From 3c037e00d89a4ad5d0df57b3216857237ab81886 Mon Sep 17 00:00:00 2001 From: Alexander Alexeev Date: Sat, 26 Nov 2016 04:24:14 +0700 Subject: api configuration --- .../api/configuration/ApiAppConfiguration.java | 11 +++--- .../juick/api/configuration/ApiInitializer.java | 10 +++--- .../juick/api/configuration/ApiSecurityConfig.java | 40 +++++++++------------- .../api/configuration/ApiSecurityInitializer.java | 10 ++++++ 4 files changed, 37 insertions(+), 34 deletions(-) diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiAppConfiguration.java b/juick-api/src/main/java/com/juick/api/configuration/ApiAppConfiguration.java index 8f1e269b..b4b9df57 100644 --- a/juick-api/src/main/java/com/juick/api/configuration/ApiAppConfiguration.java +++ b/juick-api/src/main/java/com/juick/api/configuration/ApiAppConfiguration.java @@ -2,8 +2,9 @@ package com.juick.api.configuration; import com.juick.api.ApiServer; import com.juick.api.TGBot; -import com.juick.configuration.DataConfiguration; -import org.springframework.context.annotation.*; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.PropertySource; import org.springframework.core.env.Environment; import javax.inject.Inject; @@ -13,17 +14,17 @@ import javax.inject.Inject; */ @Configuration @PropertySource("classpath:juick.conf") -@Import(DataConfiguration.class) public class ApiAppConfiguration { @Inject private Environment env; @Bean - ApiServer apiServer() { + public ApiServer apiServer() { return new ApiServer(env); } + @Bean - TGBot tgBot() { + public TGBot tgBot() { return new TGBot(env.getProperty("telegram_token", "")); } } diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiInitializer.java b/juick-api/src/main/java/com/juick/api/configuration/ApiInitializer.java index 2dc25e66..63ba52e8 100644 --- a/juick-api/src/main/java/com/juick/api/configuration/ApiInitializer.java +++ b/juick-api/src/main/java/com/juick/api/configuration/ApiInitializer.java @@ -1,5 +1,7 @@ package com.juick.api.configuration; +import com.juick.configuration.DataConfiguration; +import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer; import org.springframework.web.filter.CharacterEncodingFilter; import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer; @@ -12,12 +14,12 @@ public class ApiInitializer extends AbstractAnnotationConfigDispatcherServletIni @Override protected Class[] getRootConfigClasses() { - return new Class[]{ApiAppConfiguration.class}; + return new Class[]{ApiAppConfiguration.class, ApiSecurityConfig.class, DataConfiguration.class}; } @Override protected Class[] getServletConfigClasses() { - return new Class[]{ApiMvcConfiguration.class, ApiSecurityConfig.class}; + return new Class[]{ApiMvcConfiguration.class}; } @Override @@ -27,9 +29,7 @@ public class ApiInitializer extends AbstractAnnotationConfigDispatcherServletIni @Override protected Filter[] getServletFilters() { - CharacterEncodingFilter characterEncodingFilter = new CharacterEncodingFilter(); - characterEncodingFilter.setEncoding("UTF-8"); - return new Filter[]{characterEncodingFilter}; + return new Filter[]{new CharacterEncodingFilter("UTF-8")}; } @Override diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java index c0043950..8d074f7c 100644 --- a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java +++ b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java @@ -19,27 +19,37 @@ import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; -import javax.annotation.Resource; import javax.inject.Inject; /** * Created by aalexeev on 11/21/16. */ @Configuration -@EnableWebSecurity +@EnableWebSecurity(debug = true) @PropertySource("classpath:juick.conf") public class ApiSecurityConfig extends WebSecurityConfigurerAdapter { - @Resource + @Inject private Environment env; - @Resource + @Inject private UserService userService; - protected ApiSecurityConfig() { + ApiSecurityConfig() { super(true); } + @Override + protected void configure(HttpSecurity http) throws Exception { + http.authorizeRequests() + .antMatchers("/home").hasRole("USER") + .antMatchers(HttpMethod.OPTIONS).permitAll() + .and().httpBasic().authenticationEntryPoint(getBasicAuthEntryPoint()) + .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) + .and().exceptionHandling().authenticationEntryPoint(getBasicAuthEntryPoint()) + .and().authenticationProvider(new JuickAuthenticationProvider()); + } + @Bean - public JuickAuthenticationEntryPoint getBasicAuthEntryPoint(){ + public JuickAuthenticationEntryPoint getBasicAuthEntryPoint() { return new JuickAuthenticationEntryPoint(); } @@ -58,22 +68,4 @@ public class ApiSecurityConfig extends WebSecurityConfigurerAdapter { throw new UsernameNotFoundException("The username " + username + " is not found"); }; } - - @Override - protected void configure(HttpSecurity http) throws Exception { - http - .authorizeRequests() - .antMatchers("/home").hasRole("USER") - .and().httpBasic().authenticationEntryPoint(new JuickAuthenticationEntryPoint()) - .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); - } - - @Inject - public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception { - auth.authenticationProvider(new JuickAuthenticationProvider()); - } - @Override - public void configure(WebSecurity web) throws Exception { - web.ignoring().antMatchers(HttpMethod.OPTIONS, "/**"); - } } diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityInitializer.java b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityInitializer.java index 295e367c..42b678b6 100644 --- a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityInitializer.java +++ b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityInitializer.java @@ -3,8 +3,18 @@ package com.juick.api.configuration; /** * Created by vitalyster on 25.11.2016. */ + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer; +import javax.servlet.ServletContext; + public class ApiSecurityInitializer extends AbstractSecurityWebApplicationInitializer { + private final Logger logger = LoggerFactory.getLogger(getClass()); + @Override + protected void afterSpringSecurityFilterChain(ServletContext servletContext) { + logger.info("SpringSecurityFilterChain initialized"); + } } -- cgit v1.2.3