diff --git a/pom.xml b/pom.xml
index f00a780..ca9eed6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -8,7 +8,7 @@
2.7.17
- com.hideyoshi
+ br.com.hideyoshi
auth-api
0.0.1-SNAPSHOT
auth-api
@@ -76,6 +76,13 @@
true
+
+
+ com.fasterxml.jackson.datatype
+ jackson-datatype-jsr310
+ 2.17.0
+
+
org.springframework.boot
spring-boot-starter-test
diff --git a/src/main/java/br/com/hideyoshi/auth/AuthServiceApplication.java b/src/main/java/br/com/hideyoshi/auth/AuthServiceApplication.java
new file mode 100644
index 0000000..bd393a5
--- /dev/null
+++ b/src/main/java/br/com/hideyoshi/auth/AuthServiceApplication.java
@@ -0,0 +1,13 @@
+package br.com.hideyoshi.auth;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class AuthServiceApplication {
+
+ public static void main(String[] args) {
+ SpringApplication.run(AuthServiceApplication.class, args);
+ }
+
+}
diff --git a/src/main/java/com/hideyoshi/auth/base/config/DefaultUserConfig.java b/src/main/java/br/com/hideyoshi/auth/config/DefaultUserConfig.java
similarity index 73%
rename from src/main/java/com/hideyoshi/auth/base/config/DefaultUserConfig.java
rename to src/main/java/br/com/hideyoshi/auth/config/DefaultUserConfig.java
index f75b839..291e687 100644
--- a/src/main/java/com/hideyoshi/auth/base/config/DefaultUserConfig.java
+++ b/src/main/java/br/com/hideyoshi/auth/config/DefaultUserConfig.java
@@ -1,10 +1,10 @@
-package com.hideyoshi.auth.base.config;
+package br.com.hideyoshi.auth.config;
-import com.hideyoshi.auth.base.auth.entity.Provider;
-import com.hideyoshi.auth.base.auth.entity.Role;
-import com.hideyoshi.auth.base.auth.model.UserDTO;
-import com.hideyoshi.auth.base.auth.repo.UserRepository;
-import com.hideyoshi.auth.base.auth.service.UserService;
+import br.com.hideyoshi.auth.enums.Provider;
+import br.com.hideyoshi.auth.enums.Role;
+import br.com.hideyoshi.auth.model.UserDTO;
+import br.com.hideyoshi.auth.repository.UserRepository;
+import br.com.hideyoshi.auth.service.UserService;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.CommandLineRunner;
import org.springframework.context.annotation.Bean;
@@ -15,16 +15,16 @@ import java.util.ArrayList;
@Configuration
public class DefaultUserConfig {
- @Value("${com.hideyoshi.defaultUser.fullName}")
+ @Value("${br.com.hideyoshi.defaultUser.fullName}")
private String ADMIN_NAME;
- @Value("${com.hideyoshi.defaultUser.email}")
+ @Value("${br.com.hideyoshi.defaultUser.email}")
private String ADMIN_EMAIL;
- @Value("${com.hideyoshi.defaultUser.username}")
+ @Value("${br.com.hideyoshi.defaultUser.username}")
private String ADMIN_USERNAME;
- @Value("${com.hideyoshi.defaultUser.password}")
+ @Value("${br.com.hideyoshi.defaultUser.password}")
private String ADMIN_PASSWORD;
@Bean
@@ -53,4 +53,4 @@ public class DefaultUserConfig {
};
}
-}
+}
\ No newline at end of file
diff --git a/src/main/java/com/hideyoshi/auth/microservice/storageService/config/StorageServiceConfig.java b/src/main/java/br/com/hideyoshi/auth/config/StorageServiceConfig.java
similarity index 65%
rename from src/main/java/com/hideyoshi/auth/microservice/storageService/config/StorageServiceConfig.java
rename to src/main/java/br/com/hideyoshi/auth/config/StorageServiceConfig.java
index 4212588..33dc2ef 100644
--- a/src/main/java/com/hideyoshi/auth/microservice/storageService/config/StorageServiceConfig.java
+++ b/src/main/java/br/com/hideyoshi/auth/config/StorageServiceConfig.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.microservice.storageService.config;
+package br.com.hideyoshi.auth.config;
import lombok.Getter;
import org.springframework.beans.factory.annotation.Value;
@@ -8,6 +8,6 @@ import org.springframework.context.annotation.Configuration;
@Getter
@Configuration
public class StorageServiceConfig {
- @Value("${com.hideyoshi.microservice.storageServicePath}")
+ @Value("${br.com.hideyoshi.microservice.storageServicePath}")
private String fileServicePath;
}
diff --git a/src/main/java/com/hideyoshi/auth/healthChecker/api/HealthCheckerController.java b/src/main/java/br/com/hideyoshi/auth/controller/HealthCheckerController.java
similarity index 58%
rename from src/main/java/com/hideyoshi/auth/healthChecker/api/HealthCheckerController.java
rename to src/main/java/br/com/hideyoshi/auth/controller/HealthCheckerController.java
index 0dd6ed0..2427aaf 100644
--- a/src/main/java/com/hideyoshi/auth/healthChecker/api/HealthCheckerController.java
+++ b/src/main/java/br/com/hideyoshi/auth/controller/HealthCheckerController.java
@@ -1,23 +1,18 @@
-package com.hideyoshi.auth.healthChecker.api;
+package br.com.hideyoshi.auth.controller;
-import com.hideyoshi.auth.util.guard.UserResourceGuard;
-import com.hideyoshi.auth.util.guard.UserResourceGuardEnum;
-import lombok.RequiredArgsConstructor;
+import br.com.hideyoshi.auth.util.guard.UserResourceGuard;
+import br.com.hideyoshi.auth.util.guard.UserResourceGuardEnum;
import lombok.extern.log4j.Log4j2;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
@Log4j2
@Controller
-@RestController
-@RequiredArgsConstructor
-@RequestMapping("/health")
public class HealthCheckerController {
- @RequestMapping
+ @RequestMapping("/health")
@UserResourceGuard(accessType = UserResourceGuardEnum.OPEN)
public ResponseEntity healthCheck() {
log.info("Health check requested");
diff --git a/src/main/java/com/hideyoshi/auth/base/session/api/SessionController.java b/src/main/java/br/com/hideyoshi/auth/controller/SessionController.java
similarity index 61%
rename from src/main/java/com/hideyoshi/auth/base/session/api/SessionController.java
rename to src/main/java/br/com/hideyoshi/auth/controller/SessionController.java
index 81fe4a8..2196c3f 100644
--- a/src/main/java/com/hideyoshi/auth/base/session/api/SessionController.java
+++ b/src/main/java/br/com/hideyoshi/auth/controller/SessionController.java
@@ -1,7 +1,9 @@
-package com.hideyoshi.auth.base.session.api;
+package br.com.hideyoshi.auth.controller;
-import com.hideyoshi.auth.base.auth.model.AuthDTO;
-import com.hideyoshi.auth.base.session.service.SessionManagerService;
+import br.com.hideyoshi.auth.model.UserAuthDTO;
+import br.com.hideyoshi.auth.service.SessionManagerService;
+import br.com.hideyoshi.auth.util.guard.UserResourceGuard;
+import br.com.hideyoshi.auth.util.guard.UserResourceGuardEnum;
import lombok.RequiredArgsConstructor;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
@@ -16,17 +18,19 @@ import javax.servlet.http.HttpSession;
@Controller
@RestController
@RequiredArgsConstructor
-@RequestMapping(path = "/session")
+@RequestMapping("/session")
public class SessionController {
private final SessionManagerService sessionManagerService;
- @GetMapping(path = "/validate")
- public ResponseEntity validateCurrentSession(HttpSession session) {
+ @GetMapping("/validate")
+ @UserResourceGuard(accessType = UserResourceGuardEnum.OPEN)
+ public ResponseEntity validateCurrentSession(HttpSession session) {
return ResponseEntity.ok(this.sessionManagerService.validateSession(session));
}
- @DeleteMapping(path = "/destroy")
+ @DeleteMapping("/destroy")
+ @UserResourceGuard(accessType = UserResourceGuardEnum.OPEN)
public ResponseEntity destroyCurrentSession(HttpSession session) {
this.sessionManagerService.destroySession(session);
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
diff --git a/src/main/java/com/hideyoshi/auth/base/auth/api/UserController.java b/src/main/java/br/com/hideyoshi/auth/controller/UserController.java
similarity index 77%
rename from src/main/java/com/hideyoshi/auth/base/auth/api/UserController.java
rename to src/main/java/br/com/hideyoshi/auth/controller/UserController.java
index d0e1d08..f7ef9a3 100644
--- a/src/main/java/com/hideyoshi/auth/base/auth/api/UserController.java
+++ b/src/main/java/br/com/hideyoshi/auth/controller/UserController.java
@@ -1,16 +1,17 @@
-package com.hideyoshi.auth.base.auth.api;
+package br.com.hideyoshi.auth.controller;
-import com.hideyoshi.auth.base.auth.model.AuthDTO;
-import com.hideyoshi.auth.base.auth.service.AuthService;
-import com.hideyoshi.auth.base.auth.model.TokenDTO;
-import com.hideyoshi.auth.base.auth.model.UserDTO;
-import com.hideyoshi.auth.base.auth.service.UserService;
-import com.hideyoshi.auth.microservice.storageService.enums.FileTypeEnum;
-import com.hideyoshi.auth.microservice.storageService.model.StorageServiceUploadResponse;
-import com.hideyoshi.auth.microservice.storageService.service.StorageService;
-import com.hideyoshi.auth.util.exception.BadRequestException;
-import com.hideyoshi.auth.util.guard.UserResourceGuard;
-import com.hideyoshi.auth.util.guard.UserResourceGuardEnum;
+import br.com.hideyoshi.auth.enums.FileTypeEnum;
+import br.com.hideyoshi.auth.model.UserAuthDTO;
+import br.com.hideyoshi.auth.model.TokenDTO;
+import br.com.hideyoshi.auth.model.UserDTO;
+import br.com.hideyoshi.auth.model.microservice.StorageServiceUploadResponse;
+import br.com.hideyoshi.auth.security.service.AuthService;
+import br.com.hideyoshi.auth.service.UserService;
+import br.com.hideyoshi.auth.service.microservice.StorageService;
+import br.com.hideyoshi.auth.util.exception.AuthenticationInvalidException;
+import br.com.hideyoshi.auth.util.exception.BadRequestException;
+import br.com.hideyoshi.auth.util.guard.UserResourceGuard;
+import br.com.hideyoshi.auth.util.guard.UserResourceGuardEnum;
import lombok.RequiredArgsConstructor;
import lombok.extern.log4j.Log4j2;
import org.springframework.http.HttpStatus;
@@ -20,13 +21,14 @@ import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import javax.validation.Valid;
+import java.io.IOException;
import java.net.URI;
import java.util.List;
@Log4j2
@Controller
-@RestController
@RequestMapping("/user")
@RequiredArgsConstructor
public class UserController {
@@ -45,7 +47,7 @@ public class UserController {
@PostMapping("/signup")
@UserResourceGuard(accessType = UserResourceGuardEnum.OPEN)
- public ResponseEntity signupUser(@RequestBody @Valid UserDTO user, HttpServletRequest request) {
+ public ResponseEntity signupUser(@RequestBody @Valid UserDTO user, HttpServletRequest request) {
URI uri = URI.create(
ServletUriComponentsBuilder
.fromCurrentContextPath()
@@ -56,7 +58,7 @@ public class UserController {
@PostMapping("/login/refresh")
@UserResourceGuard(accessType = UserResourceGuardEnum.OPEN)
- public ResponseEntity refreshAccessToken(
+ public ResponseEntity refreshAccessToken(
@RequestBody @Valid TokenDTO refreshToken,
HttpServletRequest request) {
return ResponseEntity.ok(this.authService.refreshAccessToken(refreshToken.getToken(), request));
@@ -64,7 +66,7 @@ public class UserController {
@PostMapping("/login/validate")
@UserResourceGuard(accessType = UserResourceGuardEnum.USER)
- public ResponseEntity validateAccessToken(HttpServletRequest request) {
+ public ResponseEntity validateAccessToken(HttpServletRequest request) {
return ResponseEntity.ok(this.authService.validateAccessToken(request));
}
diff --git a/src/main/java/com/hideyoshi/auth/base/auth/entity/User.java b/src/main/java/br/com/hideyoshi/auth/entity/User.java
similarity index 95%
rename from src/main/java/com/hideyoshi/auth/base/auth/entity/User.java
rename to src/main/java/br/com/hideyoshi/auth/entity/User.java
index 9a05b9a..589d628 100644
--- a/src/main/java/com/hideyoshi/auth/base/auth/entity/User.java
+++ b/src/main/java/br/com/hideyoshi/auth/entity/User.java
@@ -1,5 +1,6 @@
-package com.hideyoshi.auth.base.auth.entity;
+package br.com.hideyoshi.auth.entity;
+import br.com.hideyoshi.auth.enums.Role;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
diff --git a/src/main/java/com/hideyoshi/auth/microservice/storageService/enums/FileTypeEnum.java b/src/main/java/br/com/hideyoshi/auth/enums/FileTypeEnum.java
similarity index 83%
rename from src/main/java/com/hideyoshi/auth/microservice/storageService/enums/FileTypeEnum.java
rename to src/main/java/br/com/hideyoshi/auth/enums/FileTypeEnum.java
index 29378a3..0e2998e 100644
--- a/src/main/java/com/hideyoshi/auth/microservice/storageService/enums/FileTypeEnum.java
+++ b/src/main/java/br/com/hideyoshi/auth/enums/FileTypeEnum.java
@@ -1,7 +1,7 @@
-package com.hideyoshi.auth.microservice.storageService.enums;
+package br.com.hideyoshi.auth.enums;
+import br.com.hideyoshi.auth.util.exception.BadRequestException;
import com.fasterxml.jackson.annotation.JsonFormat;
-import com.hideyoshi.auth.util.exception.BadRequestException;
import lombok.Getter;
@Getter
diff --git a/src/main/java/com/hideyoshi/auth/microservice/storageService/enums/FileTypeEnumConverter.java b/src/main/java/br/com/hideyoshi/auth/enums/FileTypeEnumConverter.java
similarity index 83%
rename from src/main/java/com/hideyoshi/auth/microservice/storageService/enums/FileTypeEnumConverter.java
rename to src/main/java/br/com/hideyoshi/auth/enums/FileTypeEnumConverter.java
index 696de59..1b04981 100644
--- a/src/main/java/com/hideyoshi/auth/microservice/storageService/enums/FileTypeEnumConverter.java
+++ b/src/main/java/br/com/hideyoshi/auth/enums/FileTypeEnumConverter.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.microservice.storageService.enums;
+package br.com.hideyoshi.auth.enums;
import org.springframework.core.convert.converter.Converter;
import org.springframework.stereotype.Component;
diff --git a/src/main/java/com/hideyoshi/auth/base/auth/entity/Provider.java b/src/main/java/br/com/hideyoshi/auth/enums/Provider.java
similarity index 91%
rename from src/main/java/com/hideyoshi/auth/base/auth/entity/Provider.java
rename to src/main/java/br/com/hideyoshi/auth/enums/Provider.java
index 66bd7bb..223b388 100644
--- a/src/main/java/com/hideyoshi/auth/base/auth/entity/Provider.java
+++ b/src/main/java/br/com/hideyoshi/auth/enums/Provider.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.base.auth.entity;
+package br.com.hideyoshi.auth.enums;
import lombok.Getter;
diff --git a/src/main/java/com/hideyoshi/auth/base/auth/entity/Role.java b/src/main/java/br/com/hideyoshi/auth/enums/Role.java
similarity index 93%
rename from src/main/java/com/hideyoshi/auth/base/auth/entity/Role.java
rename to src/main/java/br/com/hideyoshi/auth/enums/Role.java
index 301f949..08a4210 100644
--- a/src/main/java/com/hideyoshi/auth/base/auth/entity/Role.java
+++ b/src/main/java/br/com/hideyoshi/auth/enums/Role.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.base.auth.entity;
+package br.com.hideyoshi.auth.enums;
import com.fasterxml.jackson.annotation.JsonValue;
diff --git a/src/main/java/com/hideyoshi/auth/base/auth/model/RoleToUserDTO.java b/src/main/java/br/com/hideyoshi/auth/model/RoleToUserDTO.java
similarity index 72%
rename from src/main/java/com/hideyoshi/auth/base/auth/model/RoleToUserDTO.java
rename to src/main/java/br/com/hideyoshi/auth/model/RoleToUserDTO.java
index 2c81b70..4718ca6 100644
--- a/src/main/java/com/hideyoshi/auth/base/auth/model/RoleToUserDTO.java
+++ b/src/main/java/br/com/hideyoshi/auth/model/RoleToUserDTO.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.base.auth.model;
+package br.com.hideyoshi.auth.model;
import lombok.Data;
diff --git a/src/main/java/com/hideyoshi/auth/base/auth/model/TokenDTO.java b/src/main/java/br/com/hideyoshi/auth/model/TokenDTO.java
similarity index 94%
rename from src/main/java/com/hideyoshi/auth/base/auth/model/TokenDTO.java
rename to src/main/java/br/com/hideyoshi/auth/model/TokenDTO.java
index 106dfc9..5b93d6e 100644
--- a/src/main/java/com/hideyoshi/auth/base/auth/model/TokenDTO.java
+++ b/src/main/java/br/com/hideyoshi/auth/model/TokenDTO.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.base.auth.model;
+package br.com.hideyoshi.auth.model;
import com.fasterxml.jackson.annotation.JsonFormat;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
diff --git a/src/main/java/com/hideyoshi/auth/base/auth/model/AuthDTO.java b/src/main/java/br/com/hideyoshi/auth/model/UserAuthDTO.java
similarity index 79%
rename from src/main/java/com/hideyoshi/auth/base/auth/model/AuthDTO.java
rename to src/main/java/br/com/hideyoshi/auth/model/UserAuthDTO.java
index 7519504..84daee9 100644
--- a/src/main/java/com/hideyoshi/auth/base/auth/model/AuthDTO.java
+++ b/src/main/java/br/com/hideyoshi/auth/model/UserAuthDTO.java
@@ -1,9 +1,9 @@
-package com.hideyoshi.auth.base.auth.model;
+package br.com.hideyoshi.auth.model;
+import br.com.hideyoshi.auth.enums.Provider;
+import br.com.hideyoshi.auth.enums.Role;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonInclude;
-import com.hideyoshi.auth.base.auth.entity.Provider;
-import com.hideyoshi.auth.base.auth.entity.Role;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
@@ -16,7 +16,7 @@ import java.util.List;
@AllArgsConstructor
@JsonInclude(JsonInclude.Include.NON_NULL)
@JsonIgnoreProperties(ignoreUnknown = true)
-public class AuthDTO implements Serializable {
+public class UserAuthDTO implements Serializable {
private Long id;
@@ -36,7 +36,7 @@ public class AuthDTO implements Serializable {
private TokenDTO refreshToken;
- public AuthDTO(UserDTO user, TokenDTO accessToken, TokenDTO refreshToken) {
+ public UserAuthDTO(UserDTO user, TokenDTO accessToken, TokenDTO refreshToken) {
this.id = user.getId();
this.name = user.getName();
this.email = user.getEmail();
diff --git a/src/main/java/com/hideyoshi/auth/base/auth/model/UserDTO.java b/src/main/java/br/com/hideyoshi/auth/model/UserDTO.java
similarity index 88%
rename from src/main/java/com/hideyoshi/auth/base/auth/model/UserDTO.java
rename to src/main/java/br/com/hideyoshi/auth/model/UserDTO.java
index b1d4a8b..213b070 100644
--- a/src/main/java/com/hideyoshi/auth/base/auth/model/UserDTO.java
+++ b/src/main/java/br/com/hideyoshi/auth/model/UserDTO.java
@@ -1,14 +1,14 @@
-package com.hideyoshi.auth.base.auth.model;
+package br.com.hideyoshi.auth.model;
+import br.com.hideyoshi.auth.enums.Provider;
+import br.com.hideyoshi.auth.enums.Role;
+import br.com.hideyoshi.auth.entity.User;
+import br.com.hideyoshi.auth.util.validator.email.unique.UniqueEmail;
+import br.com.hideyoshi.auth.util.validator.email.valid.ValidEmail;
+import br.com.hideyoshi.auth.util.validator.password.ValidPassword;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonInclude;
-import com.hideyoshi.auth.base.auth.entity.Provider;
-import com.hideyoshi.auth.base.auth.entity.Role;
-import com.hideyoshi.auth.base.auth.entity.User;
-import com.hideyoshi.auth.util.validator.email.unique.UniqueEmail;
-import com.hideyoshi.auth.util.validator.email.valid.ValidEmail;
-import com.hideyoshi.auth.util.validator.password.ValidPassword;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
diff --git a/src/main/java/com/hideyoshi/auth/microservice/storageService/model/StorageServiceDownloadResponse.java b/src/main/java/br/com/hideyoshi/auth/model/microservice/StorageServiceDownloadResponse.java
similarity index 83%
rename from src/main/java/com/hideyoshi/auth/microservice/storageService/model/StorageServiceDownloadResponse.java
rename to src/main/java/br/com/hideyoshi/auth/model/microservice/StorageServiceDownloadResponse.java
index f6fe914..bdf4bec 100644
--- a/src/main/java/com/hideyoshi/auth/microservice/storageService/model/StorageServiceDownloadResponse.java
+++ b/src/main/java/br/com/hideyoshi/auth/model/microservice/StorageServiceDownloadResponse.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.microservice.storageService.model;
+package br.com.hideyoshi.auth.model.microservice;
import com.fasterxml.jackson.annotation.JsonProperty;
diff --git a/src/main/java/com/hideyoshi/auth/microservice/storageService/model/StorageServiceUploadResponse.java b/src/main/java/br/com/hideyoshi/auth/model/microservice/StorageServiceUploadResponse.java
similarity index 85%
rename from src/main/java/com/hideyoshi/auth/microservice/storageService/model/StorageServiceUploadResponse.java
rename to src/main/java/br/com/hideyoshi/auth/model/microservice/StorageServiceUploadResponse.java
index 5a220f2..635af07 100644
--- a/src/main/java/com/hideyoshi/auth/microservice/storageService/model/StorageServiceUploadResponse.java
+++ b/src/main/java/br/com/hideyoshi/auth/model/microservice/StorageServiceUploadResponse.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.microservice.storageService.model;
+package br.com.hideyoshi.auth.model.microservice;
import com.fasterxml.jackson.annotation.JsonProperty;
diff --git a/src/main/java/com/hideyoshi/auth/base/auth/repo/UserRepository.java b/src/main/java/br/com/hideyoshi/auth/repository/UserRepository.java
similarity index 77%
rename from src/main/java/com/hideyoshi/auth/base/auth/repo/UserRepository.java
rename to src/main/java/br/com/hideyoshi/auth/repository/UserRepository.java
index f62bba9..106aff6 100644
--- a/src/main/java/com/hideyoshi/auth/base/auth/repo/UserRepository.java
+++ b/src/main/java/br/com/hideyoshi/auth/repository/UserRepository.java
@@ -1,6 +1,6 @@
-package com.hideyoshi.auth.base.auth.repo;
+package br.com.hideyoshi.auth.repository;
-import com.hideyoshi.auth.base.auth.entity.User;
+import br.com.hideyoshi.auth.entity.User;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository;
diff --git a/src/main/java/com/hideyoshi/auth/base/config/CorsConfig.java b/src/main/java/br/com/hideyoshi/auth/security/config/CorsConfig.java
similarity index 93%
rename from src/main/java/com/hideyoshi/auth/base/config/CorsConfig.java
rename to src/main/java/br/com/hideyoshi/auth/security/config/CorsConfig.java
index 81ceb00..caa9123 100644
--- a/src/main/java/com/hideyoshi/auth/base/config/CorsConfig.java
+++ b/src/main/java/br/com/hideyoshi/auth/security/config/CorsConfig.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.base.config;
+package br.com.hideyoshi.auth.security.config;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
@@ -14,7 +14,7 @@ import java.util.List;
@Configuration
public class CorsConfig {
- @Value("${com.hideyoshi.frontendPath}")
+ @Value("${br.com.hideyoshi.frontendPath}")
private String FRONTEND_PATH;
@Bean
@@ -35,4 +35,4 @@ public class CorsConfig {
return source;
}
-}
+}
\ No newline at end of file
diff --git a/src/main/java/br/com/hideyoshi/auth/security/config/PasswordEncoderConfig.java b/src/main/java/br/com/hideyoshi/auth/security/config/PasswordEncoderConfig.java
new file mode 100644
index 0000000..f5d9968
--- /dev/null
+++ b/src/main/java/br/com/hideyoshi/auth/security/config/PasswordEncoderConfig.java
@@ -0,0 +1,16 @@
+package br.com.hideyoshi.auth.security.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class PasswordEncoderConfig {
+
+ @Bean
+ PasswordEncoder passwordEncoder() {
+ return new BCryptPasswordEncoder();
+ }
+
+}
diff --git a/src/main/java/br/com/hideyoshi/auth/security/config/SecurityConfig.java b/src/main/java/br/com/hideyoshi/auth/security/config/SecurityConfig.java
new file mode 100644
index 0000000..e1bd920
--- /dev/null
+++ b/src/main/java/br/com/hideyoshi/auth/security/config/SecurityConfig.java
@@ -0,0 +1,153 @@
+package br.com.hideyoshi.auth.security.config;
+
+import br.com.hideyoshi.auth.model.UserAuthDTO;
+import br.com.hideyoshi.auth.model.UserDTO;
+import br.com.hideyoshi.auth.security.filter.JWTAuthenticationFilter;
+import br.com.hideyoshi.auth.security.oauth2.repository.OAuthRequestRepository;
+import br.com.hideyoshi.auth.security.service.AuthService;
+import br.com.hideyoshi.auth.service.UserService;
+import br.com.hideyoshi.auth.util.exception.AuthenticationInvalidExceptionDetails;
+import br.com.hideyoshi.auth.util.guard.UserResourceHandler;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationFeature;
+import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.time.LocalDateTime;
+
+import static org.springframework.http.HttpStatus.FORBIDDEN;
+import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
+
+@Configuration
+@EnableWebSecurity
+@RequiredArgsConstructor
+public class SecurityConfig {
+
+ private final PasswordEncoder passwordEncoder;
+ private final AuthService authService;
+ private final UserService userService;
+ private final OAuthRequestRepository oAuthRequestRepository;
+ private final UserResourceHandler userResourceHandler;
+
+ @Bean
+ public AuthenticationProvider authenticationProvider() {
+ DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
+
+ provider.setUserDetailsService(this.userService);
+ provider.setPasswordEncoder(this.passwordEncoder);
+
+ return provider;
+ }
+
+ @Bean
+ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+ http.httpBasic().disable()
+ .cors().and().csrf().disable();
+
+ this.addEndpointSecurityToHttp(http);
+ this.addOAuthSecurityToHttp(http);
+
+ this.configureEndpoints(http);
+
+ return http.build();
+ }
+
+ private void configureEndpoints(HttpSecurity http) throws Exception {
+ for (String endpoint : this.userResourceHandler.getOpenPaths()) {
+ http.authorizeRequests().antMatchers(endpoint).permitAll();
+ }
+
+ for (String endpoint : this.userResourceHandler.getGuardedPaths()) {
+ http.authorizeRequests().antMatchers(endpoint).hasAnyAuthority("ROLE_USER", "ROLE_ADMIN");
+ }
+
+ http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
+ http.addFilterBefore(
+ new JWTAuthenticationFilter(this.authService),
+ UsernamePasswordAuthenticationFilter.class
+ );
+ }
+
+ private void addEndpointSecurityToHttp(HttpSecurity http) throws Exception {
+ http.formLogin(form -> form
+ .loginProcessingUrl("/user/login")
+ .successHandler(this::successFormHandler)
+ .failureHandler(this::failureHandler)
+ );
+
+ http.authorizeRequests().antMatchers("/login").denyAll();
+ }
+
+ private void addOAuthSecurityToHttp(HttpSecurity http) throws Exception {
+
+ http.oauth2Login()
+ .authorizationEndpoint()
+ .authorizationRequestRepository(this.oAuthRequestRepository)
+ .and().successHandler(this::successOAuth2Handler)
+ .failureHandler(this::failureHandler);
+ }
+
+ private void successFormHandler(HttpServletRequest request,
+ HttpServletResponse response,
+ Authentication authentication) throws IOException {
+ UserAuthDTO authUser = this.authService.loginUser(
+ request,
+ (UserDTO) authentication.getPrincipal()
+ );
+
+ response.setContentType(APPLICATION_JSON_VALUE);
+ new ObjectMapper()
+ .writeValue(response.getOutputStream(), authUser);
+ }
+
+ private void successOAuth2Handler(HttpServletRequest request,
+ HttpServletResponse response,
+ Authentication authentication) throws IOException {
+ UserAuthDTO authUser = this.authService.loginOAuthUser(
+ request,
+ (OAuth2User) authentication.getPrincipal()
+ );
+
+ response.setContentType(APPLICATION_JSON_VALUE);
+ new ObjectMapper()
+ .writeValue(response.getOutputStream(), authUser);
+
+ }
+
+ private void failureHandler(
+ HttpServletRequest request,
+ HttpServletResponse response,
+ AuthenticationException e) throws IOException {
+ response.setHeader("error", e.getMessage());
+ response.setStatus(FORBIDDEN.value());
+
+ AuthenticationInvalidExceptionDetails error = new AuthenticationInvalidExceptionDetails("Authentication Failed. Check your credentials.",
+ HttpStatus.FORBIDDEN.value(), e.getMessage(),
+ e.getClass().getName(), LocalDateTime.now());
+
+ response.setContentType(APPLICATION_JSON_VALUE);
+
+ ObjectMapper mapper = new ObjectMapper();
+ mapper.registerModule(new JavaTimeModule());
+ mapper.disable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS);
+
+ mapper.writeValue(response.getOutputStream(), error);
+ }
+}
diff --git a/src/main/java/br/com/hideyoshi/auth/security/filter/JWTAuthenticationFilter.java b/src/main/java/br/com/hideyoshi/auth/security/filter/JWTAuthenticationFilter.java
new file mode 100644
index 0000000..057129e
--- /dev/null
+++ b/src/main/java/br/com/hideyoshi/auth/security/filter/JWTAuthenticationFilter.java
@@ -0,0 +1,58 @@
+package br.com.hideyoshi.auth.security.filter;
+
+import br.com.hideyoshi.auth.security.service.AuthService;
+import br.com.hideyoshi.auth.util.exception.AuthenticationInvalidException;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Objects;
+
+import static org.springframework.http.HttpHeaders.AUTHORIZATION;
+
+public class JWTAuthenticationFilter extends OncePerRequestFilter {
+
+ private static final String AUTHORIZATION_TYPE_STRING = "Bearer ";
+
+ private final AuthService authService;
+
+ public JWTAuthenticationFilter(AuthService authService) {
+ this.authService = authService;
+ }
+
+ @Override
+ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
+ throws IOException, ServletException {
+
+ try {
+ this.setUserContext(request);
+ } catch (Exception ignored) {
+ // ignored
+ }
+ filterChain.doFilter(request, response);
+ }
+
+ private void setUserContext(HttpServletRequest request) {
+ if (SecurityContextHolder.getContext().getAuthentication() != null) {
+ return;
+ }
+ String authorizationHeader = request.getHeader(AUTHORIZATION);
+ Authentication loggedUserInfo = this.validateUserAccess(authorizationHeader);
+
+ SecurityContextHolder.getContext().setAuthentication(loggedUserInfo);
+ }
+
+ private Authentication validateUserAccess(String authorizationHeader) {
+ if (Objects.nonNull(authorizationHeader) && authorizationHeader.startsWith(AUTHORIZATION_TYPE_STRING)) {
+ String accessToken = authorizationHeader.substring(AUTHORIZATION_TYPE_STRING.length());
+ return this.authService.extractAccessTokenInfo(accessToken);
+ } else {
+ throw new AuthenticationInvalidException("Access denied");
+ }
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/com/hideyoshi/auth/base/auth/interceptor/ConfigInterceptor.java b/src/main/java/br/com/hideyoshi/auth/security/interceptor/InterceptorConfigurer.java
similarity index 69%
rename from src/main/java/com/hideyoshi/auth/base/auth/interceptor/ConfigInterceptor.java
rename to src/main/java/br/com/hideyoshi/auth/security/interceptor/InterceptorConfigurer.java
index ec02fe4..46ea617 100644
--- a/src/main/java/com/hideyoshi/auth/base/auth/interceptor/ConfigInterceptor.java
+++ b/src/main/java/br/com/hideyoshi/auth/security/interceptor/InterceptorConfigurer.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.base.auth.interceptor;
+package br.com.hideyoshi.auth.security.interceptor;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Component;
@@ -7,12 +7,12 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Component
@RequiredArgsConstructor
-public class ConfigInterceptor implements WebMvcConfigurer {
+public class InterceptorConfigurer implements WebMvcConfigurer {
private final UserResourceAccessInterceptor userResourceAccessInterceptor;
public void addInterceptors(InterceptorRegistry registry) {
- registry.addInterceptor(userResourceAccessInterceptor);
+ registry.addInterceptor(this.userResourceAccessInterceptor);
}
-}
+}
\ No newline at end of file
diff --git a/src/main/java/com/hideyoshi/auth/base/auth/interceptor/UserResourceAccessInterceptor.java b/src/main/java/br/com/hideyoshi/auth/security/interceptor/UserResourceAccessInterceptor.java
similarity index 73%
rename from src/main/java/com/hideyoshi/auth/base/auth/interceptor/UserResourceAccessInterceptor.java
rename to src/main/java/br/com/hideyoshi/auth/security/interceptor/UserResourceAccessInterceptor.java
index f44c442..ddfa0e3 100644
--- a/src/main/java/com/hideyoshi/auth/base/auth/interceptor/UserResourceAccessInterceptor.java
+++ b/src/main/java/br/com/hideyoshi/auth/security/interceptor/UserResourceAccessInterceptor.java
@@ -1,9 +1,10 @@
-package com.hideyoshi.auth.base.auth.interceptor;
+package br.com.hideyoshi.auth.security.interceptor;
+import br.com.hideyoshi.auth.service.UserService;
+import br.com.hideyoshi.auth.util.exception.AuthenticationInvalidException;
+import br.com.hideyoshi.auth.util.exception.AuthorizationException;
+import br.com.hideyoshi.auth.util.guard.UserResourceGuard;
import com.fasterxml.jackson.databind.ObjectMapper;
-import com.hideyoshi.auth.base.auth.service.UserService;
-import com.hideyoshi.auth.util.exception.AuthenticationInvalidException;
-import com.hideyoshi.auth.util.guard.UserResourceGuard;
import lombok.RequiredArgsConstructor;
import lombok.extern.log4j.Log4j2;
import org.springframework.stereotype.Component;
@@ -21,8 +22,6 @@ public class UserResourceAccessInterceptor implements HandlerInterceptor {
private final UserService userService;
- private final ObjectMapper objectMapper;
-
public boolean preHandle(final HttpServletRequest request, final HttpServletResponse response, final Object handler) {
if (!(handler instanceof HandlerMethod)) {
@@ -34,12 +33,12 @@ public class UserResourceAccessInterceptor implements HandlerInterceptor {
if (Objects.nonNull(annotation)) {
Boolean accessPermission =
- annotation.accessType().hasAccess(this.userService, this.objectMapper, request);
+ annotation.accessType().hasAccess(this.userService, request);
if (!accessPermission) {
- throw new AuthenticationInvalidException(annotation.denialMessage());
+ throw new AuthorizationException(annotation.denialMessage());
}
}
return true;
}
-}
+}
\ No newline at end of file
diff --git a/src/main/java/br/com/hideyoshi/auth/security/oauth2/handler/OAuthHandler.java b/src/main/java/br/com/hideyoshi/auth/security/oauth2/handler/OAuthHandler.java
new file mode 100644
index 0000000..9fc13c7
--- /dev/null
+++ b/src/main/java/br/com/hideyoshi/auth/security/oauth2/handler/OAuthHandler.java
@@ -0,0 +1,43 @@
+package br.com.hideyoshi.auth.security.oauth2.handler;
+
+import br.com.hideyoshi.auth.enums.Provider;
+import br.com.hideyoshi.auth.security.oauth2.model.OAuthDTO;
+import br.com.hideyoshi.auth.util.exception.BadRequestException;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import org.springframework.stereotype.Component;
+
+@Component
+public class OAuthHandler {
+ public Provider getProviderFromURL(String url) {
+ String[] urlPartition = url.split("/");
+ return Provider.byValue(urlPartition[urlPartition.length - 1]);
+ }
+
+ public OAuthDTO parseOAuth2User(OAuth2User user, Provider provider) {
+ return switch (provider) {
+ case GITHUB -> parseFromGithub(user);
+ case GOOGLE -> parseFromGoogle(user);
+ default -> throw new BadRequestException("Provider not supported.");
+ };
+ }
+
+ private OAuthDTO parseFromGithub(OAuth2User user) {
+ return new OAuthDTO(
+ user.getAttribute("name"),
+ user.getAttribute("login"),
+ user.getAttribute("email"),
+ user.getAttribute("avatar_url"),
+ Provider.GITHUB
+ );
+ }
+
+ private OAuthDTO parseFromGoogle(OAuth2User user) {
+ return new OAuthDTO(
+ user.getAttribute("name"),
+ user.getAttribute("given_name"),
+ user.getAttribute("email"),
+ user.getAttribute("picture"),
+ Provider.GOOGLE
+ );
+ }
+}
diff --git a/src/main/java/br/com/hideyoshi/auth/security/oauth2/model/OAuthDTO.java b/src/main/java/br/com/hideyoshi/auth/security/oauth2/model/OAuthDTO.java
new file mode 100644
index 0000000..6e1a6c9
--- /dev/null
+++ b/src/main/java/br/com/hideyoshi/auth/security/oauth2/model/OAuthDTO.java
@@ -0,0 +1,19 @@
+package br.com.hideyoshi.auth.security.oauth2.model;
+
+import br.com.hideyoshi.auth.enums.Provider;
+import lombok.AllArgsConstructor;
+import lombok.Data;
+
+@Data
+@AllArgsConstructor
+public class OAuthDTO {
+ private String name;
+
+ private String username;
+
+ private String email;
+
+ private String profilePictureUrl;
+
+ private Provider provider;
+}
diff --git a/src/main/java/com/hideyoshi/auth/base/auth/oauth/repo/OAuthRequestRepository.java b/src/main/java/br/com/hideyoshi/auth/security/oauth2/repository/OAuthRequestRepository.java
similarity index 97%
rename from src/main/java/com/hideyoshi/auth/base/auth/oauth/repo/OAuthRequestRepository.java
rename to src/main/java/br/com/hideyoshi/auth/security/oauth2/repository/OAuthRequestRepository.java
index d2ebed9..fa88df3 100644
--- a/src/main/java/com/hideyoshi/auth/base/auth/oauth/repo/OAuthRequestRepository.java
+++ b/src/main/java/br/com/hideyoshi/auth/security/oauth2/repository/OAuthRequestRepository.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.base.auth.oauth.repo;
+package br.com.hideyoshi.auth.security.oauth2.repository;
import lombok.extern.log4j.Log4j2;
import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;
@@ -64,4 +64,4 @@ public class OAuthRequestRepository implements AuthorizationRequestRepository new BadRequestException("Invalid Token"));
@@ -100,7 +100,7 @@ public class AuthService {
return this.refreshAuthenticatedUser(user, request, new TokenDTO(requestToken, decodedJWT.getExpiresAt()));
}
- public AuthDTO validateAccessToken(HttpServletRequest request) {
+ public UserAuthDTO validateAccessToken(HttpServletRequest request) {
UserDTO user = this.getLoggedUser();
user.setProfilePictureUrl(this.extractProfilePictureUrl(user));
@@ -109,23 +109,20 @@ public class AuthService {
}
public UserDTO getLoggedUser() {
- String username = (String) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
- return userService.getUser(username);
+ return (UserDTO) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
}
- public UsernamePasswordAuthenticationToken extractAccessTokenInfo(String accessToken) {
+ public Authentication extractAccessTokenInfo(String accessToken) {
DecodedJWT decodedJWT = this.decodeToken(accessToken)
.orElseThrow(() -> new BadRequestException("Invalid Token"));
- String username = decodedJWT.getSubject();
- String[] roles = decodedJWT.getClaim("roles").asArray(String.class);
-
- Collection authorities = new ArrayList<>();
- stream(roles).forEach(role -> {
- authorities.add(new SimpleGrantedAuthority(role));
- });
-
- return new UsernamePasswordAuthenticationToken(username, null, authorities);
+ return new UsernamePasswordAuthenticationToken(
+ this.userService.getUser(decodedJWT.getSubject()),
+ null,
+ stream(decodedJWT.getClaim("roles").asArray(String.class))
+ .map(SimpleGrantedAuthority::new)
+ .collect(Collectors.toList())
+ );
}
private Optional decodeToken(String token) {
@@ -139,7 +136,26 @@ public class AuthService {
return Optional.empty();
}
- private AuthDTO processOAuthPostLogin(@Valid UserDTO user, HttpServletRequest request) {
+ private UserDTO getUserFromOAuth2User(OAuthDTO oAuth2User) {
+ UserDTO user;
+
+ try {
+ user = this.userService.getUser(oAuth2User.getUsername());
+ } catch (BadRequestException e) {
+ user = UserDTO.builder()
+ .name(oAuth2User.getName())
+ .username(oAuth2User.getUsername())
+ .email(oAuth2User.getEmail())
+ .roles(List.of(Role.USER))
+ .provider(oAuth2User.getProvider())
+ .profilePictureUrl(oAuth2User.getProfilePictureUrl())
+ .build();
+ }
+
+ return user;
+ }
+
+ private UserAuthDTO processOAuthPostLogin(@Valid UserDTO user, HttpServletRequest request) {
if (Objects.nonNull(user.getId())) {
this.userService.alterUser(user.getId(), user);
@@ -150,47 +166,15 @@ public class AuthService {
return this.generateNewAuthenticatedUser(user, request);
}
- private String getClientFromUrl(String url) {
- String[] urlPartition = url.split("/");
- return urlPartition[urlPartition.length - 1];
- }
-
- private OAuthMap generateOAuthMap(Provider clientProvider, OAuth2User oauthUser) {
- try {
- return OAuthMapper.byValue(clientProvider).getMap()
- .getDeclaredConstructor(OAuth2User.class).newInstance(oauthUser);
- } catch (Exception e) {
- throw new BadRequestException("Unsupported OAuth Client.");
- }
- }
-
private String extractProfilePictureUrl(UserDTO user) {
return this.storageService.getFileUrl(user.getUsername(), "profile")
.map(StorageServiceDownloadResponse::getPresignedUrl)
.orElse(null);
}
- private UserDTO generateAuthenticatedUserFromOAuth(OAuthMap oauthMap, OAuth2User oauthUser) {
- UserDTO user;
- try {
- user = this.userService.getUser(oauthMap.getPrincipal());
- } catch (BadRequestException e) {
- user = UserDTO.builder()
- .name(oauthUser.getAttribute("name"))
- .username(oauthMap.getPrincipal())
- .email(oauthUser.getAttribute("email"))
- .roles(List.of(Role.USER))
- .provider(oauthMap.getProvider())
- .build();
- }
- user.setProfilePictureUrl(oauthMap.getProfilePicture());
-
- return user;
- }
-
- private AuthDTO generateNewAuthenticatedUser(UserDTO user, HttpServletRequest request) {
+ private UserAuthDTO generateNewAuthenticatedUser(UserDTO user, HttpServletRequest request) {
HttpSession httpSession = request.getSession();
- AuthDTO authObject = new AuthDTO(
+ UserAuthDTO authObject = new UserAuthDTO(
user,
this.generateToken(user, request, ACCESS_TOKEN_DURATION),
this.generateToken(user, request, REFRESH_TOKEN_DURATION)
@@ -201,9 +185,9 @@ public class AuthService {
return authObject;
}
- private AuthDTO refreshAuthenticatedUser(UserDTO user, HttpServletRequest request, TokenDTO refreshToken) {
+ private UserAuthDTO refreshAuthenticatedUser(UserDTO user, HttpServletRequest request, TokenDTO refreshToken) {
HttpSession httpSession = request.getSession();
- AuthDTO authObject = new AuthDTO(
+ UserAuthDTO authObject = new UserAuthDTO(
user,
this.generateToken(user, request, ACCESS_TOKEN_DURATION),
refreshToken
diff --git a/src/main/java/br/com/hideyoshi/auth/service/SessionManagerService.java b/src/main/java/br/com/hideyoshi/auth/service/SessionManagerService.java
new file mode 100644
index 0000000..8669e56
--- /dev/null
+++ b/src/main/java/br/com/hideyoshi/auth/service/SessionManagerService.java
@@ -0,0 +1,21 @@
+package br.com.hideyoshi.auth.service;
+
+import br.com.hideyoshi.auth.model.UserAuthDTO;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Service;
+
+import javax.servlet.http.HttpSession;
+
+@Service
+@RequiredArgsConstructor
+public class SessionManagerService {
+
+ public UserAuthDTO validateSession(HttpSession session) {
+ return (UserAuthDTO) session.getAttribute("user");
+ }
+
+ public void destroySession(HttpSession session) {
+ session.invalidate();
+ }
+
+}
diff --git a/src/main/java/com/hideyoshi/auth/base/auth/service/UserService.java b/src/main/java/br/com/hideyoshi/auth/service/UserService.java
similarity index 89%
rename from src/main/java/com/hideyoshi/auth/base/auth/service/UserService.java
rename to src/main/java/br/com/hideyoshi/auth/service/UserService.java
index 1f74c54..df3a754 100644
--- a/src/main/java/com/hideyoshi/auth/base/auth/service/UserService.java
+++ b/src/main/java/br/com/hideyoshi/auth/service/UserService.java
@@ -1,15 +1,16 @@
-package com.hideyoshi.auth.base.auth.service;
+package br.com.hideyoshi.auth.service;
-import com.hideyoshi.auth.base.auth.entity.Provider;
-import com.hideyoshi.auth.base.auth.entity.Role;
-import com.hideyoshi.auth.base.auth.entity.User;
-import com.hideyoshi.auth.base.auth.model.UserDTO;
-import com.hideyoshi.auth.base.auth.repo.UserRepository;
-import com.hideyoshi.auth.util.exception.BadRequestException;
+import br.com.hideyoshi.auth.enums.Provider;
+import br.com.hideyoshi.auth.enums.Role;
+import br.com.hideyoshi.auth.entity.User;
+import br.com.hideyoshi.auth.model.UserDTO;
+import br.com.hideyoshi.auth.repository.UserRepository;
+import br.com.hideyoshi.auth.util.exception.BadRequestException;
import lombok.RequiredArgsConstructor;
import lombok.extern.log4j.Log4j2;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
@@ -132,7 +133,11 @@ public class UserService implements UserDetailsService {
}
public UserDetails loadUserByUsername(String username) {
- return this.getUser(username);
+ try {
+ return this.getUser(username);
+ } catch (BadRequestException e) {
+ throw new UsernameNotFoundException("User not found.");
+ }
}
private String validatePassword(UserDTO user) {
diff --git a/src/main/java/com/hideyoshi/auth/microservice/storageService/service/StorageService.java b/src/main/java/br/com/hideyoshi/auth/service/microservice/StorageService.java
similarity index 90%
rename from src/main/java/com/hideyoshi/auth/microservice/storageService/service/StorageService.java
rename to src/main/java/br/com/hideyoshi/auth/service/microservice/StorageService.java
index 4560382..fe1d98a 100644
--- a/src/main/java/com/hideyoshi/auth/microservice/storageService/service/StorageService.java
+++ b/src/main/java/br/com/hideyoshi/auth/service/microservice/StorageService.java
@@ -1,11 +1,11 @@
-package com.hideyoshi.auth.microservice.storageService.service;
+package br.com.hideyoshi.auth.service.microservice;
+import br.com.hideyoshi.auth.config.StorageServiceConfig;
+import br.com.hideyoshi.auth.enums.FileTypeEnum;
+import br.com.hideyoshi.auth.model.microservice.StorageServiceDownloadResponse;
+import br.com.hideyoshi.auth.model.microservice.StorageServiceUploadResponse;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
-import com.hideyoshi.auth.microservice.storageService.config.StorageServiceConfig;
-import com.hideyoshi.auth.microservice.storageService.enums.FileTypeEnum;
-import com.hideyoshi.auth.microservice.storageService.model.StorageServiceDownloadResponse;
-import com.hideyoshi.auth.microservice.storageService.model.StorageServiceUploadResponse;
import lombok.RequiredArgsConstructor;
import lombok.extern.log4j.Log4j2;
import org.apache.http.client.methods.HttpDelete;
@@ -20,9 +20,9 @@ import org.apache.http.util.EntityUtils;
import org.springframework.stereotype.Service;
import java.io.IOException;
-import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
+import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Optional;
@@ -137,11 +137,7 @@ public class StorageService {
HttpPost request = new HttpPost(requestURI);
request.setHeader("Content-Type", "application/json");
- try {
- request.setEntity(new ByteArrayEntity(requestBody.getBytes("UTF-8")));
- } catch (UnsupportedEncodingException e) {
- throw new RuntimeException(e);
- }
+ request.setEntity(new ByteArrayEntity(requestBody.getBytes(StandardCharsets.UTF_8)));
CloseableHttpClient httpClient = HttpClientBuilder.create()
.setRedirectStrategy(new LaxRedirectStrategy()).build();
diff --git a/src/main/java/com/hideyoshi/auth/util/exception/AuthenticationInvalidException.java b/src/main/java/br/com/hideyoshi/auth/util/exception/AuthenticationInvalidException.java
similarity index 87%
rename from src/main/java/com/hideyoshi/auth/util/exception/AuthenticationInvalidException.java
rename to src/main/java/br/com/hideyoshi/auth/util/exception/AuthenticationInvalidException.java
index a3cc8cb..4d1d706 100644
--- a/src/main/java/com/hideyoshi/auth/util/exception/AuthenticationInvalidException.java
+++ b/src/main/java/br/com/hideyoshi/auth/util/exception/AuthenticationInvalidException.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.util.exception;
+package br.com.hideyoshi.auth.util.exception;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.ResponseStatus;
diff --git a/src/main/java/com/hideyoshi/auth/util/exception/AuthenticationInvalidExceptionDetails.java b/src/main/java/br/com/hideyoshi/auth/util/exception/AuthenticationInvalidExceptionDetails.java
similarity index 89%
rename from src/main/java/com/hideyoshi/auth/util/exception/AuthenticationInvalidExceptionDetails.java
rename to src/main/java/br/com/hideyoshi/auth/util/exception/AuthenticationInvalidExceptionDetails.java
index f18305f..5c36c27 100644
--- a/src/main/java/com/hideyoshi/auth/util/exception/AuthenticationInvalidExceptionDetails.java
+++ b/src/main/java/br/com/hideyoshi/auth/util/exception/AuthenticationInvalidExceptionDetails.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.util.exception;
+package br.com.hideyoshi.auth.util.exception;
import java.time.LocalDateTime;
diff --git a/src/main/java/br/com/hideyoshi/auth/util/exception/AuthorizationException.java b/src/main/java/br/com/hideyoshi/auth/util/exception/AuthorizationException.java
new file mode 100644
index 0000000..f5298d8
--- /dev/null
+++ b/src/main/java/br/com/hideyoshi/auth/util/exception/AuthorizationException.java
@@ -0,0 +1,12 @@
+package br.com.hideyoshi.auth.util.exception;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+@ResponseStatus(HttpStatus.FORBIDDEN)
+public class AuthorizationException extends RuntimeException {
+
+ public AuthorizationException(String message) {
+ super(message);
+ }
+}
diff --git a/src/main/java/br/com/hideyoshi/auth/util/exception/AuthorizationExceptionDetails.java b/src/main/java/br/com/hideyoshi/auth/util/exception/AuthorizationExceptionDetails.java
new file mode 100644
index 0000000..ce48c6f
--- /dev/null
+++ b/src/main/java/br/com/hideyoshi/auth/util/exception/AuthorizationExceptionDetails.java
@@ -0,0 +1,9 @@
+package br.com.hideyoshi.auth.util.exception;
+
+import java.time.LocalDateTime;
+
+public class AuthorizationExceptionDetails extends ExceptionDetails {
+ public AuthorizationExceptionDetails(String title, Integer status, String details, String developerMessage, LocalDateTime timestamp) {
+ super(title, status, details, developerMessage, timestamp);
+ }
+}
diff --git a/src/main/java/com/hideyoshi/auth/util/exception/BadRequestException.java b/src/main/java/br/com/hideyoshi/auth/util/exception/BadRequestException.java
similarity index 86%
rename from src/main/java/com/hideyoshi/auth/util/exception/BadRequestException.java
rename to src/main/java/br/com/hideyoshi/auth/util/exception/BadRequestException.java
index 235b77f..3fd8e67 100644
--- a/src/main/java/com/hideyoshi/auth/util/exception/BadRequestException.java
+++ b/src/main/java/br/com/hideyoshi/auth/util/exception/BadRequestException.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.util.exception;
+package br.com.hideyoshi.auth.util.exception;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.ResponseStatus;
diff --git a/src/main/java/com/hideyoshi/auth/util/exception/BadRequestExceptionDetails.java b/src/main/java/br/com/hideyoshi/auth/util/exception/BadRequestExceptionDetails.java
similarity index 90%
rename from src/main/java/com/hideyoshi/auth/util/exception/BadRequestExceptionDetails.java
rename to src/main/java/br/com/hideyoshi/auth/util/exception/BadRequestExceptionDetails.java
index c7a2649..91752c6 100644
--- a/src/main/java/com/hideyoshi/auth/util/exception/BadRequestExceptionDetails.java
+++ b/src/main/java/br/com/hideyoshi/auth/util/exception/BadRequestExceptionDetails.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.util.exception;
+package br.com.hideyoshi.auth.util.exception;
import java.time.LocalDateTime;
diff --git a/src/main/java/com/hideyoshi/auth/util/exception/ExceptionDetails.java b/src/main/java/br/com/hideyoshi/auth/util/exception/ExceptionDetails.java
similarity index 93%
rename from src/main/java/com/hideyoshi/auth/util/exception/ExceptionDetails.java
rename to src/main/java/br/com/hideyoshi/auth/util/exception/ExceptionDetails.java
index 10b2951..5c1fc45 100644
--- a/src/main/java/com/hideyoshi/auth/util/exception/ExceptionDetails.java
+++ b/src/main/java/br/com/hideyoshi/auth/util/exception/ExceptionDetails.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.util.exception;
+package br.com.hideyoshi.auth.util.exception;
import lombok.Getter;
import lombok.Setter;
diff --git a/src/main/java/com/hideyoshi/auth/util/exception/ValidationExceptionDetails.java b/src/main/java/br/com/hideyoshi/auth/util/exception/ValidationExceptionDetails.java
similarity index 93%
rename from src/main/java/com/hideyoshi/auth/util/exception/ValidationExceptionDetails.java
rename to src/main/java/br/com/hideyoshi/auth/util/exception/ValidationExceptionDetails.java
index 4150fc0..037d441 100644
--- a/src/main/java/com/hideyoshi/auth/util/exception/ValidationExceptionDetails.java
+++ b/src/main/java/br/com/hideyoshi/auth/util/exception/ValidationExceptionDetails.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.util.exception;
+package br.com.hideyoshi.auth.util.exception;
import lombok.Getter;
import lombok.Setter;
diff --git a/src/main/java/com/hideyoshi/auth/util/guard/UserResourceGuard.java b/src/main/java/br/com/hideyoshi/auth/util/guard/UserResourceGuard.java
similarity index 87%
rename from src/main/java/com/hideyoshi/auth/util/guard/UserResourceGuard.java
rename to src/main/java/br/com/hideyoshi/auth/util/guard/UserResourceGuard.java
index f599c2b..8f8a042 100644
--- a/src/main/java/com/hideyoshi/auth/util/guard/UserResourceGuard.java
+++ b/src/main/java/br/com/hideyoshi/auth/util/guard/UserResourceGuard.java
@@ -1,4 +1,4 @@
-package com.hideyoshi.auth.util.guard;
+package br.com.hideyoshi.auth.util.guard;
import java.lang.annotation.*;
diff --git a/src/main/java/com/hideyoshi/auth/util/guard/UserResourceGuardEnum.java b/src/main/java/br/com/hideyoshi/auth/util/guard/UserResourceGuardEnum.java
similarity index 58%
rename from src/main/java/com/hideyoshi/auth/util/guard/UserResourceGuardEnum.java
rename to src/main/java/br/com/hideyoshi/auth/util/guard/UserResourceGuardEnum.java
index 174827b..57d208b 100644
--- a/src/main/java/com/hideyoshi/auth/util/guard/UserResourceGuardEnum.java
+++ b/src/main/java/br/com/hideyoshi/auth/util/guard/UserResourceGuardEnum.java
@@ -1,9 +1,9 @@
-package com.hideyoshi.auth.util.guard;
+package br.com.hideyoshi.auth.util.guard;
+import br.com.hideyoshi.auth.enums.Role;
+import br.com.hideyoshi.auth.model.UserDTO;
+import br.com.hideyoshi.auth.service.UserService;
import com.fasterxml.jackson.databind.ObjectMapper;
-import com.hideyoshi.auth.base.auth.entity.Role;
-import com.hideyoshi.auth.base.auth.model.UserDTO;
-import com.hideyoshi.auth.base.auth.service.UserService;
import lombok.Getter;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
@@ -19,9 +19,8 @@ public enum UserResourceGuardEnum {
@Override
public Boolean hasAccess(
UserService userService,
- ObjectMapper objectMapper,
HttpServletRequest request) {
- return justUser(userService, objectMapper, request);
+ return UserResourceGuardEnum.justUser(userService, request);
}
},
@@ -29,9 +28,8 @@ public enum UserResourceGuardEnum {
@Override
public Boolean hasAccess(
UserService userService,
- ObjectMapper objectMapper,
HttpServletRequest request) {
- return sameUser(userService, objectMapper, request);
+ return UserResourceGuardEnum.sameUser(userService, request);
}
},
@@ -39,9 +37,8 @@ public enum UserResourceGuardEnum {
@Override
public Boolean hasAccess(
UserService userService,
- ObjectMapper objectMapper,
HttpServletRequest request) {
- return adminUser(userService, objectMapper, request);
+ return UserResourceGuardEnum.adminUser(userService, request);
}
},
@@ -49,9 +46,8 @@ public enum UserResourceGuardEnum {
@Override
public Boolean hasAccess(
UserService userService,
- ObjectMapper objectMapper,
HttpServletRequest request) {
- return openAccess(userService, objectMapper, request);
+ return openAccess(userService, request);
}
};
@@ -70,19 +66,18 @@ public enum UserResourceGuardEnum {
throw new IllegalArgumentException("Argument not valid.");
}
- private static boolean justUser(UserService userService, ObjectMapper objectMapper, HttpServletRequest request) {
-
- String username = (String) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
- UserDTO userLogged = userService.getUser(username);
+ private static boolean justUser(UserService userService, HttpServletRequest request) {
+ UserDTO userLogged = (UserDTO) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
return userLogged.getAuthorities().contains(new SimpleGrantedAuthority(Role.USER.getDescription()));
}
- private static boolean sameUser(UserService userService, ObjectMapper objectMapper, HttpServletRequest request) {
- String username = (String) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
- UserDTO userLogged = userService.getUser(username);
+ private static boolean sameUser(UserService userService, HttpServletRequest request) {
+ UserDTO userLogged = (UserDTO) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
Object requestPathVariable = request.getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE);
+
+ ObjectMapper objectMapper = new ObjectMapper();
HashMap pathVariable = objectMapper.convertValue(requestPathVariable, HashMap.class);
UserDTO userInfo = userService.getUser(Long.parseLong(pathVariable.get("id")));
@@ -90,20 +85,17 @@ public enum UserResourceGuardEnum {
}
- private static boolean adminUser(UserService userService, ObjectMapper objectMapper, HttpServletRequest request) {
- String username = (String) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
- UserDTO userLogged = userService.getUser(username);
-
+ private static boolean adminUser(UserService userService, HttpServletRequest request) {
+ UserDTO userLogged = (UserDTO) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
return userLogged.getAuthorities().contains(new SimpleGrantedAuthority(Role.ADMIN.getDescription()));
}
- private static Boolean openAccess(UserService userService, ObjectMapper objectMapper, HttpServletRequest request) {
+ private static Boolean openAccess(UserService userService, HttpServletRequest request) {
return true;
}
public abstract Boolean hasAccess(
UserService userService,
- ObjectMapper objectMapper,
HttpServletRequest request);
}
diff --git a/src/main/java/br/com/hideyoshi/auth/util/guard/UserResourceHandler.java b/src/main/java/br/com/hideyoshi/auth/util/guard/UserResourceHandler.java
new file mode 100644
index 0000000..a568801
--- /dev/null
+++ b/src/main/java/br/com/hideyoshi/auth/util/guard/UserResourceHandler.java
@@ -0,0 +1,113 @@
+package br.com.hideyoshi.auth.util.guard;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.ListableBeanFactory;
+import org.springframework.stereotype.Component;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.*;
+
+import java.lang.annotation.Annotation;
+import java.lang.reflect.Method;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+
+@Component
+@RequiredArgsConstructor
+public class UserResourceHandler {
+ private final ListableBeanFactory beanFactory;
+
+ public List getGuardedPaths() {
+ return this.extractPathsFromMethods(this.getGuardedResources());
+ }
+
+ public List getOpenPaths() {
+ return this.extractPathsFromMethods(this.getOpenResources());
+ }
+
+ private List extractPathsFromMethods(List methods) {
+ final List paths = new ArrayList<>();
+ for (final Method method : methods) {
+ String[] parentPath = new String[0];
+
+ RequestMapping classAnnotation = method.getDeclaringClass().getAnnotation(RequestMapping.class);
+ if (classAnnotation != null) {
+ parentPath = this.getPathFromAnnotation(classAnnotation);
+ }
+
+ List annotations = List.of(method.getAnnotations());
+
+ for (Annotation annotation : annotations) {
+ final String[] path = this.getPathFromAnnotation(annotation);
+
+ if (path != null)
+ paths.add(String.join("/", parentPath) + String.join("/", path));
+ }
+ }
+ return paths;
+ }
+
+ private List getGuardedResources() {
+ final List guardedAccessTypes = Arrays.asList(
+ UserResourceGuardEnum.USER,
+ UserResourceGuardEnum.SAME_USER,
+ UserResourceGuardEnum.ADMIN_USER
+ );
+ final List methods = new ArrayList<>();
+
+ for (final Class controllerClass : this.getControllerClasses()) {
+ methods.addAll(this.getMethodsByAccessType(controllerClass, guardedAccessTypes));
+ }
+
+ return methods;
+ }
+
+ private List getOpenResources() {
+ final List openAccessTypes = List.of(UserResourceGuardEnum.OPEN);
+ final List methods = new ArrayList<>();
+
+ for (final Class controllerClass : this.getControllerClasses()) {
+ methods.addAll(this.getMethodsByAccessType(controllerClass, openAccessTypes));
+ }
+
+ return methods;
+ }
+
+ private List getMethodsByAccessType(final Class controllerClass, List accessTypes) {
+ final List methods = new ArrayList<>();
+ for (final Method method : controllerClass.getDeclaredMethods()) {
+ if (!method.isAnnotationPresent(UserResourceGuard.class)) {
+ continue;
+ }
+ UserResourceGuard annotation = method.getAnnotation(UserResourceGuard.class);
+ if (!accessTypes.contains(annotation.accessType())) {
+ continue;
+ }
+
+ methods.add(method);
+ }
+ return methods;
+ }
+
+ private List> getControllerClasses() {
+ final List> controllerClasses = new ArrayList<>();
+ for (final String beanName : this.beanFactory.getBeanNamesForAnnotation(Controller.class)) {
+ controllerClasses.add(this.beanFactory.getType(beanName));
+ }
+ return controllerClasses;
+ }
+
+ private String[] getPathFromAnnotation(Annotation annotation) {
+ String[] path; String[] value;
+
+ try {
+ value = (String[]) annotation.annotationType().getMethod("value").invoke(annotation);
+ path = (String[]) annotation.annotationType().getMethod("path").invoke(annotation);
+ } catch (Exception e) {
+ return null;
+ }
+
+ return value.length > 0 ? value : path;
+ }
+}
diff --git a/src/main/java/com/hideyoshi/auth/util/guard/UserResourceValidator.java b/src/main/java/br/com/hideyoshi/auth/util/guard/UserResourceValidator.java
similarity index 87%
rename from src/main/java/com/hideyoshi/auth/util/guard/UserResourceValidator.java
rename to src/main/java/br/com/hideyoshi/auth/util/guard/UserResourceValidator.java
index ca58496..62f44ab 100644
--- a/src/main/java/com/hideyoshi/auth/util/guard/UserResourceValidator.java
+++ b/src/main/java/br/com/hideyoshi/auth/util/guard/UserResourceValidator.java
@@ -1,6 +1,6 @@
-package com.hideyoshi.auth.util.guard;
+package br.com.hideyoshi.auth.util.guard;
-import com.hideyoshi.auth.base.auth.model.UserDTO;
+import br.com.hideyoshi.auth.model.UserDTO;
import org.springframework.security.core.context.SecurityContextHolder;
import javax.validation.ConstraintValidator;
diff --git a/src/main/java/com/hideyoshi/auth/util/handler/RestExceptionHandler.java b/src/main/java/br/com/hideyoshi/auth/util/handler/RestExceptionHandler.java
similarity index 85%
rename from src/main/java/com/hideyoshi/auth/util/handler/RestExceptionHandler.java
rename to src/main/java/br/com/hideyoshi/auth/util/handler/RestExceptionHandler.java
index 014932d..d217d50 100644
--- a/src/main/java/com/hideyoshi/auth/util/handler/RestExceptionHandler.java
+++ b/src/main/java/br/com/hideyoshi/auth/util/handler/RestExceptionHandler.java
@@ -1,6 +1,6 @@
-package com.hideyoshi.auth.util.handler;
+package br.com.hideyoshi.auth.util.handler;
-import com.hideyoshi.auth.util.exception.*;
+import br.com.hideyoshi.auth.util.exception.*;
import lombok.extern.log4j.Log4j2;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
@@ -40,6 +40,15 @@ public class RestExceptionHandler extends ResponseEntityExceptionHandler {
HttpStatus.FORBIDDEN);
}
+ @ExceptionHandler(AuthorizationException.class)
+ public ResponseEntity handleBadRequest(final AuthorizationException exception) {
+ return new ResponseEntity<>(
+ new AuthorizationExceptionDetails("Authorization Failed. Check your permissions.",
+ HttpStatus.FORBIDDEN.value(), exception.getMessage(),
+ exception.getClass().getName(), LocalDateTime.now()),
+ HttpStatus.FORBIDDEN);
+ }
+
@Override
protected ResponseEntity