From 10fc1110bbb2c1b632ea0b860c3ae32118fc0145 Mon Sep 17 00:00:00 2001
From: Devon Hillard <devon@digitalsanctuary.com>
Date: Sat, 24 Jun 2023 13:22:20 -0600
Subject: [PATCH 1/3] Removing .DS_Store. Commenting out NewRelic by deafult

---
 .DS_Store | Bin 8196 -> 0 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 .DS_Store

diff --git a/.DS_Store b/.DS_Store
deleted file mode 100644
index 207d3f0062489b7915c4365eb0972c47af38b879..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 8196
zcmeHMJ#Q015S{heu>mExOvg&}h*WgeB{HH#NkLLU><cE6%|-bTC09WU5)x7x{sIjh
zO^AXhC{n~7R5VC52@(wzZ$I$O=I$aYM8vFh`_4Nv_nu!?-t3x))WS|OM>I=BEnEiM
zm(Z0o6E|0()%=JCD%8_(Ft^lCM;nDq84w4=0dYVa5C_D8f5ic;*`~EB)_oV1UK|hy
z{!0hU_k+e|F!q=^v|k<Q>=po6$FOa<Z<`yS_85E293q0ITq)3%D!;{0t{mgq=fxf~
zhpwEI-+U;~to#l|S#~^M+jLT~L+Ql<aiHjc#!#KE(SX)zJJ`S1z8vz{DD8H8!?cI7
zR{QdgSKpKU`7oZG8Q*xo&IVc<rPQ>%o3u&^4QVZ4pMHC%n87uyq~r14w|7RvsppK+
zTuF6Spl8M&SzLggEn1^(yw>R<JlP5~QS%sVC0Sh8;@!v1qo>xJ(#%}j*_nYpdJSTV
zsAqHqni`L8<Pol8w=;A6!TICsxG%+Mz<2SP;cI|z2aH2XIA_%Pd=f@E@AJ;5y_Z+)
z=V$etyF7#QNArh<e~S8);_q-D8U|be)}0rp<6Og&TjP&@ZUoQZDynk04swgo6lOyC
zETym0RtJl79oLr+-b{1^Ir%K8$_aG1MK8ka+@yZsMC~e0@h~%NgmeEqdH<Vx63tnQ
z(SWaU8xO@A><lm%`}dhcD+rye|L{YaIB*^vh@9wIv;V(Yeg1zQKbmM32gHFtbU@X+
zOWg$|+f}`!$gJ`j*F9XOnY_%QEkPIjBY^jl9}ID?k!osUkC{V^pvggiwLv;@;IBIH
E3;qiaM*si-


From 1ee59c5c7be30da09c9c04ab57eb8eabb18354c9 Mon Sep 17 00:00:00 2001
From: Devon Hillard <devon@digitalsanctuary.com>
Date: Sat, 24 Jun 2023 13:23:00 -0600
Subject: [PATCH 2/3] Adding .DS_Store to .gitignore. Commenting out NewRelic

---
 .gitignore   | 3 +++
 build.gradle | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index a489095..8eff60e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,9 @@
 # Created by https://www.gitignore.io/api/java,gradle,eclipse
 # Edit at https://www.gitignore.io/?templates=java,gradle,eclipse
 
+### MacOS ###
+*.DS_Store
+
 ### Eclipse ###
 .metadata
 bin/
diff --git a/build.gradle b/build.gradle
index ac9df65..67276fb 100644
--- a/build.gradle
+++ b/build.gradle
@@ -43,7 +43,7 @@ dependencies {
 
     // Other dependencies
     runtimeOnly 'org.springframework.boot:spring-boot-devtools'
-    runtimeOnly 'io.micrometer:micrometer-registry-new-relic'
+    // runtimeOnly 'io.micrometer:micrometer-registry-new-relic'
     runtimeOnly 'org.mariadb.jdbc:mariadb-java-client'
     runtimeOnly 'org.postgresql:postgresql'
     implementation 'org.passay:passay:1.6.2'

From 0383dcbd7b87aaf39527b7005eb728b68ffa807c Mon Sep 17 00:00:00 2001
From: Devon Hillard <devon@digitalsanctuary.com>
Date: Sat, 24 Jun 2023 14:10:23 -0600
Subject: [PATCH 3/3] Added flag for OAuth2 setup in WebSecurityConfig

---
 .../spring/user/util/WebSecurityConfig.java   | 53 ++++++++++++-------
 src/main/resources/application.yml            |  3 ++
 2 files changed, 36 insertions(+), 20 deletions(-)

diff --git a/src/main/java/com/digitalsanctuary/spring/user/util/WebSecurityConfig.java b/src/main/java/com/digitalsanctuary/spring/user/util/WebSecurityConfig.java
index 2319c4c..ed1d534 100644
--- a/src/main/java/com/digitalsanctuary/spring/user/util/WebSecurityConfig.java
+++ b/src/main/java/com/digitalsanctuary/spring/user/util/WebSecurityConfig.java
@@ -90,6 +90,9 @@ public class WebSecurityConfig {
 	@Value("${user.security.registrationNewVerificationURI}")
 	private String registrationNewVerificationURI;
 
+	@Value("${spring.security.oauth2.enabled:false} ")
+	private boolean oauth2Enabled;
+
 	@Autowired
 	private UserDetailsService userDetailsService;
 
@@ -105,10 +108,10 @@ public class WebSecurityConfig {
 	@Autowired
 	private DSOAuth2UserService dsOAuth2UserService;
 
-
 	/**
 	 *
-	 * The securityFilterChain method builds the security filter chain for Spring Security.
+	 * The securityFilterChain method builds the security filter chain for Spring
+	 * Security.
 	 *
 	 * @param http the HttpSecurity object
 	 * @return the SecurityFilterChain object
@@ -121,15 +124,19 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
 		ArrayList<String> unprotectedURIs = getUnprotectedURIsList();
 		log.debug("WebSecurityConfig.configure:" + "enhanced unprotectedURIs: {}", unprotectedURIs.toString());
 
-		CustomOAuth2AuthenticationEntryPoint loginAuthenticationEntryPoint = new CustomOAuth2AuthenticationEntryPoint(null, loginPageURI);
+		CustomOAuth2AuthenticationEntryPoint loginAuthenticationEntryPoint = new CustomOAuth2AuthenticationEntryPoint(
+				null, loginPageURI);
 
-		List<String> disableCSRFURIs = Arrays.stream(disableCSRFURIsArray).filter(uri -> uri != null && !uri.isEmpty()).collect(Collectors.toList());
+		List<String> disableCSRFURIs = Arrays.stream(disableCSRFURIsArray).filter(uri -> uri != null && !uri.isEmpty())
+				.collect(Collectors.toList());
 
 		http.formLogin(
-				formLogin -> formLogin.loginPage(loginPageURI).loginProcessingUrl(loginActionURI).successHandler(loginSuccessService).permitAll())
+				formLogin -> formLogin.loginPage(loginPageURI).loginProcessingUrl(loginActionURI)
+						.successHandler(loginSuccessService).permitAll())
 				.rememberMe(withDefaults());
 
-		http.logout(logout -> logout.logoutUrl(logoutActionURI).logoutSuccessUrl(logoutSuccessURI).invalidateHttpSession(true)
+		http.logout(logout -> logout.logoutUrl(logoutActionURI).logoutSuccessUrl(logoutSuccessURI)
+				.invalidateHttpSession(true)
 				.deleteCookies("JSESSIONID"));
 
 		if (disableCSRFURIs != null && disableCSRFURIs.size() > 0) {
@@ -137,24 +144,30 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
 				csrf.ignoringRequestMatchers(disableCSRFURIsArray);
 			});
 		}
-		http.oauth2Login(o -> o.loginPage(loginPageURI).successHandler(loginSuccessService).failureHandler((request, response, exception) -> {
-			log.error("WebSecurityConfig.configure:" + "OAuth2 login failure: {}", exception.getMessage());
-			request.getSession().setAttribute("error.message", exception.getMessage());
-			response.sendRedirect(loginPageURI);
-			// handler.onAuthenticationFailure(request, response, exception);
-		}).userInfoEndpoint().userService(dsOAuth2UserService)).userDetailsService(userDetailsService)
-				.exceptionHandling(handling -> handling.authenticationEntryPoint(loginAuthenticationEntryPoint));
-
-
+		if (oauth2Enabled) {
+			http.oauth2Login(o -> o.loginPage(loginPageURI).successHandler(loginSuccessService)
+					.failureHandler((request, response, exception) -> {
+						log.error("WebSecurityConfig.configure:" + "OAuth2 login failure: {}", exception.getMessage());
+						request.getSession().setAttribute("error.message", exception.getMessage());
+						response.sendRedirect(loginPageURI);
+						// handler.onAuthenticationFailure(request, response, exception);
+					}).userInfoEndpoint().userService(dsOAuth2UserService)).userDetailsService(userDetailsService)
+					.exceptionHandling(handling -> handling.authenticationEntryPoint(loginAuthenticationEntryPoint));
+		}
 		// Configure authorization rules based on the default action
 		if (DEFAULT_ACTION_DENY.equals(getDefaultAction())) {
-			// Allow access to unprotected URIs and require authentication for all other requests
-			http.authorizeHttpRequests().requestMatchers(unprotectedURIs.toArray(new String[0])).permitAll().anyRequest().authenticated();
+			// Allow access to unprotected URIs and require authentication for all other
+			// requests
+			http.authorizeHttpRequests().requestMatchers(unprotectedURIs.toArray(new String[0])).permitAll()
+					.anyRequest().authenticated();
 		} else if (DEFAULT_ACTION_ALLOW.equals(getDefaultAction())) {
-			// Require authentication for protected URIs and allow access to all other requests
-			http.authorizeHttpRequests().requestMatchers(protectedURIsArray).authenticated().requestMatchers("/**").permitAll();
+			// Require authentication for protected URIs and allow access to all other
+			// requests
+			http.authorizeHttpRequests().requestMatchers(protectedURIsArray).authenticated().requestMatchers("/**")
+					.permitAll();
 		} else {
-			// Log an error and deny access to all resources if the default action is not set correctly
+			// Log an error and deny access to all resources if the default action is not
+			// set correctly
 			log.error("WebSecurityConfig.configure:"
 					+ "user.security.defaultAction must be set to either {} or {}!!!  Denying access to all resources to force intentional configuration.",
 					DEFAULT_ACTION_ALLOW, DEFAULT_ACTION_DENY);
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index bdd4694..7ca864b 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -15,6 +15,7 @@ spring:
     host: email-smtp.us-west-2.amazonaws.com
   # security:
     # oauth2:
+    #   enabled: true
     #   client:
     #     registration:
     #       google:
@@ -71,6 +72,8 @@ spring:
 user:
   registration:
     sendVerificationEmail: true
+    googleEnabled: false
+    facebookEnabled: false
   audit:
     logFilePath: /opt/app/logs/user-audit.log
     flushOnWrite: false