Skip to content

Commit 53d6fff

Browse files
committed
Update
1 parent 2fe5d57 commit 53d6fff

File tree

8 files changed

+35
-25
lines changed

8 files changed

+35
-25
lines changed

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
HELP.md
22
/target/
33
database/
4+
not_ready/
45
!.mvn/wrapper/maven-wrapper.jar
56

67
### STS ###

pom.xml

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
<description>Spring Boot Jpa Crud</description>
1616

1717
<properties>
18-
<java.version>11</java.version>
18+
<java.version>1.8</java.version>
1919
</properties>
2020

2121
<dependencies>
@@ -51,11 +51,7 @@
5151
<artifactId>h2</artifactId>
5252
<scope>runtime</scope>
5353
</dependency>
54-
<dependency>
55-
<groupId>mysql</groupId>
56-
<artifactId>mysql-connector-java</artifactId>
57-
<scope>runtime</scope>
58-
</dependency>
54+
5955
<dependency>
6056
<groupId>org.springframework.boot</groupId>
6157
<artifactId>spring-boot-starter-test</artifactId>

src/main/java/com/melardev/spring/securejpacrud/config/JwtAuthEntryPoint.java

Lines changed: 17 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,14 @@
11
package com.melardev.spring.securejpacrud.config;
22

3+
import com.fasterxml.jackson.databind.ObjectMapper;
4+
import com.melardev.spring.securejpacrud.dtos.responses.ErrorResponse;
35
import org.slf4j.Logger;
46
import org.slf4j.LoggerFactory;
7+
import org.springframework.beans.factory.annotation.Autowired;
8+
import org.springframework.http.HttpHeaders;
9+
import org.springframework.http.HttpStatus;
10+
import org.springframework.http.MediaType;
11+
import org.springframework.http.server.ServletServerHttpResponse;
512
import org.springframework.security.core.AuthenticationException;
613
import org.springframework.security.web.AuthenticationEntryPoint;
714
import org.springframework.stereotype.Component;
@@ -14,16 +21,24 @@
1421
@Component
1522
public class JwtAuthEntryPoint implements AuthenticationEntryPoint {
1623

24+
@Autowired
25+
ObjectMapper mapper;
26+
1727
private static final Logger logger = LoggerFactory.getLogger(JwtAuthEntryPoint.class);
1828

1929
@Override
2030
public void commence(HttpServletRequest request,
2131
HttpServletResponse response,
2232
AuthenticationException e)
2333
throws IOException, ServletException {
34+
2435
// Called when the user tries to access an endpoint which requires to be authenticated
25-
// we just return unauthorizaed
36+
// we just return unauthorized, basically when we should send a 401 status code response.
2637
logger.error("Unauthorized error. Message - {}", e.getMessage());
27-
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Error -> Unauthorized");
38+
39+
ServletServerHttpResponse res = new ServletServerHttpResponse(response);
40+
res.setStatusCode(HttpStatus.UNAUTHORIZED);
41+
res.getServletResponse().setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE);
42+
res.getBody().write(mapper.writeValueAsString(new ErrorResponse("You must authenticated")).getBytes());
2843
}
2944
}

src/main/java/com/melardev/spring/securejpacrud/config/JwtProvider.java

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -66,6 +66,10 @@ public String getUserNameFromJwtToken(String token) {
6666
.getBody().getSubject();
6767
}
6868

69+
public String getSubjectFromToken(String token) {
70+
return getClaimFromToken(token, Claims::getSubject);
71+
}
72+
6973
public Date getExpirationDateFromToken(String token) {
7074
return getClaimFromToken(token, Claims::getExpiration);
7175
}
@@ -75,6 +79,7 @@ public <T> T getClaimFromToken(String token, Function<Claims, T> claimsResolver)
7579
return claimsResolver.apply(claims);
7680
}
7781

82+
// To retrieve specific field you can getAllClaimsFromToken().get("username", String.class)
7883
private Claims getAllClaimsFromToken(String token) {
7984
return Jwts.parser()
8085
.setSigningKey(jwtSecret)

src/main/java/com/melardev/spring/securejpacrud/config/SecurityConfig.java

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -15,10 +15,9 @@
1515
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
1616
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
1717
import org.springframework.security.config.http.SessionCreationPolicy;
18-
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
18+
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
19+
import org.springframework.security.crypto.password.PasswordEncoder;
1920
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
20-
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
21-
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
2221

2322
import javax.sql.DataSource;
2423

@@ -64,7 +63,8 @@ protected void configure(HttpSecurity http) throws Exception {
6463
// .antMatchers("/api/auth**", "/api/login**", "**").permitAll()
6564
.anyRequest().permitAll()
6665
.and()
67-
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
66+
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler)
67+
.and()
6868
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
6969

7070

@@ -74,13 +74,14 @@ protected void configure(HttpSecurity http) throws Exception {
7474
http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
7575
}
7676

77+
/*
7778
@Bean
7879
public PersistentTokenRepository persistentTokenRepository() {
7980
JdbcTokenRepositoryImpl db = new JdbcTokenRepositoryImpl();
8081
db.setDataSource(dataSource);
8182
return db;
8283
}
83-
84+
*/
8485

8586
@Bean
8687
public JwtAuthTokenFilter authenticationJwtTokenFilter() {
@@ -96,8 +97,8 @@ public DaoAuthenticationProvider authenticationProvider() {
9697
}
9798

9899
@Bean
99-
public BCryptPasswordEncoder passwordEncoder() {
100-
return new BCryptPasswordEncoder();
100+
public PasswordEncoder passwordEncoder() {
101+
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
101102
}
102103

103104
}

src/main/java/com/melardev/spring/securejpacrud/dtos/responses/TodoDetailsResponse.java

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,6 @@
22

33
import com.melardev.spring.securejpacrud.entities.Todo;
44

5-
import java.time.LocalDateTime;
65
import java.time.ZonedDateTime;
76

87
public class TodoDetailsResponse extends SuccessResponse {

src/main/java/com/melardev/spring/securejpacrud/filters/MyCorsFilter.java renamed to src/main/java/com/melardev/spring/securejpacrud/filters/AppCorsFilter.java

Lines changed: 1 addition & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -7,24 +7,17 @@
77
import java.io.IOException;
88

99
@Component
10-
public class MyCorsFilter implements Filter {
10+
public class AppCorsFilter implements Filter {
1111

1212
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
13-
System.out.println("Filtering on...........................................................");
1413
HttpServletResponse response = (HttpServletResponse) res;
1514
response.setHeader("Access-Control-Allow-Origin", "*");
1615
response.setHeader("Access-Control-Allow-Credentials", "true");
1716
response.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE");
1817
response.setHeader("Access-Control-Max-Age", "3600");
19-
response.setHeader("X-Frame-Options", "sameorigin");
2018
response.setHeader("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, Authorization, Origin, Accept, Access-Control-Request-Method, Access-Control-Request-Headers");
2119

2220
chain.doFilter(req, res);
2321
}
2422

25-
public void init(FilterConfig filterConfig) {
26-
}
27-
28-
public void destroy() {
29-
}
3023
}

src/main/java/com/melardev/spring/securejpacrud/services/UserService.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ public UserService(UsersRepository userRepository) {
2929
@Override
3030
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
3131
Optional<User> user = userRepository.findByUsername(username);
32-
if (user.isEmpty()) {
32+
if (!user.isPresent()) {
3333
throw new UsernameNotFoundException("Invalid username or password.");
3434
}
3535
// User exists, we have to return an Implementation of UserDetails, let's use the default

0 commit comments

Comments
 (0)