From da8fc10414cc01c8354da90e5a16347e6c46f5fc Mon Sep 17 00:00:00 2001 From: Francesco Date: Tue, 7 Nov 2023 09:40:38 +0100 Subject: [PATCH] Startup auth check for #32 --- .../external/StartupAuthCheckRunner.java | 79 +++++++++++++++---- 1 file changed, 63 insertions(+), 16 deletions(-) diff --git a/src/main/java/tech/ailef/snapadmin/external/StartupAuthCheckRunner.java b/src/main/java/tech/ailef/snapadmin/external/StartupAuthCheckRunner.java index ddf5dac..5ec4ed7 100644 --- a/src/main/java/tech/ailef/snapadmin/external/StartupAuthCheckRunner.java +++ b/src/main/java/tech/ailef/snapadmin/external/StartupAuthCheckRunner.java @@ -1,31 +1,78 @@ +/* + * SnapAdmin - An automatically generated CRUD admin UI for Spring Boot apps + * Copyright (C) 2023 Ailef (http://ailef.tech) + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + package tech.ailef.snapadmin.external; +import java.io.IOException; import java.net.URI; import java.net.http.HttpClient; import java.net.http.HttpRequest; import java.net.http.HttpResponse; import java.net.http.HttpResponse.BodyHandlers; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.CommandLineRunner; -import org.springframework.stereotype.Component; +import org.springframework.boot.web.servlet.context.ServletWebServerInitializedEvent; +import org.springframework.context.ApplicationListener; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; -@Component -public class StartupAuthCheckRunner implements CommandLineRunner { +/** + * Runs at startup to determine if SnapAdmin is protected with authentication. + * If this is not the case, it sets a flag that will display a warning in the + * UI. + */ +@Configuration +public class StartupAuthCheckRunner { + + private static final Logger logger = LoggerFactory.getLogger(StartupAuthCheckRunner.class); + @Autowired private SnapAdmin snapAdmin; + + @Autowired + private SnapAdminProperties properties; - @Override - public void run(String...args) throws Exception { - HttpRequest request = HttpRequest.newBuilder() - .uri(URI.create("http://localhost:8080/admin")) - .build(); + + @Bean + ApplicationListener serverPortListenerBean() { + return event -> { + int serverPort = event.getWebServer().getPort(); + + String url = "http://localhost:" + serverPort + "/" + properties.getBaseUrl(); + + logger.info("Checking if SnapAdmin is protected with authentication at " + url); + + HttpRequest request = HttpRequest.newBuilder().uri(URI.create(url)).build(); + + try { + HttpResponse response = HttpClient.newBuilder().build().send(request, BodyHandlers.ofString()); - HttpResponse response = HttpClient - .newBuilder() - .build() - .send(request, BodyHandlers.ofString()); - - String body = response.body(); - } + int statusCode = response.statusCode(); + if (statusCode == 200) { + logger.warn("It seems SnapAdmin routes are not protected with authentication. The URL " + + url + " is publicly accessible: be careful!"); + snapAdmin.setAuthenticated(false); + } + } catch (IOException | InterruptedException e) { + logger.warn("Unable to connect to server at " + url); + } + }; + } } \ No newline at end of file