CP V7.1 - bugs #11801 fix(standalone): add no auth module

api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/ApiPastisStandaloneApplication.java

@@ -38,20 +38,29 @@
 
 package fr.gouv.vitamui.pastis.standalone;
 
+import fr.gouv.vitamui.pastis.standalone.config.PastisConfiguration;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.builder.SpringApplicationBuilder;
 import org.springframework.boot.context.event.ApplicationReadyEvent;
 import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
 import org.springframework.context.event.EventListener;
 
-import java.awt.*;
+import java.awt.Desktop;
 import java.io.IOException;
 import java.net.URI;
 import java.net.URISyntaxException;
 
 @SpringBootApplication
 public class ApiPastisStandaloneApplication extends SpringBootServletInitializer {
 
+    private final PastisConfiguration pastisConfiguration;
+
+    @Autowired
+    public ApiPastisStandaloneApplication(final PastisConfiguration pastisConfiguration) {
+        this.pastisConfiguration = pastisConfiguration;
+    }
+
     public static void main(String[] args) {
         new SpringApplicationBuilder(ApiPastisStandaloneApplication.class).headless(false).run(args);
     }
@@ -63,6 +72,6 @@ protected SpringApplicationBuilder configure(SpringApplicationBuilder applicatio
 
     @EventListener(ApplicationReadyEvent.class)
     public void openBrowserAfterStartup() throws IOException, URISyntaxException {
-        Desktop.getDesktop().browse(new URI(("http://localhost:8096")));
+        Desktop.getDesktop().browse(new URI(pastisConfiguration.url));
     }
 }

api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/config/PastisConfiguration.java

@@ -35,21 +35,18 @@
 The fact that you are presently reading this means that you have had
 knowledge of the CeCILL-C license and that you accept its terms.
 */
+
 package fr.gouv.vitamui.pastis.standalone.config;
 
 import fr.gouv.vitamui.pastis.common.service.JsonFromPUA;
 import fr.gouv.vitamui.pastis.common.service.PuaFromJSON;
 import fr.gouv.vitamui.pastis.common.service.PuaPastisValidator;
 import fr.gouv.vitamui.pastis.server.service.PastisService;
-import org.jetbrains.annotations.NotNull;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.web.servlet.error.ErrorViewResolver;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.core.io.ResourceLoader;
 import org.springframework.web.servlet.ModelAndView;
-import org.springframework.web.servlet.config.annotation.CorsRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 import static java.util.Collections.emptyMap;
 import static org.springframework.http.HttpStatus.NOT_FOUND;
@@ -58,20 +55,8 @@
 @Configuration
 public class PastisConfiguration {
 
-    private ResourceLoader resourceLoader;
-
-    @Value("${cors.allowed-origins}")
-    private String origins;
-
-    @Bean
-    public WebMvcConfigurer corsConfigurer() {
-        return new WebMvcConfigurer() {
-            @Override
-            public void addCorsMappings(@NotNull CorsRegistry registry) {
-                registry.addMapping("/**").allowedOrigins(origins.split(",")).allowCredentials(true);
-            }
-        };
-    }
+    @Value("${pastis.client.url}")
+    public String url;
 
     @Bean
     public ErrorViewResolver customErrorViewResolver() {
@@ -91,7 +76,7 @@ public PuaFromJSON puaFromJSON() {
 
     @Bean
     public PastisService pastisService() {
-        return new PastisService(this.resourceLoader, puaPastisValidator(), jsonFromPUA(), puaFromJSON());
+        return new PastisService(null, puaPastisValidator(), jsonFromPUA(), puaFromJSON());
     }
 
     @Bean

api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/config/WebConfig.java

@@ -0,0 +1,63 @@
+/*
+ * Copyright French Prime minister Office/SGMAP/DINSIC/Vitam Program (2015-2022)
+ *
+ * contact.vitam@culture.gouv.fr
+ *
+ * This software is a computer program whose purpose is to implement a digital archiving back-office system managing
+ * high volumetry securely and efficiently.
+ *
+ * This software is governed by the CeCILL 2.1 license under French law and abiding by the rules of distribution of free
+ * software. You can use, modify and/ or redistribute the software under the terms of the CeCILL 2.1 license as
+ * circulated by CEA, CNRS and INRIA at the following URL "https://cecill.info".
+ *
+ * As a counterpart to the access to the source code and rights to copy, modify and redistribute granted by the license,
+ * users are provided only with a limited warranty and the software's author, the holder of the economic rights, and the
+ * successive licensors have only limited liability.
+ *
+ * In this respect, the user's attention is drawn to the risks associated with loading, using, modifying and/or
+ * developing or reproducing the software by the user in light of its specific status of free software, that may mean
+ * that it is complicated to manipulate, and that also therefore means that it is reserved for developers and
+ * experienced professionals having in-depth computer knowledge. Users are therefore encouraged to load and test the
+ * software's suitability as regards their requirements in conditions enabling the security of their systems and/or data
+ * to be ensured and, more generally, to use and operate it in the same conditions as regards security.
+ *
+ * The fact that you are presently reading this means that you have had knowledge of the CeCILL 2.1 license and that you
+ * accept its terms.
+ */
+
+package fr.gouv.vitamui.pastis.standalone.config;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class WebConfig implements WebMvcConfigurer {
+
+    @Value("${cors.allowed-origins}")
+    private String[] origins;
+
+    @Value("${cors.allowed-methods}")
+    private String[] methods;
+
+    @Value("${cors.allowed-headers}")
+    private String[] headers;
+
+    @Value("${cors.allow-credentials}")
+    private boolean credentials;
+
+    @Value("${cors.max-age}")
+    private long maxAge;
+
+    @Override
+    public void addCorsMappings(CorsRegistry registry) {
+        registry
+            .addMapping("/**")
+            .allowedOrigins(origins)
+            .allowedMethods(methods)
+            .allowedHeaders(headers)
+            .allowCredentials(credentials)
+            .maxAge(maxAge);
+    }
+}

api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java

@@ -56,7 +56,11 @@
 import org.springframework.core.io.Resource;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.server.ResponseStatusException;
 
@@ -92,6 +96,10 @@ public PastisController(final PastisService profileService) {
         this.profileService = profileService;
     }
 
+    private static boolean isInvalidFilename(String fileName) {
+        return VitamUIStringUtils.HTML_PATTERN.matcher(fileName).find();
+    }
+
     @Operation(
         summary = "Retrieve RNG representation of the JSON structure",
         description = "Retrieve RNG representation of the JSON structure of archive profile",
@@ -217,10 +225,6 @@ ResponseEntity<List<Notice>> getFiles() throws TechnicalException {
         }
     }
 
-    private static boolean isInvalidFilename(String fileName) {
-        return VitamUIStringUtils.HTML_PATTERN.matcher(fileName).find();
-    }
-
     enum ErrorMessage {
         INVALID_FILE_NAME("Invalid file name"),
         NO_PROFILE_RESPONSE("No profile response"),

api/api-pastis/pastis-standalone/src/main/resources/application-dev.yml

@@ -0,0 +1,15 @@
+pastis.client.url: https://localhost:8097
+
+cors:
+  allowed-origins: >
+    http://localhost:8096,
+    https://localhost:8097
+  allowed-methods: >
+    GET,
+    POST,
+    PUT,
+    DELETE,
+    OPTIONS
+  allowed-headers: "*"
+  allow-credentials: true
+  max-age: 3600

api/api-pastis/pastis-standalone/src/main/resources/application.yml

@@ -11,14 +11,11 @@ spring:
   mvc:
     favicon:
       enabled: false
-  jackson:
-    serialization:
-      write-dates-as-timestamps: false
-#Spring
-spring.servlet.multipart:
-  max-file-size: 10MB
-  max-request-size: 11MB
-  enabled: true
+  jackson.serialization.write-dates-as-timestamps: false
+  servlet.multipart:
+    max-file-size: 10MB
+    max-request-size: 11MB
+    enabled: true
 
 #Spring docs swagger
 springdoc:
@@ -53,4 +50,19 @@ management:
       show-details: always
     prometheus:
       enabled: true
-cors.allowed-origins: https://dev.vitamui.com:4251,https://localhost,http://localhost:8096,http://localhost:8097
+
+pastis.client.url: http://localhost:8096
+
+cors:
+  allowed-origins: >
+    http://localhost:8096,
+    https://localhost:8096
+  allowed-methods: >
+    GET,
+    POST,
+    PUT,
+    DELETE,
+    OPTIONS
+  allowed-headers: "*"
+  allow-credentials: true
+  max-age: 3600

ui/ui-frontend-common/src/app/modules/authentication/services/authenticator.service.ts

@@ -36,10 +36,10 @@
  */
 import { Observable } from 'rxjs';
 
-export interface AuthenticatorService {
-  login(): Observable<boolean>;
-  logout(): void;
-  logoutSubrogationAndRedirectToLoginPage(username: string): void;
-  initSubrogationFlow(superUser: string, superUserCustomerId: string, surrogate: string, surrogateCustomerId: string): void;
-  redirectToLoginPage(): void;
+export abstract class AuthenticatorService {
+  abstract login(): Observable<boolean>;
+  abstract logout(): void;
+  abstract logoutSubrogationAndRedirectToLoginPage(username: string): void;
+  abstract initSubrogationFlow(superUser: string, superUserCustomerId: string, surrogate: string, surrogateCustomerId: string): void;
+  abstract redirectToLoginPage(): void;
 }

ui/ui-frontend-common/src/app/modules/authentication/services/oidc-authenticator.service.ts

@@ -35,9 +35,9 @@
  * knowledge of the CeCILL-C license and that you accept its terms.
  */
 import { OAuthService, OAuthSuccessEvent } from 'angular-oauth2-oidc';
-import { from, Observable, zip } from 'rxjs';
-import { AuthenticatorService } from './authenticator.service';
+import { Observable, from, zip } from 'rxjs';
 import { map, skipWhile, take, tap } from 'rxjs/operators';
+import { AuthenticatorService } from './authenticator.service';
 
 export class OidcAuthenticatorService implements AuthenticatorService {
   constructor(

ui/ui-frontend-common/src/app/modules/index.ts

@@ -56,6 +56,7 @@ export * from './archive-unit/index';
 export * from './auth.guard';
 export * from './auth.service';
 export { AuthenticationModule } from './authentication/authentication.module';
+export * from './authentication/services/authenticator.service';
 export * from './country.service';
 export * from './error-dialog/error-dialog.component';
 export * from './global-event.service';

ui/ui-frontend/package.json

@@ -22,6 +22,7 @@
     "start:pastis": "ng serve pastis --proxy-config proxy.conf.json --disable-host-check --ssl --ssl-key $npm_package_pki_path/$npm_package_pki_asset.key --ssl-cert $npm_package_pki_path/$npm_package_pki_asset.crt",
     "start:pastis:gateway": "npm run start:pastis -- --proxy-config proxy-gateway.conf.js",
     "start:pastis:gateway-next": "npm run start:pastis -- --proxy-config proxy-gateway-next.conf.js",
+    "start:pastis:standalone": "ng serve pastis --configuration standalone --disable-host-check --ssl --ssl-key $npm_package_pki_path/$npm_package_pki_asset.key --ssl-cert $npm_package_pki_path/$npm_package_pki_asset.crt",
     "start:referential": "ng serve referential --proxy-config proxy.conf.json --disable-host-check --ssl --ssl-key $npm_package_pki_path/$npm_package_pki_asset.key --ssl-cert $npm_package_pki_path/$npm_package_pki_asset.crt",
     "start:referential:gateway": "npm run start:referential -- --proxy-config proxy-gateway.conf.js",
     "start:referential:gateway-next": "npm run start:referential -- --proxy-config proxy-gateway-next.conf.js",

ui/ui-frontend/projects/pastis/src/app/app.module.ts

@@ -63,6 +63,7 @@ import { environment } from '../environments/environment';
 import { AppRoutingModule } from './app-routing.module';
 import { AppComponent } from './app.component';
 import { PastisConfiguration } from './core/classes/pastis-configuration';
+import { NoAuthenticationModule } from './standalone/no-authentication.module';
 import { StandaloneStartupService } from './standalone/standalone-startup.service';
 import { StandaloneThemeService } from './standalone/standalone-theme.service';
 
@@ -81,11 +82,12 @@ registerLocaleData(localeFr, 'fr');
 
 const startupServiceClass = environment.standalone ? StandaloneStartupService : StartupService;
 const themeServiceClass = environment.standalone ? StandaloneThemeService : ThemeService;
+const authenticationModuleClass = environment.standalone ? NoAuthenticationModule : AuthenticationModule.forRoot();
 
 @NgModule({
   declarations: [AppComponent],
   imports: [
-    AuthenticationModule.forRoot(),
+    authenticationModuleClass,
     InjectorModule,
     LoggerModule.forRoot(),
     BrowserAnimationsModule,

ui/ui-frontend/projects/pastis/src/app/standalone/no-authentication.module.ts

@@ -0,0 +1,28 @@
+import { APP_INITIALIZER, NgModule } from '@angular/core';
+import { AuthService, AuthenticatorService } from 'ui-frontend-common';
+import { NoAuthenticatorService } from './no-authenticator.service';
+
+export function initializeApp() {
+  return (): Promise<any> => Promise.resolve(true);
+}
+
+@NgModule({
+  providers: [
+    { provide: AuthenticatorService, useClass: NoAuthenticatorService },
+    {
+      provide: APP_INITIALIZER,
+      useFactory: initializeApp,
+      multi: true,
+    },
+  ],
+})
+export class NoAuthenticationModule {
+  private gatewayEnabled = false;
+
+  constructor(
+    private authenticationService: AuthService,
+    private authenticatorService: AuthenticatorService,
+  ) {
+    this.authenticationService.configure(this.gatewayEnabled, this.authenticatorService);
+  }
+}

ui/ui-frontend/projects/pastis/src/app/standalone/no-authenticator.service.ts

@@ -0,0 +1,20 @@
+import { Injectable } from '@angular/core';
+import { Observable, of } from 'rxjs';
+import { AuthenticatorService } from 'ui-frontend-common';
+
+@Injectable()
+export class NoAuthenticatorService implements AuthenticatorService {
+  login(): Observable<boolean> {
+    const authenticated = true;
+
+    return of(authenticated);
+  }
+
+  logout(): void {}
+
+  logoutSubrogationAndRedirectToLoginPage(_username: string): void {}
+
+  initSubrogationFlow(_superUser: string, _superUserCustomerId: string, _surrogate: string, _surrogateCustomerId: string): void {}
+
+  redirectToLoginPage(): void {}
+}