Max665/biblenotes-java
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

finished base auth with spring jpa

Browse Source
This commit is contained in:
Max W. 2025-01-17 00:44:18 +01:00
parent ed30a5f712
commit b3762373d4
3 changed files with 72 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/main/java/de/w665/biblenotes/rest/mappings/TestMapping.java Normal file
View File

@ -0,0 +1,14 @@
package de.w665.biblenotes.rest.mappings;
import de.w665.biblenotes.rest.SecureApiRestController;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class TestMapping extends SecureApiRestController {
@GetMapping("/test")
public String test() {
return "Your authentication works!";
}
}

47
src/main/java/de/w665/biblenotes/rest/security/JwtAuthenticationFilter.java
View File

@ -8,7 +8,6 @@ import jakarta.servlet.http.HttpServletResponse;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.NotNull;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.context.SecurityContextHolder;
@ -35,33 +34,43 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
logger.debug("Filtering request: " + request.getRequestURI()); logger.debug("Filtering request: " + request.getRequestURI());
// Skip filter for all paths except the secure path
if(!requestMatcher.matches(request)) { if(!requestMatcher.matches(request)) {
logger.debug("Request does not match the secure path. Skipping JWT authentication."); logger.debug("Request does not match the secure path. Skipping JWT authentication.");
filterChain.doFilter(request, response); filterChain.doFilter(request, response);
return; return;
} }
try { // Extract the JWT token from the request
String jwt = getJwtFromRequest(request); String jwt = getJwtFromRequest(request);
if (jwt != null && authenticationService.validateToken(jwt)) {
String username = authenticationService.extractSubject(jwt);
// Extract the role from the JWT and set it to Spring AuthenticationContext for access control
String role = authenticationService.getClaimValue(jwt, "role", String.class);
List<GrantedAuthority> authorities = Collections.singletonList(new SimpleGrantedAuthority("ROLE_" + role));
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(username, null, authorities); if (jwt == null) { // Check if the JWT token is missing
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
SecurityContextHolder.getContext().setAuthentication(authentication); response.setContentType("application/json");
// SUCCESSFUL AUTHENTICATION response.getWriter().write("{\"error\": \"Unauthorized\", \"message\": \"JWT token is missing.\"}");
filterChain.doFilter(request, response); logger.warn("Unauthorized: JWT token is missing.");
} else { return;
logger.warn("Unauthorized: Authentication token is missing or invalid.");
}
} catch (Exception ex) {
logger.warn("Could not set user authentication in security context. An error occurred during JWT processing.", ex);
} }
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); if (!authenticationService.validateToken(jwt)) { // Validate the JWT token
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setContentType("application/json");
response.getWriter().write("{\"error\": \"Unauthorized\", \"message\": \"JWT token is invalid.\"}");
logger.warn("Unauthorized: JWT token is invalid.");
return;
}
String username = authenticationService.extractSubject(jwt);
// Extract the role from the JWT and set it to Spring AuthenticationContext for access control
String role = authenticationService.getClaimValue(jwt, "role", String.class);
List<GrantedAuthority> authorities = Collections.singletonList(new SimpleGrantedAuthority("ROLE_" + role));
JwtAuthenticationToken auth = new JwtAuthenticationToken(username, jwt, authorities);
auth.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(auth);
// SUCCESSFUL AUTHENTICATION
filterChain.doFilter(request, response);
} }
private String getJwtFromRequest(HttpServletRequest request) { private String getJwtFromRequest(HttpServletRequest request) {

30
src/main/java/de/w665/biblenotes/rest/security/JwtAuthenticationToken.java Normal file
View File

@ -0,0 +1,30 @@
package de.w665.biblenotes.rest.security;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import java.util.Collection;
public class JwtAuthenticationToken extends AbstractAuthenticationToken {
private final String principal;
private final String token;
public JwtAuthenticationToken(String principal, String token, Collection<? extends GrantedAuthority> authorities) {
super(authorities);
this.principal = principal;
this.token = token;
super.setAuthenticated(true); // Set this to true only if authentication is verified
}
@Override
public Object getCredentials() {
return null;
}
@Override
public Object getPrincipal() {
return null;
}
}