Refactor authentication and API logic for servlet-based architecture.

TODO needs correction and testing.

Removed reactive Spring security setup in favor of servlet-based security with `ServletAuthenticationFilter`. Updated API implementations to replace `WebClient` with `RestClient`, improving handling of requests and responses. Removed unused legacy classes and configurations specific to the reactive setup.

authentication-service/pom.xml

@@ -21,7 +21,7 @@
     <dependencies>
         <dependency>
             <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-webflux</artifactId>
+            <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
 
         <dependency>

authentication-service/src/main/kotlin/com/michibaum/authentication_service/security/SecurityBeansConfiguration.kt

@@ -1,41 +1,32 @@
 package com.michibaum.authentication_service.security
 
 import com.michibaum.authentication_library.AuthenticationClient
-import com.michibaum.authentication_library.PublicKeyDto
-import com.michibaum.authentication_library.security.ReactiveDelegateAuthenticationManager
+import com.michibaum.authentication_library.security.ServletAuthenticationFilter
+import com.michibaum.authentication_library.security.ServletDelegateAuthenticationManager
 import com.michibaum.authentication_library.security.SpecificAuthenticationManager
 import com.michibaum.authentication_library.security.basic.BasicAuthenticationManager
-import com.michibaum.authentication_library.security.basic.BasicExchangeMatcher
 import com.michibaum.authentication_library.security.basic.CredentialsValidator
-import com.michibaum.authentication_library.security.basic.netty.BasicAuthenticationConverter
+import com.michibaum.authentication_library.security.basic.servlet.BasicAuthenticationConverter
 import com.michibaum.authentication_library.security.jwt.JwsValidator
 import com.michibaum.authentication_library.security.jwt.JwtAuthenticationManager
-import com.michibaum.authentication_library.security.jwt.JwtExchangeMatcher
-import com.michibaum.authentication_library.security.jwt.netty.JwtAuthenticationConverter
-import com.michibaum.authentication_service.authentication.AuthenticationService
+import com.michibaum.authentication_library.security.jwt.servlet.JwtAuthenticationConverter
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
-import org.springframework.security.authentication.ReactiveAuthenticationManager
-import org.springframework.security.web.server.authentication.AuthenticationWebFilter
+import org.springframework.context.annotation.Lazy
+import org.springframework.security.authentication.AuthenticationManager
+import org.springframework.security.web.authentication.AuthenticationConverter
 
 @Configuration
 class SecurityBeansConfiguration {
-
     @Bean
     fun adminServiceCredentials(): AdminServiceCredentials =
         AdminServiceCredentials()
 
 
 
     @Bean
-    fun jwsValidator(authenticationService: AuthenticationService): JwsValidator {
-        val authenticationClient = object: AuthenticationClient{
-            override fun publicKey(): PublicKeyDto {
-                return authenticationService.publicKey
-            }
-        }
-        return JwsValidator(authenticationClient)
-    }
+    fun jwsValidator(@Lazy authenticationClient: AuthenticationClient): JwsValidator =
+        JwsValidator(authenticationClient)
 
     @Bean
     fun credentialsValidator(adminServiceCredentials: AdminServiceCredentials): CredentialsValidator =
@@ -55,39 +46,22 @@ class SecurityBeansConfiguration {
         BasicAuthenticationManager(credentialsValidator)
 
     @Bean
-    fun authenticationManager(specificAuthenticationManagers: List<SpecificAuthenticationManager>): ReactiveAuthenticationManager =
-        ReactiveDelegateAuthenticationManager(specificAuthenticationManagers)
+    fun authenticationManager(specificAuthenticationManagers: List<SpecificAuthenticationManager>): AuthenticationManager =
+        ServletDelegateAuthenticationManager(specificAuthenticationManagers)
 
 
 
     @Bean
-    fun jwtAuthenticationConverter(): JwtAuthenticationConverter =
+    fun jwtAuthenticationConverter(): AuthenticationConverter =
         JwtAuthenticationConverter()
 
     @Bean
-    fun basicAuthenticationConverter(): BasicAuthenticationConverter =
+    fun basicAuthenticationConverter(): AuthenticationConverter =
         BasicAuthenticationConverter()
 
 
 
     @Bean
-    fun jwtAuthenticationWebFilter(
-        authenticationManager: ReactiveAuthenticationManager,
-        jwtAuthenticationConverter: JwtAuthenticationConverter
-    ) =
-        AuthenticationWebFilter(authenticationManager).apply {
-            setRequiresAuthenticationMatcher(JwtExchangeMatcher())
-            setServerAuthenticationConverter(jwtAuthenticationConverter)
-        }
-
-    @Bean
-    fun basicAuthenticationWebFilter(
-        authenticationManager: ReactiveAuthenticationManager,
-        basicAuthenticationConverter: BasicAuthenticationConverter
-    ) =
-        AuthenticationWebFilter(authenticationManager).apply {
-            setRequiresAuthenticationMatcher(BasicExchangeMatcher())
-            setServerAuthenticationConverter(basicAuthenticationConverter)
-        }
-
+    fun authenticationFilter(authenticationManager: AuthenticationManager, authenticationConverters: List<AuthenticationConverter>) =
+        ServletAuthenticationFilter(authenticationManager, authenticationConverters)
 }

authentication-service/src/main/kotlin/com/michibaum/authentication_service/security/SecurityConfiguration.kt

@@ -1,45 +1,49 @@
 package com.michibaum.authentication_service.security
 
+import com.michibaum.authentication_library.security.ServletAuthenticationFilter
 import com.michibaum.permission_library.Permissions
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity
 import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity
+import org.springframework.security.config.annotation.web.builders.HttpSecurity
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity
 import org.springframework.security.config.web.server.SecurityWebFiltersOrder
 import org.springframework.security.config.web.server.ServerHttpSecurity
 import org.springframework.security.config.web.server.ServerHttpSecurity.AuthorizeExchangeSpec
+import org.springframework.security.web.SecurityFilterChain
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
 import org.springframework.security.web.server.SecurityWebFilterChain
 import org.springframework.security.web.server.authentication.AuthenticationWebFilter
 
 
 @Configuration
-@EnableWebFluxSecurity
-@EnableReactiveMethodSecurity
+@EnableWebSecurity
+@EnableMethodSecurity
 class SecurityConfiguration {
 
     @Bean
     fun securityFilterChain(
-        http: ServerHttpSecurity,
-        jwtAuthenticationWebFilter: AuthenticationWebFilter,
-        basicAuthenticationWebFilter: AuthenticationWebFilter,
-    ): SecurityWebFilterChain {
+        http: HttpSecurity,
+        authenticationFilter: ServletAuthenticationFilter
+    ): SecurityFilterChain {
         return http
-            .authorizeExchange { exchanges: AuthorizeExchangeSpec ->
-                exchanges
-                    .pathMatchers(
+            .authorizeHttpRequests {
+                it
+                    .requestMatchers(
                         "/api/authenticate",
                         "/api/getAuthDetails",
                         "/api/logout",
                         "/api/register"
                     ).permitAll()
-                    .pathMatchers(
+                    .requestMatchers(
                         "/actuator",
                         "/actuator/**"
                     ).hasAnyAuthority(Permissions.ADMIN_SERVICE.name)
-                    .anyExchange().authenticated()
+                    .anyRequest().authenticated()
             }
-            .addFilterAt(basicAuthenticationWebFilter, SecurityWebFiltersOrder.AUTHENTICATION)
-            .addFilterAt(jwtAuthenticationWebFilter, SecurityWebFiltersOrder.AUTHENTICATION)
+            .addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter::class.java)
             .httpBasic { httpBasicSpec -> httpBasicSpec.disable() }
             .formLogin { formLoginSpec -> formLoginSpec.disable() }
             .csrf { csrfSpec -> csrfSpec.disable() }

chess-service/pom.xml

@@ -22,7 +22,7 @@
     <dependencies>
         <dependency>
             <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-webflux</artifactId>
+            <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>

chess-service/src/main/kotlin/com/michibaum/chess_service/apis/chesscom/ApiServiceImpl.kt

@@ -29,8 +29,7 @@ class ApiServiceImpl(
                 .uri("/pub/player/{0}", username)
                 .accept(MediaType.APPLICATION_JSON)
                 .retrieve()
-                .bodyToMono(ChesscomAccountDto::class.java) // TODO onError
-                .block()
+                .body(ChesscomAccountDto::class.java) // TODO onError
         } catch (throwable: Throwable){
             return Exception("Exception chesscom findUser with username=$username", throwable)
         }
@@ -48,8 +47,7 @@ class ApiServiceImpl(
                 .uri("/pub/player/{0}/stats", account.username)
                 .accept(MediaType.APPLICATION_JSON)
                 .retrieve()
-                .bodyToMono(ChesscomStatsDto::class.java) // TODO onError
-                .block()
+                .body(ChesscomStatsDto::class.java) // TODO onError
         } catch (throwable: Throwable){
             return Exception("Exception chesscom getStats with username=${account.username}", throwable)
         }
@@ -82,9 +80,8 @@ class ApiServiceImpl(
                         .uri("/pub/player/{0}/games/{1}/{2}", account.username, currentYear, currentMonth)
                         .accept(MediaType.APPLICATION_JSON)
                         .retrieve()
-                        .bodyToMono(Gamesresult::class.java)
-                        .mapNotNull { it.games }
-                        .block()
+                        .body(Gamesresult::class.java)
+                        ?.games
                 } catch (throwable: Throwable){
                     return Exception("Exception chesscom getGames with username=${account.username} and year=$currentYear and month=$currentMonth", throwable)
                 }
@@ -109,8 +106,7 @@ class ApiServiceImpl(
                 .uri("/pub/leaderboards")
                 .accept(MediaType.APPLICATION_JSON)
                 .retrieve()
-                .bodyToMono(ChesscomLeaderboards::class.java) // TODO onError
-                .block()
+                .body(ChesscomLeaderboards::class.java) // TODO onError
         } catch (throwable: Throwable){
             return Exception("Exception chesscom findTopAccounts", throwable)
         }