From 34842ce3eb668b41639db5145f32e3d269b98e80 Mon Sep 17 00:00:00 2001
From: Wellyson Freitas <wellyfrs@gmail.com>
Date: Thu, 8 Aug 2024 19:30:46 +0200
Subject: [PATCH] Minor improvements

---
 docker-compose.yml                            |  1 -
 .../application/config/JWTSecurityConfig.kt   |  3 ++-
 ...itional-spring-configuration-metadata.json | 10 +++----
 src/main/resources/application-live.yml       | 10 +++++++
 src/main/resources/application-local.yml      |  2 ++
 src/main/resources/application-test.yml       |  3 ---
 src/main/resources/application.yml            | 12 +++------
 .../fiap/stock/application/TestAnnotations.kt |  2 ++
 .../stock/application/it/IntegrationTest.kt   |  1 -
 .../application/it/JWTSecurityTestConfig.kt   | 27 +++++++++++++++++++
 .../it/PostgreSQLContainerInitializer.kt      |  6 ++---
 11 files changed, 54 insertions(+), 23 deletions(-)
 create mode 100644 src/main/resources/application-live.yml
 create mode 100644 src/main/resources/application-local.yml
 create mode 100644 src/test/kotlin/com/fiap/stock/application/it/JWTSecurityTestConfig.kt

diff --git a/docker-compose.yml b/docker-compose.yml
index 54d395f..310ce42 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -15,7 +15,6 @@ services:
       DB_NAME: stock
       DB_USERNAME: selforder
       DB_PASSWORD: self@Order123!
-      ADMIN_ACCESS_TOKEN: token
     ports:
       - "8081:8081"
     restart: always
diff --git a/src/main/kotlin/com/fiap/stock/application/config/JWTSecurityConfig.kt b/src/main/kotlin/com/fiap/stock/application/config/JWTSecurityConfig.kt
index bdaf596..5fecc08 100644
--- a/src/main/kotlin/com/fiap/stock/application/config/JWTSecurityConfig.kt
+++ b/src/main/kotlin/com/fiap/stock/application/config/JWTSecurityConfig.kt
@@ -2,9 +2,9 @@ package com.fiap.stock.application.config
 
 import io.swagger.v3.oas.annotations.enums.SecuritySchemeType
 import io.swagger.v3.oas.annotations.security.SecurityScheme
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
-import org.springframework.http.HttpMethod
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
 import org.springframework.security.core.authority.SimpleGrantedAuthority
@@ -19,6 +19,7 @@ import org.springframework.security.web.SecurityFilterChain
     bearerFormat = "JWT",
     scheme = "bearer"
 )
+@ConditionalOnProperty(name = ["security.enable"], havingValue = "true", matchIfMissing = true)
 class JWTSecurityConfig {
     @Bean
     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
diff --git a/src/main/resources/META-INF/additional-spring-configuration-metadata.json b/src/main/resources/META-INF/additional-spring-configuration-metadata.json
index b3a87de..8be1532 100644
--- a/src/main/resources/META-INF/additional-spring-configuration-metadata.json
+++ b/src/main/resources/META-INF/additional-spring-configuration-metadata.json
@@ -1,10 +1,5 @@
 {
   "properties": [
-    {
-      "name": "admin.access-token",
-      "type": "java.lang.String",
-      "description": "Description for admin-access-token."
-    },
     {
       "name": "payment-provider.mock",
       "type": "java.lang.String",
@@ -34,6 +29,11 @@
       "name": "mercadopago.integration.webhookBaseUrl",
       "type": "java.lang.String",
       "description": "Description for mercadopago.integration.webhookBaseUrl."
+    },
+    {
+      "name": "security.enable",
+      "type": "java.lang.String",
+      "description": "Description for security.enable."
     }
   ]
 }
diff --git a/src/main/resources/application-live.yml b/src/main/resources/application-live.yml
new file mode 100644
index 0000000..a78ab76
--- /dev/null
+++ b/src/main/resources/application-live.yml
@@ -0,0 +1,10 @@
+security:
+  enable: true
+
+spring:
+  security:
+    oauth2:
+      resourceserver:
+        jwt:
+          issuer-uri: ${COGNITO_ISSUER_URI}
+          jwk-set-uri: ${COGNITO_JWK_SET_URI}
\ No newline at end of file
diff --git a/src/main/resources/application-local.yml b/src/main/resources/application-local.yml
new file mode 100644
index 0000000..4ab5c32
--- /dev/null
+++ b/src/main/resources/application-local.yml
@@ -0,0 +1,2 @@
+payment-provider:
+  mock: true
\ No newline at end of file
diff --git a/src/main/resources/application-test.yml b/src/main/resources/application-test.yml
index 89b6211..0da97c3 100644
--- a/src/main/resources/application-test.yml
+++ b/src/main/resources/application-test.yml
@@ -1,5 +1,2 @@
-admin:
-  access-token: token
-
 payment-provider:
   mock: true
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index 2f0fa51..e02811d 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -17,15 +17,9 @@ spring:
             non_contextual_creation: true
         ddl-auto: validate
         globally_quoted_identifiers: true
-  security:
-    oauth2:
-      resourceserver:
-        jwt:
-          issuer-uri: https://cognito-idp.us-east-1.amazonaws.com/us-east-1_ygM5FRn7D
-          jwk-set-uri: https://cognito-idp.us-east-1.amazonaws.com/us-east-1_ygM5FRn7D/.well-known/jwks.json
-
-admin:
-  access-token: ${ADMIN_ACCESS_TOKEN}
 
 server:
   port: 8081
+
+security:
+  enable: false
\ No newline at end of file
diff --git a/src/test/kotlin/com/fiap/stock/application/TestAnnotations.kt b/src/test/kotlin/com/fiap/stock/application/TestAnnotations.kt
index 0815c09..3a48ab9 100644
--- a/src/test/kotlin/com/fiap/stock/application/TestAnnotations.kt
+++ b/src/test/kotlin/com/fiap/stock/application/TestAnnotations.kt
@@ -2,8 +2,10 @@ package com.fiap.stock.application
 
 import com.fiap.stock.application.it.PostgreSQLContainerInitializer
 import org.springframework.boot.test.autoconfigure.jdbc.AutoConfigureTestDatabase
+import org.springframework.boot.test.context.SpringBootTest
 import org.springframework.test.context.ContextConfiguration
 
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
 @ContextConfiguration(initializers = [PostgreSQLContainerInitializer::class])
 @AutoConfigureTestDatabase(replace = AutoConfigureTestDatabase.Replace.NONE)
 @Target(AnnotationTarget.CLASS, AnnotationTarget.FILE)
diff --git a/src/test/kotlin/com/fiap/stock/application/it/IntegrationTest.kt b/src/test/kotlin/com/fiap/stock/application/it/IntegrationTest.kt
index 0c24224..b0af832 100644
--- a/src/test/kotlin/com/fiap/stock/application/it/IntegrationTest.kt
+++ b/src/test/kotlin/com/fiap/stock/application/it/IntegrationTest.kt
@@ -6,7 +6,6 @@ import org.junit.jupiter.api.Tag
 import org.springframework.boot.test.context.SpringBootTest
 
 @CucumberContextConfiguration
-@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
 @WithPostgreSQL
 @Tag("IntegrationTest")
 class IntegrationTest
diff --git a/src/test/kotlin/com/fiap/stock/application/it/JWTSecurityTestConfig.kt b/src/test/kotlin/com/fiap/stock/application/it/JWTSecurityTestConfig.kt
new file mode 100644
index 0000000..5bcde2c
--- /dev/null
+++ b/src/test/kotlin/com/fiap/stock/application/it/JWTSecurityTestConfig.kt
@@ -0,0 +1,27 @@
+package com.fiap.stock.application.it
+
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.security.config.annotation.web.builders.HttpSecurity
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
+import org.springframework.security.web.SecurityFilterChain
+
+@Configuration
+@EnableWebSecurity
+@ConditionalOnProperty(name = ["security.enable"], havingValue = "false")
+class NoOpSecurityConfig {
+
+    @Bean
+    fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
+        http
+            .csrf { csrf ->
+                csrf.disable()
+            }
+            .authorizeHttpRequests { authorize ->
+                authorize.anyRequest().permitAll()
+            }
+
+        return http.build()
+    }
+}
\ No newline at end of file
diff --git a/src/test/kotlin/com/fiap/stock/application/it/PostgreSQLContainerInitializer.kt b/src/test/kotlin/com/fiap/stock/application/it/PostgreSQLContainerInitializer.kt
index 4858fab..085e3ba 100644
--- a/src/test/kotlin/com/fiap/stock/application/it/PostgreSQLContainerInitializer.kt
+++ b/src/test/kotlin/com/fiap/stock/application/it/PostgreSQLContainerInitializer.kt
@@ -12,9 +12,9 @@ class PostgreSQLContainerInitializer :
     companion object {
         private val instance: PostgreSQLContainerInitializer =
             PostgreSQLContainerInitializer()
-                .withDatabaseName("stockdb")
-                .withUsername("stock")
-                .withPassword("stock")
+                .withDatabaseName("database")
+                .withUsername("database")
+                .withPassword("database")
                 .waitingFor(forListeningPort())
     }