auth neki

common/build.gradle

@@ -28,7 +28,7 @@ dependencies {
 	compile('org.springframework.boot:spring-boot-starter-web')
 	compile('org.springframework.cloud:spring-cloud-starter-eureka')
 	testCompile('org.springframework.cloud:spring-cloud-starter-eureka-server')
-	testCompile('rg.springframework.boot:spring-boot-starter-test')
+	testCompile('org.springframework.boot:spring-boot-starter-test')
 }
 
 dependencyManagement {

gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,6 @@
-#Tue Mar 28 22:00:42 CEST 2017
+#Sun Jan 14 12:04:15 CET 2018
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-3.3-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-3.3-all.zip

users/src/main/java/ba/steleks/UsersConfig.java

@@ -3,6 +3,7 @@ package ba.steleks;
 import ba.steleks.security.SteleksUsersDetailsService;
 import ba.steleks.security.token.HashTokenEncoder;
 import ba.steleks.security.token.TokenEncoder;
+import ba.steleks.security.AutowireHelper;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.core.userdetails.UserDetailsService;

users/src/main/java/ba/steleks/controller/UsersController.java

@@ -0,0 +1,22 @@
+package ba.steleks.controller;
+
+import ba.steleks.model.User;
+import org.bouncycastle.crypto.generators.BCrypt;
+import org.springframework.data.rest.webmvc.RepositoryRestController;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+import javax.ws.rs.HttpMethod;
+
+@RepositoryRestController
+public class UsersController {
+
+
+
+//    @RequestMapping(HttpMethod.POST)
+//    public ResponseEntity<?> register(@RequestBody User newUser){
+//        return null;
+//    }
+
+}

users/src/main/java/ba/steleks/security/AutowireHelper.java

@@ -0,0 +1,45 @@
+package ba.steleks.security;
+
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.ApplicationContextAware;
+
+/**
+ * Helper class which is able to autowire a specified class. It holds a static reference to the {@link org
+ * .springframework.context.ApplicationContext}.
+ */
+public final class AutowireHelper implements ApplicationContextAware {
+
+    private static final AutowireHelper INSTANCE = new AutowireHelper();
+    private static ApplicationContext applicationContext;
+
+    private AutowireHelper() {
+    }
+
+    /**
+     * Tries to autowire the specified instance of the class if one of the specified beans which need to be autowired
+     * are null.
+     *
+     * @param classToAutowire        the instance of the class which holds @Autowire annotations
+     * @param beansToAutowireInClass the beans which have the @Autowire annotation in the specified {#classToAutowire}
+     */
+    public static void autowire(Object classToAutowire, Object... beansToAutowireInClass) {
+        for (Object bean : beansToAutowireInClass) {
+            if (bean == null) {
+                applicationContext.getAutowireCapableBeanFactory().autowireBean(classToAutowire);
+                return;
+            }
+        }
+    }
+
+    @Override
+    public void setApplicationContext(final ApplicationContext applicationContext) {
+        AutowireHelper.applicationContext = applicationContext;
+    }
+
+    /**
+     * @return the singleton instance.
+     */
+    public static AutowireHelper getInstance() {
+        return INSTANCE;
+    }
+}

users/src/main/java/ba/steleks/security/SecurityConfig.java

@@ -7,7 +7,6 @@ package ba.steleks.security;
 import ba.steleks.repository.UsersJpaRepository;
 import ba.steleks.security.token.TokenStore;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
@@ -17,6 +16,8 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.UserDetailsService;
 
+import java.lang.reflect.Method;
+
 @Configuration
 @EnableWebSecurity
 @ComponentScan("org.baeldung.security")
@@ -44,11 +45,14 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.csrf().disable().authorizeRequests()
-                .antMatchers("/accesstoken", "/accesstoken/**", "/").permitAll()
+                .antMatchers("/accesstoken", "/accesstoken/**", "/", "/register").permitAll()
                 .antMatchers(HttpMethod.POST,"/users").permitAll()
                 .anyRequest().authenticated()
                 .and()
-                .addFilterBefore(new AuthenticationFilter(tokenStore, usersJpaRepository), CustomUrlUsernamePasswordAuthenticationFilter.class);
+                .addFilterBefore(
+                        new AuthenticationFilter(tokenStore, usersJpaRepository),
+                        CustomUrlUsernamePasswordAuthenticationFilter.class
+                );
     }
 
 }

users/src/main/java/ba/steleks/security/TokenAuthenticationService.java

@@ -1,12 +1,18 @@
 package ba.steleks.security;
 
 import ba.steleks.model.User;
+import ba.steleks.model.UserRole;
 import ba.steleks.repository.UsersJpaRepository;
 import ba.steleks.security.token.TokenStore;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
 
 import javax.servlet.http.HttpServletRequest;
+import java.lang.reflect.Array;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Set;
 
 /**
  * Created by ensar on 28/05/17.
@@ -30,6 +36,7 @@ public class TokenAuthenticationService {
             User user = usersJpaRepository.findOne(userId);
             if(user != null) {
                 System.out.println("Found token... userId: " + userId);
+                List<GrantedAuthority> userRole=UserRoleFactory.toGrantedAuthorities(user.getUserRoles());
                 return new UsernamePasswordAuthenticationToken(user.getUsername(), null,
                         UserRoleFactory.toGrantedAuthorities(user.getUserRoles()));
             } else {

users/src/main/java/ba/steleks/security/UserPasswordEntityListener.java

@@ -3,10 +3,8 @@ package ba.steleks.security;
 import ba.steleks.AutowireHelper;
 import ba.steleks.model.User;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationContext;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Component;
-import org.springframework.web.context.support.SpringBeanAutowiringSupport;
 
 import javax.persistence.PrePersist;
 import javax.persistence.PreUpdate;
@@ -21,10 +19,11 @@ public class UserPasswordEntityListener {
     @Autowired
     private PasswordEncoder passwordEncoder;
 
+
     @PrePersist
     @PreUpdate
     public void onUserUpdate(User user) {
-        AutowireHelper.autowire(this, passwordEncoder);
+        AutowireHelper.autowire(this, this.passwordEncoder);
         if (user.getPassword() != null) {
             user.setPasswordHash(passwordEncoder.encode(user.getPassword()));
         }

users/src/main/java/ba/steleks/security/UserRoleFactory.java

@@ -39,6 +39,7 @@ public class UserRoleFactory {
                 .stream()
                 // get role name
                 .map(UserRole::getRoleName)
+                .map(role -> role != null && role.isEmpty() ? "ROLE_" + role : role)
                 // create authority
                 .map(SimpleGrantedAuthority::new)
                 .collect(Collectors.toList());