Projekt

Obecné

Profil

« Předchozí | Další » 

Revize 3584b0c8

Přidáno uživatelem Václav Hrabík před asi 2 roky(ů)

#10399 vyřešen problém s dvojím voláním filteru při requestu

Zobrazit rozdíly:

src/main/java/cz/zcu/fav/kiv/antipatterndetectionapp/v2/security/JwtAuthenticationFilter.java
33 33 

  		




  34
  34
  
    
        String authorizationHeader = request.getHeader("Authorization");


  		




  35
  35
  
    
        if (authorizationHeader == null || !authorizationHeader.startsWith("Bearer ")) {


  		




  36
  
  
    
            chain.doFilter(request, response);


  		




  
  36
  
    
//            chain.doFilter(request, response);


  		




  
  37
  
    
            SecurityContextHolder.clearContext();


  		




  
  38
  
    
            response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);


  		




  
  39
  
    
            response.getOutputStream().println("{\"error\" : \"Some other error related to jwt token!\"}");


  		




  37
  40
  
    
            return;


  		




  38
  41
  
    
        }


  		




  
  42
  
    
        System.out.println("<------------------------tady jsem------------------------->");


  		




  39
  43
  
    

  		




  40
  44
  
    
        try {


  		




  41
  45
  
    
            String token = authorizationHeader.replace("Bearer ", "");


  		




  42
  46
  
    
            ResponseEntity<String> responseEntity = oAuthService.authenticate(token);


  		




  43
  47
  
    

  		




  44
  
  
    

  		




  45
  
  
    

  		




  46
  48
  
    
            UserDetails userDetails = User.builder()


  		




  47
  49
  
    
                        .username(responseEntity.getBody())


  		




  48
  50
  
    
                        .password("")


  		




  ......




  71
  73
  
    
    @Override


  		




  72
  74
  
    
    protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {


  		




  73
  75
  
    
            String path = request.getRequestURI().substring(request.getContextPath().length());


  		




  74
  
  
    
        return path.startsWith("/v2/user/");


  		




  
  76
  
    
        return path.startsWith("/v2/user/login") || path.startsWith("/v2/user/register");


  		




  75
  77
  
    
    }


  		




  76
  78
  
    
}


  		




  77
  79
  
    

  		












  

    
      src/main/java/cz/zcu/fav/kiv/antipatterndetectionapp/v2/security/WebSecurityConfig.java
    
  





  2
  2
  
    

  		




  3
  3
  
    
import cz.zcu.fav.kiv.antipatterndetectionapp.v2.service.AuthProvider;


  		




  4
  4
  
    
import cz.zcu.fav.kiv.antipatterndetectionapp.v2.service.OAuthService;


  		




  5
  
  
    
import cz.zcu.fav.kiv.antipatterndetectionapp.v2.service.OAuthServiceImpl;


  		




  6
  5
  
    
import org.springframework.beans.factory.annotation.Autowired;


  		




  7
  
  
    
import org.springframework.boot.web.client.RestTemplateBuilder;


  		




  
  6
  
    
import org.springframework.boot.web.servlet.FilterRegistrationBean;


  		




  8
  7
  
    
import org.springframework.context.annotation.Bean;


  		




  9
  8
  
    
import org.springframework.context.annotation.Configuration;


  		




  10
  
  
    
import org.springframework.http.HttpStatus;


  		




  11
  9
  
    
import org.springframework.security.authentication.AuthenticationManager;


  		




  12
  10
  
    
import org.springframework.security.authentication.AuthenticationProvider;


  		




  13
  11
  
    
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;


  		




  ......




  16
  14
  
    
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


  		




  17
  15
  
    
import org.springframework.security.config.http.SessionCreationPolicy;


  		




  18
  16
  
    
import org.springframework.security.core.userdetails.UserDetailsService;


  		




  19
  
  
    
import org.springframework.security.web.authentication.HttpStatusEntryPoint;


  		




  20
  
  
    
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;


  		




  21
  17
  
    
import org.springframework.web.client.RestTemplate;


  		




  22
  18
  
    

  		




  23
  19
  
    
@Configuration


  		




  ......




  27
  23
  
    
    @Autowired


  		




  28
  24
  
    
    private UserDetailsService userService;


  		




  29
  25
  
    

  		




  
  26
  
    
    @Autowired


  		




  
  27
  
    
    private JwtAuthenticationFilter jwtAuthenticationFilter;


  		




  
  28
  
    

  		




  30
  29
  
    
    @Autowired


  		




  31
  30
  
    
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {


  		




  32
  31
  
    
        auth.userDetailsService(userService);


  		




  ......




  47
  46
  
    
        return super.userDetailsService();


  		




  48
  47
  
    
    }


  		




  49
  48
  
    

  		




  50
  
  
    
//    @Bean


  		




  51
  
  
    
//    public JwtAuthenticationFilter jwtAuthenticationFilter(OAuthService oAuthService) {


  		




  52
  
  
    
//        return new JwtAuthenticationFilter(oAuthService);


  		




  53
  
  
    
//    }


  		




  
  49
  
    
    @Bean


  		




  
  50
  
    
    public FilterRegistrationBean filterRegistrationBean(OAuthService oAuthService) {


  		




  
  51
  
    
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();


  		




  
  52
  
    
        filterRegistrationBean.setFilter(jwtAuthenticationFilter);


  		




  
  53
  
    
        return filterRegistrationBean;


  		




  
  54
  
    
    }


  		




  54
  55
  
    

  		




  55
  56
  
    
    @Override


  		




  56
  57
  
    
    @Bean


  		




  ......




  69
  70
  
    
                .and()


  		




  70
  71
  
    
                .sessionManagement()


  		




  71
  72
  
    
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)


  		




  72
  
  
    
                .and()


  		




  73
  
  
    
                .addFilterBefore(new JwtAuthenticationFilter(new OAuthServiceImpl()), UsernamePasswordAuthenticationFilter.class);


  		




  
  73
  
    
                .and();


  		




  74
  74
  
    
    }


  		




  75
  75
  
    

  		




  76
  76
  
    
}


  		












  

    
      src/test/java/cz/zcu/fav/kiv/antipatterndetectionapp/v2/service/OAuthServiceImplTest.java
    
  





  29
  29
  
    
    @Autowired


  		




  30
  30
  
    
    private OAuthService oAuthService;


  		




  31
  31
  
    

  		




  32
  
  
    

  		




  33
  32
  
    
    /**


  		




  34
  33
  
    
     * Mocked User


  		




  35
  34
  
    
     */


  		












Také k dispozici:  Unified diff