diff options
| author |  Vitaly Takmazov | 2023-01-04 03:37:05 +0300 |
|---|---|---|
| committer | Vitaly Takmazov | 2023-01-04 03:37:05 +0300 |
| commit | 086d9a7625bfc5a386f5b1028d364fb546c2fa9d (patch) | |
| tree | 54db8116fa0eaa40e5617d17545e62148b8c608f /src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java | |
| parent | aa9240e5431c5ee81f3d25d6481c66c445d11711 (diff) | |
JWT authentication for API
Diffstat (limited to 'src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java')
| -rw-r--r-- | src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java | 23 |
1 files changed, 7 insertions, 16 deletions
diff --git a/src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java b/src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java index 92e26406..5f6a730e 100644 --- a/src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java +++ b/src/main/java/com/juick/service/security/HTTPSignatureAuthenticationFilter.java @@ -17,21 +17,19 @@ package com.juick.service.security; -import com.juick.model.User; import com.juick.SignatureManager; +import com.juick.model.User; import com.juick.service.UserService; import com.juick.service.security.entities.JuickUser; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import org.apache.commons.lang3.StringUtils; import org.springframework.security.authentication.AnonymousAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.web.filter.OncePerRequestFilter; - -import jakarta.servlet.FilterChain; -import jakarta.servlet.ServletException; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; import javax.annotation.Nonnull; import java.io.IOException; @@ -39,7 +37,7 @@ import java.util.Collections; import java.util.Map; import java.util.stream.Collectors; -public class HTTPSignatureAuthenticationFilter extends OncePerRequestFilter { +public class HTTPSignatureAuthenticationFilter extends BaseAuthenticationFilter { private final SignatureManager signatureManager; private final UserService userService; @@ -69,6 +67,7 @@ public class HTTPSignatureAuthenticationFilter extends OncePerRequestFilter { new JuickUser(user), userWithPassword.getCredentials(), JuickUser.USER_AUTHORITY); SecurityContextHolder.getContext().setAuthentication(authentication); } else { + // anonymous must have with uri Authentication authentication = new AnonymousAuthenticationToken(userUri, new JuickUser(user), JuickUser.ANONYMOUS_AUTHORITY); SecurityContextHolder.getContext().setAuthentication(authentication); @@ -79,12 +78,4 @@ public class HTTPSignatureAuthenticationFilter extends OncePerRequestFilter { filterChain.doFilter(request, response); } - - private boolean authenticationIsRequired() { - Authentication existingAuth = SecurityContextHolder.getContext().getAuthentication(); - - return existingAuth == null || - !existingAuth.isAuthenticated() || - existingAuth instanceof AnonymousAuthenticationToken; - } } |