diff --git a/src/main/java/stirling/software/SPDF/config/security/UserService.java b/src/main/java/stirling/software/SPDF/config/security/UserService.java index 46c5aeff..5708a5fd 100644 --- a/src/main/java/stirling/software/SPDF/config/security/UserService.java +++ b/src/main/java/stirling/software/SPDF/config/security/UserService.java @@ -16,11 +16,12 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; +import stirling.software.SPDF.controller.api.pipeline.UserServiceInterface; import stirling.software.SPDF.model.Authority; import stirling.software.SPDF.model.User; import stirling.software.SPDF.repository.UserRepository; @Service -public class UserService { +public class UserService implements UserServiceInterface{ @Autowired private UserRepository userRepository; diff --git a/src/main/java/stirling/software/SPDF/controller/api/pipeline/PipelineController.java b/src/main/java/stirling/software/SPDF/controller/api/pipeline/PipelineController.java index 71df9f62..25fa811f 100644 --- a/src/main/java/stirling/software/SPDF/controller/api/pipeline/PipelineController.java +++ b/src/main/java/stirling/software/SPDF/controller/api/pipeline/PipelineController.java @@ -26,6 +26,7 @@ import java.util.zip.ZipOutputStream; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.core.io.ByteArrayResource; import org.springframework.core.io.Resource; import org.springframework.http.HttpEntity; @@ -51,6 +52,7 @@ import io.swagger.v3.oas.annotations.tags.Tag; import stirling.software.SPDF.model.ApplicationProperties; import stirling.software.SPDF.model.PipelineConfig; import stirling.software.SPDF.model.PipelineOperation; +import stirling.software.SPDF.model.Role; import stirling.software.SPDF.model.api.HandleDataRequest; import stirling.software.SPDF.utils.WebResponseUtils; @@ -98,7 +100,13 @@ public class PipelineController { @Autowired ApplicationProperties applicationProperties; + @Autowired + private UserServiceInterface userService; + private String getApiKeyForUser() { + return userService.getApiKeyForUser(Role.INTERNAL_API_USER.getRoleId()); + } + private void handleDirectory(Path dir) throws Exception { logger.info("Handling directory: {}", dir); Path jsonFile = dir.resolve(jsonFileName); @@ -292,6 +300,10 @@ public class PipelineController { } HttpHeaders headers = new HttpHeaders(); + + String apiKey = getApiKeyForUser(); + headers.add("X-API-Key", apiKey); + headers.setContentType(MediaType.MULTIPART_FORM_DATA); HttpEntity> entity = new HttpEntity<>(body, headers); diff --git a/src/main/java/stirling/software/SPDF/controller/api/pipeline/UserServiceInterface.java b/src/main/java/stirling/software/SPDF/controller/api/pipeline/UserServiceInterface.java new file mode 100644 index 00000000..1e66aa08 --- /dev/null +++ b/src/main/java/stirling/software/SPDF/controller/api/pipeline/UserServiceInterface.java @@ -0,0 +1,5 @@ +package stirling.software.SPDF.controller.api.pipeline; +public interface UserServiceInterface { + // Define methods that you need + String getApiKeyForUser(String username); +} diff --git a/src/main/java/stirling/software/SPDF/controller/api/pipeline/UserServiceNoOpImpl.java b/src/main/java/stirling/software/SPDF/controller/api/pipeline/UserServiceNoOpImpl.java new file mode 100644 index 00000000..82900b6c --- /dev/null +++ b/src/main/java/stirling/software/SPDF/controller/api/pipeline/UserServiceNoOpImpl.java @@ -0,0 +1,16 @@ +package stirling.software.SPDF.controller.api.pipeline; + +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.context.annotation.Profile; +import org.springframework.stereotype.Service; + +@Service +@ConditionalOnProperty(name = "DOCKER_ENABLE_SECURITY", havingValue = "false") +public class UserServiceNoOpImpl implements UserServiceInterface { + // Implement the methods with no-op + @Override + public String getApiKeyForUser(String username) { + // No-op implementation + return ""; + } +}