.inteligr8.com/inteligr8/auth-activiti-app-ext</url> <url>https://git.inteligr8.com/inteligr8/auth-activiti-app-ext</url>
</scm> </scm>
<organization> <organization>
<name>Inteligr8</name> <name>Inteligr8</name>
<url>https://www.inteligr8.com</url> <url>https://www.inteligr8.com</url>
</organization> </organization>
<developers> <developers>
<developer> <developer>
<id>brian.long</id> <id>brian.long</id>
<name>Brian Long</name> <name>Brian Long</name>
<email>brian@inteligr8.com</email> <email>brian@inteligr8.com</email>
<url>https://twitter.com/brianmlong</url> <url>https://twitter.com/brianmlong</url>
</developer> </developer>
</developers> </developers>
<properties> <properties>
<maven.compiler.source>17</maven.compiler.source> <maven.compiler.source>17</maven.compiler.source>
<maven.compiler.target>17</maven.compiler.target> <maven.compiler.target>17</maven.compiler.target>
<maven.compiler.release>17</maven.compiler.release> <maven.compiler.release>17</maven.compiler.release>
<aps.version>25.1.1</aps.version> <aps.version>25.1.1</aps.version>
<!-- for RAD --> <!-- for RAD -->
<tomcat-rad.version>10-2.2</tomcat-rad.version> <tomcat-rad.version>10-2.2</tomcat-rad.version>
<aps.tomcat.opts.base>-Dspring.main.allow-circular-references=true \ <aps.tomcat.opts.base>-Dspring.main.allow-circular-references=true \
-Dhibernate.dialect=org.hibernate.dialect.PostgreSQLDialect \ -Dhibernate.dialect=org.hibernate.dialect.PostgreSQLDialect \
-Dauth-ext.oauth.enabled=true \ -Dauth-ext.oauth.enabled=true \
-Dauth-ext.external.id=keycloak \ -Dauth-ext.external.id=keycloak \
-Dauth-ext.sync.group.translate.patterns=aps-admin \ -Dauth-ext.sync.group.translate.patterns=aps-admin \
-Dauth-ext.sync.group.translate.replacements=Superusers \ -Dauth-ext.sync.group.translate.replacements=Superusers \
-Dauth-ext.group.admins.validate=true</aps.tomcat.opts.base> -Dauth-ext.group.admins.validate=true</aps.tomcat.opts.base>
<aps.timeout>120000</aps.timeout> <aps.timeout>120000</aps.timeout>
<keycloak.realm>my-app</keycloak.realm> <keycloak.realm>my-app</keycloak.realm>
<oauth.client.id>aps-app-public</oauth.client.id> <oauth.client.id>aps-app-public</oauth.client.id>
<oauth.client.secret></oauth.client.secret> <oauth.client.secret></oauth.client.secret>
</properties> </properties>
<dependencies> <dependencies>
<!-- Needed for Activiti App Identity Service inheritance/override --> <!-- Needed for Activiti App Identity Service inheritance/override -->
<!-- includes activiti-app-logic for API --> <!-- includes activiti-app-logic for API -->
<dependency> <dependency>
<groupId>com.activiti</groupId> <groupId>com.activiti</groupId>
<artifactId>activiti-app</artifactId> <artifactId>activiti-app</artifactId>
<version>${aps.version}</version> <version>${aps.version}</version>
<classifier>classes</classifier> <classifier>classes</classifier>
<scope>provided</scope> <scope>provided</scope>
<exclusions> <exclusions>
<!-- not necessary to download for building --> <!-- not necessary to download for building -->
<exclusion> <exclusion>
<groupId>com.activiti</groupId> <groupId>com.activiti</groupId>
<artifactId>aspose-transformation</artifactId> <artifactId>aspose-transformation</artifactId>
</exclusion> </exclusion>
<exclusion> <exclusion>
<groupId>org.alfresco.officeservices</groupId> <groupId>org.alfresco.officeservices</groupId>
<artifactId>aoservices</artifactId> <artifactId>aoservices</artifactId>
</exclusion> </exclusion>
<!-- very old and overrides real spring version --> <!-- very old and overrides real spring version -->
<exclusion> <exclusion>
<groupId>com.ryantenney.metrics</groupId> <groupId>com.ryantenney.metrics</groupId>
<artifactId>metrics-spring</artifactId> <artifactId>metrics-spring</artifactId>
</exclusion> </exclusion>
<exclusion> <exclusion>
<groupId>org.springframework.security.oauth</groupId> <groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId> <artifactId>spring-security-oauth2</artifactId>
</exclusion> </exclusion>
<exclusion> <exclusion>
<groupId>org.springframework.security.oauth.boot</groupId> <groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId> <artifactId>spring-security-oauth2-autoconfigure</artifactId>
</exclusion> </exclusion>
</exclusions> </exclusions>
</dependency> </dependency>
</dependencies> </dependencies>
<build> <build>
<plugins> <plugins>
<plugin> <plugin>
<groupId>io.repaint.maven</groupId> <groupId>io.repaint.maven</groupId>
<artifactId>tiles-maven-plugin</artifactId> <artifactId>tiles-maven-plugin</artifactId>
<version>2.40</version> <version>2.40</version>
<extensions>true</extensions> <extensions>true</extensions>
<configuration> <configuration>
<tiles> <tiles>
<!-- Documentation: https://bitbucket.org/inteligr8/ootbee-beedk/src/stable/beedk-aps-ext-rad-tile --> <!-- Documentation: https://bitbucket.org/inteligr8/ootbee-beedk/src/stable/beedk-aps-ext-rad-tile -->
<!-- <!--
<tile>com.inteligr8.ootbee:beedk-aps-ext-rad-tile:[1.1.0,2.0.0)</tile> <tile>com.inteligr8.ootbee:beedk-aps-ext-rad-tile:[1.1.0,2.0.0)</tile>
--> -->
<tile>com.inteligr8.ootbee:beedk-aps-ext-rad-tile:1.1-SNAPSHOT</tile> <tile>com.inteligr8.ootbee:beedk-aps-ext-rad-tile:1.1-SNAPSHOT</tile>
</tiles> </tiles>
</configuration> </configuration>
</plugin> </plugin>
</plugins> </plugins>
</build> </build>
<profiles> <profiles>
<profile> <profile>
<id>activiti-oauth-confidential</id> <id>activiti-oauth-confidential</id>
<activation> <activation>
<property> <property>
<name>secret</name> <name>secret</name>
</property> </property>
</activation> </activation>
<properties> <properties>
<oauth.client.id>aps-app-confidential</oauth.client.id> <oauth.client.id>aps-app-confidential</oauth.client.id>
<oauth.client.secret>a-secret</oauth.client.secret> <oauth.client.secret>a-secret</oauth.client.secret>
</properties> </properties>
</profile> </profile>
<profile> <profile>
<id>activiti-oauth-legacy</id> <id>activiti-oauth-legacy</id>
<activation> <activation>
<property> <property>
<name>rad</name> <name>rad</name>
<value>!spring</value> <value>!spring</value>
</property> </property>
</activation> </activation>
<properties> <properties>
<aps.tomcat.opts>${aps.tomcat.opts.base} \ <aps.tomcat.opts>${aps.tomcat.opts.base} \
-Dactiviti.identity-service.enabled=true \ -Dactiviti.identity-service.enabled=true \
-Dactiviti.identity-service.realm=${keycloak.realm} \ -Dactiviti.identity-service.realm=${keycloak.realm} \
-Dactiviti.identity-service.auth-server-url=http://host.docker.internal:${keycloak.server.port} \ -Dactiviti.identity-service.auth-server-url=http://host.docker.internal:${keycloak.server.port} \
-Dactiviti.identity-service.resource=${oauth.client.id} \ -Dactiviti.identity-service.resource=${oauth.client.id} \
-Dactiviti.identity-service.credentials.secret=${oauth.client.secret} \ -Dactiviti.identity-service.credentials.secret=${oauth.client.secret} \
-Dactiviti.use-browser-based-logout=true \ -Dactiviti.use-browser-based-logout=true \
-Dalfresco.content.sso.redirect_uri=http://loalhost:8080/activiti-app/app/rest/integration/sso/confirm-auth-request</aps.tomcat.opts> -Dalfresco.content.sso.redirect_uri=http://loalhost:8080/activiti-app/app/rest/integration/sso/confirm-auth-request</aps.tomcat.opts>
</properties> </properties>
</profile> </profile>
<profile> <profile>
<id>activiti-oauth-spring</id> <id>activiti-oauth-spring</id>
<activation> <activation>
<property> <property>
<name>rad</name> <name>rad</name>
<value>spring</value> <value>spring</value>
</property> </property>
</activation> </activation>
<properties> <properties>
<aps.tomcat.opts>${aps.tomcat.opts.base} \ <aps.tomcat.opts>${aps.tomcat.opts.base} \
-Dsecurity.oauth2.authentication.enabled=true \ -Dsecurity.oauth2.authentication.enabled=true \
-Dsecurity.oauth2.client.registration.my-app.client-id=${oauth.client.id} \ -Dsecurity.oauth2.client.registration.my-app.client-id=${oauth.client.id} \
-Dsecurity.oauth2.client.registration.my-app.client-secret=${oauth.client.secret} \ -Dsecurity.oauth2.client.registration.my-app.client-secret=${oauth.client.secret} \
-Dsecurity.oauth2.client.registration.my-app.provider=aps-app \ -Dsecurity.oauth2.client.registration.my-app.provider=aps-app \
-Dsecurity.oauth2.client.provider.aps-app.issuer_uri=http://host.docker.internal:${keycloak.server.port}/realms/${keycloak.realm}</aps.tomcat.opts> -Dsecurity.oauth2.client.provider.aps-app.issuer_uri=http://host.docker.internal:${keycloak.server.port}/realms/${keycloak.realm}</aps.tomcat.opts>
</properties> </properties>
</profile> </profile>
<profile> <profile>
<id>rad-keycloak</id> <id>rad-keycloak</id>
<activation> <activation>
<property> <property>
<name>rad</name> <name>rad</name>
</property> </property>
</activation> </activation>
<properties> <properties>
<!-- Due to SSL restricitons in previous versions, testing against keyclaok is near impossible. --> <!-- Due to SSL restricitons in previous versions, testing against keyclaok is near impossible. -->
<!-- This module should still work against nearly all versions of Keycloak that support the OIDC standards --> <!-- This module should still work against nearly all versions of Keycloak that support the OIDC standards -->
<keycloak.server.version>26.2</keycloak.server.version> <keycloak.server.version>26.2</keycloak.server.version>
<keycloak.server.port>8081</keycloak.server.port> <keycloak.server.port>8081</keycloak.server.port>
</properties> </properties>
<build> <build>
<plugins> <plugins>
<plugin> <plugin>
<groupId>io.fabric8</groupId> <groupId>io.fabric8</groupId>
<artifactId>docker-maven-plugin</artifactId> <artifactId>docker-maven-plugin</artifactId>
<version>0.46.0</version> <version>0.46.0</version>
<executions> <executions>
<execution> <execution>
<id>run-keycloak</id> <id>run-keycloak</id>
<phase>test-compile</phase> <phase>test-compile</phase>
<goals><goal>start</goal></goals> <goals><goal>start</goal></goals>
<configuration> <configuration>
<images> <images>
<image> <image>
<name>keycloak/keycloak:${keycloak.server.version}</name> <name>keycloak/keycloak:${keycloak.server.version}</name>
<alias>keycloak</alias> <alias>keycloak</alias>
<run> <run>
<cmd>start-dev --import-realm</cmd> <cmd>start-dev --import-realm</cmd>
<env> <env>
<KC_BOOTSTRAP_ADMIN_USERNAME>admin</KC_BOOTSTRAP_ADMIN_USERNAME> <KC_BOOTSTRAP_ADMIN_USERNAME>admin</KC_BOOTSTRAP_ADMIN_USERNAME>
<KC_BOOTSTRAP_ADMIN_PASSWORD>admin</KC_BOOTSTRAP_ADMIN_PASSWORD> <KC_BOOTSTRAP_ADMIN_PASSWORD>admin</KC_BOOTSTRAP_ADMIN_PASSWORD>
</env> </env>
<ports> <ports>
<port>${keycloak.server.port}:8080</port> <port>${keycloak.server.port}:8080</port>
</ports> </ports>
<network> <network>
<mode>custom</mode> <mode>custom</mode>
<name>${project.artifactId}</name> <name>${project.artifactId}</name>
</network> </network>
<extraHosts> <extraHosts>
<host>host.docker.internal:host-gateway</host> <host>host.docker.internal:host-gateway</host>
</extraHosts> </extraHosts>
<volumes> <volumes>
<bind> <bind>
<volume>${project.basedir}/src/test/resources/keycloak-import:/opt/keycloak/data/import:ro</volume> <volume>${project.basedir}/src/test/resources/keycloak-import:/opt/keycloak/data/import:ro</volume>
</bind> </bind>
</volumes> </volumes>
</run> </run>
</image> </image>
</images> </images>
</configuration> </configuration>
</execution> </execution>
</executions> </executions>
</plugin> </plugin>
</plugins> </plugins>
</build> </build>
</profile> </profile>
<profile> <profile>
<id>ossrh-release</id> <id>ossrh-release</id>
<properties> <properties>
<maven.deploy.skip>true</maven.deploy.skip> <maven.deploy.skip>true</maven.deploy.skip>
</properties> </properties>
<build> <build>
<plugins> <plugins>
<plugin> <plugin>
<artifactId>maven-source-plugin</artifactId> <artifactId>maven-source-plugin</artifactId>
<executions> <executions>
<execution> <execution>
<id>source</id> <id>source</id>
<phase>package</phase> <phase>package</phase>
<goals><goal>jar-no-fork</goal></goals> <goals><goal>jar-no-fork</goal></goals>
</execution> </execution>
</executions> </executions>
</plugin> </plugin>
<plugin> <plugin>
<artifactId>maven-javadoc-plugin</artifactId> <artifactId>maven-javadoc-plugin</artifactId>
<executions> <executions>
<execution> <execution>
<id>javadoc</id> <id>javadoc</id>
<phase>package</phase> <phase>package</phase>
<goals><goal>jar</goal></goals> <goals><goal>jar</goal></goals>
<configuration> <configuration>
<show>public</show> <show>public</show>
</configuration> </configuration>
</execution> </execution>
</executions> </executions>
</plugin> </plugin>
<plugin> <plugin>
<artifactId>maven-gpg-plugin</artifactId> <artifactId>maven-gpg-plugin</artifactId>
<executions> <executions>
<execution> <execution>
<id>sign</id> <id>sign</id>
<phase>verify</phase> <phase>verify</phase>
<goals><goal>sign</goal></goals> <goals><goal>sign</goal></goals>
</execution> </execution>
</executions> </executions>
</plugin> </plugin>
<plugin> <plugin>
<groupId>org.sonatype.plugins</groupId> <groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId> <artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.7.0</version> <version>1.7.0</version>
<configuration> <configuration>
<serverId>ossrh</serverId> <serverId>ossrh</serverId>
<nexusUrl>https://s01.oss.sonatype.org/</nexusUrl> <nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
<autoReleaseAfterClose>true</autoReleaseAfterClose> <autoReleaseAfterClose>true</autoReleaseAfterClose>
</configuration> </configuration>
<executions> <executions>
<execution> <execution>
<id>ossrh-deploy</id> <id>ossrh-deploy</id>
<phase>deploy</phase> <phase>deploy</phase>
<goals><goal>deploy</goal></goals> <goals><goal>deploy</goal></goals>
</execution> </execution>
</executions> </executions>
</plugin> </plugin>
</plugins> </plugins>
</build> </build>
</profile> </profile>
</profiles> </profiles>
<repositories> <repositories>
<repository> <repository>
<id>activiti-releases</id> <id>activiti-releases</id>
<url>https://artifacts.alfresco.com/nexus/content/repositories/activiti-enterprise-releases</url> <url>https://artifacts.alfresco.com/nexus/content/repositories/activiti-enterprise-releases</url>
</repository> </repository>
</repositories> </repositories>
</project> </project>

70
src/main/java/com/activiti/extension/conf/AuthExtSpringComponentScanner.java
View File

@@ -1,35 +1,35 @@
/* /*
* This program is free software: you can redistribute it and/or modify it * This program is free software: you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published by * under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or (at your * the Free Software Foundation, either version 3 of the License, or (at your
* option) any later version. * option) any later version.
* *
* This program is distributed in the hope that it will be useful, but WITHOUT * This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details. * more details.
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program. If not, see <https://www.gnu.org/licenses/>. * with this program. If not, see <https://www.gnu.org/licenses/>.
*/ */
package com.activiti.extension.conf; package com.activiti.extension.conf;
import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.FullyQualifiedAnnotationBeanNameGenerator; import org.springframework.context.annotation.FullyQualifiedAnnotationBeanNameGenerator;
/** /**
* A means for injecting packages to scan for the Spring context. * A means for injecting packages to scan for the Spring context.
* *
* @author brian@inteligr8.com * @author brian@inteligr8.com
*/ */
@Configuration @Configuration
@ComponentScan( @ComponentScan(
basePackages = { basePackages = {
"com.inteligr8.activiti.auth" "com.inteligr8.activiti.auth"
}, },
nameGenerator = FullyQualifiedAnnotationBeanNameGenerator.class nameGenerator = FullyQualifiedAnnotationBeanNameGenerator.class
) )
public class AuthExtSpringComponentScanner { public class AuthExtSpringComponentScanner {
} }

32
src/main/java/com/inteligr8/activiti/auth/Bootstrapper.java
View File

@@ -1,32 +0,0 @@
package com.inteligr8.activiti.auth;
import java.util.Map;
import java.util.Map.Entry;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Primary;
import org.springframework.stereotype.Component;
import com.activiti.api.boot.BootstrapConfigurer;
@Component("bootstrap.proxy")
@Primary
public class Bootstrapper implements BootstrapConfigurer {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
@Override
public void applicationContextInitialized(ApplicationContext applicationContext) {
Map<String, BootstrapConfigurer> bootstraps = applicationContext.getBeansOfType(BootstrapConfigurer.class);
bootstraps.remove("bootstrap.proxy");
this.logger.debug("Executing {} bootstrap configurers", bootstraps.size());
for (Entry<String, BootstrapConfigurer> bootstrap : bootstraps.entrySet()) {
this.logger.trace("Executing bootstrap configurer: {}: {}", bootstrap.getKey(), bootstrap.getValue().getClass());
bootstrap.getValue().applicationContextInitialized(applicationContext);
}
}
}