Apply filter for all configs

Author: Haarolean

api/src/main/java/io/kafbat/ui/config/auth/AbstractAuthSecurityConfig.java

@@ -6,8 +6,6 @@ protected AbstractAuthSecurityConfig() {
 
   }
 
-  public static final String INDEX_HTML = "/static/index.html";
-
   protected static final String[] AUTH_WHITELIST = {
       /* STATIC */
       "/index.html",

api/src/main/java/io/kafbat/ui/config/auth/BasicAuthSecurityConfig.java

@@ -1,13 +1,15 @@
 package io.kafbat.ui.config.auth;
 
 import io.kafbat.ui.util.EmptyRedirectStrategy;
+import io.kafbat.ui.util.StaticFileWebFilter;
 import java.net.URI;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
+import org.springframework.security.config.web.server.SecurityWebFiltersOrder;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 import org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler;
@@ -20,7 +22,6 @@
 @Slf4j
 public class BasicAuthSecurityConfig extends AbstractAuthSecurityConfig {
 
-  public static final String LOGIN_URL = "/auth";
   public static final String LOGOUT_URL = "/auth?logout";
 
   @Bean
@@ -33,19 +34,20 @@ public SecurityWebFilterChain configure(ServerHttpSecurity http) {
     final var logoutSuccessHandler = new RedirectServerLogoutSuccessHandler();
     logoutSuccessHandler.setLogoutSuccessUrl(URI.create(LOGOUT_URL));
 
-
-    return http.authorizeExchange(spec -> spec
+    var builder = http.authorizeExchange(spec -> spec
             .pathMatchers(AUTH_WHITELIST)
             .permitAll()
             .anyExchange()
             .authenticated()
         )
-        .formLogin(spec -> spec.loginPage(LOGIN_URL).authenticationSuccessHandler(authHandler))
         .logout(spec -> spec
             .logoutSuccessHandler(logoutSuccessHandler)
             .requiresLogout(ServerWebExchangeMatchers.pathMatchers(HttpMethod.GET, "/logout")))
-        .csrf(ServerHttpSecurity.CsrfSpec::disable)
-        .build();
+        .csrf(ServerHttpSecurity.CsrfSpec::disable);
+
+    builder.addFilterAt(new StaticFileWebFilter(), SecurityWebFiltersOrder.LOGIN_PAGE_GENERATING);
+
+    return builder.build();
   }
 
 }

api/src/main/java/io/kafbat/ui/config/auth/LdapSecurityConfig.java

@@ -4,6 +4,7 @@
 
 import io.kafbat.ui.service.rbac.AccessControlService;
 import io.kafbat.ui.service.rbac.extractor.RbacLdapAuthoritiesExtractor;
+import io.kafbat.ui.util.StaticFileWebFilter;
 import java.util.Collection;
 import java.util.List;
 import java.util.Optional;
@@ -23,6 +24,7 @@
 import org.springframework.security.authentication.ReactiveAuthenticationManagerAdapter;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
+import org.springframework.security.config.web.server.SecurityWebFiltersOrder;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
@@ -121,16 +123,19 @@ public SecurityWebFilterChain configureLdap(ServerHttpSecurity http) {
       log.info("Active Directory support for LDAP has been enabled.");
     }
 
-    return http.authorizeExchange(spec -> spec
+    var builder = http.authorizeExchange(spec -> spec
             .pathMatchers(AUTH_WHITELIST)
             .permitAll()
             .anyExchange()
             .authenticated()
         )
         .formLogin(Customizer.withDefaults())
         .logout(Customizer.withDefaults())
-        .csrf(ServerHttpSecurity.CsrfSpec::disable)
-        .build();
+        .csrf(ServerHttpSecurity.CsrfSpec::disable);
+
+    builder.addFilterAt(new StaticFileWebFilter(), SecurityWebFiltersOrder.LOGIN_PAGE_GENERATING);
+
+    return builder.build();
   }
 
   private static class UserDetailsMapper extends LdapUserDetailsMapper {

api/src/main/java/io/kafbat/ui/config/auth/OAuthSecurityConfig.java

@@ -17,7 +17,6 @@
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.core.io.ClassPathResource;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
@@ -64,8 +63,7 @@ public SecurityWebFilterChain configure(ServerHttpSecurity http, OAuthLogoutSucc
         .csrf(ServerHttpSecurity.CsrfSpec::disable);
 
 
-    builder.addFilterAt(new StaticFileWebFilter("/login", new ClassPathResource(INDEX_HTML)),
-        SecurityWebFiltersOrder.LOGIN_PAGE_GENERATING);
+    builder.addFilterAt(new StaticFileWebFilter(), SecurityWebFiltersOrder.LOGIN_PAGE_GENERATING);
 
     return builder.build();
   }

api/src/main/java/io/kafbat/ui/util/StaticFileWebFilter.java

@@ -17,9 +17,15 @@
 
 public class StaticFileWebFilter implements WebFilter {
 
+  private static final String INDEX_HTML = "/static/index.html";
+
   private final ServerWebExchangeMatcher matcher;
   private final String contents;
 
+  public StaticFileWebFilter() {
+    this("/login", new ClassPathResource(INDEX_HTML));
+  }
+
   public StaticFileWebFilter(String path, ClassPathResource resource) {
     this.matcher = ServerWebExchangeMatchers.pathMatchers(HttpMethod.GET, path);