florian/hexagonal-architecture-starter
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add basic auth spring security configuration.

Browse Source
This commit is contained in:
Florian THIERRY
2023-11-28 15:17:46 +01:00
parent 025197525c
commit 914785a29b
11 changed files with 191 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
sportshub-application/pom.xml
View File

@@ -25,5 +25,13 @@
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>jakarta.servlet</groupId>
<artifactId>jakarta.servlet-api</artifactId>
</dependency>
</dependencies>
</project>

57
sportshub-application/src/main/java/org/sportshub/application/configuration/SecurityConfiguration.java Normal file
View File

@@ -0,0 +1,57 @@
package org.sportshub.application.configuration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import jakarta.servlet.DispatcherType;
import jakarta.servlet.http.HttpServletResponse;
@Configuration
@EnableWebSecurity
public class SecurityConfiguration {
@Bean
public SecurityFilterChain securityFilterChain(
HttpSecurity httpSecurity
) throws Exception {
httpSecurity
.csrf(AbstractHttpConfigurer::disable)
.httpBasic(Customizer.withDefaults())
.authorizeHttpRequests(requests -> requests
.dispatcherTypeMatchers(DispatcherType.FORWARD).permitAll()
.requestMatchers(
HttpMethod.GET,
"/api/health/check"
).permitAll()
.requestMatchers(
HttpMethod.POST,
"/api/users/login"
).permitAll()
.anyRequest().authenticated()
)
.exceptionHandling(configurer -> configurer
.defaultAuthenticationEntryPointFor(
(request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED),
new AntPathRequestMatcher("/api/**")
).defaultAccessDeniedHandlerFor(
(request, response, accessDeniedException) -> response.sendError(HttpServletResponse.SC_FORBIDDEN),
new AntPathRequestMatcher("/api/**")
)
);
return httpSecurity.build();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}

51
sportshub-application/src/main/java/org/sportshub/application/user/CustomUserDetails.java Normal file
View File

@@ -0,0 +1,51 @@
package org.sportshub.application.user;
import static java.util.Collections.emptyList;
import java.util.Collection;
import org.sportshub.domain.user.model.User;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
public class CustomUserDetails implements UserDetails {
private final User user;
public CustomUserDetails(final User user) {
this.user = user;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return emptyList();
}
@Override
public String getUsername() {
return user.id().toString();
}
@Override
public String getPassword() {
return user.password();
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}

33
sportshub-application/src/main/java/org/sportshub/application/user/CustomUserDetailsService.java Normal file
View File

@@ -0,0 +1,33 @@
package org.sportshub.application.user;
import java.util.UUID;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
@Service
public class CustomUserDetailsService implements UserDetailsService {
private final UserUseCases userUseCases;
public CustomUserDetailsService(final UserUseCases userUseCases) {
this.userUseCases = userUseCases;
}
@Override
public UserDetails loadUserByUsername(final String userIdAsString) throws UsernameNotFoundException {
UUID userId = parseUserId(userIdAsString);
return userUseCases.findById(userId)
.map(CustomUserDetails::new)
.orElseThrow(() -> new UsernameNotFoundException(userIdAsString));
}
private UUID parseUserId(final String userIdAsString) {
try {
return UUID.fromString(userIdAsString);
} catch (IllegalArgumentException exception) {
throw new UsernameNotFoundException(userIdAsString);
}
}
}

5
sportshub-application/src/main/java/org/sportshub/application/user/UserUseCases.java
View File

@@ -1,5 +1,6 @@
package org.sportshub.application.user;
import java.util.List;
import java.util.Optional;
import java.util.UUID;
@@ -18,4 +19,8 @@ public class UserUseCases {
public Optional<User> findById(UUID userId) {
return userPort.findById(userId);
}
public List<User> findAll() {
return userPort.findAll();
}
}