mindol1004/getting-started
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #265 from ranjanih/ranjani-security

Browse Source 
Getting started with Spring Security and Spring boot
This commit is contained in:
Artur Kuksin
2023-02-28 18:25:41 +01:00
committed by GitHub
parent 5fc64d1662 bd257c811d
commit 5a9dd70280
37 changed files with 1935 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
spring-security/getting-started/SecureApplication/.gitignore vendored Normal file
View File

@@ -0,0 +1,33 @@
HELP.md
target/
!.mvn/wrapper/maven-wrapper.jar
!**/src/main/**/target/
!**/src/test/**/target/
### STS ###
.apt_generated
.classpath
.factorypath
.project
.settings
.springBeans
.sts4-cache
### IntelliJ IDEA ###
.idea
*.iws
*.iml
*.ipr
### NetBeans ###
/nbproject/private/
/nbbuild/
/dist/
/nbdist/
/.nb-gradle/
build/
!**/src/main/**/build/
!**/src/test/**/build/
### VS Code ###
.vscode/

BIN
spring-security/getting-started/SecureApplication/.mvn/wrapper/maven-wrapper.jar vendored Normal file
View File

Binary file not shown.

2
spring-security/getting-started/SecureApplication/.mvn/wrapper/maven-wrapper.properties vendored Normal file
View File

@@ -0,0 +1,2 @@
distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.8.6/apache-maven-3.8.6-bin.zip
wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar

316
spring-security/getting-started/SecureApplication/mvnw vendored Normal file
View File

@@ -0,0 +1,316 @@
#!/bin/sh
# ----------------------------------------------------------------------------
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
# ----------------------------------------------------------------------------
# ----------------------------------------------------------------------------
# Maven Start Up Batch script
#
# Required ENV vars:
# ------------------
# JAVA_HOME - location of a JDK home dir
#
# Optional ENV vars
# -----------------
# M2_HOME - location of maven2's installed home dir
# MAVEN_OPTS - parameters passed to the Java VM when running Maven
# e.g. to debug Maven itself, use
# set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
# MAVEN_SKIP_RC - flag to disable loading of mavenrc files
# ----------------------------------------------------------------------------
if [ -z "$MAVEN_SKIP_RC" ] ; then
if [ -f /usr/local/etc/mavenrc ] ; then
. /usr/local/etc/mavenrc
fi
if [ -f /etc/mavenrc ] ; then
. /etc/mavenrc
fi
if [ -f "$HOME/.mavenrc" ] ; then
. "$HOME/.mavenrc"
fi
fi
# OS specific support. $var _must_ be set to either true or false.
cygwin=false;
darwin=false;
mingw=false
case "`uname`" in
CYGWIN*) cygwin=true ;;
MINGW*) mingw=true;;
Darwin*) darwin=true
# Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home
# See https://developer.apple.com/library/mac/qa/qa1170/_index.html
if [ -z "$JAVA_HOME" ]; then
if [ -x "/usr/libexec/java_home" ]; then
export JAVA_HOME="`/usr/libexec/java_home`"
else
export JAVA_HOME="/Library/Java/Home"
fi
fi
;;
esac
if [ -z "$JAVA_HOME" ] ; then
if [ -r /etc/gentoo-release ] ; then
JAVA_HOME=`java-config --jre-home`
fi
fi
if [ -z "$M2_HOME" ] ; then
## resolve links - $0 may be a link to maven's home
PRG="$0"
# need this for relative symlinks
while [ -h "$PRG" ] ; do
ls=`ls -ld "$PRG"`
link=`expr "$ls" : '.*-> \(.*\)$'`
if expr "$link" : '/.*' > /dev/null; then
PRG="$link"
else
PRG="`dirname "$PRG"`/$link"
fi
done
saveddir=`pwd`
M2_HOME=`dirname "$PRG"`/..
# make it fully qualified
M2_HOME=`cd "$M2_HOME" && pwd`
cd "$saveddir"
# echo Using m2 at $M2_HOME
fi
# For Cygwin, ensure paths are in UNIX format before anything is touched
if $cygwin ; then
[ -n "$M2_HOME" ] &&
M2_HOME=`cygpath --unix "$M2_HOME"`
[ -n "$JAVA_HOME" ] &&
JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
[ -n "$CLASSPATH" ] &&
CLASSPATH=`cygpath --path --unix "$CLASSPATH"`
fi
# For Mingw, ensure paths are in UNIX format before anything is touched
if $mingw ; then
[ -n "$M2_HOME" ] &&
M2_HOME="`(cd "$M2_HOME"; pwd)`"
[ -n "$JAVA_HOME" ] &&
JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`"
fi
if [ -z "$JAVA_HOME" ]; then
javaExecutable="`which javac`"
if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then
# readlink(1) is not available as standard on Solaris 10.
readLink=`which readlink`
if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then
if $darwin ; then
javaHome="`dirname \"$javaExecutable\"`"
javaExecutable="`cd \"$javaHome\" && pwd -P`/javac"
else
javaExecutable="`readlink -f \"$javaExecutable\"`"
fi
javaHome="`dirname \"$javaExecutable\"`"
javaHome=`expr "$javaHome" : '\(.*\)/bin'`
JAVA_HOME="$javaHome"
export JAVA_HOME
fi
fi
fi
if [ -z "$JAVACMD" ] ; then
if [ -n "$JAVA_HOME" ] ; then
if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
# IBM's JDK on AIX uses strange locations for the executables
JAVACMD="$JAVA_HOME/jre/sh/java"
else
JAVACMD="$JAVA_HOME/bin/java"
fi
else
JAVACMD="`\\unset -f command; \\command -v java`"
fi
fi
if [ ! -x "$JAVACMD" ] ; then
echo "Error: JAVA_HOME is not defined correctly." >&2
echo " We cannot execute $JAVACMD" >&2
exit 1
fi
if [ -z "$JAVA_HOME" ] ; then
echo "Warning: JAVA_HOME environment variable is not set."
fi
CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher
# traverses directory structure from process work directory to filesystem root
# first directory with .mvn subdirectory is considered project base directory
find_maven_basedir() {
if [ -z "$1" ]
then
echo "Path not specified to find_maven_basedir"
return 1
fi
basedir="$1"
wdir="$1"
while [ "$wdir" != '/' ] ; do
if [ -d "$wdir"/.mvn ] ; then
basedir=$wdir
break
fi
# workaround for JBEAP-8937 (on Solaris 10/Sparc)
if [ -d "${wdir}" ]; then
wdir=`cd "$wdir/.."; pwd`
fi
# end of workaround
done
echo "${basedir}"
}
# concatenates all lines of a file
concat_lines() {
if [ -f "$1" ]; then
echo "$(tr -s '\n' ' ' < "$1")"
fi
}
BASE_DIR=`find_maven_basedir "$(pwd)"`
if [ -z "$BASE_DIR" ]; then
exit 1;
fi
##########################################################################################
# Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
# This allows using the maven wrapper in projects that prohibit checking in binary data.
##########################################################################################
if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then
if [ "$MVNW_VERBOSE" = true ]; then
echo "Found .mvn/wrapper/maven-wrapper.jar"
fi
else
if [ "$MVNW_VERBOSE" = true ]; then
echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..."
fi
if [ -n "$MVNW_REPOURL" ]; then
jarUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
else
jarUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
fi
while IFS="=" read key value; do
case "$key" in (wrapperUrl) jarUrl="$value"; break ;;
esac
done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties"
if [ "$MVNW_VERBOSE" = true ]; then
echo "Downloading from: $jarUrl"
fi
wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar"
if $cygwin; then
wrapperJarPath=`cygpath --path --windows "$wrapperJarPath"`
fi
if command -v wget > /dev/null; then
if [ "$MVNW_VERBOSE" = true ]; then
echo "Found wget ... using wget"
fi
if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
wget "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
else
wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
fi
elif command -v curl > /dev/null; then
if [ "$MVNW_VERBOSE" = true ]; then
echo "Found curl ... using curl"
fi
if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
curl -o "$wrapperJarPath" "$jarUrl" -f
else
curl --user $MVNW_USERNAME:$MVNW_PASSWORD -o "$wrapperJarPath" "$jarUrl" -f
fi
else
if [ "$MVNW_VERBOSE" = true ]; then
echo "Falling back to using Java to download"
fi
javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java"
# For Cygwin, switch paths to Windows format before running javac
if $cygwin; then
javaClass=`cygpath --path --windows "$javaClass"`
fi
if [ -e "$javaClass" ]; then
if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then
if [ "$MVNW_VERBOSE" = true ]; then
echo " - Compiling MavenWrapperDownloader.java ..."
fi
# Compiling the Java class
("$JAVA_HOME/bin/javac" "$javaClass")
fi
if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then
# Running the downloader
if [ "$MVNW_VERBOSE" = true ]; then
echo " - Running MavenWrapperDownloader.java ..."
fi
("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR")
fi
fi
fi
fi
##########################################################################################
# End of extension
##########################################################################################
export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"}
if [ "$MVNW_VERBOSE" = true ]; then
echo $MAVEN_PROJECTBASEDIR
fi
MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS"
# For Cygwin, switch paths to Windows format before running java
if $cygwin; then
[ -n "$M2_HOME" ] &&
M2_HOME=`cygpath --path --windows "$M2_HOME"`
[ -n "$JAVA_HOME" ] &&
JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"`
[ -n "$CLASSPATH" ] &&
CLASSPATH=`cygpath --path --windows "$CLASSPATH"`
[ -n "$MAVEN_PROJECTBASEDIR" ] &&
MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"`
fi
# Provide a "standardized" way to retrieve the CLI args that will
# work with both Windows and non-Windows executions.
MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $@"
export MAVEN_CMD_LINE_ARGS
WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
exec "$JAVACMD" \
$MAVEN_OPTS \
$MAVEN_DEBUG_OPTS \
-classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \
"-Dmaven.home=${M2_HOME}" \
"-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \
${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@"

188
spring-security/getting-started/SecureApplication/mvnw.cmd vendored Normal file
View File

@@ -0,0 +1,188 @@
@REM ----------------------------------------------------------------------------
@REM Licensed to the Apache Software Foundation (ASF) under one
@REM or more contributor license agreements. See the NOTICE file
@REM distributed with this work for additional information
@REM regarding copyright ownership. The ASF licenses this file
@REM to you under the Apache License, Version 2.0 (the
@REM "License"); you may not use this file except in compliance
@REM with the License. You may obtain a copy of the License at
@REM
@REM https://www.apache.org/licenses/LICENSE-2.0
@REM
@REM Unless required by applicable law or agreed to in writing,
@REM software distributed under the License is distributed on an
@REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@REM KIND, either express or implied. See the License for the
@REM specific language governing permissions and limitations
@REM under the License.
@REM ----------------------------------------------------------------------------
@REM ----------------------------------------------------------------------------
@REM Maven Start Up Batch script
@REM
@REM Required ENV vars:
@REM JAVA_HOME - location of a JDK home dir
@REM
@REM Optional ENV vars
@REM M2_HOME - location of maven2's installed home dir
@REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands
@REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending
@REM MAVEN_OPTS - parameters passed to the Java VM when running Maven
@REM e.g. to debug Maven itself, use
@REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
@REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files
@REM ----------------------------------------------------------------------------
@REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on'
@echo off
@REM set title of command window
title %0
@REM enable echoing by setting MAVEN_BATCH_ECHO to 'on'
@if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO%
@REM set %HOME% to equivalent of $HOME
if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%")
@REM Execute a user defined script before this one
if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre
@REM check for pre script, once with legacy .bat ending and once with .cmd ending
if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %*
if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %*
:skipRcPre
@setlocal
set ERROR_CODE=0
@REM To isolate internal variables from possible post scripts, we use another setlocal
@setlocal
@REM ==== START VALIDATION ====
if not "%JAVA_HOME%" == "" goto OkJHome
echo.
echo Error: JAVA_HOME not found in your environment. >&2
echo Please set the JAVA_HOME variable in your environment to match the >&2
echo location of your Java installation. >&2
echo.
goto error
:OkJHome
if exist "%JAVA_HOME%\bin\java.exe" goto init
echo.
echo Error: JAVA_HOME is set to an invalid directory. >&2
echo JAVA_HOME = "%JAVA_HOME%" >&2
echo Please set the JAVA_HOME variable in your environment to match the >&2
echo location of your Java installation. >&2
echo.
goto error
@REM ==== END VALIDATION ====
:init
@REM Find the project base dir, i.e. the directory that contains the folder ".mvn".
@REM Fallback to current working directory if not found.
set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR%
IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir
set EXEC_DIR=%CD%
set WDIR=%EXEC_DIR%
:findBaseDir
IF EXIST "%WDIR%"\.mvn goto baseDirFound
cd ..
IF "%WDIR%"=="%CD%" goto baseDirNotFound
set WDIR=%CD%
goto findBaseDir
:baseDirFound
set MAVEN_PROJECTBASEDIR=%WDIR%
cd "%EXEC_DIR%"
goto endDetectBaseDir
:baseDirNotFound
set MAVEN_PROJECTBASEDIR=%EXEC_DIR%
cd "%EXEC_DIR%"
:endDetectBaseDir
IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig
@setlocal EnableExtensions EnableDelayedExpansion
for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a
@endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS%
:endReadAdditionalConfig
SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B
)
@REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
@REM This allows using the maven wrapper in projects that prohibit checking in binary data.
if exist %WRAPPER_JAR% (
if "%MVNW_VERBOSE%" == "true" (
echo Found %WRAPPER_JAR%
)
) else (
if not "%MVNW_REPOURL%" == "" (
SET DOWNLOAD_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
)
if "%MVNW_VERBOSE%" == "true" (
echo Couldn't find %WRAPPER_JAR%, downloading it ...
echo Downloading from: %DOWNLOAD_URL%
)
powershell -Command "&{"^
"$webclient = new-object System.Net.WebClient;"^
"if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^
"$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^
"}"^
"[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^
"}"
if "%MVNW_VERBOSE%" == "true" (
echo Finished downloading %WRAPPER_JAR%
)
)
@REM End of extension
@REM Provide a "standardized" way to retrieve the CLI args that will
@REM work with both Windows and non-Windows executions.
set MAVEN_CMD_LINE_ARGS=%*
%MAVEN_JAVA_EXE% ^
%JVM_CONFIG_MAVEN_PROPS% ^
%MAVEN_OPTS% ^
%MAVEN_DEBUG_OPTS% ^
-classpath %WRAPPER_JAR% ^
"-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^
%WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
if ERRORLEVEL 1 goto error
goto end
:error
set ERROR_CODE=1
:end
@endlocal & set ERROR_CODE=%ERROR_CODE%
if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost
@REM check for post script, once with legacy .bat ending and once with .cmd ending
if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat"
if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd"
:skipRcPost
@REM pause the script if MAVEN_BATCH_PAUSE is set to 'on'
if "%MAVEN_BATCH_PAUSE%"=="on" pause
if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE%
cmd /C exit /B %ERROR_CODE%

114
spring-security/getting-started/SecureApplication/pom.xml Normal file
View File

@@ -0,0 +1,114 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.7.5</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.reflectoring</groupId>
<artifactId>security</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>security</name>
<description>Spring Security sample project</description>
<properties>
<java.version>11</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.20</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok-mapstruct-binding</artifactId>
<version>0.2.0</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.mapstruct</groupId>
<artifactId>mapstruct</artifactId>
<version>1.4.2.Final</version>
</dependency>
<dependency>
<groupId>org.hsqldb</groupId>
<artifactId>hsqldb</artifactId>
<version>2.4.0</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.zalando</groupId>
<artifactId>problem-spring-web</artifactId>
<version>0.27.0</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.hamcrest/hamcrest-library -->
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-library</artifactId>
<version>2.2</version>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.8.0</version>
<configuration>
<source>11</source>
<target>11</target>
<annotationProcessorPaths>
<path>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.20</version>
</path>
<path>
<groupId>org.mapstruct</groupId>
<artifactId>mapstruct-processor</artifactId>
<version>1.4.2.Final</version>
</path>
</annotationProcessorPaths>
</configuration>
</plugin>
</plugins>
</build>
</project>

37
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/CustomHeaderValidatorFilter.java Normal file
View File

@@ -0,0 +1,37 @@
package com.reflectoring.security;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.reflectoring.security.exception.CommonException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class CustomHeaderValidatorFilter extends OncePerRequestFilter {
private static final Logger log = LoggerFactory.getLogger(CustomHeaderValidatorFilter.class);
@Override
protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {
String path = request.getRequestURI();
return path.startsWith("/library/books/all");
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
log.info("Custom filter called...");
if (StringUtils.isEmpty(request.getHeader("X-Application-Name"))) {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
response.setContentType("application/json");
response.getOutputStream().println(new ObjectMapper().writeValueAsString(CommonException.headerError()));
} else {
filterChain.doFilter(request, response);
}
}
}

13
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/SecurityApplication.java Normal file
View File

@@ -0,0 +1,13 @@
package com.reflectoring.security;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class SecurityApplication {
public static void main(String[] args) {
SpringApplication.run(SecurityApplication.class, args);
}
}

58
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/config/BasicAuthProperties.java Normal file
View File

@@ -0,0 +1,58 @@
package com.reflectoring.security.config;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
@ConfigurationProperties(prefix = "auth")
public class BasicAuthProperties {
private Map<String, UserDetail> users;
public Map<String, UserDetail> getUsers() {
return users;
}
public void setUsers(Map<String, UserDetail> users) {
this.users = users;
}
public Set<UserDetails> getUserDetails() {
return this.users.entrySet().stream()
.map(entry -> User.withUsername(entry.getKey())
.passwordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder()::encode)
.password(entry.getValue().getPassword())
.roles(entry.getValue().getRole().toUpperCase())
.build())
.collect(Collectors.toSet());
}
private static class UserDetail {
private String password;
private String role;
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getRole() {
return role;
}
public void setRole(String role) {
this.role = role;
}
}
}

186
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/config/SecurityConfiguration.java Normal file
View File

@@ -0,0 +1,186 @@
package com.reflectoring.security.config;
import com.reflectoring.security.CustomHeaderValidatorFilter;
import com.reflectoring.security.exception.UserAuthenticationErrorHandler;
import com.reflectoring.security.exception.UserForbiddenErrorHandler;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
@EnableConfigurationProperties(BasicAuthProperties.class)
public class SecurityConfiguration {
private final BasicAuthProperties props;
public SecurityConfiguration(BasicAuthProperties props) {
this.props = props;
}
@Bean
@Order(1)
public SecurityFilterChain bookFilterChain(HttpSecurity http) throws Exception {
http
.csrf().disable()
.sessionManagement(session -> session
.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.antMatcher("/library/**")
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/library/**").hasRole("USER").anyRequest().authenticated()
.and()
.httpBasic()
.and()
.exceptionHandling(exception -> exception
.authenticationEntryPoint(userAuthenticationErrorHandler())
.accessDeniedHandler(new UserForbiddenErrorHandler()));
http.addFilterBefore(customHeaderValidatorFilter(), BasicAuthenticationFilter.class);
return http.build();
}
@Bean
public CustomHeaderValidatorFilter customHeaderValidatorFilter() {
return new CustomHeaderValidatorFilter();
}
@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
return (web) -> web.ignoring().antMatchers("/library/info");
}
@Bean
public UserDetailsService userDetailsService() {
return new InMemoryUserDetailsManager(props.getUserDetails());
}
/*@Bean
public AuthenticationManager authenticationManager(HttpSecurity http) throws Exception {
var builder = http.getSharedObject(AuthenticationManagerBuilder.class)
.userDetailsService(new InMemoryUserDetailsManager(props.getUserDetails()));
return builder.and().build();
}*/
@Bean
public AuthenticationEntryPoint userAuthenticationErrorHandler() {
UserAuthenticationErrorHandler userAuthenticationErrorHandler =
new UserAuthenticationErrorHandler();
userAuthenticationErrorHandler.setRealmName("Basic Authentication");
return userAuthenticationErrorHandler;
}
/*@Bean
public UsernamePasswordAuthenticationFilter usernamePasswordAuthenticationFilter(HttpSecurity http) throws Exception {
//AuthenticationEntryPoint authenticationEntryPoint = new UserAuthenticationErrorHandler();
return new UsernamePasswordAuthenticationFilter(authenticationManager(http));
}*/
public static final String[] ENDPOINTS_WHITELIST = {
"/css/**",
"/login",
"/home"
};
public static final String LOGIN_URL = "/login";
public static final String LOGIN_FAIL_URL = LOGIN_URL + "?error";
public static final String DEFAULT_SUCCESS_URL = "/home";
public static final String USERNAME = "username";
public static final String PASSWORD = "password";
@Bean
@Order(1)
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
// Requests
http.authorizeRequests(request -> request.antMatchers(ENDPOINTS_WHITELIST).hasRole("ADMIN")
.anyRequest().authenticated())
// CSRF
.csrf().disable()
.antMatcher("/login")
//.formLogin(Customizer.withDefaults())
.formLogin(form -> form
.loginPage(LOGIN_URL)
.loginProcessingUrl(LOGIN_URL)
.failureUrl(LOGIN_FAIL_URL)
.usernameParameter(USERNAME)
.passwordParameter(PASSWORD)
.defaultSuccessUrl(DEFAULT_SUCCESS_URL))
//.logout(Customizer.withDefaults())
.logout(logout -> logout
.logoutUrl("/logout")
.invalidateHttpSession(true)
.deleteCookies("JSESSIONID")
.logoutSuccessUrl(LOGIN_URL + "?logout"))
//.sessionManagement(Customizer.withDefaults())
.sessionManagement(session -> session
.sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
.invalidSessionUrl("/invalidSession")
.maximumSessions(1)
.maxSessionsPreventsLogin(true));
return http.build();
}
/*private AuthenticationFilter authenticationFilter(HttpSecurity http) {
AuthenticationFilter filter = new AuthenticationFilter(
resolver(http), authenticationConverter());
filter.setSuccessHandler((request, response, auth) -> {});
return filter;
}
public AuthenticationConverter authenticationConverter() {
return new BasicAuthenticationConverter();
}
public AuthenticationManagerResolver<HttpServletRequest> resolver(HttpSecurity http) {
return request -> {
if (request.getPathInfo().contains("login")) {
try {
return customAuthenticationManager(http);
} catch (Exception e) {
e.printStackTrace();
}
}
return null;
};
}
public AuthenticationManager customAuthenticationManager(HttpSecurity http)
throws Exception {
return http.getSharedObject(AuthenticationManagerBuilder.class)
.userDetailsService(userDetailsService())
.passwordEncoder(passwordEncoder())
.and()
.build();
}
public InMemoryUserDetailsManager userDetailsService() {
UserDetails admin = User.withUsername("user")
.password(passwordEncoder().encode("userpass"))
.roles("USER")
.build();
return new InMemoryUserDetailsManager(admin);
}
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}*/
}

32
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/exception/CommonException.java Normal file
View File

@@ -0,0 +1,32 @@
package com.reflectoring.security.exception;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonInclude;
import org.zalando.problem.AbstractThrowableProblem;
import org.zalando.problem.StatusType;
import static com.fasterxml.jackson.annotation.JsonInclude.Include.NON_EMPTY;
import static org.zalando.problem.Status.*;
@JsonInclude(NON_EMPTY)
@JsonIgnoreProperties({"stackTrace", "type", "title", "message", "localizedMessage", "parameters"})
public class CommonException extends AbstractThrowableProblem {
private CommonException(StatusType status, String detail) {
super(null, null, status, detail, null, null, null);
}
public static CommonException unauthorized() {
return new CommonException(UNAUTHORIZED, "Unauthorised or Bad Credentials");
}
public static CommonException forbidden() {
return new CommonException(FORBIDDEN, "Forbidden");
}
public static CommonException headerError() {
return new CommonException(FORBIDDEN, "Missing Header");
}
}

34
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/exception/UserAuthenticationErrorHandler.java Normal file
View File

@@ -0,0 +1,34 @@
package com.reflectoring.security.exception;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
public class UserAuthenticationErrorHandler extends BasicAuthenticationEntryPoint {
private final ObjectMapper objectMapper;
public UserAuthenticationErrorHandler() {
this.objectMapper = new ObjectMapper();
}
@Override
public void commence(HttpServletRequest request,
HttpServletResponse response,
AuthenticationException ex) throws IOException {
/*response.setContentType("application/json");
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.getOutputStream().println(objectMapper.writeValueAsString(CommonException.unauthorized()));
*/
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.addHeader("WWW-Authenticate", "Basic realm=" + getRealmName() + "");
final PrintWriter writer = response.getWriter();
writer.println("HTTP Status 401 : " + ex.getMessage());
}
}

28
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/exception/UserForbiddenErrorHandler.java Normal file
View File

@@ -0,0 +1,28 @@
package com.reflectoring.security.exception;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class UserForbiddenErrorHandler implements AccessDeniedHandler {
private final ObjectMapper objectMapper;
public UserForbiddenErrorHandler()
{
this.objectMapper = new ObjectMapper();
}
@Override
public void handle(HttpServletRequest request,
HttpServletResponse response,
AccessDeniedException ex) throws IOException {
response.setContentType("application/json");
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
response.getOutputStream().println(objectMapper.writeValueAsString(CommonException.forbidden()));
}
}

23
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/mapper/BookMapper.java Normal file
View File

@@ -0,0 +1,23 @@
package com.reflectoring.security.mapper;
import com.reflectoring.security.mapstruct.AuthorDto;
import com.reflectoring.security.mapstruct.BookDto;
import com.reflectoring.security.persistence.Author;
import com.reflectoring.security.persistence.Book;
import org.mapstruct.Mapper;
import java.util.List;
@Mapper(componentModel = "spring")
public interface BookMapper {
BookDto bookToBookDto(Book book);
List<BookDto> bookToBookDto(List<Book> book);
AuthorDto authorToAuthorDto(Author author);
Book bookDtoToBook(BookDto bookDto);
Author authorDtoToAuthor(AuthorDto authorDto);
}

50
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/mapstruct/AuthorDto.java Normal file
View File

@@ -0,0 +1,50 @@
package com.reflectoring.security.mapstruct;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.NoArgsConstructor;
@NoArgsConstructor
public class AuthorDto {
@JsonProperty("id")
private long id;
@JsonProperty("name")
private String name;
@JsonProperty("dob")
private String dob;
public long getId() {
return id;
}
public void setId(long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getDob() {
return dob;
}
public void setDob(String dob) {
this.dob = dob;
}
@Override
public String toString() {
return "AuthorDto{" +
"id=" + id +
", name='" + name + '\'' +
", dob='" + dob + '\'' +
'}';
}
}

87
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/mapstruct/BookDto.java Normal file
View File

@@ -0,0 +1,87 @@
package com.reflectoring.security.mapstruct;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.NoArgsConstructor;
import java.util.Set;
@NoArgsConstructor
public class BookDto {
@JsonProperty("bookId")
private long id;
@JsonProperty("bookName")
private String name;
@JsonProperty("publisher")
private String publisher;
@JsonProperty("publicationYear")
private String publicationYear;
@JsonProperty("genre")
private String genre;
@JsonProperty("authors")
private Set<AuthorDto> authors;
public long getId() {
return id;
}
public void setId(long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getPublisher() {
return publisher;
}
public void setPublisher(String publisher) {
this.publisher = publisher;
}
public String getPublicationYear() {
return publicationYear;
}
public void setPublicationYear(String publicationYear) {
this.publicationYear = publicationYear;
}
public String getGenre() {
return genre;
}
public void setGenre(String genre) {
this.genre = genre;
}
public Set<AuthorDto> getAuthors() {
return authors;
}
public void setAuthors(Set<AuthorDto> authors) {
this.authors = authors;
}
@Override
public String toString() {
return "BookDto{" +
"id=" + id +
", name='" + name + '\'' +
", publisher='" + publisher + '\'' +
", publicationYear='" + publicationYear + '\'' +
", genre=" + genre +
", authors=" + authors +
'}';
}
}

86
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/model/LibraryInfo.java Normal file
View File

@@ -0,0 +1,86 @@
package com.reflectoring.security.model;
public class LibraryInfo {
private String libName;
private String libAddress;
private String suburb;
private String postcode;
private String landmark;
private String phone;
private String email;
public String getLibName() {
return libName;
}
public void setLibName(String libName) {
this.libName = libName;
}
public String getLibAddress() {
return libAddress;
}
public void setLibAddress(String libAddress) {
this.libAddress = libAddress;
}
public String getSuburb() {
return suburb;
}
public void setSuburb(String suburb) {
this.suburb = suburb;
}
public String getPostcode() {
return postcode;
}
public void setPostcode(String postcode) {
this.postcode = postcode;
}
public String getLandmark() {
return landmark;
}
public void setLandmark(String landmark) {
this.landmark = landmark;
}
public String getPhone() {
return phone;
}
public void setPhone(String phone) {
this.phone = phone;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
@java.lang.Override
public java.lang.String toString() {
return "LibraryInfo{" +
"libName='" + libName + '\'' +
", libAddress='" + libAddress + '\'' +
", suburb='" + suburb + '\'' +
", postcode='" + postcode + '\'' +
", landmark='" + landmark + '\'' +
", phone='" + phone + '\'' +
", email='" + email + '\'' +
'}';
}
}

61
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/persistence/Author.java Normal file
View File

@@ -0,0 +1,61 @@
package com.reflectoring.security.persistence;
import javax.persistence.*;
import java.io.Serializable;
import java.util.Set;
@Entity
public class Author implements Serializable {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private long id;
private String name;
private String dob;
@ManyToMany(mappedBy = "authors")
private Set<Book> books;
public long getId() {
return id;
}
public void setId(long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Set<Book> getBooks() {
return books;
}
public void setBooks(Set<Book> books) {
this.books = books;
}
public String getDob() {
return dob;
}
public void setDob(String dob) {
this.dob = dob;
}
@Override
public String toString() {
return "Author{" +
"id=" + id +
", name='" + name + '\'' +
", dob='" + dob + '\'' +
'}';
}
}

86
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/persistence/Book.java Normal file
View File

@@ -0,0 +1,86 @@
package com.reflectoring.security.persistence;
import javax.persistence.*;
import java.io.Serializable;
import java.util.Set;
@Entity
@Table(name = "BOOK")
public class Book implements Serializable {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private long id;
private String name;
private String publisher;
private String publicationYear;
private String genre;
@ManyToMany(cascade = CascadeType.PERSIST, fetch = FetchType.LAZY)
@JoinTable(name = "author_book",
joinColumns = @JoinColumn(name = "book_id", referencedColumnName = "id"),
inverseJoinColumns = @JoinColumn(name = "author_id", referencedColumnName = "id"))
private Set<com.reflectoring.security.persistence.Author> authors;
public long getId() {
return id;
}
public void setId(long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Set<Author> getAuthors() {
return authors;
}
public void setAuthors(Set<com.reflectoring.security.persistence.Author> authors) {
this.authors = authors;
}
public String getPublisher() {
return publisher;
}
public void setPublisher(String publisher) {
this.publisher = publisher;
}
public String getPublicationYear() {
return publicationYear;
}
public void setPublicationYear(String publicationYear) {
this.publicationYear = publicationYear;
}
public String getGenre() {
return genre;
}
public void setGenre(String genre) {
this.genre = genre;
}
@Override
public String toString() {
return "Book{" +
"id=" + id +
", name='" + name + '\'' +
", publisher='" + publisher + '\'' +
", publicationYear='" + publicationYear + '\'' +
", genre=" + genre +
'}';
}
}

9
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/repository/AuthorRepository.java Normal file
View File

@@ -0,0 +1,9 @@
package com.reflectoring.security.repository;
import com.reflectoring.security.persistence.Author;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository;
@Repository
public interface AuthorRepository extends JpaRepository<Author, Long> {
}

18
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/repository/BookRepository.java Normal file
View File

@@ -0,0 +1,18 @@
package com.reflectoring.security.repository;
import com.reflectoring.security.persistence.Book;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.stereotype.Repository;
import java.util.List;
@Repository
public interface BookRepository extends JpaRepository<Book, Long> {
List<Book> findByGenre(String genre);
@PostAuthorize("returnObject.size() > 0")
List<Book> findAll();
}

92
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/repository/DatabaseComponent.java Normal file
View File

@@ -0,0 +1,92 @@
package com.reflectoring.security.repository;
import com.reflectoring.security.persistence.Author;
import com.reflectoring.security.persistence.Book;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.CommandLineRunner;
import org.springframework.stereotype.Component;
import java.util.Set;
@Component
public class DatabaseComponent implements CommandLineRunner {
private final BookRepository bookRepository;
@Autowired
public DatabaseComponent(BookRepository bookRepository) {
this.bookRepository = bookRepository;
}
@Override
public void run(String... args) throws Exception {
Book book = new Book();
book.setName("The Kite Runner");
book.setPublisher("Riverhead books");
book.setPublicationYear("2003");
book.setGenre("Fiction");
Author author = new Author();
author.setName("Khaled Hosseini");
author.setDob("04/03/1965");
book.setAuthors(Set.of(author));
bookRepository.save(book);
book = new Book();
book.setName("Exiles");
book.setPublisher("Pan Macmillan");
book.setPublicationYear("2022");
book.setGenre("Fiction");
author = new Author();
author.setName("Jane Harper");
author.setDob("01/06/1980");
book.setAuthors(Set.of(author));
bookRepository.save(book);
book = new Book();
book.setName("A Game of Thrones");
book.setPublisher("Bantam Spectra");
book.setPublicationYear("1996");
book.setGenre("Fantasy");
author = new Author();
author.setName("R.R.Martin");
author.setDob("20/09/1948");
book.setAuthors(Set.of(author));
bookRepository.save(book);
book = new Book();
book.setName("American Gods");
book.setPublisher("Headline");
book.setPublicationYear("2001");
book.setGenre("Fantasy");
author = new Author();
author.setName("Neil Gaiman");
author.setDob("10/11/1960");
book.setAuthors(Set.of(author));
bookRepository.save(book);
book = new Book();
book.setName("The Passenger");
book.setPublisher("Knopf");
book.setPublicationYear("2022");
book.setGenre("Mystery");
author = new Author();
author.setName("Cormac McCarthy");
author.setDob("20/07/1933");
book.setAuthors(Set.of(author));
bookRepository.save(book);
book = new Book();
book.setName("Gone Girl");
book.setPublisher("Crown Publishing Group");
book.setPublicationYear("2012");
book.setGenre("Mystery");
author = new Author();
author.setName("Gillian Flynn");
author.setDob("24/02/1971");
book.setAuthors(Set.of(author));
bookRepository.save(book);
}
}

50
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/service/BookService.java Normal file
View File

@@ -0,0 +1,50 @@
package com.reflectoring.security.service;
import com.reflectoring.security.mapper.BookMapper;
import com.reflectoring.security.mapstruct.BookDto;
import com.reflectoring.security.model.LibraryInfo;
import com.reflectoring.security.persistence.Book;
import com.reflectoring.security.repository.BookRepository;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import java.util.List;
@Service
public class BookService {
private static final Logger log = LoggerFactory.getLogger(BookService.class);
private final BookRepository bookRepository;
private final BookMapper bookMapper;
public BookService(BookRepository bookRepository, BookMapper bookMapper) {
this.bookRepository = bookRepository;
this.bookMapper = bookMapper;
}
public List<BookDto> getBook(String genre) {
List<Book> books = bookRepository.findByGenre(genre);
return bookMapper.bookToBookDto(books);
}
public List<BookDto> getAllBooks() {
List<Book> books = bookRepository.findAll();
return bookMapper.bookToBookDto(books);
}
public LibraryInfo getLibraryInfo() {
LibraryInfo info = new LibraryInfo();
info.setLibName("Chatswood Library");
info.setLibAddress("Lower Ground, The Concourse, 409 Victoria Avenue");
info.setSuburb("Chatswood");
info.setPostcode("2067");
info.setLandmark("Opp Westfield Shopping Centre");
info.setPhone("97777900");
info.setEmail("library@willoughby.nsw.gov.au");
return info;
}
}

50
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/web/BookController.java Normal file
View File

@@ -0,0 +1,50 @@
package com.reflectoring.security.web;
import com.reflectoring.security.exception.UserAuthenticationErrorHandler;
import com.reflectoring.security.mapstruct.BookDto;
import com.reflectoring.security.model.LibraryInfo;
import com.reflectoring.security.service.BookService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestParam;
import java.util.List;
@Controller
public class BookController {
private static final Logger log = LoggerFactory.getLogger(BookController.class);
private final BookService bookService;
public BookController(BookService bookService) {
this.bookService = bookService;
}
@GetMapping("/library/books")
@PreAuthorize("#user == authentication.principal.username")
public ResponseEntity<List<BookDto>> getBooks(@RequestParam String genre, @RequestParam String user) {
return ResponseEntity.ok().body(bookService.getBook(genre));
}
@GetMapping("/library/books/all")
@PreAuthorize("hasRole('ROLE_USER')")
public ResponseEntity<List<BookDto>> getAllBooks() {
return ResponseEntity.ok().body(bookService.getAllBooks());
}
@GetMapping("/library/info")
public ResponseEntity<LibraryInfo> getInfo() {
return ResponseEntity.ok().body(bookService.getLibraryInfo());
}
}

20
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/web/HomeController.java Normal file
View File

@@ -0,0 +1,20 @@
package com.reflectoring.security.web;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import javax.servlet.http.HttpServletResponse;
@Controller
public class HomeController {
@GetMapping("/home")
public String homePage(HttpServletResponse response) {
return "homePage";
}
@GetMapping("/invalidSession")
public String invalidSession(HttpServletResponse response) {
return "invalidSession";
}
}

13
spring-security/getting-started/SecureApplication/src/main/java/com/reflectoring/security/web/LoginController.java Normal file
View File

@@ -0,0 +1,13 @@
package com.reflectoring.security.web;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
@Controller
public class LoginController {
@GetMapping("/login")
String login() {
return "login";
}
}

1
spring-security/getting-started/SecureApplication/src/main/resources/application.properties Normal file
View File

@@ -0,0 +1 @@

28
spring-security/getting-started/SecureApplication/src/main/resources/application.yml Normal file
View File

@@ -0,0 +1,28 @@
server:
port: 8083
spring:
#security:
#user:
#name: admin
#password: passw@rd
datasource:
driver-class-name: org.hsqldb.jdbc.JDBCDriver
url: jdbc:hsqldb:mem:testdb;DB_CLOSE_DELAY=-1
username: sa
password:
logging:
level:
org.springframework: DEBUG
org.springframework.security: DEBUG
auth:
users:
loginadmin:
role: admin
password: loginpass
bookadmin:
role: user
password: bookpass

9
spring-security/getting-started/SecureApplication/src/main/resources/schema.sql Normal file
View File

@@ -0,0 +1,9 @@
TRUNCATE SCHEMA PUBLIC AND COMMIT;
CREATE TABLE IF NOT EXISTS BOOK( ID INTEGER GENERATED BY DEFAULT AS IDENTITY (START WITH 1000), NAME VARCHAR(45) NOT NULL, PRIMARY KEY(ID));
CREATE TABLE IF NOT EXISTS AUTHOR_BOOK( BOOK_ID INTEGER NOT NULL, AUTHOR_ID INTEGER NOT NULL, PRIMARY KEY(BOOK_ID, AUTHOR_ID));
CREATE TABLE IF NOT EXISTS AUTHOR( ID INTEGER GENERATED BY DEFAULT AS IDENTITY (START WITH 5000), NAME VARCHAR(45) NOT NULL, PRIMARY KEY(ID));
CREATE SEQUENCE IF NOT EXISTS hibernate_sequence START WITH 1 INCREMENT BY 1;

14
spring-security/getting-started/SecureApplication/src/main/resources/templates/homePage.html Normal file
View File

@@ -0,0 +1,14 @@
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<p>HomePage</p>
<div>
<a href="http://localhost:8083/logout">Logout</a></br>
<h2>SUCCESS</h2>
</div>
</body>
</html>

10
spring-security/getting-started/SecureApplication/src/main/resources/templates/invalidSession.html Normal file
View File

@@ -0,0 +1,10 @@
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<h2>Invalid Session</h2>
</body>
</html>

23
spring-security/getting-started/SecureApplication/src/main/resources/templates/login.html Normal file
View File

@@ -0,0 +1,23 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="https://www.thymeleaf.org">
<head>
<title>Please Log In</title>
</head>
<body>
<h1>Please Log In</h1>
<div th:if="${param.error}">
Invalid username and password.</div>
<div th:if="${param.logout}">
You have been logged out.</div>
<form th:action="@{/login}" method="post">
<div>
<input type="text" name="username" placeholder="Username"/>
</div>
<div>
<input type="password" name="password" placeholder="Password"/>
</div>
<input type="submit" value="Log in" />
</form>
</body>
</html>

13
spring-security/getting-started/SecureApplication/src/test/java/com/reflectoring/security/SecurityApplicationTests.java Normal file
View File

@@ -0,0 +1,13 @@
package com.reflectoring.security;
import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;
@SpringBootTest
class SecurityApplicationTests {
@Test
void contextLoads() {
}
}

122
spring-security/getting-started/SecureApplication/src/test/java/com/reflectoring/security/web/BookControllerTest.java Normal file
View File

@@ -0,0 +1,122 @@
package com.reflectoring.security.web;
import com.reflectoring.security.config.BasicAuthProperties;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.security.test.context.support.WithMockUser;
import org.springframework.security.test.context.support.WithUserDetails;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.jdbc.Sql;
import org.springframework.test.context.jdbc.SqlGroup;
import org.springframework.test.web.servlet.MockMvc;
import static org.hamcrest.Matchers.hasSize;
import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated;
import static org.springframework.test.context.jdbc.Sql.ExecutionPhase.BEFORE_TEST_METHOD;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
@SpringBootTest
@AutoConfigureMockMvc
@SqlGroup({
@Sql(value = "classpath:init/first.sql", executionPhase = BEFORE_TEST_METHOD),
@Sql(value = "classpath:init/second.sql", executionPhase = BEFORE_TEST_METHOD)
})
public class BookControllerTest {
@Autowired
private MockMvc mockMvc;
@Test
@WithMockUser(username = "bookadmin", roles = {"USER"})
void successIfSecurityApplies() throws Exception {
mockMvc.perform(get("/library/books")
.param("genre", "Fiction")
.param("user", "bookadmin")
.header("X-Application-Name", "Library"))
.andDo(print())
.andExpect(status().isOk())
.andExpect(authenticated().withUsername("bookadmin"))
.andExpect(authenticated().withRoles("USER"))
.andExpect(jsonPath("$", hasSize(3)))
;
}
@Test
@WithMockUser(username = "bookadmin", roles = {"ADMIN"})
void failsForWrongAuthorization() throws Exception {
mockMvc.perform(get("/library/books")
.param("genre", "Fiction")
.param("user", "bookadmin")
.header("X-Application-Name", "Library"))
.andDo(print())
.andExpect(status().isForbidden())
;
}
@Test
void failsIfSecurityApplies() throws Exception {
mockMvc.perform(get("/library/books")
.param("genre", "Fiction")
.param("user", "bookadmin")
.header("X-Application-Name", "Library"))
.andDo(print())
.andExpect(status().isUnauthorized())
;
}
@Test
@WithUserDetails(value="bookadmin", userDetailsServiceBeanName="userDetailsService")
void testBookWithConfiguredUserDetails() throws Exception {
mockMvc.perform(get("/library/books")
.param("genre", "Fantasy")
.param("user", "bookadmin")
.header("X-Application-Name", "Library"))
.andDo(print())
.andExpect(status().isOk())
.andExpect(jsonPath("$", hasSize(1)))
;
}
@Test
@WithUserDetails(value="bookadmin", userDetailsServiceBeanName="userDetailsService")
void failsIfMandatoryHeaderIsMissing() throws Exception {
mockMvc.perform(get("/library/books")
.param("genre", "Fantasy")
.param("user", "bookadmin"))
//.header("X-Application-Name", "Library"))
.andDo(print())
.andExpect(status().isForbidden())
;
}
@Test
@WithUserDetails(value="bookadmin", userDetailsServiceBeanName="userDetailsService")
void failsIfPreAuthorizeConditionFails() throws Exception {
mockMvc.perform(get("/library/books")
.param("genre", "Fantasy")
.param("user", "bookuser")
.header("X-Application-Name", "Library"))
.andDo(print())
.andExpect(status().isForbidden())
;
}
@Test
//@WithUserDetails(value="bookadmin", userDetailsServiceBeanName="userDetailsService")
void testBookWithWrongCredentialsUserDetails() throws Exception {
mockMvc.perform(get("/library/books")
.param("genre", "Fantasy")
.param("user", "bookadmin")
.header("X-Application-Name", "Library")
.with(httpBasic("bookadmin", "password")))
.andDo(print())
.andExpect(status().isUnauthorized());
}
}

21
spring-security/getting-started/SecureApplication/src/test/resources/application-test.yml Normal file
View File

@@ -0,0 +1,21 @@
spring:
datasource:
driver-class-name: org.hsqldb.jdbc.JDBCDriver
url: jdbc:hsqldb:mem:testdb;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
username: sa
password:
jpa:
hibernate:
ddl-auto: create-drop
defer-datasource-initialization: true
show-sql: true
properties:
hibernate:
dialect: H2Dialect
format_sql: true
logging:
level:
org:
hibernate:
sql: info

3
spring-security/getting-started/SecureApplication/src/test/resources/init/first.sql Normal file
View File

@@ -0,0 +1,3 @@
TRUNCATE TABLE AUTHOR_BOOK RESTART IDENTITY;
TRUNCATE TABLE BOOK RESTART IDENTITY;
TRUNCATE TABLE AUTHOR RESTART IDENTITY;

5
spring-security/getting-started/SecureApplication/src/test/resources/init/second.sql Normal file
View File

@@ -0,0 +1,5 @@
INSERT INTO BOOK (id, name, publisher, publication_year, genre) VALUES (1, 'The Kite Runner', 'Riverhead books', '2003', 'Fiction');
INSERT INTO BOOK (id, name, publisher, publication_year, genre) VALUES (2, 'Exiles', 'Pan Macmillan', '2022', 'Fiction');
INSERT INTO BOOK (id, name, publisher, publication_year, genre) VALUES (3, 'A Game of Thrones', 'Bantam Spectra', '1996', 'Fiction');
INSERT INTO BOOK (id, name, publisher, publication_year, genre) VALUES (4, 'American Gods', 'Headline', '2001', 'Fantasy');
INSERT INTO BOOK (id, name, publisher, publication_year, genre) VALUES (5, 'The Passenger', 'Knopf', '2022', 'Mystery');