From 9d76e78393c671fbfb9e33ac886af0fb94082ded Mon Sep 17 00:00:00 2001
From: Jonathan Christison <jochrist@redhat.com>
Date: Wed, 21 Jun 2023 15:11:42 +0100
Subject: [PATCH] Disable Kerberos and other Auths in dev profile

Added a /ping endpoint to return "pong", this should help test auth

If in dev:

* Disables kerberos specific endpoint (runtime injection issues)
* Disable Security altogether
---
 src/main/java/rest/UsersResource.java     |  4 +++-
 src/main/resources/application.properties | 15 +++++++++++++--
 2 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/src/main/java/rest/UsersResource.java b/src/main/java/rest/UsersResource.java
index f68ce18..e62f7ef 100644
--- a/src/main/java/rest/UsersResource.java
+++ b/src/main/java/rest/UsersResource.java
@@ -2,6 +2,7 @@ package rest;
 
 import dto.ConnectDB;
 import dto.ScanObj;
+import io.quarkus.arc.profile.UnlessBuildProfile;
 import io.quarkiverse.kerberos.KerberosPrincipal;
 import io.quarkus.security.Authenticated;
 import io.quarkus.security.identity.SecurityIdentity;
@@ -19,6 +20,7 @@ import java.util.LinkedHashMap;
 import java.util.Set;
 import javax.ws.rs.Produces;
 
+@UnlessBuildProfile("dev")
 @Path("/testKerberos")
 @Authenticated
 public class UsersResource {
@@ -33,4 +35,4 @@ public class UsersResource {
     public String me() {
         return identity.getPrincipal().getName();
     }
-}
\ No newline at end of file
+}
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 5edad7b..3d48226 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -7,8 +7,19 @@
 
 # quarkus.hibernate-orm.database.generation=drop-and-create
 
-%dev.quarkus.kerberos.keytab-path= HTTP_osh-pct-security-tooling.apps.ocp-c1.prod.psi.redhat.com@IPA.REDHAT.COM.keytab
-%dev.quarkus.kerberos.service-principal-name= HTTP/osh-pct-security-tooling.apps.ocp-c1.prod.psi.redhat.com@IPA.REDHAT.COM
+#temporary fix, we need to enable it with a working devservices setup
+%dev.quarkus.kerberos.enabled=false
+%dev.quarkus.security.auth.enabled-in-dev-mode=false
+#Also tried
+#%dev.quarkus.security.enabled=false
+#%dev.quarkus.http.auth.proactive=false
+#%dev.quarkus.http.auth.basic=false
+#%dev.quarkus.http.auth.permission.permit1.paths=/Ping/Ping
+#%dev.quarkus.http.auth.permission.permit1.policy=permit
+#%dev.quarkus.http.auth.permission.permit1.methods=GET,HEAD
+#%quarkus.arc.unremovable-types=io.quarkiverse.kerberos.*,io.quarkiverse.kerberos.KerberosPrincipal
+#%dev.quarkus.kerberos.keytab-path= HTTP_osh-pct-security-tooling.apps.ocp-c1.prod.psi.redhat.com@IPA.REDHAT.COM.keytab
+#%dev.quarkus.kerberos.service-principal-name= HTTP/osh-pct-security-tooling.apps.ocp-c1.prod.psi.redhat.com@IPA.REDHAT.COM
 
 %stage.quarkus.openshift.name=osh
 %stage.quarkus.openshift.labels.env=stage