From c41d997b1046fcc7bf04e8abb317907425bdb714 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Tue, 30 Jan 2018 17:51:13 +0300
Subject: web: authenticate services over api

---
 .../NotificationsAppConfiguration.java             | 14 ----------
 .../JuickServerComponentConfiguration.java         | 32 ++++++++++++++++++----
 2 files changed, 27 insertions(+), 19 deletions(-)

diff --git a/juick-notifications/src/main/java/com/juick/components/configuration/NotificationsAppConfiguration.java b/juick-notifications/src/main/java/com/juick/components/configuration/NotificationsAppConfiguration.java
index 5cd2b3cd..67293373 100644
--- a/juick-notifications/src/main/java/com/juick/components/configuration/NotificationsAppConfiguration.java
+++ b/juick-notifications/src/main/java/com/juick/components/configuration/NotificationsAppConfiguration.java
@@ -29,10 +29,6 @@ import java.util.List;
 @Import({ APNSConfiguration.class, MPNSConfiguration.class,
         GCMConfiguration.class, JuickServerComponentConfiguration.class})
 public class NotificationsAppConfiguration extends BaseWebConfiguration {
-    @Value("${api_user:juick}")
-    private String apiUser;
-    @Value("${api_password:secret}")
-    private String apiSecret;
 
     @Bean
     public JuickServerComponent juickServerComponent() {
@@ -43,16 +39,6 @@ public class NotificationsAppConfiguration extends BaseWebConfiguration {
         return new JuickServerReconnectManager();
     }
 
-    @Bean
-    public RestTemplate rest() {
-        RestTemplate rest = new RestTemplate();
-        List<ClientHttpRequestInterceptor> interceptors = Collections.singletonList(
-                new BasicAuthorizationInterceptor(apiUser, apiSecret));
-
-        rest.setRequestFactory(new InterceptingClientHttpRequestFactory(rest.getRequestFactory(), interceptors));
-        return rest;
-    }
-
     @Bean
     public Notifications push() {
         return new Notifications();
diff --git a/juick-server-web/src/main/java/com/juick/server/configuration/JuickServerComponentConfiguration.java b/juick-server-web/src/main/java/com/juick/server/configuration/JuickServerComponentConfiguration.java
index 5b0cf178..3e8b3865 100644
--- a/juick-server-web/src/main/java/com/juick/server/configuration/JuickServerComponentConfiguration.java
+++ b/juick-server-web/src/main/java/com/juick/server/configuration/JuickServerComponentConfiguration.java
@@ -1,31 +1,53 @@
 package com.juick.server.configuration;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
 import com.juick.server.component.JuickServerComponent;
-import com.juick.service.UserService;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.ResponseEntity;
+import org.springframework.http.client.ClientHttpRequestInterceptor;
+import org.springframework.http.client.InterceptingClientHttpRequestFactory;
+import org.springframework.http.client.support.BasicAuthorizationInterceptor;
 import org.springframework.scheduling.annotation.EnableScheduling;
+import org.springframework.web.client.RestTemplate;
 import org.springframework.web.socket.client.WebSocketConnectionManager;
 import org.springframework.web.socket.client.standard.StandardWebSocketClient;
 import org.springframework.web.util.UriComponentsBuilder;
 
 import javax.inject.Inject;
+import java.io.IOException;
+import java.util.Collections;
+import java.util.List;
 
 @Configuration
 @EnableScheduling
 public class JuickServerComponentConfiguration {
     @Value("${websocket_url:ws://localhost:8080/}")
     private String baseUri;
-    @Value("${service_user:juick}")
+    @Value("${api_user:juick}")
     private String serviceUser;
+    @Value("${api_password:secret}")
+    private String servicePassword;
     @Inject
-    private UserService userService;
+    ObjectMapper jsonMapper;
     @Inject
     private JuickServerComponent juickServerComponent;
     @Bean
-    public WebSocketConnectionManager connectionManager() {
-        String hash = userService.getHashByUID(userService.getUIDbyName(serviceUser));
+    public RestTemplate rest() {
+        RestTemplate rest = new RestTemplate();
+        List<ClientHttpRequestInterceptor> interceptors = Collections.singletonList(
+                new BasicAuthorizationInterceptor(serviceUser, servicePassword));
+
+        rest.setRequestFactory(new InterceptingClientHttpRequestFactory(rest.getRequestFactory(), interceptors));
+        return rest;
+    }
+    @Bean
+    public WebSocketConnectionManager connectionManager() throws IOException {
+        ResponseEntity<String> response = rest().exchange("https://api.juick.com/auth",
+                HttpMethod.GET, null, String.class);
+        String hash = jsonMapper.readValue(response.getBody(), String.class);
         String websocketURI = UriComponentsBuilder.fromUriString(baseUri)
                 .queryParam("hash", hash).build().toUriString();
         WebSocketConnectionManager manager = new WebSocketConnectionManager(client(), juickServerComponent, websocketURI);
-- 
cgit v1.2.3