commit 46022abb71e2038a145cf54916e709b262ad8b90
author Matthias Andreas Benkard <code@mail.matthias.benkard.de> Sat Jul 17 21:29:32 2021 +0200
committer Matthias Andreas Benkard <code@mail.matthias.benkard.de> Sat Jul 17 21:29:32 2021 +0200
tree 5522aa9f77107b0220fc471fcae91fa7ba4113af
parent 181286a0e97aebbc910f883530a53f5ff1048a4c

KB66 Upgrade to Quarkus 2.0.2, fix authentication.

Change-Id: I251fbdbe915e32aaeb8daa087691853da17f4799

src/main/java/eu/mulk/mulkcms2/benki/login/RoleAugmentor.java

diff --git a/src/main/java/eu/mulk/mulkcms2/benki/login/RoleAugmentor.java b/src/main/java/eu/mulk/mulkcms2/benki/login/RoleAugmentor.java
index 3aafc0e..37d865f 100644
--- a/src/main/java/eu/mulk/mulkcms2/benki/login/RoleAugmentor.java
+++ b/src/main/java/eu/mulk/mulkcms2/benki/login/RoleAugmentor.java
@@ -30,7 +30,6 @@
     return augmentWithRoles(identity, context);
   }
 
-  @Transactional
   Uni<SecurityIdentity> augmentWithRoles(
       SecurityIdentity identity, AuthenticationRequestContext context) {
     return context.runBlocking(
@@ -41,6 +40,7 @@
   }
 
   @CacheResult(cacheName = "login-role-cache")
+  @Transactional
   Set<String> getUserLoginRoles(String userNickname) {
     var user = User.findByNicknameWithRoles(userNickname);
     return user.effectiveRoles.stream()

src/main/resources/application.properties

diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 53233ba..bbffd39 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -32,6 +32,7 @@
 quarkus.http.auth.proactive = true
 
 quarkus.oidc.auth-server-url = https://login.benkard.de/auth/realms/master
+quarkus.oidc.authentication.force-redirect-https-scheme = true
 quarkus.oidc.client-id = mulkcms
 quarkus.oidc.application-type = web-app
 quarkus.oidc.token.principal-claim = preferred_username