old-portfolio/backend-hideyoshi.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Final Implementation of AuthService

Browse Source
This commit is contained in:
Vitor Hideyoshi
2024-02-24 02:22:38 -03:00
parent a96ba9468c
commit bd0b072e1a
4 changed files with 51 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/main/java/com/hideyoshi/backendportfolio/base/security/config/SecurityConfig.java
View File

@@ -1,8 +1,10 @@
package com.hideyoshi.backendportfolio.base.security.config;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.hideyoshi.backendportfolio.base.config.RestAuthenticationEntryPointConfig;
import com.hideyoshi.backendportfolio.base.security.filter.CustomAuthenticationFilter;
import com.hideyoshi.backendportfolio.base.security.filter.CustomAuthorizationFilter;
import com.hideyoshi.backendportfolio.base.security.model.AuthDTO;
import com.hideyoshi.backendportfolio.base.security.oauth.repo.OAuthRequestRepository;
import com.hideyoshi.backendportfolio.base.security.service.AuthService;
import com.hideyoshi.backendportfolio.util.exception.AuthenticationInvalidException;
@@ -27,6 +29,8 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
@Log4j2
@Configuration
@EnableWebSecurity
@@ -95,11 +99,11 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
OAuth2User oauthUser = (OAuth2User) authentication.getPrincipal();
this.authService.loginOAuthUser(
request,
response,
oauthUser
);
AuthDTO authUser = this.authService.loginOAuthUser(oauthUser, request);
response.setContentType(APPLICATION_JSON_VALUE);
new ObjectMapper()
.writeValue(response.getOutputStream(), authUser);
}

10
src/main/java/com/hideyoshi/backendportfolio/base/security/filter/CustomAuthenticationFilter.java
View File

@@ -1,6 +1,8 @@
package com.hideyoshi.backendportfolio.base.security.filter;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.hideyoshi.backendportfolio.base.config.RestAuthenticationEntryPointConfig;
import com.hideyoshi.backendportfolio.base.security.model.AuthDTO;
import com.hideyoshi.backendportfolio.base.security.service.AuthService;
import com.hideyoshi.backendportfolio.base.user.model.UserDTO;
import lombok.extern.log4j.Log4j2;
@@ -15,6 +17,8 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
@Log4j2
public class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
@@ -50,12 +54,16 @@ public class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFi
@Override
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authentication) throws IOException {
this.authService.loginUser(
AuthDTO authUser = this.authService.loginUser(
request,
response,
(UserDTO) authentication.getPrincipal()
);
response.setContentType(APPLICATION_JSON_VALUE);
new ObjectMapper()
.writeValue(response.getOutputStream(), authUser);
}
}

4
src/main/java/com/hideyoshi/backendportfolio/base/security/oauth/mapper/OAuthMapper.java
View File

@@ -19,9 +19,9 @@ public enum OAuthMapper {
this.provider = provider;
}
public static OAuthMapper byValue(String name) {
public static OAuthMapper byValue(Provider provider) {
for (OAuthMapper e : values()) {
if (e.getProvider().getName().equals(name)) {
if (e.getProvider().equals(provider)) {
return e;
}
}

70
src/main/java/com/hideyoshi/backendportfolio/base/security/service/AuthService.java
View File

@@ -56,21 +56,6 @@ public class AuthService {
@Value("${com.hideyoshi.refreshTokenDuration}")
private Integer REFRESH_TOKEN_DURATION;
public UsernamePasswordAuthenticationToken extractAccessTokenInfo(String accessToken) {
DecodedJWT decodedJWT = this.decodeToken(accessToken)
.orElseThrow(() -> new BadRequestException("Invalid Token"));
String username = decodedJWT.getSubject();
String[] roles = decodedJWT.getClaim("roles").asArray(String.class);
Collection<SimpleGrantedAuthority> authorities = new ArrayList<>();
stream(roles).forEach(role -> {
authorities.add(new SimpleGrantedAuthority(role));
});
return new UsernamePasswordAuthenticationToken(username, null, authorities);
}
public AuthDTO signupUser(@Valid UserDTO user, HttpServletRequest request) {
user.setProvider(Provider.LOCAL);
@@ -84,17 +69,26 @@ public class AuthService {
}
public void loginUser(HttpServletRequest request, HttpServletResponse response, @Valid UserDTO user) throws IOException {
public AuthDTO loginUser(HttpServletRequest request, HttpServletResponse response, @Valid UserDTO user) throws IOException {
user.setProfilePictureUrl(this.extractProfilePictureUrl(user));
AuthDTO authObject = this.generateNewAuthenticatedUser(
return this.generateNewAuthenticatedUser(
user,
request
);
}
response.setContentType(APPLICATION_JSON_VALUE);
new ObjectMapper()
.writeValue(response.getOutputStream(), authObject);
public AuthDTO loginOAuthUser(OAuth2User oauthUser, HttpServletRequest request) {
Provider clientProvider = Provider.byValue(
this.getClientFromUrl(request.getRequestURL().toString())
);
OAuthMap oauthMap = this.generateOAuthMap(clientProvider, oauthUser);
return this.processOAuthPostLogin(
this.generateAuthenticatedUserFromOAuth(oauthMap, oauthUser),
request
);
}
public AuthDTO refreshAccessToken(String requestToken, HttpServletRequest request) {
@@ -117,28 +111,26 @@ public class AuthService {
}
public void loginOAuthUser(HttpServletRequest request,
HttpServletResponse response,
OAuth2User oauthUser) throws IOException {
String clientId = this.getClientFromUrl(request.getRequestURL().toString());
OAuthMap oauthMap = this.generateOAuthMap(clientId, oauthUser);
AuthDTO authObject = this.processOAuthPostLogin(
this.generateAuthenticatedUserFromOAuth(oauthMap, oauthUser),
request
);
response.setContentType(APPLICATION_JSON_VALUE);
new ObjectMapper()
.writeValue(response.getOutputStream(), authObject);
}
public UserDTO getLoggedUser() {
String username = (String) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
return userService.getUser(username);
}
public UsernamePasswordAuthenticationToken extractAccessTokenInfo(String accessToken) {
DecodedJWT decodedJWT = this.decodeToken(accessToken)
.orElseThrow(() -> new BadRequestException("Invalid Token"));
String username = decodedJWT.getSubject();
String[] roles = decodedJWT.getClaim("roles").asArray(String.class);
Collection<SimpleGrantedAuthority> authorities = new ArrayList<>();
stream(roles).forEach(role -> {
authorities.add(new SimpleGrantedAuthority(role));
});
return new UsernamePasswordAuthenticationToken(username, null, authorities);
}
private Optional<DecodedJWT> decodeToken(String token) {
Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET.getBytes());
JWTVerifier verifier = JWT.require(algorithm).build();
@@ -166,9 +158,9 @@ public class AuthService {
return urlPartition[urlPartition.length - 1];
}
private OAuthMap generateOAuthMap(String clientId, OAuth2User oauthUser) {
private OAuthMap generateOAuthMap(Provider clientProvider, OAuth2User oauthUser) {
try {
return OAuthMapper.byValue(clientId).getMap()
return OAuthMapper.byValue(clientProvider).getMap()
.getDeclaredConstructor(OAuth2User.class).newInstance(oauthUser);
} catch (Exception e) {
throw new BadRequestException("Unsupported OAuth Client.");