From 8415ec39a2f0714df42eb0fb78805e93c3f0c5a7 Mon Sep 17 00:00:00 2001
From: Charles Gould <charles@gould.dev>
Date: Sat, 11 May 2019 22:46:56 -0400
Subject: [PATCH] HTTPS redirect on heroku

---
 pom.xml                                         |  4 ++--
 server/pom.xml                                  | 10 ++++++++++
 .../charego/lingo/server/WebSecurityConfig.java | 17 +++++++++++++++++
 3 files changed, 29 insertions(+), 2 deletions(-)
 create mode 100644 server/src/main/java/com/charego/lingo/server/WebSecurityConfig.java

diff --git a/pom.xml b/pom.xml
index 1ae56d4..640651b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>2.1.2.RELEASE</version>
+		<version>2.1.4.RELEASE</version>
 	</parent>
 
 	<groupId>com.charego</groupId>
@@ -17,7 +17,7 @@
 
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-		<java.version>1.8</java.version>
+		<java.version>11</java.version>
 	</properties>
 
 	<modules>
diff --git a/server/pom.xml b/server/pom.xml
index 8388075..df0a1f7 100644
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -24,6 +24,16 @@
 			<artifactId>spring-boot-starter-websocket</artifactId>
 		</dependency>
 
+		<!-- Security -->
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-config</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-web</artifactId>
+		</dependency>
+
 		<!-- Development Tools -->
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
diff --git a/server/src/main/java/com/charego/lingo/server/WebSecurityConfig.java b/server/src/main/java/com/charego/lingo/server/WebSecurityConfig.java
new file mode 100644
index 0000000..ae7caab
--- /dev/null
+++ b/server/src/main/java/com/charego/lingo/server/WebSecurityConfig.java
@@ -0,0 +1,17 @@
+package com.charego.lingo.server;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.util.matcher.RequestMatcher;
+
+@Configuration
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    private RequestMatcher proxyRequest = r -> r.getHeader("X-Forwarded-Proto") != null;
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.requiresChannel().requestMatchers(proxyRequest).requiresSecure();
+    }
+}