parent
0fee973923
commit
a0db1a1631
|
|
@ -28,7 +28,7 @@ dependencies {
|
||||||
compile('org.springframework.boot:spring-boot-starter-web')
|
compile('org.springframework.boot:spring-boot-starter-web')
|
||||||
compile('org.springframework.cloud:spring-cloud-starter-eureka')
|
compile('org.springframework.cloud:spring-cloud-starter-eureka')
|
||||||
testCompile('org.springframework.cloud:spring-cloud-starter-eureka-server')
|
testCompile('org.springframework.cloud:spring-cloud-starter-eureka-server')
|
||||||
testCompile('org.springframework.boot:spring-boot-starter-test')
|
testCompile('rg.springframework.boot:spring-boot-starter-test')
|
||||||
}
|
}
|
||||||
|
|
||||||
dependencyManagement {
|
dependencyManagement {
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
#Sun Jan 14 12:04:15 CET 2018
|
#Tue Mar 28 22:00:42 CEST 2017
|
||||||
distributionBase=GRADLE_USER_HOME
|
distributionBase=GRADLE_USER_HOME
|
||||||
distributionPath=wrapper/dists
|
distributionPath=wrapper/dists
|
||||||
zipStoreBase=GRADLE_USER_HOME
|
zipStoreBase=GRADLE_USER_HOME
|
||||||
zipStorePath=wrapper/dists
|
zipStorePath=wrapper/dists
|
||||||
distributionUrl=https\://services.gradle.org/distributions/gradle-3.3-all.zip
|
distributionUrl=https\://services.gradle.org/distributions/gradle-3.3-bin.zip
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,6 @@ package ba.steleks;
|
||||||
import ba.steleks.security.SteleksUsersDetailsService;
|
import ba.steleks.security.SteleksUsersDetailsService;
|
||||||
import ba.steleks.security.token.HashTokenEncoder;
|
import ba.steleks.security.token.HashTokenEncoder;
|
||||||
import ba.steleks.security.token.TokenEncoder;
|
import ba.steleks.security.token.TokenEncoder;
|
||||||
import ba.steleks.security.AutowireHelper;
|
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||||
|
|
|
||||||
|
|
@ -1,22 +0,0 @@
|
||||||
package ba.steleks.controller;
|
|
||||||
|
|
||||||
import ba.steleks.model.User;
|
|
||||||
import org.bouncycastle.crypto.generators.BCrypt;
|
|
||||||
import org.springframework.data.rest.webmvc.RepositoryRestController;
|
|
||||||
import org.springframework.http.ResponseEntity;
|
|
||||||
import org.springframework.web.bind.annotation.RequestBody;
|
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
|
||||||
|
|
||||||
import javax.ws.rs.HttpMethod;
|
|
||||||
|
|
||||||
@RepositoryRestController
|
|
||||||
public class UsersController {
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// @RequestMapping(HttpMethod.POST)
|
|
||||||
// public ResponseEntity<?> register(@RequestBody User newUser){
|
|
||||||
// return null;
|
|
||||||
// }
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
@ -1,45 +0,0 @@
|
||||||
package ba.steleks.security;
|
|
||||||
|
|
||||||
import org.springframework.context.ApplicationContext;
|
|
||||||
import org.springframework.context.ApplicationContextAware;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Helper class which is able to autowire a specified class. It holds a static reference to the {@link org
|
|
||||||
* .springframework.context.ApplicationContext}.
|
|
||||||
*/
|
|
||||||
public final class AutowireHelper implements ApplicationContextAware {
|
|
||||||
|
|
||||||
private static final AutowireHelper INSTANCE = new AutowireHelper();
|
|
||||||
private static ApplicationContext applicationContext;
|
|
||||||
|
|
||||||
private AutowireHelper() {
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Tries to autowire the specified instance of the class if one of the specified beans which need to be autowired
|
|
||||||
* are null.
|
|
||||||
*
|
|
||||||
* @param classToAutowire the instance of the class which holds @Autowire annotations
|
|
||||||
* @param beansToAutowireInClass the beans which have the @Autowire annotation in the specified {#classToAutowire}
|
|
||||||
*/
|
|
||||||
public static void autowire(Object classToAutowire, Object... beansToAutowireInClass) {
|
|
||||||
for (Object bean : beansToAutowireInClass) {
|
|
||||||
if (bean == null) {
|
|
||||||
applicationContext.getAutowireCapableBeanFactory().autowireBean(classToAutowire);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void setApplicationContext(final ApplicationContext applicationContext) {
|
|
||||||
AutowireHelper.applicationContext = applicationContext;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @return the singleton instance.
|
|
||||||
*/
|
|
||||||
public static AutowireHelper getInstance() {
|
|
||||||
return INSTANCE;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -7,6 +7,7 @@ package ba.steleks.security;
|
||||||
import ba.steleks.repository.UsersJpaRepository;
|
import ba.steleks.repository.UsersJpaRepository;
|
||||||
import ba.steleks.security.token.TokenStore;
|
import ba.steleks.security.token.TokenStore;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.ComponentScan;
|
import org.springframework.context.annotation.ComponentScan;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.http.HttpMethod;
|
import org.springframework.http.HttpMethod;
|
||||||
|
|
@ -16,8 +17,6 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||||
|
|
||||||
import java.lang.reflect.Method;
|
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
@ComponentScan("org.baeldung.security")
|
@ComponentScan("org.baeldung.security")
|
||||||
|
|
@ -45,14 +44,11 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http.csrf().disable().authorizeRequests()
|
http.csrf().disable().authorizeRequests()
|
||||||
.antMatchers("/accesstoken", "/accesstoken/**", "/", "/register").permitAll()
|
.antMatchers("/accesstoken", "/accesstoken/**", "/").permitAll()
|
||||||
.antMatchers(HttpMethod.POST, "/users").permitAll()
|
.antMatchers(HttpMethod.POST, "/users").permitAll()
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
.and()
|
.and()
|
||||||
.addFilterBefore(
|
.addFilterBefore(new AuthenticationFilter(tokenStore, usersJpaRepository), CustomUrlUsernamePasswordAuthenticationFilter.class);
|
||||||
new AuthenticationFilter(tokenStore, usersJpaRepository),
|
|
||||||
CustomUrlUsernamePasswordAuthenticationFilter.class
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
@ -1,18 +1,12 @@
|
||||||
package ba.steleks.security;
|
package ba.steleks.security;
|
||||||
|
|
||||||
import ba.steleks.model.User;
|
import ba.steleks.model.User;
|
||||||
import ba.steleks.model.UserRole;
|
|
||||||
import ba.steleks.repository.UsersJpaRepository;
|
import ba.steleks.repository.UsersJpaRepository;
|
||||||
import ba.steleks.security.token.TokenStore;
|
import ba.steleks.security.token.TokenStore;
|
||||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||||
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import java.lang.reflect.Array;
|
|
||||||
import java.util.Arrays;
|
|
||||||
import java.util.List;
|
|
||||||
import java.util.Set;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Created by ensar on 28/05/17.
|
* Created by ensar on 28/05/17.
|
||||||
|
|
@ -36,7 +30,6 @@ public class TokenAuthenticationService {
|
||||||
User user = usersJpaRepository.findOne(userId);
|
User user = usersJpaRepository.findOne(userId);
|
||||||
if(user != null) {
|
if(user != null) {
|
||||||
System.out.println("Found token... userId: " + userId);
|
System.out.println("Found token... userId: " + userId);
|
||||||
List<GrantedAuthority> userRole=UserRoleFactory.toGrantedAuthorities(user.getUserRoles());
|
|
||||||
return new UsernamePasswordAuthenticationToken(user.getUsername(), null,
|
return new UsernamePasswordAuthenticationToken(user.getUsername(), null,
|
||||||
UserRoleFactory.toGrantedAuthorities(user.getUserRoles()));
|
UserRoleFactory.toGrantedAuthorities(user.getUserRoles()));
|
||||||
} else {
|
} else {
|
||||||
|
|
|
||||||
|
|
@ -3,8 +3,10 @@ package ba.steleks.security;
|
||||||
import ba.steleks.AutowireHelper;
|
import ba.steleks.AutowireHelper;
|
||||||
import ba.steleks.model.User;
|
import ba.steleks.model.User;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.context.ApplicationContext;
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
|
||||||
|
|
||||||
import javax.persistence.PrePersist;
|
import javax.persistence.PrePersist;
|
||||||
import javax.persistence.PreUpdate;
|
import javax.persistence.PreUpdate;
|
||||||
|
|
@ -19,11 +21,10 @@ public class UserPasswordEntityListener {
|
||||||
@Autowired
|
@Autowired
|
||||||
private PasswordEncoder passwordEncoder;
|
private PasswordEncoder passwordEncoder;
|
||||||
|
|
||||||
|
|
||||||
@PrePersist
|
@PrePersist
|
||||||
@PreUpdate
|
@PreUpdate
|
||||||
public void onUserUpdate(User user) {
|
public void onUserUpdate(User user) {
|
||||||
AutowireHelper.autowire(this, this.passwordEncoder);
|
AutowireHelper.autowire(this, passwordEncoder);
|
||||||
if(user.getPassword() != null) {
|
if(user.getPassword() != null) {
|
||||||
user.setPasswordHash(passwordEncoder.encode(user.getPassword()));
|
user.setPasswordHash(passwordEncoder.encode(user.getPassword()));
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -39,7 +39,6 @@ public class UserRoleFactory {
|
||||||
.stream()
|
.stream()
|
||||||
// get role name
|
// get role name
|
||||||
.map(UserRole::getRoleName)
|
.map(UserRole::getRoleName)
|
||||||
.map(role -> role != null && role.isEmpty() ? "ROLE_" + role : role)
|
|
||||||
// create authority
|
// create authority
|
||||||
.map(SimpleGrantedAuthority::new)
|
.map(SimpleGrantedAuthority::new)
|
||||||
.collect(Collectors.toList());
|
.collect(Collectors.toList());
|
||||||
|
|
|
||||||
Reference in New Issue