unified code format
This commit is contained in:
Main
@@ -32,66 +32,66 @@ import java.security.SecureRandom;
|
||||
@EnableConfigurationProperties({AuthProperties.class})
|
||||
public class AuthConfiguration extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@Autowired
|
||||
private AuthProperties securityProperties;
|
||||
@Autowired
|
||||
private AuthProperties securityProperties;
|
||||
|
||||
@Autowired
|
||||
private TokenAuthenticationService tokenAuthenticationService;
|
||||
@Autowired
|
||||
private TokenAuthenticationService tokenAuthenticationService;
|
||||
|
||||
@Autowired
|
||||
CustomerAuthService customerAuthService;
|
||||
@Autowired
|
||||
CustomerAuthService customerAuthService;
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
//auth.inMemoryAuthentication();
|
||||
auth.userDetailsService(userDetailsServiceBean());
|
||||
}
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
//auth.inMemoryAuthentication();
|
||||
auth.userDetailsService(userDetailsServiceBean());
|
||||
}
|
||||
|
||||
@Override
|
||||
public UserDetailsService userDetailsServiceBean() {
|
||||
return email -> {
|
||||
@Override
|
||||
public UserDetailsService userDetailsServiceBean() {
|
||||
return email -> {
|
||||
/* QuerySideCustomer customer = customerAuthService.findByEmail(email);
|
||||
if (customer != null) {
|
||||
return new User(email);
|
||||
} else {
|
||||
throw new UsernameNotFoundException(String.format("could not find the customer '%s'", email));
|
||||
}*/
|
||||
//authorize everyone with basic authentication
|
||||
return new User(email, "", true, true, true, true,
|
||||
AuthorityUtils.createAuthorityList("USER"));
|
||||
//authorize everyone with basic authentication
|
||||
return new User(email, "", true, true, true, true,
|
||||
AuthorityUtils.createAuthorityList("USER"));
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
@Bean
|
||||
public CustomerAuthService customerAuthService(CustomerAuthRepository customerAuthRepository) {
|
||||
return new CustomerAuthService(customerAuthRepository);
|
||||
}
|
||||
@Bean
|
||||
public CustomerAuthService customerAuthService(CustomerAuthRepository customerAuthRepository) {
|
||||
return new CustomerAuthService(customerAuthRepository);
|
||||
}
|
||||
|
||||
@Bean
|
||||
@Override
|
||||
public AuthenticationManager authenticationManagerBean() throws Exception {
|
||||
return super.authenticationManagerBean();
|
||||
}
|
||||
@Bean
|
||||
@Override
|
||||
public AuthenticationManager authenticationManagerBean() throws Exception {
|
||||
return super.authenticationManagerBean();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.csrf().disable()
|
||||
.httpBasic().and()
|
||||
.authorizeRequests()
|
||||
.antMatchers("/index.html", "/", "/**.js", "/**.css").permitAll()
|
||||
.antMatchers("/swagger-ui.html", "/v2/api-docs").permitAll()
|
||||
.antMatchers(HttpMethod.POST, "/customers", "/login").permitAll()
|
||||
.anyRequest().authenticated().and()
|
||||
.addFilterAfter(new StatelessAuthenticationFilter(tokenAuthenticationService), BasicAuthenticationFilter.class);
|
||||
}
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.csrf().disable()
|
||||
.httpBasic().and()
|
||||
.authorizeRequests()
|
||||
.antMatchers("/index.html", "/", "/**.js", "/**.css").permitAll()
|
||||
.antMatchers("/swagger-ui.html", "/v2/api-docs").permitAll()
|
||||
.antMatchers(HttpMethod.POST, "/customers", "/login").permitAll()
|
||||
.anyRequest().authenticated().and()
|
||||
.addFilterAfter(new StatelessAuthenticationFilter(tokenAuthenticationService), BasicAuthenticationFilter.class);
|
||||
}
|
||||
|
||||
@Bean
|
||||
public TokenService tokenService() {
|
||||
KeyBasedPersistenceTokenService res = new KeyBasedPersistenceTokenService();
|
||||
res.setSecureRandom(new SecureRandom());
|
||||
res.setServerSecret(securityProperties.getServerSecret());
|
||||
res.setServerInteger(securityProperties.getServerInteger());
|
||||
@Bean
|
||||
public TokenService tokenService() {
|
||||
KeyBasedPersistenceTokenService res = new KeyBasedPersistenceTokenService();
|
||||
res.setSecureRandom(new SecureRandom());
|
||||
res.setServerSecret(securityProperties.getServerSecret());
|
||||
res.setServerInteger(securityProperties.getServerInteger());
|
||||
|
||||
return res;
|
||||
}
|
||||
return res;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -7,22 +7,22 @@ import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||
*/
|
||||
@ConfigurationProperties(locations = "classpath:auth.properties", ignoreUnknownFields = false, prefix = "auth")
|
||||
public class AuthProperties {
|
||||
private String serverSecret;
|
||||
private Integer serverInteger;
|
||||
private String serverSecret;
|
||||
private Integer serverInteger;
|
||||
|
||||
public String getServerSecret() {
|
||||
return serverSecret;
|
||||
}
|
||||
public String getServerSecret() {
|
||||
return serverSecret;
|
||||
}
|
||||
|
||||
public void setServerSecret(String serverSecret) {
|
||||
this.serverSecret = serverSecret;
|
||||
}
|
||||
public void setServerSecret(String serverSecret) {
|
||||
this.serverSecret = serverSecret;
|
||||
}
|
||||
|
||||
public Integer getServerInteger() {
|
||||
return serverInteger;
|
||||
}
|
||||
public Integer getServerInteger() {
|
||||
return serverInteger;
|
||||
}
|
||||
|
||||
public void setServerInteger(Integer serverInteger) {
|
||||
this.serverInteger = serverInteger;
|
||||
}
|
||||
public void setServerInteger(Integer serverInteger) {
|
||||
this.serverInteger = serverInteger;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -7,5 +7,5 @@ import java.util.List;
|
||||
|
||||
interface CustomerAuthRepository extends MongoRepository<QuerySideCustomer, String> {
|
||||
|
||||
List<QuerySideCustomer> findByEmail(String email);
|
||||
}
|
||||
List<QuerySideCustomer> findByEmail(String email);
|
||||
}
|
||||
@@ -2,7 +2,6 @@ package net.chrisrichardson.eventstore.javaexamples.banking.commonauth;
|
||||
|
||||
import net.chrisrichardson.eventstore.javaexamples.banking.common.customers.QuerySideCustomer;
|
||||
import org.springframework.dao.EmptyResultDataAccessException;
|
||||
import org.springframework.dao.IncorrectResultSizeDataAccessException;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@@ -10,20 +9,20 @@ import java.util.List;
|
||||
* Created by Main on 15.02.2016.
|
||||
*/
|
||||
public class CustomerAuthService {
|
||||
private CustomerAuthRepository customerAuthRepository;
|
||||
private CustomerAuthRepository customerAuthRepository;
|
||||
|
||||
public CustomerAuthService(CustomerAuthRepository customerAuthRepository) {
|
||||
this.customerAuthRepository = customerAuthRepository;
|
||||
}
|
||||
public CustomerAuthService(CustomerAuthRepository customerAuthRepository) {
|
||||
this.customerAuthRepository = customerAuthRepository;
|
||||
}
|
||||
|
||||
public QuerySideCustomer findByEmail(String email){
|
||||
List<QuerySideCustomer> customers = customerAuthRepository.findByEmail(email);
|
||||
if (customers.isEmpty())
|
||||
throw new EmptyResultDataAccessException(1);
|
||||
//TODO: add unique email constraint
|
||||
public QuerySideCustomer findByEmail(String email) {
|
||||
List<QuerySideCustomer> customers = customerAuthRepository.findByEmail(email);
|
||||
if (customers.isEmpty())
|
||||
throw new EmptyResultDataAccessException(1);
|
||||
//TODO: add unique email constraint
|
||||
/* else if(customers.size()>1)
|
||||
throw new IncorrectResultSizeDataAccessException(1, customers.size());*/
|
||||
else
|
||||
return customers.get(0);
|
||||
}
|
||||
else
|
||||
return customers.get(0);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -18,26 +18,26 @@ import java.io.IOException;
|
||||
@Service
|
||||
public class TokenAuthenticationService {
|
||||
|
||||
@Autowired
|
||||
private TokenService tokenService;
|
||||
@Autowired
|
||||
private TokenService tokenService;
|
||||
|
||||
private static final String AUTH_HEADER_NAME = "access-token";
|
||||
private static final long DAY = 1000 * 60 * 60 * 24;
|
||||
private static final String AUTH_HEADER_NAME = "access-token";
|
||||
private static final long DAY = 1000 * 60 * 60 * 24;
|
||||
|
||||
private ObjectMapper mapper = new ObjectMapper();
|
||||
private ObjectMapper mapper = new ObjectMapper();
|
||||
|
||||
public Authentication getAuthentication(HttpServletRequest request) throws IOException {
|
||||
final String tokenString = request.getHeader(AUTH_HEADER_NAME);
|
||||
public Authentication getAuthentication(HttpServletRequest request) throws IOException {
|
||||
final String tokenString = request.getHeader(AUTH_HEADER_NAME);
|
||||
|
||||
if (tokenString != null) {
|
||||
Token token = tokenService.verifyToken(tokenString);
|
||||
final User user = mapper.readValue(token.getExtendedInformation(), User.class);
|
||||
if (tokenString != null) {
|
||||
Token token = tokenService.verifyToken(tokenString);
|
||||
final User user = mapper.readValue(token.getExtendedInformation(), User.class);
|
||||
|
||||
if (user != null && (System.currentTimeMillis() - token.getKeyCreationTime()) < DAY) {
|
||||
return new UserAuthentication(user);
|
||||
}
|
||||
}
|
||||
return null;
|
||||
if (user != null && (System.currentTimeMillis() - token.getKeyCreationTime()) < DAY) {
|
||||
return new UserAuthentication(user);
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -16,18 +16,18 @@ import java.io.IOException;
|
||||
*/
|
||||
public class StatelessAuthenticationFilter extends GenericFilterBean {
|
||||
|
||||
private final TokenAuthenticationService tokenAuthenticationService;
|
||||
private final TokenAuthenticationService tokenAuthenticationService;
|
||||
|
||||
public StatelessAuthenticationFilter(TokenAuthenticationService taService) {
|
||||
this.tokenAuthenticationService = taService;
|
||||
}
|
||||
public StatelessAuthenticationFilter(TokenAuthenticationService taService) {
|
||||
this.tokenAuthenticationService = taService;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
|
||||
if (SecurityContextHolder.getContext().getAuthentication()==null) {
|
||||
SecurityContextHolder.getContext().setAuthentication(
|
||||
tokenAuthenticationService.getAuthentication((HttpServletRequest) req));
|
||||
}
|
||||
chain.doFilter(req, res);
|
||||
@Override
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
|
||||
if (SecurityContextHolder.getContext().getAuthentication() == null) {
|
||||
SecurityContextHolder.getContext().setAuthentication(
|
||||
tokenAuthenticationService.getAuthentication((HttpServletRequest) req));
|
||||
}
|
||||
chain.doFilter(req, res);
|
||||
}
|
||||
}
|
||||
@@ -16,63 +16,63 @@ import java.util.Set;
|
||||
@JsonIgnoreProperties(ignoreUnknown = true)
|
||||
public class User implements UserDetails {
|
||||
|
||||
private String email;
|
||||
private String email;
|
||||
|
||||
public User() {
|
||||
}
|
||||
public User() {
|
||||
}
|
||||
|
||||
public User(String email) {
|
||||
this.email = email;
|
||||
}
|
||||
public User(String email) {
|
||||
this.email = email;
|
||||
}
|
||||
|
||||
public void setUsername(String username) {
|
||||
this.email = username;
|
||||
}
|
||||
public void setUsername(String username) {
|
||||
this.email = username;
|
||||
}
|
||||
|
||||
@Override
|
||||
@JsonIgnore
|
||||
public Collection<? extends GrantedAuthority> getAuthorities() {
|
||||
SimpleGrantedAuthority authority = new SimpleGrantedAuthority("USER");
|
||||
Set<GrantedAuthority> res = new HashSet<GrantedAuthority>();
|
||||
res.add(authority);
|
||||
return res;
|
||||
}
|
||||
@Override
|
||||
@JsonIgnore
|
||||
public Collection<? extends GrantedAuthority> getAuthorities() {
|
||||
SimpleGrantedAuthority authority = new SimpleGrantedAuthority("USER");
|
||||
Set<GrantedAuthority> res = new HashSet<GrantedAuthority>();
|
||||
res.add(authority);
|
||||
return res;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getPassword() {
|
||||
return "";
|
||||
}
|
||||
@Override
|
||||
public String getPassword() {
|
||||
return "";
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getUsername() {
|
||||
return this.email;
|
||||
}
|
||||
@Override
|
||||
public String getUsername() {
|
||||
return this.email;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isAccountNonExpired() {
|
||||
return false;
|
||||
}
|
||||
@Override
|
||||
public boolean isAccountNonExpired() {
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isAccountNonLocked() {
|
||||
return false;
|
||||
}
|
||||
@Override
|
||||
public boolean isAccountNonLocked() {
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isCredentialsNonExpired() {
|
||||
return false;
|
||||
}
|
||||
@Override
|
||||
public boolean isCredentialsNonExpired() {
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isEnabled() {
|
||||
return false;
|
||||
}
|
||||
@Override
|
||||
public boolean isEnabled() {
|
||||
return false;
|
||||
}
|
||||
|
||||
public String getEmail() {
|
||||
return email;
|
||||
}
|
||||
public String getEmail() {
|
||||
return email;
|
||||
}
|
||||
|
||||
public void setEmail(String email) {
|
||||
this.email = email;
|
||||
}
|
||||
public void setEmail(String email) {
|
||||
this.email = email;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -10,45 +10,45 @@ import java.util.Collection;
|
||||
*/
|
||||
public class UserAuthentication implements Authentication {
|
||||
|
||||
private final User user;
|
||||
private boolean authenticated = true;
|
||||
private final User user;
|
||||
private boolean authenticated = true;
|
||||
|
||||
public UserAuthentication(User user) {
|
||||
this.user = user;
|
||||
}
|
||||
public UserAuthentication(User user) {
|
||||
this.user = user;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return user.getUsername();
|
||||
}
|
||||
@Override
|
||||
public String getName() {
|
||||
return user.getUsername();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<? extends GrantedAuthority> getAuthorities() {
|
||||
return user.getAuthorities();
|
||||
}
|
||||
@Override
|
||||
public Collection<? extends GrantedAuthority> getAuthorities() {
|
||||
return user.getAuthorities();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Object getCredentials() {
|
||||
return user.getPassword();
|
||||
}
|
||||
@Override
|
||||
public Object getCredentials() {
|
||||
return user.getPassword();
|
||||
}
|
||||
|
||||
@Override
|
||||
public User getDetails() {
|
||||
return user;
|
||||
}
|
||||
@Override
|
||||
public User getDetails() {
|
||||
return user;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Object getPrincipal() {
|
||||
return user.getUsername();
|
||||
}
|
||||
@Override
|
||||
public Object getPrincipal() {
|
||||
return user.getUsername();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isAuthenticated() {
|
||||
return authenticated;
|
||||
}
|
||||
@Override
|
||||
public boolean isAuthenticated() {
|
||||
return authenticated;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setAuthenticated(boolean authenticated) {
|
||||
this.authenticated = authenticated;
|
||||
}
|
||||
@Override
|
||||
public void setAuthenticated(boolean authenticated) {
|
||||
this.authenticated = authenticated;
|
||||
}
|
||||
}
|
||||
@@ -13,33 +13,33 @@ import java.nio.charset.Charset;
|
||||
*/
|
||||
public class BasicAuthUtils {
|
||||
|
||||
public static HttpHeaders basicAuthHeaders(String username) {
|
||||
return new HttpHeaders() {
|
||||
{
|
||||
String auth = username + ":";
|
||||
byte[] encodedAuth = Base64.encodeBase64(
|
||||
auth.getBytes(Charset.forName("US-ASCII")));
|
||||
String authHeader = "Basic " + new String(encodedAuth);
|
||||
set("Authorization", authHeader);
|
||||
}
|
||||
};
|
||||
public static HttpHeaders basicAuthHeaders(String username) {
|
||||
return new HttpHeaders() {
|
||||
{
|
||||
String auth = username + ":";
|
||||
byte[] encodedAuth = Base64.encodeBase64(
|
||||
auth.getBytes(Charset.forName("US-ASCII")));
|
||||
String authHeader = "Basic " + new String(encodedAuth);
|
||||
set("Authorization", authHeader);
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
public static <T> T doBasicAuthenticatedRequest(RestTemplate restTemplate, String url, HttpMethod httpMethod, Class<T> responseType) {
|
||||
return doBasicAuthenticatedRequest(restTemplate, url, httpMethod, responseType, null);
|
||||
}
|
||||
|
||||
public static <T> T doBasicAuthenticatedRequest(RestTemplate restTemplate, String url, HttpMethod httpMethod, Class<T> responseType, Object requestObject) {
|
||||
HttpEntity httpEntity;
|
||||
if (requestObject != null) {
|
||||
httpEntity = new HttpEntity(requestObject, BasicAuthUtils.basicAuthHeaders("test_user@mail.com"));
|
||||
} else {
|
||||
httpEntity = new HttpEntity(BasicAuthUtils.basicAuthHeaders("test_user@mail.com"));
|
||||
}
|
||||
|
||||
public static <T> T doBasicAuthenticatedRequest(RestTemplate restTemplate, String url, HttpMethod httpMethod, Class<T> responseType) {
|
||||
return doBasicAuthenticatedRequest(restTemplate, url, httpMethod, responseType, null);
|
||||
}
|
||||
|
||||
public static <T> T doBasicAuthenticatedRequest(RestTemplate restTemplate, String url, HttpMethod httpMethod, Class<T> responseType, Object requestObject) {
|
||||
HttpEntity httpEntity;
|
||||
if(requestObject!=null) {
|
||||
httpEntity = new HttpEntity(requestObject, BasicAuthUtils.basicAuthHeaders("test_user@mail.com"));
|
||||
} else {
|
||||
httpEntity = new HttpEntity(BasicAuthUtils.basicAuthHeaders("test_user@mail.com"));
|
||||
}
|
||||
|
||||
return restTemplate.exchange(url,
|
||||
httpMethod,
|
||||
httpEntity,
|
||||
responseType).getBody();
|
||||
}
|
||||
return restTemplate.exchange(url,
|
||||
httpMethod,
|
||||
httpEntity,
|
||||
responseType).getBody();
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user