ASWI - Pokročilé softwarové inženýrství » ASWI 2023 » Vylepšení funkcí a rozhraní frameworku SPADe (Pícha) - PRO_grammers.

import org.springframework.http.*;

import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;

import org.springframework.security.core.Authentication;

import org.springframework.security.core.context.SecurityContextHolder;

import org.springframework.web.client.RestTemplate;

    private OAuthService oAuthService;

    public JwtAuthenticationFilter(OAuthService oAuthService) {

        this.oAuthService = oAuthService;

    }

//    @Override

//    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {

//        System.out.println("------------------DO FILTER INTERNAL---------------------------");

//

//        String authorizationHeader = request.getHeader("Authorization");

//        if(authorizationHeader == null || authorizationHeader.length() < 7) {

//            filterChain.doFilter(request, response);

//            return;

//        }

////        OAuthServiceImpl oAuthService = new OAuthServiceImpl();

//

//        String token = authorizationHeader.substring(7);

//

//        ResponseEntity<String> oAuthResponse =  oAuthService.authenticate(token);

//        response.setContentType("application/json");

//        response.setStatus(oAuthResponse.getStatusCodeValue());

//

//        BufferedWriter out = new BufferedWriter(response.getWriter());

//        out.write(Objects.requireNonNull(oAuthResponse.getBody()));

//        out.flush();

//        out.close();

//

//        filterChain.doFilter(request, response);

//

//    }

//    @Override

//    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)

//            throws ServletException, IOException {

//

//        String authorizationHeader = request.getHeader("Authorization");

//        if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {

//            String token = authorizationHeader.substring(7);

//            try {

//                Authentication authentication = new UsernamePasswordAuthenticationToken(oAuthService.authenticate(token).getBody(), null);

//                SecurityContextHolder.getContext().setAuthentication(authentication);

//            } catch (Exception e) {

//                SecurityContextHolder.clearContext();

//                response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid JWT token");

//            }

//        }

////        String authorizationHeader = request.getHeader("Authorization");

////

////        if(authorizationHeader == null || authorizationHeader.length() < 7) {

////            filterChain.doFilter(request, response);

////            return;

////        }

////

////        RestTemplate restTemplate = new RestTemplate();

////        HttpHeaders headers = new HttpHeaders();

////        headers.setContentType(MediaType.APPLICATION_JSON);

////

////

////        HashMap<String, String> requestBody = new HashMap<>();

////

////        requestBody.put("name", "userName");

////

////        // set the JWT token in the authorization header

////

////        headers.set("Authorization", authorizationHeader);

////        requestBody.put("token", authorizationHeader.substring(7));

////        //

////

////        String json = JSONBuilder.buildJson(requestBody);

////

////        HttpEntity<String> entity = new HttpEntity<>(json, headers);

////        //RequestBuilder.sendRequestResponse("http://localhost:8081/authenticate",token);

////        ResponseEntity<String> responseEntity = restTemplate.exchange("http://localhost:8081/authenticate", HttpMethod.POST, entity, String.class);

////

////        // do something with the response body

////

////        if (responseEntity.getBody().contains("Invalid token")) {

////            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid JWT token");

////

////        } else {

////            return;

//////            Authentication authentication = new UsernamePasswordAuthenticationToken("name", null);

//////            SecurityContextHolder.getContext().setAuthentication(authentication);

////        }

////

//////        filterChain.doFilter(request, response);

//    }

    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)

            throws IOException, ServletException {

        if (authorizationHeader == null || authorizationHeader.length() < 7) {

            chain.doFilter(request, response);

        ResponseEntity<String> responseEntity = oAuthService.authenticate(token);

        if (token != null && responseEntity.getBody().contains("OK")) {

            // Token is valid, proceed with the request

            chain.doFilter(request, response);

        } else {

            // Token is invalid or not present, authenticate the request with external authentication provider

//            HttpHeaders headers = new HttpHeaders();

//            headers.setContentType(MediaType.APPLICATION_JSON);

//            String requestBody = "{\"token\": \"" + token + "\"}";

//            HttpEntity<String> entity = new HttpEntity<>(requestBody, headers);

//

//            ResponseEntity<AuthenticationResponse> authenticationResponseEntity =

//                    restTemplate.postForEntity(AUTHENTICATION_URL, entity, AuthenticationResponse.class);

//

//            if (authenticationResponseEntity.getStatusCode() == HttpStatus.OK

//                    && authenticationResponseEntity.getBody().isAuthenticated()) {

//                // Request is authenticated, proceed with the request

//                chain.doFilter(request, response);

//            } else {

                // Request is not authenticated, set response status to 401 Unauthorized

                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);

//            }

        }

package cz.zcu.fav.kiv.antipatterndetectionapp.v2.security;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

public class OAuth2ResourceServerConfigurer {

    public static void jwt(

            org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer<HttpSecurity>

                    httpSecurityOAuth2ResourceServerConfigurer) {

    }

}

//package cz.zcu.fav.kiv.antipatterndetectionapp.v2.security;

//

//

//import org.springframework.http.ResponseEntity;

//import org.springframework.security.core.Authentication;

//import org.springframework.security.oauth2.core.oidc.user.OidcUser;

//import org.springframework.security.web.authentication.logout.LogoutHandler;

//import org.springframework.stereotype.Component;

//import org.springframework.web.client.RestTemplate;

//import org.springframework.web.util.UriComponentsBuilder;

//

//import javax.servlet.http.HttpServletRequest;

//import javax.servlet.http.HttpServletResponse;

//

//@Component

//public class OAuthSecurityHandler implements LogoutHandler {

////    private static final Logger logger = LoggerFactory.getLogger(OAuthSecurityHandler.class);

//    private final RestTemplate restTemplate;

//

//    public OAuthSecurityHandler(RestTemplate restTemplate) {

//        this.restTemplate = restTemplate;

//    }

//

//    @Override

//    public void logout(HttpServletRequest request, HttpServletResponse response,

//                       Authentication auth) {

//        logoutFromKeycloak((OidcUser) auth.getPrincipal());

//    }

//

//    private void logoutFromKeycloak(OidcUser user) {

//        String endSessionEndpoint = user.getIssuer() + "/protocol/openid-connect/logout";

//        UriComponentsBuilder builder = UriComponentsBuilder

//                .fromUriString(endSessionEndpoint)

//                .queryParam("id_token_hint", user.getIdToken().getTokenValue());

//

//        ResponseEntity<String> logoutResponse = restTemplate.getForEntity(

//                builder.toUriString(), String.class);

////        if (logoutResponse.getStatusCode().is2xxSuccessful()) {

////            logger.info("Successfulley logged out from Keycloak");

////        } else {

////            logger.error("Could not propagate logout to Keycloak");

////        }

//    }

//}

import org.springframework.http.HttpStatus;

import org.springframework.security.web.authentication.HttpStatusEntryPoint;

@EnableWebSecurity(debug = true)

                .csrf().disable()

                .anyRequest().authenticated()

                .and()

                .exceptionHandling()

                .authenticationEntryPoint(new OAuthServiceImpl())

//                .and()

//                .addFilterBefore(new JwtAuthenticationFilter(new OAuthServiceImpl()), UsernamePasswordAuthenticationFilter.class);

//        httpSecurity.addFilterAfter(new JwtAuthenticationFilter(new OAuthServiceImpl()), UsernamePasswordAuthenticationFilter.class);

//        httpSecurity.addFilter(new JwtAuthenticationFilter(new OAuthServiceImpl()));

//    @Value("${auth.realm.authenticate}")

    private String AUTH_URL_AUTH = "http://localhost:8081/authenticate";

//    @Value("${auth.realm.login}")

    private String AUTH_URL_LOGIN = "http://localhost:8081/login";

        headers.set("Authorization", "Bearer " + token);

        ResponseEntity<String> response = restTemplate.postForEntity(url, entity, String.class);

        return response;