Scaffold for JWT implementation

jultty · Sep 23, 2024 · 2c6ad67 · 2c6ad67
1 parent 3e6f946
commit 2c6ad67
Show file tree

Hide file tree

Showing 6 changed files with 65 additions and 3 deletions.
diff --git a/build.gradle b/build.gradle
@@ -37,6 +37,8 @@ dependencies {
   implementation 'org.bouncycastle:bcprov-jdk15on:1.69'
   implementation 'commons-io:commons-io:2.15.1'
   implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.2.0'
+  implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
+  implementation 'io.jsonwebtoken:jjwt-jackson:0.11.5'
   testImplementation 'org.springframework.boot:spring-boot-starter-test'
   testImplementation 'org.springframework.boot:spring-boot-starter-web'
   testImplementation 'org.springframework.boot:spring-boot-starter-security'
@@ -45,6 +47,7 @@ dependencies {
   testImplementation 'de.elnarion.util:plantuml-generator-util:2.4.1'
   testImplementation group: 'com.credibledoc', name: 'plantuml-core', version: '1.0.51'
   runtimeOnly 'com.h2database:h2'
+  runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.11.5'
   umlDoclet "nl.talsmasoftware:umldoclet:2.1.1"
   asciidoctorExt "org.springframework.restdocs:spring-restdocs-asciidoctor:${spring_docs_version}"
 }

diff --git a/src/main/java/mirante/api/security/ERole.java b/src/main/java/mirante/api/security/ERole.java
@@ -0,0 +1,6 @@
+package mirante.api.security;
+
+public enum ERole {
+  ROLE_USER,
+  ROLE_ADMIN,
+}
diff --git a/src/main/java/mirante/api/security/Role.java b/src/main/java/mirante/api/security/Role.java
@@ -0,0 +1,37 @@
+package mirante.api.security;
+
+import jakarta.persistence.*;
+
+@Entity
+@Table(name = "roles")
+public class Role {
+  @Id
+  @GeneratedValue(strategy = GenerationType.IDENTITY)
+  private Integer id;
+
+  @Enumerated(EnumType.STRING)
+  @Column(length = 20)
+  private ERole name;
+
+  public Role() {}
+
+  public Role(ERole name) {
+    this.name = name;
+  }
+
+  public Integer getId() {
+    return id;
+  }
+
+  public void setId(Integer id) {
+    this.id = id;
+  }
+
+  public ERole getName() {
+    return name;
+  }
+
+  public void setName(ERole name) {
+    this.name = name;
+  }
+}
diff --git a/src/main/java/mirante/api/security/RoleRepository.java b/src/main/java/mirante/api/security/RoleRepository.java
@@ -0,0 +1,11 @@
+package mirante.api.security;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import java.util.Optional;
+
+@Repository
+public interface RoleRepository extends JpaRepository<Role, Long> {
+  Optional<Role> findByName(ERole name);
+}
diff --git a/src/main/java/mirante/api/security/SecurityConfiguration.java b/src/main/java/mirante/api/security/SecurityConfiguration.java
@@ -24,9 +24,13 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
       .csrf(csrf -> csrf.ignoringRequestMatchers("/auth/**"))
       .securityContext(context -> context.securityContextRepository(
           new RequestAttributeSecurityContextRepository())
-      ).authorizeHttpRequests(authorize -> authorize
-      .requestMatchers("/version", "/auth/**", "/api-docs/**").permitAll()
-      .anyRequest().authenticated()
+      ).authorizeHttpRequests(request -> request
+                .requestMatchers("/version", "/auth/**", "/api-docs/**")
+                .permitAll()
+                .anyRequest().authenticated()
+
+      // .addFilter(new JwtAuthenticationFilter(authenticationManager(), jwtUtil))
+      // .addFilter(new JwtAuthorizationFilter(authenticationManager(), jwtUtil, userDetailsService));
     );
 
     return http.build();

diff --git a/src/test/hurl/v0.3.0/03-auth.hurl b/src/test/hurl/v0.3.0/03-auth.hurl
@@ -15,4 +15,5 @@ HTTP 403
 
 # account endpoint returns 200 if authenticated
 GET http://localhost:8889/account
+Authorization: Basic {{token}}
 HTTP 200