From 55b09a6a3bc4a21201189d855e140308f05016fb Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Fri, 25 Nov 2016 13:20:15 +0300 Subject: juick-api: security WIP --- .../juick/api/configuration/ApiSecurityConfig.java | 79 ++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100644 juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java (limited to 'juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java') diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java new file mode 100644 index 00000000..c0043950 --- /dev/null +++ b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java @@ -0,0 +1,79 @@ +package com.juick.api.configuration; + +import com.juick.server.security.JuickAuthenticationEntryPoint; +import com.juick.server.security.JuickAuthenticationProvider; +import com.juick.server.security.entities.JuickUser; +import com.juick.service.UserService; +import org.apache.commons.lang3.StringUtils; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.PropertySource; +import org.springframework.core.env.Environment; +import org.springframework.http.HttpMethod; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.builders.WebSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; + +import javax.annotation.Resource; +import javax.inject.Inject; + +/** + * Created by aalexeev on 11/21/16. + */ +@Configuration +@EnableWebSecurity +@PropertySource("classpath:juick.conf") +public class ApiSecurityConfig extends WebSecurityConfigurerAdapter { + @Resource + private Environment env; + @Resource + private UserService userService; + + protected ApiSecurityConfig() { + super(true); + } + + @Bean + public JuickAuthenticationEntryPoint getBasicAuthEntryPoint(){ + return new JuickAuthenticationEntryPoint(); + } + + @Bean("userDetailsService") + @Override + public UserDetailsService userDetailsServiceBean() throws Exception { + return username -> { + if (StringUtils.isBlank(username)) + throw new UsernameNotFoundException("Invalid user name " + username); + + com.juick.User user = userService.getUserByName(username); + + if (user != null) + return new JuickUser(user); + + throw new UsernameNotFoundException("The username " + username + " is not found"); + }; + } + + @Override + protected void configure(HttpSecurity http) throws Exception { + http + .authorizeRequests() + .antMatchers("/home").hasRole("USER") + .and().httpBasic().authenticationEntryPoint(new JuickAuthenticationEntryPoint()) + .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); + } + + @Inject + public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception { + auth.authenticationProvider(new JuickAuthenticationProvider()); + } + @Override + public void configure(WebSecurity web) throws Exception { + web.ignoring().antMatchers(HttpMethod.OPTIONS, "/**"); + } +} -- cgit v1.2.3