Merge branch 'master' of github.com:esensar/steleks_backend
commit
2457f5d479
|
@ -28,7 +28,7 @@ dependencies {
|
|||
compile('org.springframework.boot:spring-boot-starter-web')
|
||||
compile('org.springframework.cloud:spring-cloud-starter-eureka')
|
||||
testCompile('org.springframework.cloud:spring-cloud-starter-eureka-server')
|
||||
testCompile('rg.springframework.boot:spring-boot-starter-test')
|
||||
testCompile('org.springframework.boot:spring-boot-starter-test')
|
||||
}
|
||||
|
||||
dependencyManagement {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#Tue Mar 28 22:00:42 CEST 2017
|
||||
#Sun Jan 14 12:04:15 CET 2018
|
||||
distributionBase=GRADLE_USER_HOME
|
||||
distributionPath=wrapper/dists
|
||||
zipStoreBase=GRADLE_USER_HOME
|
||||
zipStorePath=wrapper/dists
|
||||
distributionUrl=https\://services.gradle.org/distributions/gradle-3.3-bin.zip
|
||||
distributionUrl=https\://services.gradle.org/distributions/gradle-3.3-all.zip
|
||||
|
|
|
@ -3,6 +3,7 @@ package ba.steleks;
|
|||
import ba.steleks.security.SteleksUsersDetailsService;
|
||||
import ba.steleks.security.token.HashTokenEncoder;
|
||||
import ba.steleks.security.token.TokenEncoder;
|
||||
import ba.steleks.security.AutowireHelper;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
|
|
|
@ -0,0 +1,22 @@
|
|||
package ba.steleks.controller;
|
||||
|
||||
import ba.steleks.model.User;
|
||||
import org.bouncycastle.crypto.generators.BCrypt;
|
||||
import org.springframework.data.rest.webmvc.RepositoryRestController;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
|
||||
import javax.ws.rs.HttpMethod;
|
||||
|
||||
@RepositoryRestController
|
||||
public class UsersController {
|
||||
|
||||
|
||||
|
||||
// @RequestMapping(HttpMethod.POST)
|
||||
// public ResponseEntity<?> register(@RequestBody User newUser){
|
||||
// return null;
|
||||
// }
|
||||
|
||||
}
|
|
@ -0,0 +1,45 @@
|
|||
package ba.steleks.security;
|
||||
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.context.ApplicationContextAware;
|
||||
|
||||
/**
|
||||
* Helper class which is able to autowire a specified class. It holds a static reference to the {@link org
|
||||
* .springframework.context.ApplicationContext}.
|
||||
*/
|
||||
public final class AutowireHelper implements ApplicationContextAware {
|
||||
|
||||
private static final AutowireHelper INSTANCE = new AutowireHelper();
|
||||
private static ApplicationContext applicationContext;
|
||||
|
||||
private AutowireHelper() {
|
||||
}
|
||||
|
||||
/**
|
||||
* Tries to autowire the specified instance of the class if one of the specified beans which need to be autowired
|
||||
* are null.
|
||||
*
|
||||
* @param classToAutowire the instance of the class which holds @Autowire annotations
|
||||
* @param beansToAutowireInClass the beans which have the @Autowire annotation in the specified {#classToAutowire}
|
||||
*/
|
||||
public static void autowire(Object classToAutowire, Object... beansToAutowireInClass) {
|
||||
for (Object bean : beansToAutowireInClass) {
|
||||
if (bean == null) {
|
||||
applicationContext.getAutowireCapableBeanFactory().autowireBean(classToAutowire);
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setApplicationContext(final ApplicationContext applicationContext) {
|
||||
AutowireHelper.applicationContext = applicationContext;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the singleton instance.
|
||||
*/
|
||||
public static AutowireHelper getInstance() {
|
||||
return INSTANCE;
|
||||
}
|
||||
}
|
|
@ -7,7 +7,6 @@ package ba.steleks.security;
|
|||
import ba.steleks.repository.UsersJpaRepository;
|
||||
import ba.steleks.security.token.TokenStore;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
|
@ -17,6 +16,8 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
|
|||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
@ComponentScan("org.baeldung.security")
|
||||
|
@ -44,11 +45,14 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.csrf().disable().authorizeRequests()
|
||||
.antMatchers("/accesstoken", "/accesstoken/**", "/").permitAll()
|
||||
.antMatchers(HttpMethod.POST, "/users").permitAll()
|
||||
.antMatchers("/accesstoken", "/accesstoken/**", "/", "/register").permitAll()
|
||||
.antMatchers(HttpMethod.POST,"/users").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.addFilterBefore(new AuthenticationFilter(tokenStore, usersJpaRepository), CustomUrlUsernamePasswordAuthenticationFilter.class);
|
||||
.addFilterBefore(
|
||||
new AuthenticationFilter(tokenStore, usersJpaRepository),
|
||||
CustomUrlUsernamePasswordAuthenticationFilter.class
|
||||
);
|
||||
}
|
||||
|
||||
}
|
|
@ -1,12 +1,18 @@
|
|||
package ba.steleks.security;
|
||||
|
||||
import ba.steleks.model.User;
|
||||
import ba.steleks.model.UserRole;
|
||||
import ba.steleks.repository.UsersJpaRepository;
|
||||
import ba.steleks.security.token.TokenStore;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.lang.reflect.Array;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* Created by ensar on 28/05/17.
|
||||
|
@ -30,6 +36,7 @@ public class TokenAuthenticationService {
|
|||
User user = usersJpaRepository.findOne(userId);
|
||||
if(user != null) {
|
||||
System.out.println("Found token... userId: " + userId);
|
||||
List<GrantedAuthority> userRole=UserRoleFactory.toGrantedAuthorities(user.getUserRoles());
|
||||
return new UsernamePasswordAuthenticationToken(user.getUsername(), null,
|
||||
UserRoleFactory.toGrantedAuthorities(user.getUserRoles()));
|
||||
} else {
|
||||
|
|
|
@ -3,10 +3,8 @@ package ba.steleks.security;
|
|||
import ba.steleks.AutowireHelper;
|
||||
import ba.steleks.model.User;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
|
||||
|
||||
import javax.persistence.PrePersist;
|
||||
import javax.persistence.PreUpdate;
|
||||
|
@ -21,11 +19,12 @@ public class UserPasswordEntityListener {
|
|||
@Autowired
|
||||
private PasswordEncoder passwordEncoder;
|
||||
|
||||
|
||||
@PrePersist
|
||||
@PreUpdate
|
||||
public void onUserUpdate(User user) {
|
||||
AutowireHelper.autowire(this, passwordEncoder);
|
||||
if(user.getPassword() != null) {
|
||||
AutowireHelper.autowire(this, this.passwordEncoder);
|
||||
if (user.getPassword() != null) {
|
||||
user.setPasswordHash(passwordEncoder.encode(user.getPassword()));
|
||||
}
|
||||
}
|
||||
|
|
|
@ -39,6 +39,7 @@ public class UserRoleFactory {
|
|||
.stream()
|
||||
// get role name
|
||||
.map(UserRole::getRoleName)
|
||||
.map(role -> role != null && role.isEmpty() ? "ROLE_" + role : role)
|
||||
// create authority
|
||||
.map(SimpleGrantedAuthority::new)
|
||||
.collect(Collectors.toList());
|
||||
|
|
Reference in New Issue