diff --git "a/Quest\303\265es - Criar Aplica\303\247\303\243o com autentica\303\247\303\243o via Token.pdf" "b/Quest\303\265es - Criar Aplica\303\247\303\243o com autentica\303\247\303\243o via Token.pdf" new file mode 100644 index 0000000..27cfdb7 Binary files /dev/null and "b/Quest\303\265es - Criar Aplica\303\247\303\243o com autentica\303\247\303\243o via Token.pdf" differ diff --git "a/exemplos/02-seguranca/Quest\303\265es - Criar Aplica\303\247\303\243o com autentica\303\247\303\243o via Token.pdf" "b/exemplos/02-seguranca/Quest\303\265es - Criar Aplica\303\247\303\243o com autentica\303\247\303\243o via Token.pdf" new file mode 100644 index 0000000..27cfdb7 Binary files /dev/null and "b/exemplos/02-seguranca/Quest\303\265es - Criar Aplica\303\247\303\243o com autentica\303\247\303\243o via Token.pdf" differ diff --git a/exemplos/02-seguranca/pom.xml b/exemplos/02-seguranca/pom.xml index 7c0b5df..dc124e2 100644 --- a/exemplos/02-seguranca/pom.xml +++ b/exemplos/02-seguranca/pom.xml @@ -1,70 +1,90 @@ - - 4.0.0 - - org.springframework.boot - spring-boot-starter-parent - 2.1.9.RELEASE - - - br.com.ifpb.pweb2 - security-demo - 0.0.1-SNAPSHOT - security-demo - Demo project for Spring Security + + 4.0.0 + + org.springframework.boot + spring-boot-starter-parent + 2.1.9.RELEASE + + + br.com.ifpb.pweb2 + security-demo + 0.0.1-SNAPSHOT + security-demo + Demo project for Spring Security - - 1.8 - + + 1.8 + - - - org.springframework.boot - spring-boot-starter-data-jpa - - - org.springframework.boot - spring-boot-starter-web - + + + org.springframework.boot + spring-boot-starter-data-jpa + + + org.springframework.boot + spring-boot-starter-web + - - org.springframework.boot - spring-boot-starter-security - + + org.springframework.boot + spring-boot-starter-security + - - org.projectlombok - lombok - 1.18.10 - + + org.projectlombok + lombok + 1.18.10 + + + org.springframework.boot + spring-boot-starter-test + test + + + org.springframework.security + spring-security-test + test + + + + org.postgresql + postgresql + runtime + + + - org.springframework.boot - spring-boot-starter-test - test + io.jsonwebtoken + jjwt-api + 0.10.5 - org.springframework.security - spring-security-test - test + io.jsonwebtoken + jjwt-impl + 0.10.5 + runtime - - org.postgresql - postgresql - 42.2.8 + io.jsonwebtoken + jjwt-jackson + 0.10.5 + runtime - + - - - - org.springframework.boot - spring-boot-maven-plugin - - - + + + + org.springframework.boot + spring-boot-maven-plugin + + + diff --git a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/ApplicationConfig.java b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/ApplicationConfig.java index bc36b99..8b05da2 100644 --- a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/ApplicationConfig.java +++ b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/ApplicationConfig.java @@ -1,11 +1,10 @@ package br.com.ifpb.pweb2.securitydemo.config; -import lombok.Data; -import lombok.Getter; -import lombok.Setter; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Configuration; +import lombok.Data; + @Configuration @ConfigurationProperties(prefix = "app") @Data diff --git a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/SecurityConfig.java b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/SecurityConfig.java new file mode 100644 index 0000000..cc2e96e --- /dev/null +++ b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/SecurityConfig.java @@ -0,0 +1,17 @@ +package br.com.ifpb.pweb2.securitydemo.config; + +import lombok.Data; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +@Configuration +@ConfigurationProperties(prefix="security") +@Data +public class SecurityConfig { + private String authLoginUrl; + private String tokenType; + private String secret; + private String issuer; + private String audience; + private Long expiration; +} diff --git a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/SecurityConstants.java b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/SecurityConstants.java new file mode 100644 index 0000000..46b54d9 --- /dev/null +++ b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/SecurityConstants.java @@ -0,0 +1,21 @@ +package br.com.ifpb.pweb2.securitydemo.config; + +public class SecurityConstants { + public static final String AUTH_LOGIN_URL = "/api/authenticate"; + + // Signing key for HS512 algorithm + // Use http://www.allkeysgenerator.com/ para gerar uma chave + public static final String JWT_SECRET = "884B504E-224E-48DE-9664-7A3057BAEC23"; + + // JWT token defaults + public static final String TOKEN_HEADER = "Authorization"; + public static final String TOKEN_PREFIX = "Bearer "; + public static final String TOKEN_TYPE = "JWT"; + public static final String TOKEN_ISSUER = "secure-api"; + public static final String TOKEN_AUDIENCE = "secure-app"; + + private SecurityConstants() { + } + + +} diff --git a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/WebSecurityConfig.java b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/WebSecurityConfig.java index 43671e8..5f97172 100644 --- a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/WebSecurityConfig.java +++ b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/WebSecurityConfig.java @@ -1,33 +1,65 @@ package br.com.ifpb.pweb2.securitydemo.config; -import org.springframework.core.annotation.Order; +import br.com.ifpb.pweb2.securitydemo.config.jwt.JwtAuthenticationFilter; +import br.com.ifpb.pweb2.securitydemo.config.jwt.JwtAuthorizationFilter; +import br.com.ifpb.pweb2.securitydemo.service.UsuarioService; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.web.cors.CorsConfiguration; +import org.springframework.web.cors.CorsConfigurationSource; +import org.springframework.web.cors.UrlBasedCorsConfigurationSource; @EnableWebSecurity @EnableGlobalMethodSecurity(jsr250Enabled = true, securedEnabled = true, prePostEnabled = true) public class WebSecurityConfig extends WebSecurityConfigurerAdapter { - public WebSecurityConfig() { + private final SecurityConfig securityConfig; + + private final UserDetailsService userDetailsService; + + private final PasswordEncoder passwordEncoder; + + + public WebSecurityConfig(SecurityConfig securityConfig, UserDetailsService userDetailsService, PasswordEncoder passwordEncoder) { + this.securityConfig = securityConfig; + this.userDetailsService = userDetailsService; + this.passwordEncoder = passwordEncoder; } @Override protected void configure(HttpSecurity http) throws Exception { - http + http.cors().and() .authorizeRequests() - .antMatchers("/api/**").authenticated() .antMatchers("/publico").permitAll() - .antMatchers("/usuarios").hasRole("ADMIN") + .anyRequest().authenticated() .and() + .addFilter(new JwtAuthenticationFilter(authenticationManager(), securityConfig)) + .addFilter(new JwtAuthorizationFilter(authenticationManager(), securityConfig)) .sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS) - .and() - .httpBasic() .and() .csrf().disable(); } + + @Override + public void configure(AuthenticationManagerBuilder auth) throws Exception { + auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder); + } + + @Bean + public CorsConfigurationSource corsConfigurationSource() { + final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); + source.registerCorsConfiguration("/**", new CorsConfiguration().applyPermitDefaultValues()); + return source; + } + } diff --git a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/jwt/JwtAuthenticationFilter.java b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/jwt/JwtAuthenticationFilter.java new file mode 100644 index 0000000..eca2e35 --- /dev/null +++ b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/jwt/JwtAuthenticationFilter.java @@ -0,0 +1,69 @@ +package br.com.ifpb.pweb2.securitydemo.config.jwt; + +import br.com.ifpb.pweb2.securitydemo.config.SecurityConfig; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.SignatureAlgorithm; +import io.jsonwebtoken.security.Keys; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; + +import javax.servlet.FilterChain; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.util.Date; +import java.util.List; +import java.util.stream.Collectors; + +public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilter { + + private final AuthenticationManager authenticationManager; + + private final SecurityConfig securityConfig; + + public JwtAuthenticationFilter(AuthenticationManager authenticationManager, SecurityConfig securityConfig) { + this.authenticationManager=authenticationManager; + this.securityConfig = securityConfig; + setFilterProcessesUrl(this.securityConfig.getAuthLoginUrl()); + } + + @Override + public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) { + String username = request.getParameter("usuario"); + String password = request.getParameter("senha"); + UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password); + + return authenticationManager.authenticate(authenticationToken); + } + + @Override + protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, + FilterChain filterChain, Authentication authentication) { + UserDetails user = ((UserDetails) authentication.getPrincipal()); + + List roles = user.getAuthorities() + .stream() + .map(GrantedAuthority::getAuthority) + .collect(Collectors.toList()); + + String signingKey = securityConfig.getSecret(); + + String token = Jwts.builder() + .signWith(Keys.hmacShaKeyFor(signingKey.getBytes()), SignatureAlgorithm.HS512) + .setHeaderParam("type", securityConfig.getTokenType()) + .setIssuer(securityConfig.getIssuer()) //emissor + .setAudience(securityConfig.getAudience()) //destinatario + .setSubject(user.getUsername()) + .setExpiration(new Date(System.currentTimeMillis() + securityConfig.getExpiration())) + .claim("roles", roles) + .compact(); + + response.addHeader("Authorization", "Bearer " + token); + } + +} diff --git a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/jwt/JwtAuthorizationFilter.java b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/jwt/JwtAuthorizationFilter.java new file mode 100644 index 0000000..558c7c3 --- /dev/null +++ b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/config/jwt/JwtAuthorizationFilter.java @@ -0,0 +1,90 @@ +package br.com.ifpb.pweb2.securitydemo.config.jwt; + +import java.io.IOException; +import java.util.List; +import java.util.stream.Collectors; + +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; + +import br.com.ifpb.pweb2.securitydemo.config.SecurityConfig; +import io.jsonwebtoken.Claims; +import io.jsonwebtoken.ExpiredJwtException; +import io.jsonwebtoken.Jws; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.MalformedJwtException; +import io.jsonwebtoken.SignatureException; +import io.jsonwebtoken.UnsupportedJwtException; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class JwtAuthorizationFilter extends BasicAuthenticationFilter { + + private final SecurityConfig securityConfig; + + public JwtAuthorizationFilter(AuthenticationManager authenticationManager, SecurityConfig securityConfig) { + super(authenticationManager); + this.securityConfig = securityConfig; + } + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, + FilterChain filterChain) throws IOException, ServletException { + UsernamePasswordAuthenticationToken authentication = getAuthentication(request); + if (authentication == null) { + filterChain.doFilter(request, response); + return; + } + + SecurityContextHolder.getContext().setAuthentication(authentication); + filterChain.doFilter(request, response); + } + + private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest request) { + String token = request.getHeader("Authorization"); + if (token != null && !token.isEmpty() && token.startsWith("Bearer")) { + try { + String signingKey = securityConfig.getSecret(); + + Jws parsedToken = Jwts.parser() + .setSigningKey(signingKey.getBytes()) + .parseClaimsJws(token.replace("Bearer ", "")); + + String username = parsedToken + .getBody() + .getSubject(); + + List authorities = ((List) parsedToken.getBody() + .get("roles")).stream() + .map(authority -> new SimpleGrantedAuthority((String) authority)) + .collect(Collectors.toList()); + + if (username != null && !username.isEmpty()){ + return new UsernamePasswordAuthenticationToken(username, null, authorities); + } + + } catch (ExpiredJwtException exception) { + log.warn("Request to parse expired JWT : {} failed : {}", token, exception.getMessage()); + } catch (UnsupportedJwtException exception) { + log.warn("Request to parse unsupported JWT : {} failed : {}", token, exception.getMessage()); + } catch (MalformedJwtException exception) { + log.warn("Request to parse invalid JWT : {} failed : {}", token, exception.getMessage()); + } catch (SignatureException exception) { + log.warn("Request to parse JWT with invalid signature : {} failed : {}", token, exception.getMessage()); + } catch (IllegalArgumentException exception) { + log.warn("Request to parse empty or null JWT : {} failed : {}", token, exception.getMessage()); + } + } + + return null; + } + +} diff --git a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/controller/UsuarioController.java b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/controller/UsuarioController.java index b1d2d8c..6711f2a 100644 --- a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/controller/UsuarioController.java +++ b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/controller/UsuarioController.java @@ -1,54 +1,61 @@ package br.com.ifpb.pweb2.securitydemo.controller; -import br.com.ifpb.pweb2.securitydemo.domain.Usuario; -import br.com.ifpb.pweb2.securitydemo.service.UsuarioException; -import br.com.ifpb.pweb2.securitydemo.service.UsuarioService; -import org.springframework.http.ResponseEntity; -import org.springframework.security.access.prepost.PreAuthorize; -import org.springframework.web.bind.annotation.*; - -import javax.validation.Valid; import java.util.List; -@RestController -@RequestMapping("/usuarios") -public class UsuarioController { - - private final UsuarioService usuarioService; +import javax.validation.Valid; - public UsuarioController(UsuarioService usuarioService) { - this.usuarioService = usuarioService; - } +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.DeleteMapping; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.PutMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; +import br.com.ifpb.pweb2.securitydemo.domain.Usuario; +import br.com.ifpb.pweb2.securitydemo.service.UsuarioService; - @GetMapping("/{login}") +@RestController +@RequestMapping(path = "/usuarios") +public class UsuarioController { + + private UsuarioService usuarioService; + + + public UsuarioController(UsuarioService usuarioService) { + this.usuarioService = usuarioService; + } + + @GetMapping("/{login}") public Usuario recuperarPorLogin(@PathVariable("login") String login) { return usuarioService.recuperarPorLogin(login).orElseThrow(RuntimeException::new); } - @GetMapping - public List listarUsuarios() { - return usuarioService.listarUsuarios(); - } - - @PostMapping - public ResponseEntity salvarUsuario(@RequestBody @Valid Usuario usuario) { - try { - usuario = usuarioService.salvarUsuario(usuario); - } catch(UsuarioException e) { - return ResponseEntity.badRequest().header("erro", e.getMessage()).build(); - } - return ResponseEntity.ok(usuario); - } - - @PutMapping - public Usuario atualizarUsuario(@RequestBody @Valid Usuario usuario) { - return usuarioService.atualizarUsuario(usuario); - } - - @DeleteMapping("/{id}") - public void removerUsuario(@PathVariable("id") Long id) { - usuarioService.removerUsuario(id); - } + @GetMapping + public List listarUsuarios(){ + return usuarioService.listarUsuarios(); + } + + @PostMapping + public ResponseEntity adicionarUsuario(@RequestBody @Valid Usuario usuario){ + try { + usuario = usuarioService.salvarUsuario(usuario); + } catch (Exception e) { + return ResponseEntity.badRequest().header("erro",e.getMessage()).build(); + } + return ResponseEntity.ok(usuario); + } + + @PutMapping + public Usuario editarUsuario(@RequestBody @Valid Usuario usuario) { + return usuarioService.atualizarUsuario(usuario); + } + + @DeleteMapping("/{id}") + public void excluirUsuario(@PathVariable("id") Long id) { + usuarioService.removerUsuario(id); + } } diff --git a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/domain/Usuario.java b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/domain/Usuario.java index ad72737..c6d56c0 100644 --- a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/domain/Usuario.java +++ b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/domain/Usuario.java @@ -6,6 +6,8 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; +import com.fasterxml.jackson.annotation.JsonIgnore; + import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.GeneratedValue; @@ -35,7 +37,7 @@ public class Usuario implements UserDetails { @NotNull private String nome; - @Min(18) + @Min(10) @Max(100) private Integer idade; @@ -52,37 +54,49 @@ public class Usuario implements UserDetails { private LocalDateTime dataCadastro; + public Usuario(String login, String senha) { + this.login=login; + this.senha=senha; + } + @Override + @JsonIgnore public Collection getAuthorities() { return Collections.singleton(new SimpleGrantedAuthority("ROLE_ADMIN")); } @Override + @JsonIgnore public String getPassword() { return senha; } @Override + @JsonIgnore public String getUsername() { return login; } @Override + @JsonIgnore public boolean isAccountNonExpired() { return true; } @Override + @JsonIgnore public boolean isAccountNonLocked() { return true; } @Override + @JsonIgnore public boolean isCredentialsNonExpired() { return true; } @Override + @JsonIgnore public boolean isEnabled() { return true; } diff --git a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/domain/dtos/LoginDto.java b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/domain/dtos/LoginDto.java new file mode 100644 index 0000000..ec5c898 --- /dev/null +++ b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/domain/dtos/LoginDto.java @@ -0,0 +1,10 @@ +package br.com.ifpb.pweb2.securitydemo.domain.dtos; + +import lombok.Data; + +@Data +public class LoginDto { + + private String login; + private String senha; +} diff --git a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/service/UsuarioService.java b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/service/UsuarioService.java index 08636e1..6a56ec3 100644 --- a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/service/UsuarioService.java +++ b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/service/UsuarioService.java @@ -45,6 +45,10 @@ public void salvarLog() { log.info("Usuário salvo"); } + public Optional recuperarPorId(Long id){ + return this.usuarioRepository.findById(id); + } + public void removerUsuario(Long id) { this.usuarioRepository.deleteById(id); } @@ -58,7 +62,12 @@ public Optional recuperarPorNomeEIdade(String nome, Integer idade) { } public Usuario atualizarUsuario(Usuario usuario) { + usuario.setSenha(passwordEncoder.encode(usuario.getPassword())); return this.usuarioRepository.save(usuario); } + public boolean IsVazio(){ + return usuarioRepository.findAll().isEmpty(); + } + } diff --git a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/service/auth/UserDetailsServiceImpl.java b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/service/auth/UserDetailsServiceImpl.java index 00a1db8..45a61e3 100644 --- a/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/service/auth/UserDetailsServiceImpl.java +++ b/exemplos/02-seguranca/src/main/java/br/com/ifpb/pweb2/securitydemo/service/auth/UserDetailsServiceImpl.java @@ -1,9 +1,12 @@ package br.com.ifpb.pweb2.securitydemo.service.auth; +import br.com.ifpb.pweb2.securitydemo.config.ApplicationConfig; +import br.com.ifpb.pweb2.securitydemo.domain.Usuario; import br.com.ifpb.pweb2.securitydemo.repository.UsuarioRepository; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; @Service("userDetailsService") @@ -11,12 +14,21 @@ public class UserDetailsServiceImpl implements UserDetailsService { private final UsuarioRepository usuarioRepository; - public UserDetailsServiceImpl(UsuarioRepository usuarioRepository) { + private ApplicationConfig applicationConfig; + + private PasswordEncoder passwordEncoder; + + public UserDetailsServiceImpl(UsuarioRepository usuarioRepository, ApplicationConfig applicationConfig, PasswordEncoder passwordEncoder) { this.usuarioRepository = usuarioRepository; + this.applicationConfig = applicationConfig; + this.passwordEncoder = passwordEncoder; } @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { + if(username.equals(applicationConfig.getAutenticacaoPadrao().getLogin())){ + return new Usuario(this.applicationConfig.getAutenticacaoPadrao().getLogin(), passwordEncoder.encode(this.applicationConfig.getAutenticacaoPadrao().getSenha())); + } return usuarioRepository.findByLogin(username).orElseThrow( () -> new UsernameNotFoundException(username)); } } diff --git a/exemplos/02-seguranca/src/main/resources/application-dev.yaml b/exemplos/02-seguranca/src/main/resources/application-dev.yaml index 05c263f..d951b4b 100644 --- a/exemplos/02-seguranca/src/main/resources/application-dev.yaml +++ b/exemplos/02-seguranca/src/main/resources/application-dev.yaml @@ -2,7 +2,7 @@ spring: datasource: url: jdbc:postgresql://localhost:5432/pweb2 username: postgres - password: secret + password: postgres driver-class-name: org.postgresql.Driver jpa: hibernate: diff --git a/exemplos/02-seguranca/src/main/resources/application.yaml b/exemplos/02-seguranca/src/main/resources/application.yaml index c5af4b7..40d7437 100644 --- a/exemplos/02-seguranca/src/main/resources/application.yaml +++ b/exemplos/02-seguranca/src/main/resources/application.yaml @@ -10,4 +10,13 @@ app: login: diego senha: 123 papel: ADMIN - tipoAutenticacao: BANCO \ No newline at end of file + tipoAutenticacao: BANCO + +security: + authLoginUrl: /login + tokenType: JWT + issuer: ifpb + audience: pweb2 + expiration: 3600000 + secret: n2r5u8x/A%D*G-KaPdSgVkYp3s6v9y$B&E(H+MbQeThWmZq4t7w!z%C*F-J@NcRf + ## Use: https://www.allkeysgenerator.com/ para gerar o segredo \ No newline at end of file diff --git a/exemplos/02-seguranca/src/test/java/br/com/ifpb/pweb2/securitydemo/BcryptEncoder.java b/exemplos/02-seguranca/src/test/java/br/com/ifpb/pweb2/securitydemo/BcryptEncoder.java index 66019e5..274afa5 100644 --- a/exemplos/02-seguranca/src/test/java/br/com/ifpb/pweb2/securitydemo/BcryptEncoder.java +++ b/exemplos/02-seguranca/src/test/java/br/com/ifpb/pweb2/securitydemo/BcryptEncoder.java @@ -18,7 +18,7 @@ public class BcryptEncoder { @Test public void gerarSenha() { - String senha = "1234"; + String senha = "123"; String hash = this.passwordEncoder.encode(senha); log.info("SENHA = "); log.info(hash); diff --git a/exemplos/02-seguranca/src/test/resources/application.yaml b/exemplos/02-seguranca/src/test/resources/application.yaml index 9d4b173..cd755dc 100644 --- a/exemplos/02-seguranca/src/test/resources/application.yaml +++ b/exemplos/02-seguranca/src/test/resources/application.yaml @@ -7,11 +7,11 @@ app: spring: datasource: - url: jdbc:postgresql://localhost:5432/pweb2-teste + url: jdbc:postgresql://localhost:5432/pweb2 username: postgres - password: secret + password: postgres driver-class-name: org.postgresql.Driver jpa: hibernate: - ddl-auto: create-drop + ddl-auto: update database: postgresql \ No newline at end of file