From 809ef60e18bb8ab7c95db93b7777f3c0ffb30872 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Thu, 20 Dec 2018 09:41:32 +0300
Subject: HTTPSignatureAuthenticationFilter

---
 .../com/juick/server/configuration/BaseWebConfiguration.java   | 10 ++++++++++
 .../java/com/juick/server/configuration/SecurityConfig.java    |  5 +++++
 2 files changed, 15 insertions(+)

(limited to 'src/main/java/com/juick/server/configuration')

diff --git a/src/main/java/com/juick/server/configuration/BaseWebConfiguration.java b/src/main/java/com/juick/server/configuration/BaseWebConfiguration.java
index 6a2a8142..16693995 100644
--- a/src/main/java/com/juick/server/configuration/BaseWebConfiguration.java
+++ b/src/main/java/com/juick/server/configuration/BaseWebConfiguration.java
@@ -17,6 +17,8 @@
 
 package com.juick.server.configuration;
 
+import com.juick.server.KeystoreManager;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.scheduling.annotation.SchedulingConfigurer;
@@ -36,6 +38,10 @@ import java.util.concurrent.Executors;
 @Configuration
 public class BaseWebConfiguration implements WebMvcConfigurer, SchedulingConfigurer {
 
+    @Value("${keystore:juick.p12}")
+    private String keystore;
+    @Value("${keystore_password:secret}")
+    private String keystorePassword;
 
     @Override
     public void configurePathMatch(PathMatchConfigurer configurer) {
@@ -61,4 +67,8 @@ public class BaseWebConfiguration implements WebMvcConfigurer, SchedulingConfigu
     public ExecutorService executorService() {
         return Executors.newCachedThreadPool();
     }
+    @Bean
+    public KeystoreManager keystoreManager() {
+        return new KeystoreManager(keystore, keystorePassword);
+    }
 }
diff --git a/src/main/java/com/juick/server/configuration/SecurityConfig.java b/src/main/java/com/juick/server/configuration/SecurityConfig.java
index 7145e9d5..d2d3ab13 100644
--- a/src/main/java/com/juick/server/configuration/SecurityConfig.java
+++ b/src/main/java/com/juick/server/configuration/SecurityConfig.java
@@ -17,7 +17,9 @@
 
 package com.juick.server.configuration;
 
+import com.juick.server.SignatureManager;
 import com.juick.service.UserService;
+import com.juick.service.security.HTTPSignatureAuthenticationFilter;
 import com.juick.service.security.HashParamAuthenticationFilter;
 import com.juick.service.security.JuickUserDetailsService;
 import com.juick.service.security.deprecated.RequestParamHashRememberMeServices;
@@ -93,6 +95,8 @@ public class SecurityConfig {
         private String webDomain;
         @Resource
         private UserService userService;
+        @Resource
+        private SignatureManager signatureManager;
         ApiConfig() {
             super(true);
         }
@@ -109,6 +113,7 @@ public class SecurityConfig {
         protected void configure(HttpSecurity http) throws Exception {
             http.antMatcher("/api/**")
                     .addFilterBefore(apiAuthenticationFilter(), BasicAuthenticationFilter.class)
+                    .addFilterBefore(new HTTPSignatureAuthenticationFilter(signatureManager, userService), BasicAuthenticationFilter.class)
                     .authorizeRequests()
                     .antMatchers(HttpMethod.OPTIONS).permitAll()
                     .antMatchers("/api/", "/api/messages", "/api/messages/discussions", "/api/users", "/api/thread", "/api/tags", "/api/tlgmbtwbhk", "/api/fbwbhk",
-- 
cgit v1.2.3