auth neki
parent
636846bd55
commit
c056c63733
|
@ -28,7 +28,7 @@ dependencies {
|
||||||
compile('org.springframework.boot:spring-boot-starter-web')
|
compile('org.springframework.boot:spring-boot-starter-web')
|
||||||
compile('org.springframework.cloud:spring-cloud-starter-eureka')
|
compile('org.springframework.cloud:spring-cloud-starter-eureka')
|
||||||
testCompile('org.springframework.cloud:spring-cloud-starter-eureka-server')
|
testCompile('org.springframework.cloud:spring-cloud-starter-eureka-server')
|
||||||
testCompile('rg.springframework.boot:spring-boot-starter-test')
|
testCompile('org.springframework.boot:spring-boot-starter-test')
|
||||||
}
|
}
|
||||||
|
|
||||||
dependencyManagement {
|
dependencyManagement {
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
#Tue Mar 28 22:00:42 CEST 2017
|
#Sun Jan 14 12:04:15 CET 2018
|
||||||
distributionBase=GRADLE_USER_HOME
|
distributionBase=GRADLE_USER_HOME
|
||||||
distributionPath=wrapper/dists
|
distributionPath=wrapper/dists
|
||||||
zipStoreBase=GRADLE_USER_HOME
|
zipStoreBase=GRADLE_USER_HOME
|
||||||
zipStorePath=wrapper/dists
|
zipStorePath=wrapper/dists
|
||||||
distributionUrl=https\://services.gradle.org/distributions/gradle-3.3-bin.zip
|
distributionUrl=https\://services.gradle.org/distributions/gradle-3.3-all.zip
|
||||||
|
|
|
@ -3,6 +3,7 @@ package ba.steleks;
|
||||||
import ba.steleks.security.SteleksUsersDetailsService;
|
import ba.steleks.security.SteleksUsersDetailsService;
|
||||||
import ba.steleks.security.token.HashTokenEncoder;
|
import ba.steleks.security.token.HashTokenEncoder;
|
||||||
import ba.steleks.security.token.TokenEncoder;
|
import ba.steleks.security.token.TokenEncoder;
|
||||||
|
import ba.steleks.security.AutowireHelper;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||||
|
|
|
@ -0,0 +1,22 @@
|
||||||
|
package ba.steleks.controller;
|
||||||
|
|
||||||
|
import ba.steleks.model.User;
|
||||||
|
import org.bouncycastle.crypto.generators.BCrypt;
|
||||||
|
import org.springframework.data.rest.webmvc.RepositoryRestController;
|
||||||
|
import org.springframework.http.ResponseEntity;
|
||||||
|
import org.springframework.web.bind.annotation.RequestBody;
|
||||||
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
|
|
||||||
|
import javax.ws.rs.HttpMethod;
|
||||||
|
|
||||||
|
@RepositoryRestController
|
||||||
|
public class UsersController {
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
// @RequestMapping(HttpMethod.POST)
|
||||||
|
// public ResponseEntity<?> register(@RequestBody User newUser){
|
||||||
|
// return null;
|
||||||
|
// }
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,45 @@
|
||||||
|
package ba.steleks.security;
|
||||||
|
|
||||||
|
import org.springframework.context.ApplicationContext;
|
||||||
|
import org.springframework.context.ApplicationContextAware;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Helper class which is able to autowire a specified class. It holds a static reference to the {@link org
|
||||||
|
* .springframework.context.ApplicationContext}.
|
||||||
|
*/
|
||||||
|
public final class AutowireHelper implements ApplicationContextAware {
|
||||||
|
|
||||||
|
private static final AutowireHelper INSTANCE = new AutowireHelper();
|
||||||
|
private static ApplicationContext applicationContext;
|
||||||
|
|
||||||
|
private AutowireHelper() {
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Tries to autowire the specified instance of the class if one of the specified beans which need to be autowired
|
||||||
|
* are null.
|
||||||
|
*
|
||||||
|
* @param classToAutowire the instance of the class which holds @Autowire annotations
|
||||||
|
* @param beansToAutowireInClass the beans which have the @Autowire annotation in the specified {#classToAutowire}
|
||||||
|
*/
|
||||||
|
public static void autowire(Object classToAutowire, Object... beansToAutowireInClass) {
|
||||||
|
for (Object bean : beansToAutowireInClass) {
|
||||||
|
if (bean == null) {
|
||||||
|
applicationContext.getAutowireCapableBeanFactory().autowireBean(classToAutowire);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void setApplicationContext(final ApplicationContext applicationContext) {
|
||||||
|
AutowireHelper.applicationContext = applicationContext;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return the singleton instance.
|
||||||
|
*/
|
||||||
|
public static AutowireHelper getInstance() {
|
||||||
|
return INSTANCE;
|
||||||
|
}
|
||||||
|
}
|
|
@ -7,7 +7,6 @@ package ba.steleks.security;
|
||||||
import ba.steleks.repository.UsersJpaRepository;
|
import ba.steleks.repository.UsersJpaRepository;
|
||||||
import ba.steleks.security.token.TokenStore;
|
import ba.steleks.security.token.TokenStore;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.context.annotation.Bean;
|
|
||||||
import org.springframework.context.annotation.ComponentScan;
|
import org.springframework.context.annotation.ComponentScan;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.http.HttpMethod;
|
import org.springframework.http.HttpMethod;
|
||||||
|
@ -17,6 +16,8 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||||
|
|
||||||
|
import java.lang.reflect.Method;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
@ComponentScan("org.baeldung.security")
|
@ComponentScan("org.baeldung.security")
|
||||||
|
@ -44,11 +45,14 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http.csrf().disable().authorizeRequests()
|
http.csrf().disable().authorizeRequests()
|
||||||
.antMatchers("/accesstoken", "/accesstoken/**", "/").permitAll()
|
.antMatchers("/accesstoken", "/accesstoken/**", "/", "/register").permitAll()
|
||||||
.antMatchers(HttpMethod.POST, "/users").permitAll()
|
.antMatchers(HttpMethod.POST,"/users").permitAll()
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
.and()
|
.and()
|
||||||
.addFilterBefore(new AuthenticationFilter(tokenStore, usersJpaRepository), CustomUrlUsernamePasswordAuthenticationFilter.class);
|
.addFilterBefore(
|
||||||
|
new AuthenticationFilter(tokenStore, usersJpaRepository),
|
||||||
|
CustomUrlUsernamePasswordAuthenticationFilter.class
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
|
@ -1,12 +1,18 @@
|
||||||
package ba.steleks.security;
|
package ba.steleks.security;
|
||||||
|
|
||||||
import ba.steleks.model.User;
|
import ba.steleks.model.User;
|
||||||
|
import ba.steleks.model.UserRole;
|
||||||
import ba.steleks.repository.UsersJpaRepository;
|
import ba.steleks.repository.UsersJpaRepository;
|
||||||
import ba.steleks.security.token.TokenStore;
|
import ba.steleks.security.token.TokenStore;
|
||||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||||
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.Authentication;
|
||||||
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import java.lang.reflect.Array;
|
||||||
|
import java.util.Arrays;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Created by ensar on 28/05/17.
|
* Created by ensar on 28/05/17.
|
||||||
|
@ -30,6 +36,7 @@ public class TokenAuthenticationService {
|
||||||
User user = usersJpaRepository.findOne(userId);
|
User user = usersJpaRepository.findOne(userId);
|
||||||
if(user != null) {
|
if(user != null) {
|
||||||
System.out.println("Found token... userId: " + userId);
|
System.out.println("Found token... userId: " + userId);
|
||||||
|
List<GrantedAuthority> userRole=UserRoleFactory.toGrantedAuthorities(user.getUserRoles());
|
||||||
return new UsernamePasswordAuthenticationToken(user.getUsername(), null,
|
return new UsernamePasswordAuthenticationToken(user.getUsername(), null,
|
||||||
UserRoleFactory.toGrantedAuthorities(user.getUserRoles()));
|
UserRoleFactory.toGrantedAuthorities(user.getUserRoles()));
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -3,10 +3,8 @@ package ba.steleks.security;
|
||||||
import ba.steleks.AutowireHelper;
|
import ba.steleks.AutowireHelper;
|
||||||
import ba.steleks.model.User;
|
import ba.steleks.model.User;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.context.ApplicationContext;
|
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
|
|
||||||
|
|
||||||
import javax.persistence.PrePersist;
|
import javax.persistence.PrePersist;
|
||||||
import javax.persistence.PreUpdate;
|
import javax.persistence.PreUpdate;
|
||||||
|
@ -21,11 +19,12 @@ public class UserPasswordEntityListener {
|
||||||
@Autowired
|
@Autowired
|
||||||
private PasswordEncoder passwordEncoder;
|
private PasswordEncoder passwordEncoder;
|
||||||
|
|
||||||
|
|
||||||
@PrePersist
|
@PrePersist
|
||||||
@PreUpdate
|
@PreUpdate
|
||||||
public void onUserUpdate(User user) {
|
public void onUserUpdate(User user) {
|
||||||
AutowireHelper.autowire(this, passwordEncoder);
|
AutowireHelper.autowire(this, this.passwordEncoder);
|
||||||
if(user.getPassword() != null) {
|
if (user.getPassword() != null) {
|
||||||
user.setPasswordHash(passwordEncoder.encode(user.getPassword()));
|
user.setPasswordHash(passwordEncoder.encode(user.getPassword()));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -39,6 +39,7 @@ public class UserRoleFactory {
|
||||||
.stream()
|
.stream()
|
||||||
// get role name
|
// get role name
|
||||||
.map(UserRole::getRoleName)
|
.map(UserRole::getRoleName)
|
||||||
|
.map(role -> role != null && role.isEmpty() ? "ROLE_" + role : role)
|
||||||
// create authority
|
// create authority
|
||||||
.map(SimpleGrantedAuthority::new)
|
.map(SimpleGrantedAuthority::new)
|
||||||
.collect(Collectors.toList());
|
.collect(Collectors.toList());
|
||||||
|
|
Reference in New Issue