From 1edf882572ec518128305058468637a85d13615c Mon Sep 17 00:00:00 2001
From: Juan <112003348+juanescan@users.noreply.github.com>
Date: Wed, 21 May 2025 00:32:55 -0500
Subject: [PATCH 1/5] autenticacion hecha
---
pom.xml | 9 +++++++
.../pintudos/game/config/SecurityConfig.java | 24 +++++++------------
src/main/resources/application.properties | 11 +++++++++
3 files changed, 29 insertions(+), 15 deletions(-)
diff --git a/pom.xml b/pom.xml
index 738e9d5..5db0480 100644
--- a/pom.xml
+++ b/pom.xml
@@ -69,6 +69,15 @@
spring-data-mongodb
+
+ org.springframework.boot
+ spring-boot-starter-oauth2-client
+
+
+ org.springframework.boot
+ spring-boot-starter-security
+
+
diff --git a/src/main/java/pintudos/game/config/SecurityConfig.java b/src/main/java/pintudos/game/config/SecurityConfig.java
index 700ebb8..3c0e64c 100644
--- a/src/main/java/pintudos/game/config/SecurityConfig.java
+++ b/src/main/java/pintudos/game/config/SecurityConfig.java
@@ -14,23 +14,17 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
.cors()
.and()
.csrf()
- .disable() // Necesario para SockJS
- .authorizeHttpRequests(authz ->
- authz
+ .disable() // Recomendado si usas WebSockets o APIs sin cookies
+ .authorizeHttpRequests(authz -> authz
.requestMatchers(
- "/game/**", // SockJS handshake y WebSocket transport
- "/ws/**", // Si usas /ws como endpoint de registro STOMP
- "/topic/**", // Canal de suscripciones
- "/app/**" // Canal de envío desde el cliente
- )
- .permitAll()
- .anyRequest()
- .authenticated() // El resto necesita auth
+ "/", "/login/**", "/error", "/css/**", "/js/**"
+ ).permitAll() // Archivos públicos
+ .requestMatchers(
+ "/ws/**", "/game/**", "/app/**", "/topic/**"
+ ).authenticated() // Requieren login
+ .anyRequest().authenticated()
)
- .formLogin()
- .disable()
- .httpBasic()
- .disable();
+ .oauth2Login(); // Habilita login con Google
return http.build();
}
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 438f7c9..5f6db6e 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,2 +1,13 @@
+# Nombre de la aplicación y conexión a Mongo (ya existente)
spring.application.name=game
spring.data.mongodb.uri=mongodb+srv://diego:marzo245@universidad.lavtxfi.mongodb.net/pintudos?retryWrites=true&w=majority
+
+# Configuración de autenticación con Google
+spring.security.oauth2.client.registration.google.client-id=186447712086-73urgfm1lll5069lh18ed9venvnsr5an.apps.googleusercontent.com
+spring.security.oauth2.client.registration.google.client-secret=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
+spring.security.oauth2.client.registration.google.scope=profile,email
+
+spring.security.oauth2.client.provider.google.authorization-uri=https://accounts.google.com/o/oauth2/auth
+spring.security.oauth2.client.provider.google.token-uri=https://oauth2.googleapis.com/token
+spring.security.oauth2.client.provider.google.user-info-uri=https://www.googleapis.com/oauth2/v3/userinfo
+spring.security.oauth2.client.provider.google.user-name-attribute=sub
From ccd55b928474d396deef4e8d4281bc30282d3ece Mon Sep 17 00:00:00 2001
From: Juan <112003348+juanescan@users.noreply.github.com>
Date: Wed, 21 May 2025 01:02:16 -0500
Subject: [PATCH 2/5] Update application.properties
---
src/main/resources/application.properties | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 5f6db6e..fcf6308 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -3,8 +3,8 @@ spring.application.name=game
spring.data.mongodb.uri=mongodb+srv://diego:marzo245@universidad.lavtxfi.mongodb.net/pintudos?retryWrites=true&w=majority
# Configuración de autenticación con Google
-spring.security.oauth2.client.registration.google.client-id=186447712086-73urgfm1lll5069lh18ed9venvnsr5an.apps.googleusercontent.com
-spring.security.oauth2.client.registration.google.client-secret=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
+spring.security.oauth2.client.registration.google.client-id=hola
+spring.security.oauth2.client.registration.google.client-secret=saludos
spring.security.oauth2.client.registration.google.scope=profile,email
spring.security.oauth2.client.provider.google.authorization-uri=https://accounts.google.com/o/oauth2/auth
From 53e2a10191ca9deae17467b58bc3f376c5529204 Mon Sep 17 00:00:00 2001
From: Juan <112003348+juanescan@users.noreply.github.com>
Date: Wed, 21 May 2025 01:03:20 -0500
Subject: [PATCH 3/5] Update application.properties
---
src/main/resources/application.properties | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index fcf6308..5f6db6e 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -3,8 +3,8 @@ spring.application.name=game
spring.data.mongodb.uri=mongodb+srv://diego:marzo245@universidad.lavtxfi.mongodb.net/pintudos?retryWrites=true&w=majority
# Configuración de autenticación con Google
-spring.security.oauth2.client.registration.google.client-id=hola
-spring.security.oauth2.client.registration.google.client-secret=saludos
+spring.security.oauth2.client.registration.google.client-id=186447712086-73urgfm1lll5069lh18ed9venvnsr5an.apps.googleusercontent.com
+spring.security.oauth2.client.registration.google.client-secret=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
spring.security.oauth2.client.registration.google.scope=profile,email
spring.security.oauth2.client.provider.google.authorization-uri=https://accounts.google.com/o/oauth2/auth
From 8eb91f079829e706ded8a03a092584dab1ab1b7f Mon Sep 17 00:00:00 2001
From: Juan <112003348+juanescan@users.noreply.github.com>
Date: Wed, 21 May 2025 01:37:28 -0500
Subject: [PATCH 4/5] Update WebConfig.java
---
src/main/java/pintudos/game/config/WebConfig.java | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/main/java/pintudos/game/config/WebConfig.java b/src/main/java/pintudos/game/config/WebConfig.java
index 08f9942..960f8db 100644
--- a/src/main/java/pintudos/game/config/WebConfig.java
+++ b/src/main/java/pintudos/game/config/WebConfig.java
@@ -17,7 +17,8 @@ public void addCorsMappings(CorsRegistry registry) {
.addMapping("/**")
.allowedOrigins("http://localhost:5173", "http://localhost:3000") // Especificar frontend
.allowedMethods("*")
- .allowedHeaders("*"); // Habilitar credenciales
+ .allowedHeaders("*")
+ .allowCredentials(true); // Habilitar credenciales
}
};
}
From ca8b5ceb00774d5be2219005c826d1ebe9da5dad Mon Sep 17 00:00:00 2001
From: Lattes_and_Cream
Date: Wed, 21 May 2025 14:49:34 -0500
Subject: [PATCH 5/5] Conexion a ws solucionada
---
.../pintudos/game/config/SecurityConfig.java | 44 +++++++++++--------
.../java/pintudos/game/config/WebConfig.java | 11 ++---
2 files changed, 31 insertions(+), 24 deletions(-)
diff --git a/src/main/java/pintudos/game/config/SecurityConfig.java b/src/main/java/pintudos/game/config/SecurityConfig.java
index 3c0e64c..51f4de4 100644
--- a/src/main/java/pintudos/game/config/SecurityConfig.java
+++ b/src/main/java/pintudos/game/config/SecurityConfig.java
@@ -8,24 +8,30 @@
@Configuration
public class SecurityConfig {
- @Bean
- public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
- http
- .cors()
- .and()
- .csrf()
- .disable() // Recomendado si usas WebSockets o APIs sin cookies
- .authorizeHttpRequests(authz -> authz
- .requestMatchers(
- "/", "/login/**", "/error", "/css/**", "/js/**"
- ).permitAll() // Archivos públicos
- .requestMatchers(
- "/ws/**", "/game/**", "/app/**", "/topic/**"
- ).authenticated() // Requieren login
- .anyRequest().authenticated()
- )
- .oauth2Login(); // Habilita login con Google
+ @Bean
+ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+ http
+ .cors()
+ .and()
+ .csrf()
+ .disable()
+ .authorizeHttpRequests(authz -> authz
+ // Permite acceso sin autenticación a los endpoints SockJS
+ .requestMatchers(
+ "/game", "/game/**", "/game/info/**"
+ ).permitAll()
+ // Archivos públicos
+ .requestMatchers(
+ "/", "/login/", "/error", "/css/", "/js/"
+ ).permitAll()
+ // Endpoints que requieren autenticación
+ .requestMatchers(
+ "/app/**", "/topic/**"
+ ).authenticated()
+ .anyRequest().authenticated()
+ )
+ .oauth2Login();
- return http.build();
- }
+ return http.build();
+ }
}
diff --git a/src/main/java/pintudos/game/config/WebConfig.java b/src/main/java/pintudos/game/config/WebConfig.java
index 960f8db..6d09379 100644
--- a/src/main/java/pintudos/game/config/WebConfig.java
+++ b/src/main/java/pintudos/game/config/WebConfig.java
@@ -14,11 +14,12 @@ public WebMvcConfigurer corsConfigurer() {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry
- .addMapping("/**")
- .allowedOrigins("http://localhost:5173", "http://localhost:3000") // Especificar frontend
- .allowedMethods("*")
- .allowedHeaders("*")
- .allowCredentials(true); // Habilitar credenciales
+ .addMapping("/**")
+ .allowedOrigins("http://localhost:5173", "http://localhost:3000")
+ .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
+ .allowedHeaders("*")
+ .exposedHeaders("Set-Cookie", "Authorization")
+ .allowCredentials(true);
}
};
}