Merge pull request 'Established Spring boot security' (!10) from 384_chris_include_spring_boot_security into main
Reviewed-on: binarygolem/stktrk#10 Reviewed-by: rasmus <rasmus.neikes@gmail.com>
This commit is contained in:
commit
371ba904e2
4
pom.xml
4
pom.xml
@ -99,6 +99,10 @@
|
|||||||
<artifactId>spring-rabbit-test</artifactId>
|
<artifactId>spring-rabbit-test</artifactId>
|
||||||
<scope>test</scope>
|
<scope>test</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.boot</groupId>
|
||||||
|
<artifactId>spring-boot-starter-security</artifactId>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.testcontainers</groupId>
|
<groupId>org.testcontainers</groupId>
|
||||||
<artifactId>junit-jupiter</artifactId>
|
<artifactId>junit-jupiter</artifactId>
|
||||||
|
|||||||
51
src/main/java/com/stktrk/app/BasicConfiguration.java
Normal file
51
src/main/java/com/stktrk/app/BasicConfiguration.java
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
package com.stktrk.app;
|
||||||
|
|
||||||
|
import jakarta.annotation.Nonnull;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.security.config.Customizer;
|
||||||
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
|
import org.springframework.security.core.userdetails.User;
|
||||||
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
|
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
|
||||||
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||||
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Code was copied from <a href="https://www.baeldung.com/spring-boot-security-autoconfiguration">here</a>
|
||||||
|
*/
|
||||||
|
@Configuration
|
||||||
|
@EnableWebSecurity
|
||||||
|
public class BasicConfiguration {
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
@Nonnull
|
||||||
|
public InMemoryUserDetailsManager userDetailsService(@Nonnull PasswordEncoder passwordEncoder) {
|
||||||
|
UserDetails user = User.withUsername("Rasmus")
|
||||||
|
.password(passwordEncoder.encode("password"))
|
||||||
|
.roles("USER")
|
||||||
|
.build();
|
||||||
|
UserDetails admin = User.withUsername("Christian")
|
||||||
|
.password(passwordEncoder.encode("password"))
|
||||||
|
.roles("USER", "ADMIN")
|
||||||
|
.build();
|
||||||
|
return new InMemoryUserDetailsManager(user, admin);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
@Nonnull
|
||||||
|
public SecurityFilterChain filterChain(@Nonnull HttpSecurity http) throws Exception {
|
||||||
|
return http.authorizeHttpRequests(request -> request.anyRequest()
|
||||||
|
.authenticated())
|
||||||
|
.httpBasic(Customizer.withDefaults())
|
||||||
|
.build();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
@Nonnull
|
||||||
|
public PasswordEncoder passwordEncoder() {
|
||||||
|
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -9,10 +9,14 @@ import lombok.AllArgsConstructor;
|
|||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
import org.springframework.http.ResponseEntity;
|
import org.springframework.http.ResponseEntity;
|
||||||
|
import org.springframework.security.access.annotation.Secured;
|
||||||
|
import org.springframework.security.access.prepost.PreAuthorize;
|
||||||
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.validation.FieldError;
|
import org.springframework.validation.FieldError;
|
||||||
import org.springframework.web.bind.MethodArgumentNotValidException;
|
import org.springframework.web.bind.MethodArgumentNotValidException;
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
|
|
||||||
|
import javax.annotation.security.RolesAllowed;
|
||||||
import java.security.InvalidKeyException;
|
import java.security.InvalidKeyException;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
@ -27,11 +31,10 @@ public class ProfileController {
|
|||||||
@Nonnull
|
@Nonnull
|
||||||
private final ProfileService profileService;
|
private final ProfileService profileService;
|
||||||
|
|
||||||
|
|
||||||
// TODO figure out how to handle the exception.
|
// TODO figure out how to handle the exception.
|
||||||
@Nonnull
|
@Nonnull
|
||||||
@GetMapping("/")
|
@GetMapping("/")
|
||||||
public List<?> findAll() {
|
public List<?> findAll(@Nonnull Authentication authentication) {
|
||||||
return profileService.findAll();
|
return profileService.findAll();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -57,7 +60,6 @@ public class ProfileController {
|
|||||||
.body("Created Profile");
|
.body("Created Profile");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ResponseStatus(HttpStatus.BAD_REQUEST)
|
@ResponseStatus(HttpStatus.BAD_REQUEST)
|
||||||
@ExceptionHandler(MethodArgumentNotValidException.class)
|
@ExceptionHandler(MethodArgumentNotValidException.class)
|
||||||
@Nonnull
|
@Nonnull
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user