From 3c037e00d89a4ad5d0df57b3216857237ab81886 Mon Sep 17 00:00:00 2001
From: Alexander Alexeev
Date: Sat, 26 Nov 2016 04:24:14 +0700
Subject: api configuration

---
 .../api/configuration/ApiAppConfiguration.java     | 11 +++---
 .../juick/api/configuration/ApiInitializer.java    | 10 +++---
 .../juick/api/configuration/ApiSecurityConfig.java | 40 +++++++++-------------
 .../api/configuration/ApiSecurityInitializer.java  | 10 ++++++
 4 files changed, 37 insertions(+), 34 deletions(-)

(limited to 'juick-api/src/main/java/com/juick/api/configuration')

diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiAppConfiguration.java b/juick-api/src/main/java/com/juick/api/configuration/ApiAppConfiguration.java
index 8f1e269b..b4b9df57 100644
--- a/juick-api/src/main/java/com/juick/api/configuration/ApiAppConfiguration.java
+++ b/juick-api/src/main/java/com/juick/api/configuration/ApiAppConfiguration.java
@@ -2,8 +2,9 @@ package com.juick.api.configuration;
 
 import com.juick.api.ApiServer;
 import com.juick.api.TGBot;
-import com.juick.configuration.DataConfiguration;
-import org.springframework.context.annotation.*;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;
 import org.springframework.core.env.Environment;
 
 import javax.inject.Inject;
@@ -13,17 +14,17 @@ import javax.inject.Inject;
  */
 @Configuration
 @PropertySource("classpath:juick.conf")
-@Import(DataConfiguration.class)
 public class ApiAppConfiguration {
     @Inject
     private Environment env;
 
     @Bean
-    ApiServer apiServer() {
+    public ApiServer apiServer() {
         return new ApiServer(env);
     }
+
     @Bean
-    TGBot tgBot() {
+    public TGBot tgBot() {
         return new TGBot(env.getProperty("telegram_token", ""));
     }
 }
diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiInitializer.java b/juick-api/src/main/java/com/juick/api/configuration/ApiInitializer.java
index 2dc25e66..63ba52e8 100644
--- a/juick-api/src/main/java/com/juick/api/configuration/ApiInitializer.java
+++ b/juick-api/src/main/java/com/juick/api/configuration/ApiInitializer.java
@@ -1,5 +1,7 @@
 package com.juick.api.configuration;
 
+import com.juick.configuration.DataConfiguration;
+import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
 import org.springframework.web.filter.CharacterEncodingFilter;
 import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
 
@@ -12,12 +14,12 @@ public class ApiInitializer extends AbstractAnnotationConfigDispatcherServletIni
 
     @Override
     protected Class<?>[] getRootConfigClasses() {
-        return new Class<?>[]{ApiAppConfiguration.class};
+        return new Class<?>[]{ApiAppConfiguration.class, ApiSecurityConfig.class, DataConfiguration.class};
     }
 
     @Override
     protected Class<?>[] getServletConfigClasses() {
-        return new Class<?>[]{ApiMvcConfiguration.class, ApiSecurityConfig.class};
+        return new Class<?>[]{ApiMvcConfiguration.class};
     }
 
     @Override
@@ -27,9 +29,7 @@ public class ApiInitializer extends AbstractAnnotationConfigDispatcherServletIni
 
     @Override
     protected Filter[] getServletFilters() {
-        CharacterEncodingFilter characterEncodingFilter = new CharacterEncodingFilter();
-        characterEncodingFilter.setEncoding("UTF-8");
-        return new Filter[]{characterEncodingFilter};
+        return new Filter[]{new CharacterEncodingFilter("UTF-8")};
     }
 
     @Override
diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java
index c0043950..8d074f7c 100644
--- a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java
+++ b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java
@@ -19,27 +19,37 @@ import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 
-import javax.annotation.Resource;
 import javax.inject.Inject;
 
 /**
  * Created by aalexeev on 11/21/16.
  */
 @Configuration
-@EnableWebSecurity
+@EnableWebSecurity(debug = true)
 @PropertySource("classpath:juick.conf")
 public class ApiSecurityConfig extends WebSecurityConfigurerAdapter {
-    @Resource
+    @Inject
     private Environment env;
-    @Resource
+    @Inject
     private UserService userService;
 
-    protected ApiSecurityConfig() {
+    ApiSecurityConfig() {
         super(true);
     }
 
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+                .antMatchers("/home").hasRole("USER")
+                .antMatchers(HttpMethod.OPTIONS).permitAll()
+                .and().httpBasic().authenticationEntryPoint(getBasicAuthEntryPoint())
+                .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                .and().exceptionHandling().authenticationEntryPoint(getBasicAuthEntryPoint())
+                .and().authenticationProvider(new JuickAuthenticationProvider());
+    }
+
     @Bean
-    public JuickAuthenticationEntryPoint getBasicAuthEntryPoint(){
+    public JuickAuthenticationEntryPoint getBasicAuthEntryPoint() {
         return new JuickAuthenticationEntryPoint();
     }
 
@@ -58,22 +68,4 @@ public class ApiSecurityConfig extends WebSecurityConfigurerAdapter {
             throw new UsernameNotFoundException("The username " + username + " is not found");
         };
     }
-
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http
-                .authorizeRequests()
-                .antMatchers("/home").hasRole("USER")
-                .and().httpBasic().authenticationEntryPoint(new JuickAuthenticationEntryPoint())
-                .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
-    }
-
-    @Inject
-    public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
-        auth.authenticationProvider(new JuickAuthenticationProvider());
-    }
-    @Override
-    public void configure(WebSecurity web) throws Exception {
-        web.ignoring().antMatchers(HttpMethod.OPTIONS, "/**");
-    }
 }
diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityInitializer.java b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityInitializer.java
index 295e367c..42b678b6 100644
--- a/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityInitializer.java
+++ b/juick-api/src/main/java/com/juick/api/configuration/ApiSecurityInitializer.java
@@ -3,8 +3,18 @@ package com.juick.api.configuration;
 /**
  * Created by vitalyster on 25.11.2016.
  */
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
 
+import javax.servlet.ServletContext;
+
 public class ApiSecurityInitializer extends AbstractSecurityWebApplicationInitializer {
+    private final Logger logger = LoggerFactory.getLogger(getClass());
 
+    @Override
+    protected void afterSpringSecurityFilterChain(ServletContext servletContext) {
+        logger.info("SpringSecurityFilterChain initialized");
+    }
 }
-- 
cgit v1.2.3