From 02723131139806c761539a42a5fa80b68ecadee8 Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Thu, 29 Jun 2017 14:03:04 +0300 Subject: project structure: split server into jdbc + web --- .../security/HashParamAuthenticationFilter.java | 83 ------------- .../NotAuthorizedAuthenticationEntryPoint.java | 20 ---- .../server/security/entities/AnonymousUser.java | 132 --------------------- .../juick/server/security/entities/JuickUser.java | 74 ------------ 4 files changed, 309 deletions(-) delete mode 100644 juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java delete mode 100644 juick-server/src/main/java/com/juick/server/security/NotAuthorizedAuthenticationEntryPoint.java delete mode 100644 juick-server/src/main/java/com/juick/server/security/entities/AnonymousUser.java delete mode 100644 juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java (limited to 'juick-server/src/main/java/com/juick/server/security') diff --git a/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java b/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java deleted file mode 100644 index b384a8c8..00000000 --- a/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java +++ /dev/null @@ -1,83 +0,0 @@ -package com.juick.server.security; - -import com.juick.User; -import com.juick.server.security.entities.JuickUser; -import com.juick.service.UserService; -import org.springframework.security.authentication.AnonymousAuthenticationToken; -import org.springframework.security.authentication.RememberMeAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.web.authentication.RememberMeServices; -import org.springframework.util.Assert; -import org.springframework.web.filter.OncePerRequestFilter; -import org.springframework.web.util.WebUtils; - -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -/** - * Created by aalexeev on 4/5/17. - */ -public class HashParamAuthenticationFilter extends OncePerRequestFilter { - public static final String PARAM_NAME = "hash"; - - private final UserService userService; - private final RememberMeServices rememberMeServices; - - - public HashParamAuthenticationFilter( - final UserService userService, - final RememberMeServices rememberMeServices) { - Assert.notNull(userService, "userService should not be null"); - Assert.notNull(rememberMeServices, "rememberMeServices should not be null"); - - this.userService = userService; - this.rememberMeServices = rememberMeServices; - } - - @Override - protected void doFilterInternal( - HttpServletRequest request, - HttpServletResponse response, - FilterChain filterChain) throws ServletException, IOException { - - String hash = getHashFromRequest(request); - - if (hash != null && authenticationIsRequired()) { - User user = userService.getUserByHash(hash); - - if (!user.isAnonymous()) { - Authentication authentication = new RememberMeAuthenticationToken( - hash, new JuickUser(user), JuickUser.USER_AUTHORITY); - - SecurityContextHolder.getContext().setAuthentication(authentication); - - rememberMeServices.loginSuccess(request, response, authentication); - } - } - - filterChain.doFilter(request, response); - } - - private boolean authenticationIsRequired() { - Authentication existingAuth = SecurityContextHolder.getContext().getAuthentication(); - - return existingAuth == null || - !existingAuth.isAuthenticated() || - existingAuth instanceof AnonymousAuthenticationToken; - } - - private String getHashFromRequest(HttpServletRequest request) { - String paramHash = request.getParameter(PARAM_NAME); - Cookie cookieHash = WebUtils.getCookie(request, PARAM_NAME); - - if (paramHash == null && cookieHash != null) { - return cookieHash.getValue(); - } - return paramHash; - } -} diff --git a/juick-server/src/main/java/com/juick/server/security/NotAuthorizedAuthenticationEntryPoint.java b/juick-server/src/main/java/com/juick/server/security/NotAuthorizedAuthenticationEntryPoint.java deleted file mode 100644 index d9dc6d61..00000000 --- a/juick-server/src/main/java/com/juick/server/security/NotAuthorizedAuthenticationEntryPoint.java +++ /dev/null @@ -1,20 +0,0 @@ -package com.juick.server.security; - -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.web.AuthenticationEntryPoint; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -/** - * Created by vitalyster on 25.11.2016. - */ -public class NotAuthorizedAuthenticationEntryPoint implements AuthenticationEntryPoint { - @Override - public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) - throws IOException, ServletException { - response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); - } -} diff --git a/juick-server/src/main/java/com/juick/server/security/entities/AnonymousUser.java b/juick-server/src/main/java/com/juick/server/security/entities/AnonymousUser.java deleted file mode 100644 index 5ee9527f..00000000 --- a/juick-server/src/main/java/com/juick/server/security/entities/AnonymousUser.java +++ /dev/null @@ -1,132 +0,0 @@ -package com.juick.server.security.entities; - -import com.juick.User; - -/** - * Created by aalexeev on 12/11/16. - */ -public final class AnonymousUser extends User { - public static final AnonymousUser INSTANCE = new AnonymousUser(); - - private AnonymousUser() { - super.setUid(getUid()); - super.setName(getName()); - super.setAvatar(getAvatar()); - super.setFullName(getFullName()); - super.setJid(getJid()); - super.setMessagesCount(getMessagesCount()); - super.setAuthHash(getAuthHash()); - super.setBanned(isBanned()); - super.setCredentials(getCredentials()); - super.setLang(getLang()); - } - - @Override - public boolean equals(Object obj) { - return obj == this || obj instanceof AnonymousUser; - } - - @Override - public int getUid() { - return 0; - } - - @Override - public String getName() { - return "Anonymous"; - } - - @Override - public String getFullName() { - return getName(); - } - - @Override - public String getJid() { - return "anonym@localhost"; - } - - @Override - public String getAuthHash() { - return null; - } - - @Override - public Integer getUnreadCount() { - return 0; - } - - @Override - public boolean isBanned() { - return false; - } - - @Override - public Object getAvatar() { - return null; - } - - @Override - public String getCredentials() { - return null; - } - - @Override - public String getLang() { - return "__"; - } - - @Override - public int getMessagesCount() { - return 0; - } - - @Override - public boolean isAnonymous() { - return true; - } - - @Override - public void setUid(int uid) { - } - - @Override - public void setName(String name) { - } - - @Override - public void setFullName(String fullName) { - } - - @Override - public void setJid(String jid) { - } - - @Override - public void setAuthHash(String authHash) { - } - - @Override - public void setUnreadCount(Integer count) { - } - - @Override - public void setBanned(boolean banned) { - } - - @Override - public void setAvatar(Object avatar) { - } - - @Override - public void setCredentials(String credentials) { - } - - @Override - public void setLang(String lang) { - } - - @Override - public void setMessagesCount(int messagesCount) { - } -} diff --git a/juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java b/juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java deleted file mode 100644 index b86d94dd..00000000 --- a/juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java +++ /dev/null @@ -1,74 +0,0 @@ -package com.juick.server.security.entities; - -import com.juick.User; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.core.userdetails.UserDetails; - -import java.util.Collection; -import java.util.Collections; -import java.util.List; - -/** - * Created by aalexeev on 11/21/16. - */ -public class JuickUser implements UserDetails { - static final GrantedAuthority ROLE_USER = new SimpleGrantedAuthority("ROLE_USER"); - static final GrantedAuthority ROLE_ANONYMOUS = new SimpleGrantedAuthority("ROLE_ANONYMOUS"); - - public static final List USER_AUTHORITY = Collections.singletonList(ROLE_USER); - public static final List ANONYMOUS_AUTHORITY = Collections.singletonList(ROLE_ANONYMOUS); - - public static final JuickUser ANONYMOUS_USER = new JuickUser(AnonymousUser.INSTANCE, ANONYMOUS_AUTHORITY); - - private final com.juick.User user; - private final Collection authorities; - - public JuickUser(com.juick.User user) { - this(user, USER_AUTHORITY); - } - - public JuickUser(com.juick.User user, Collection authorities) { - this.user = user; - this.authorities = authorities; - } - - @Override - public Collection getAuthorities() { - return authorities; - } - - @Override - public String getPassword() { - return user.getCredentials(); - } - - @Override - public String getUsername() { - return user.getName(); - } - - @Override - public boolean isAccountNonExpired() { - return true; - } - - @Override - public boolean isAccountNonLocked() { - return true; - } - - @Override - public boolean isCredentialsNonExpired() { - return true; - } - - @Override - public boolean isEnabled() { - return !user.isBanned(); - } - - public User getUser() { - return user; - } -} -- cgit v1.2.3