From f14d1cbe55e612ebfd7d745e9547be23aba162c4 Mon Sep 17 00:00:00 2001 From: esensar Date: Sat, 27 May 2017 20:31:24 +0200 Subject: [PATCH] Add basic authentication --- users/build.gradle | 1 + .../controller/AuthenticationController.java | 10 +-- .../java/ba/steleks/model/AuthRequest.java | 3 - .../ba/steleks/security/SecurityConfig.java | 44 +++++++++++++ .../security/SteleksUsersDetailsService.java | 64 +++++++++++++++++++ 5 files changed, 112 insertions(+), 10 deletions(-) create mode 100644 users/src/main/java/ba/steleks/security/SecurityConfig.java create mode 100644 users/src/main/java/ba/steleks/security/SteleksUsersDetailsService.java diff --git a/users/build.gradle b/users/build.gradle index bfef237..fff3186 100644 --- a/users/build.gradle +++ b/users/build.gradle @@ -33,6 +33,7 @@ dependencies { runtime('com.h2database:h2') compile('org.springframework.cloud:spring-cloud-starter-config') compile('org.springframework.boot:spring-boot-starter-actuator') + compile('org.springframework.boot:spring-boot-starter-security') testCompile('org.springframework.boot:spring-boot-starter-test') compile('mysql:mysql-connector-java') compile('org.hibernate:hibernate-validator') diff --git a/users/src/main/java/ba/steleks/controller/AuthenticationController.java b/users/src/main/java/ba/steleks/controller/AuthenticationController.java index 6cb4d72..fdfd350 100644 --- a/users/src/main/java/ba/steleks/controller/AuthenticationController.java +++ b/users/src/main/java/ba/steleks/controller/AuthenticationController.java @@ -2,7 +2,6 @@ package ba.steleks.controller; import ba.steleks.model.AuthRequest; import ba.steleks.repository.UsersJpaRepository; -import org.bouncycastle.crypto.tls.HashAlgorithm; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.web.bind.annotation.RequestBody; @@ -10,8 +9,6 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; - - /** * Created by admin on 13/05/2017. */ @@ -23,14 +20,13 @@ public class AuthenticationController { @Autowired public AuthenticationController(UsersJpaRepository usersJpaRepository, PasswordEncoder passwordEncoder) { - this.passwordEncoder=passwordEncoder; + this.passwordEncoder = passwordEncoder; this.usersJpaRepository = usersJpaRepository; } - @RequestMapping(path = "/accesstoken" , method = RequestMethod.POST) + @RequestMapping(path = "/accesstoken", method = RequestMethod.POST) public String generateToken(@RequestBody AuthRequest body){ - return passwordEncoder.matches(body.getPassword(),usersJpaRepository.findByUsername(body.getUsername()).getPasswordHash()) ? "true" : "false"; - + return passwordEncoder.matches(body.getPassword(), usersJpaRepository.findByUsername(body.getUsername()).getPasswordHash()) ? "true" : "false"; } } diff --git a/users/src/main/java/ba/steleks/model/AuthRequest.java b/users/src/main/java/ba/steleks/model/AuthRequest.java index ef447b8..f74a280 100644 --- a/users/src/main/java/ba/steleks/model/AuthRequest.java +++ b/users/src/main/java/ba/steleks/model/AuthRequest.java @@ -1,8 +1,5 @@ package ba.steleks.model; - -import com.fasterxml.jackson.databind.annotation.JsonSerialize; - /** * Created by admin on 13/05/2017. */ diff --git a/users/src/main/java/ba/steleks/security/SecurityConfig.java b/users/src/main/java/ba/steleks/security/SecurityConfig.java new file mode 100644 index 0000000..f5e7eef --- /dev/null +++ b/users/src/main/java/ba/steleks/security/SecurityConfig.java @@ -0,0 +1,44 @@ +package ba.steleks.security;/** + * Created by ensar on 16/05/17. + */ + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.ComponentScan; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.authentication.dao.DaoAuthenticationProvider; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; + +@Configuration +@EnableWebSecurity +@ComponentScan("org.baeldung.security") +public class SecurityConfig extends WebSecurityConfigurerAdapter { + + @Bean + public AuthenticationProvider provideAuthenticationProvider() { + DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider(); + authenticationProvider.setUserDetailsService(new SteleksUsersDetailsService()); + return authenticationProvider; + } + + @Autowired + private AuthenticationProvider authProvider; + + @Override + protected void configure( + AuthenticationManagerBuilder auth) throws Exception { + auth.authenticationProvider(authProvider); + } + + @Override + protected void configure(HttpSecurity http) throws Exception { + http.authorizeRequests().anyRequest().authenticated(); + } +} \ No newline at end of file diff --git a/users/src/main/java/ba/steleks/security/SteleksUsersDetailsService.java b/users/src/main/java/ba/steleks/security/SteleksUsersDetailsService.java new file mode 100644 index 0000000..b635d9b --- /dev/null +++ b/users/src/main/java/ba/steleks/security/SteleksUsersDetailsService.java @@ -0,0 +1,64 @@ +package ba.steleks.security;/** + * Created by ensar on 16/05/17. + */ + +import ba.steleks.model.User; +import ba.steleks.repository.UsersJpaRepository; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; + +import java.util.Collection; +import java.util.logging.Logger; + +public class SteleksUsersDetailsService implements UserDetailsService { + private static final Logger logger = + Logger.getLogger(SteleksUsersDetailsService.class.getName()); + + @Autowired + private UsersJpaRepository usersJpaRepository; + + @Override + public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { + User user = usersJpaRepository.findByUsername(username); + UserDetails userDetails = new UserDetails() { + @Override + public Collection getAuthorities() { + return null; + } + + @Override + public String getPassword() { + return null; + } + + @Override + public String getUsername() { + return null; + } + + @Override + public boolean isAccountNonExpired() { + return false; + } + + @Override + public boolean isAccountNonLocked() { + return false; + } + + @Override + public boolean isCredentialsNonExpired() { + return false; + } + + @Override + public boolean isEnabled() { + return false; + } + }; + return userDetails; + } +}