Create endpoint for google oauth, generate JWT token, save to DB by email
This commit is contained in:
Dmitrii Cravcenco
@@ -6,6 +6,7 @@ import com.faf223.expensetrackerfaf.security.PersonDetails;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Primary;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.AuthenticationProvider;
|
||||
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
||||
@@ -19,12 +20,11 @@ import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
@RequiredArgsConstructor
|
||||
public class ApplicationConfig {
|
||||
|
||||
private final UserRepository userRepository;
|
||||
private final CredentialRepository credentialRepository;
|
||||
|
||||
@Bean
|
||||
public UserDetailsService userDetailsService() {
|
||||
return username -> new PersonDetails(credentialRepository.findByEmail(username).orElseThrow((() -> new UsernameNotFoundException("User not found"))));
|
||||
return username -> new PersonDetails(credentialRepository.findByEmail(username).orElseThrow(() -> new UsernameNotFoundException("User not found")));
|
||||
}
|
||||
|
||||
@Bean
|
||||
@@ -44,4 +44,10 @@ public class ApplicationConfig {
|
||||
public PasswordEncoder passwordEncoder() {
|
||||
return new BCryptPasswordEncoder();
|
||||
}
|
||||
@Bean
|
||||
@Primary
|
||||
public JwtAuthenticationFilter customJwtAuthenticationFilter(JwtService jwtService, UserDetailsService userDetailsService) {
|
||||
return new JwtAuthenticationFilter(jwtService, userDetailsService);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -31,8 +31,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
|
||||
@NonNull HttpServletResponse response,
|
||||
@NonNull FilterChain filterChain
|
||||
) throws ServletException, IOException {
|
||||
if (request.getServletPath().contains("/api/v1/auth") || request.getServletPath().contains("/github")) {
|
||||
System.out.println("hi");
|
||||
if (request.getServletPath().contains("/api/v1/auth")) {
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -5,6 +5,7 @@ import io.jsonwebtoken.Jwts;
|
||||
import io.jsonwebtoken.SignatureAlgorithm;
|
||||
import io.jsonwebtoken.io.Decoders;
|
||||
import io.jsonwebtoken.security.Keys;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.stereotype.Service;
|
||||
@@ -16,6 +17,7 @@ import java.util.Map;
|
||||
import java.util.function.Function;
|
||||
|
||||
@Service
|
||||
@RequiredArgsConstructor
|
||||
public class JwtService {
|
||||
|
||||
@Value("${application.security.jwt.secret-key}")
|
||||
@@ -24,6 +26,8 @@ public class JwtService {
|
||||
private long jwtExpiration;
|
||||
@Value("${application.security.jwt.refresh-token.expiration}")
|
||||
private long refreshExpiration;
|
||||
// private final AuthenticationService authenticationService;
|
||||
|
||||
|
||||
public String extractUsername(String token) {
|
||||
return extractClaim(token, Claims::getSubject);
|
||||
|
||||
@@ -1,23 +1,27 @@
|
||||
package com.faf223.expensetrackerfaf.config;
|
||||
|
||||
import com.faf223.expensetrackerfaf.controller.auth.JwtAuthenticationSuccessHandler;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.authentication.AuthenticationProvider;
|
||||
import org.springframework.security.config.Customizer;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
import org.springframework.security.web.authentication.HttpStatusEntryPoint;
|
||||
import org.springframework.web.cors.CorsConfiguration;
|
||||
import org.springframework.web.cors.CorsConfigurationSource;
|
||||
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
||||
|
||||
import java.util.Arrays;
|
||||
|
||||
import static org.springframework.security.config.Customizer.withDefaults;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
@EnableMethodSecurity
|
||||
@@ -41,16 +45,30 @@ public class SecurityConfiguration {
|
||||
.cors(Customizer.withDefaults())
|
||||
.csrf(AbstractHttpConfigurer::disable)
|
||||
.authorizeHttpRequests(auth -> auth
|
||||
.requestMatchers("/api/v1/auth/**", "/github").permitAll()
|
||||
// .requestMatchers("/api/v1/auth/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2Login(Customizer.withDefaults())
|
||||
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
||||
.authenticationProvider(authenticationProvider)
|
||||
.addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class); // will be executed before UsernamePasswordAuthenticationFilter
|
||||
.oauth2Login(withDefaults());
|
||||
// .exceptionHandling(exceptionHandling ->
|
||||
// exceptionHandling
|
||||
// .authenticationEntryPoint(authenticationEntryPoint())
|
||||
// )
|
||||
// .oauth2Login(oauth2Login ->
|
||||
// oauth2Login
|
||||
// .loginPage("/login")
|
||||
// .clientRegistrationRepository(clientRegistrationRepository)
|
||||
// .userInfoEndpoint(userInfoEndpoint ->
|
||||
// userInfoEndpoint.userService(oAuth2UserService())
|
||||
// )
|
||||
// .successHandler(jwtAuthenticationSuccessHandler()));
|
||||
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public JwtAuthenticationSuccessHandler jwtAuthenticationSuccessHandler() {
|
||||
return new JwtAuthenticationSuccessHandler();
|
||||
}
|
||||
@Bean
|
||||
public CorsConfigurationSource corsConfigurationSource() {
|
||||
CorsConfiguration configuration = new CorsConfiguration();
|
||||
@@ -63,8 +81,8 @@ public class SecurityConfiguration {
|
||||
return source;
|
||||
}
|
||||
|
||||
// @Bean
|
||||
// public OAuth2UserService oAuth2UserService() {
|
||||
// return new DefaultOAuth2UserService();
|
||||
// }
|
||||
@Bean
|
||||
public AuthenticationEntryPoint authenticationEntryPoint() {
|
||||
return new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user