Untitled

mail@pastecode.io avatar
unknown
plain_text
a month ago
5.0 kB
2
Indexable
Never
package com.samsung.srv.configuration;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.samsung.srv.entity.User;
import com.samsung.srv.filter.JWTAuthenticationFilter;
import com.samsung.srv.filter.JWTAuthorizationFilter;
import com.samsung.srv.repository.UserRepository;
import com.samsung.srv.service.impl.UserDetailsServiceImpl;
import com.samsung.srv.utils.Constants;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import java.util.Collections;
import java.util.HashSet;
import java.util.Set;

@EnableWebSecurity
@ComponentScan("com.samsung.srv.*")
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    private final UserDetailsServiceImpl userDetailsService;
    private final JwtConfig jwtConfig;
    private final ObjectMapper mapper;
    private final UserRepository userRepository;

    @Autowired
    public SecurityConfiguration(UserDetailsServiceImpl userDetailsService, JwtConfig jwtConfig, ObjectMapper mapper, UserRepository userRepository) {
        super();
        this.userDetailsService = userDetailsService;
        this.jwtConfig = jwtConfig;
        this.mapper = mapper;
        this.userRepository = userRepository;
    }

    @Bean
    public JWTAuthenticationFilter jwtAuthenticationFilter() throws Exception {
        return new JWTAuthenticationFilter(jwtConfig, authenticationManager(), mapper);
    }

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.cors().and().csrf().disable().authorizeRequests()

                // Permit all public access
                .antMatchers(HttpMethod.POST, "/api/login").hasRole("admin")
                // user routes
                .antMatchers(HttpMethod.GET, "/users**").hasRole("user")
                .antMatchers(HttpMethod.PUT, "/users**").hasRole("user")
                // admin only routes
                .antMatchers(HttpMethod.POST, "/departments**", "/users**")
                .hasRole("admin")
                .antMatchers(HttpMethod.GET, "/departments**", "/users", "/users/{id}", "/departments",
                        "/departments/{id}")
                .hasRole("admin").antMatchers(HttpMethod.PUT, "/users**", "/departments")
                .hasRole("admin").antMatchers(HttpMethod.DELETE, "/departments**", "/users**").hasRole("admin").anyRequest()
                .authenticated().and()
                //.addFilter(new JWTAuthenticationFilter(jwtConfig, authenticationManager(), mapper))
                .addFilter(new JWTAuthorizationFilter(authenticationManagerBean(), jwtConfig)).sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS);

        http.addFilterBefore(new JWTAuthenticationFilter(jwtConfig, authenticationManager(), mapper), UsernamePasswordAuthenticationFilter.class);

    }

    @Override
    @Autowired
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(
                username -> {
                    User user = userRepository.findByUsername(username);
                    if (user == null) throw new UsernameNotFoundException("Invalid user");
                    Set<GrantedAuthority> grantedAuthorities = new HashSet<>();
                    grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_" + user.getRole()));
                    return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), grantedAuthorities);
                }
        );
    }
}
Leave a Comment