package com.juick.api.configuration; import com.juick.server.security.JuickAuthenticationEntryPoint; import com.juick.server.security.JuickAuthenticationProvider; import com.juick.server.security.entities.JuickUser; import com.juick.service.UserService; import org.apache.commons.lang3.StringUtils; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.PropertySource; import org.springframework.core.env.Environment; import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import javax.annotation.Resource; import javax.inject.Inject; /** * Created by aalexeev on 11/21/16. */ @Configuration @EnableWebSecurity @PropertySource("classpath:juick.conf") public class ApiSecurityConfig extends WebSecurityConfigurerAdapter { @Resource private Environment env; @Resource private UserService userService; protected ApiSecurityConfig() { super(true); } @Bean public JuickAuthenticationEntryPoint getBasicAuthEntryPoint(){ return new JuickAuthenticationEntryPoint(); } @Bean("userDetailsService") @Override public UserDetailsService userDetailsServiceBean() throws Exception { return username -> { if (StringUtils.isBlank(username)) throw new UsernameNotFoundException("Invalid user name " + username); com.juick.User user = userService.getUserByName(username); if (user != null) return new JuickUser(user); throw new UsernameNotFoundException("The username " + username + " is not found"); }; } @Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/home").hasRole("USER") .and().httpBasic().authenticationEntryPoint(new JuickAuthenticationEntryPoint()) .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); } @Inject public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception { auth.authenticationProvider(new JuickAuthenticationProvider()); } @Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers(HttpMethod.OPTIONS, "/**"); } }