TusharJavaDev
diff --git a/‎authentication/authentication-commons-jwt/pom.xml‎
Lines changed: 30 additions & 0 deletions b/‎authentication/authentication-commons-jwt/pom.xml‎
Lines changed: 30 additions & 0 deletions
diff --git a/‎authentication/authentication-commons-jwt/src/main/java/com/fd/tryout/security/jwt/JwtAuthenticationConfig.java‎
Lines changed: 31 additions & 0 deletions b/‎authentication/authentication-commons-jwt/src/main/java/com/fd/tryout/security/jwt/JwtAuthenticationConfig.java‎
Lines changed: 31 additions & 0 deletions
diff --git a/‎authentication/authentication-commons-jwt/src/main/java/com/fd/tryout/security/jwt/JwtTokenAuthenticationFilter.java‎
Lines changed: 54 additions & 0 deletions b/‎authentication/authentication-commons-jwt/src/main/java/com/fd/tryout/security/jwt/JwtTokenAuthenticationFilter.java‎
Lines changed: 54 additions & 0 deletions
diff --git a/‎authentication/authentication-commons-jwt/src/main/java/com/fd/tryout/security/jwt/JwtUsernamePasswordAuthenticationFilter.java‎
Lines changed: 67 additions & 0 deletions b/‎authentication/authentication-commons-jwt/src/main/java/com/fd/tryout/security/jwt/JwtUsernamePasswordAuthenticationFilter.java‎
Lines changed: 67 additions & 0 deletions
diff --git a/‎authentication/authentication-commons-jwt/src/main/java/com/fd/tryout/security/jwt/User.java‎
Lines changed: 13 additions & 0 deletions b/‎authentication/authentication-commons-jwt/src/main/java/com/fd/tryout/security/jwt/User.java‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎authentication/authentication-commons-jwt/src/main/resources/jwt.properties‎
Lines changed: 5 additions & 0 deletions b/‎authentication/authentication-commons-jwt/src/main/resources/jwt.properties‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎stateless-auth/stateless-auth-dto/pom.xml‎ ‎…ntication/authentication-commons/pom.xml‎stateless-auth/stateless-auth-dto/pom.xml renamed to authentication/authentication-commons/pom.xml
Lines changed: 13 additions & 1 deletion b/‎stateless-auth/stateless-auth-dto/pom.xml‎ ‎…ntication/authentication-commons/pom.xml‎stateless-auth/stateless-auth-dto/pom.xml renamed to authentication/authentication-commons/pom.xml
Lines changed: 13 additions & 1 deletion
diff --git a/‎authentication/authentication-commons/src/main/java/com/fd/tryout/model/Customer.java‎
Lines changed: 24 additions & 0 deletions b/‎authentication/authentication-commons/src/main/java/com/fd/tryout/model/Customer.java‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎…n/security/DbAuthenticationProvider.java‎ ‎…t/security/DbAuthenticationProvider.java‎stateless-auth/spring-session-auth/src/main/java/com/fd/tryout/security/springsession/security/DbAuthenticationProvider.java renamed to authentication/authentication-commons/src/main/java/com/fd/tryout/security/DbAuthenticationProvider.java
Lines changed: 4 additions & 4 deletions b/‎…n/security/DbAuthenticationProvider.java‎ ‎…t/security/DbAuthenticationProvider.java‎stateless-auth/spring-session-auth/src/main/java/com/fd/tryout/security/springsession/security/DbAuthenticationProvider.java renamed to authentication/authentication-commons/src/main/java/com/fd/tryout/security/DbAuthenticationProvider.java
Lines changed: 4 additions & 4 deletions
diff --git a/‎authentication/authentication-db/pom.xml‎
Lines changed: 65 additions & 0 deletions b/‎authentication/authentication-db/pom.xml‎
Lines changed: 65 additions & 0 deletions
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>stateless-auth</artifactId>
+        <groupId>com.fd</groupId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>authentication-commons-jwt</artifactId>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt</artifactId>
+        </dependency>
+    </dependencies>
+</project>
@@ -0,0 +1,31 @@
+package com.fd.tryout.security.jwt;
+
+import lombok.Getter;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;
+
+/**
+ * @author fdanismaz
+ * date: 10/20/18 3:52 PM
+ */
+@Getter
+@Configuration
+@PropertySource("jwt.properties")
+public class JwtAuthenticationConfig {
+
+    @Value("${com.fd.security.jwt.url:/login}")
+    private String url;
+
+    @Value("${com.fd.security.jwt.header:Authorization}")
+    private String header;
+
+    @Value("${com.fd.security.jwt.prefix:Bearer}")
+    private String prefix;
+
+    @Value("${com.fd.security.jwt.expiration:#{24*60*60}}")
+    private int expiration; // default 24 hours
+
+    @Value("${com.fd.security.jwt.secret}")
+    private String secret;
+}
@@ -0,0 +1,54 @@
+package com.fd.tryout.security.jwt;
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import lombok.extern.slf4j.Slf4j;
+import lombok.var;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.List;
+import java.util.stream.Collectors;
+
+/**
+ * @author fdanismaz
+ * date: 10/20/18 4:00 PM
+ */
+@Slf4j
+public class JwtTokenAuthenticationFilter extends OncePerRequestFilter {
+
+    private JwtAuthenticationConfig config;
+
+    public JwtTokenAuthenticationFilter(JwtAuthenticationConfig config) {
+        this.config = config;
+    }
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+        String token = request.getHeader(config.getHeader());
+        if (token != null && token.startsWith(config.getPrefix() + " ")) {
+            token = token.replace(config.getPrefix() + " ", "");
+            try {
+                Claims claims = Jwts.parser().setSigningKey(config.getSecret().getBytes()).parseClaimsJws(token).getBody();
+                String username = claims.getSubject();
+                List<String> authorities = claims.get("authorities", List.class);
+                if (username != null) {
+                    var grantedAuthorities = authorities.stream().map(SimpleGrantedAuthority::new).collect(Collectors.toList());
+                    var auth = new UsernamePasswordAuthenticationToken(username, null, grantedAuthorities);
+                    SecurityContextHolder.getContext().setAuthentication(auth);
+                }
+            } catch (Exception e) {
+                log.error(e.getMessage());
+                SecurityContextHolder.clearContext();
+            }
+        }
+        filterChain.doFilter(request, response);
+    }
+}
@@ -0,0 +1,67 @@
+package com.fd.tryout.security.jwt;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import lombok.var;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+
+import javax.servlet.FilterChain;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.time.Instant;
+import java.util.Collections;
+import java.util.Date;
+import java.util.List;
+import java.util.stream.Collectors;
+
+/**
+ * @author fdanismaz
+ * date: 10/20/18 4:33 PM
+ */
+public class JwtUsernamePasswordAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
+
+    private final JwtAuthenticationConfig config;
+    private final ObjectMapper mapper;
+
+    public JwtUsernamePasswordAuthenticationFilter(JwtAuthenticationConfig config,
+                                                   AuthenticationManager authenticationManager) {
+        super(new AntPathRequestMatcher(config.getUrl(), "POST"));
+        this.setAuthenticationManager(authenticationManager);
+        this.config = config;
+        this.mapper = new ObjectMapper();
+    }
+
+    @Override
+    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
+            throws AuthenticationException, IOException {
+
+        User user = this.mapper.readValue(request.getInputStream(), User.class);
+        var authenticationToken =
+                new UsernamePasswordAuthenticationToken(user.getUsername(), user.getPassword(), Collections.emptyList());
+        return this.getAuthenticationManager().authenticate(authenticationToken);
+    }
+
+    @Override
+    protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
+                                            FilterChain chain, Authentication auth) {
+        Instant now = Instant.now();
+        List<String> authorities = auth.getAuthorities().stream().map(GrantedAuthority::getAuthority)
+                .collect(Collectors.toList());
+        String token = Jwts.builder()
+                .setSubject(auth.getName())
+                .claim("authorities", authorities)
+                .setIssuedAt(Date.from(now))
+                .setExpiration(Date.from(now.plusSeconds(config.getExpiration())))
+                .signWith(SignatureAlgorithm.HS256, config.getSecret().getBytes())
+                .compact();
+        response.addHeader(config.getHeader(), config.getPrefix() + " " + token);
+    }
+}
@@ -0,0 +1,13 @@
+package com.fd.tryout.security.jwt;
+
+import lombok.Data;
+
+/**
+ * @author fdanismaz
+ * date: 10/21/18 9:56 AM
+ */
+@Data
+public class User {
+    private String username;
+    private String password;
+}
@@ -0,0 +1,5 @@
+com.fd.security.jwt.url=        /login
+com.fd.security.jwt.header=     Authorization
+com.fd.security.jwt.prefix=     Bearer
+com.fd.security.jwt.expiration= #{24*60*60}
+com.fd.security.jwt.secret=     123
@@ -9,7 +9,19 @@
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
-    <artifactId>stateless-auth-dto</artifactId>
+    <artifactId>authentication-commons</artifactId>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>com.fd</groupId>
+            <artifactId>authentication-db</artifactId>
+        </dependency>
+    </dependencies>
 
 
 </project>
@@ -0,0 +1,24 @@
+package com.fd.tryout.model;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.time.LocalDate;
+
+/**
+ * @author fdanismaz
+ * date: 10/7/18 12:42 PM
+ */
+@Data
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class Customer {
+
+    private String id;
+    private String name;
+    private String company;
+    private LocalDate birthdate;
+}
@@ -1,8 +1,8 @@
-package com.fd.tryout.security.springsession.security;
+package com.fd.tryout.security;
 
-import com.fd.tryout.security.springsession.entity.UserEntity;
-import com.fd.tryout.security.springsession.repository.user.UserRepository;
-import com.fd.tryout.security.springsession.repository.user.UserSpecifications;
+import com.fd.tryout.security.entity.UserEntity;
+import com.fd.tryout.security.repository.user.UserRepository;
+import com.fd.tryout.security.repository.user.UserSpecifications;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>stateless-auth</artifactId>
+        <groupId>com.fd</groupId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>authentication-db</artifactId>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-jpa</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>org.hibernate</groupId>
+            <artifactId>hibernate-c3p0</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>javax.xml.bind</groupId>
+            <artifactId>jaxb-api</artifactId>
+            <version>${jaxb.version}</version>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <!-- Hibernate Type Safe metamodel -->
+            <plugin>
+                <groupId>org.bsc.maven</groupId>
+                <artifactId>maven-processor-plugin</artifactId>
+                <version>${maven.plugin.processor.version}</version>
+                <executions>
+                    <execution>
+                        <id>process</id>
+                        <goals>
+                            <goal>process</goal>
+                        </goals>
+                        <phase>generate-sources</phase>
+                        <configuration>
+                            <processors>
+                                <processor>org.hibernate.jpamodelgen.JPAMetaModelEntityProcessor</processor>
+                            </processors>
+                            <outputDirectory>target/generated-sources/annotations</outputDirectory>
+                        </configuration>
+                    </execution>
+                </executions>
+                <dependencies>
+                    <dependency>
+                        <groupId>org.hibernate</groupId>
+                        <artifactId>hibernate-jpamodelgen</artifactId>
+                        <version>${hibernate.jpamodelgen-version}</version>
+                    </dependency>
+                </dependencies>
+            </plugin>
+        </plugins>
+    </build>
+
+</project>