Clean up.
This commit is contained in:
Paulo Gustavo Veiga
@@ -18,64 +18,44 @@
|
||||
|
||||
package com.wisemapping.rest;
|
||||
|
||||
import com.wisemapping.exceptions.WiseMappingException;
|
||||
import com.wisemapping.rest.model.RestJwtUser;
|
||||
import com.wisemapping.security.JwtTokenUtil;
|
||||
import com.wisemapping.security.UserDetailsService;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.authentication.DisabledException;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.web.bind.annotation.CrossOrigin;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
@RestController
|
||||
@CrossOrigin
|
||||
@RequestMapping("/api/restful")
|
||||
public class JwtAuthController {
|
||||
|
||||
@Autowired
|
||||
private AuthenticationManager authenticationManager;
|
||||
@Autowired
|
||||
private AuthenticationManager authenticationManager;
|
||||
|
||||
@Autowired
|
||||
private UserDetailsService userDetailsService;
|
||||
@Autowired
|
||||
private JwtTokenUtil jwtTokenUtil;
|
||||
|
||||
@Autowired
|
||||
private JwtTokenUtil jwtTokenUtil;
|
||||
@RequestMapping(value = "/authenticate", method = RequestMethod.POST)
|
||||
public ResponseEntity<String> createAuthenticationToken(@RequestBody RestJwtUser user, @NotNull HttpServletResponse response) throws WiseMappingException {
|
||||
// Is a valid user ?
|
||||
authenticate(user.getEmail(), user.getPassword());
|
||||
final String result = jwtTokenUtil.doLogin(response, user.getEmail());
|
||||
|
||||
@RequestMapping(value = "/authenticate", method = RequestMethod.POST)
|
||||
public ResponseEntity<?> createAuthenticationToken(@RequestBody RestJwtUser user, @NotNull HttpServletResponse response) throws Exception {
|
||||
return ResponseEntity.ok(result);
|
||||
}
|
||||
|
||||
// Is a valid user ?
|
||||
authenticate(user.getEmail(), user.getPassword());
|
||||
|
||||
// Create token ...
|
||||
final UserDetails userDetails = userDetailsService
|
||||
.loadUserByUsername(user.getEmail());
|
||||
|
||||
final String token = jwtTokenUtil.generateJwtToken(userDetails);
|
||||
|
||||
// Add token in the header ...
|
||||
response.addHeader(HttpHeaders.AUTHORIZATION, "Bearer " + token);
|
||||
|
||||
return ResponseEntity.ok(token);
|
||||
}
|
||||
|
||||
private void authenticate(@NotNull String username, @NotNull String password) throws Exception {
|
||||
try {
|
||||
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, password));
|
||||
} catch (DisabledException e) {
|
||||
throw new Exception("USER_DISABLED", e);
|
||||
} catch (BadCredentialsException e) {
|
||||
throw new Exception("INVALID_CREDENTIALS", e);
|
||||
}
|
||||
}
|
||||
private void authenticate(@NotNull String username, @NotNull String password) throws WiseMappingException {
|
||||
try {
|
||||
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, password));
|
||||
} catch (DisabledException | BadCredentialsException e) {
|
||||
throw new WiseMappingException(e.getMessage(), e);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -21,68 +21,60 @@ package com.wisemapping.rest;
|
||||
import com.wisemapping.exceptions.WiseMappingException;
|
||||
import com.wisemapping.model.User;
|
||||
import com.wisemapping.rest.model.RestOath2CallbackResponse;
|
||||
import com.wisemapping.service.*;
|
||||
import com.wisemapping.security.JwtTokenUtil;
|
||||
import com.wisemapping.service.UserService;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpSession;
|
||||
|
||||
|
||||
@RestController
|
||||
@RequestMapping("/api/oauth2/")
|
||||
@CrossOrigin
|
||||
public class OAuth2Controller extends BaseController {
|
||||
@Qualifier("userService")
|
||||
@Autowired
|
||||
private UserService userService;
|
||||
@Qualifier("userService")
|
||||
@Autowired
|
||||
private UserService userService;
|
||||
|
||||
@Qualifier("authenticationManager")
|
||||
@Autowired
|
||||
private AuthenticationManager authManager;
|
||||
@Qualifier("authenticationManager")
|
||||
@Autowired
|
||||
private AuthenticationManager authManager;
|
||||
|
||||
@Value("${google.recaptcha2.enabled}")
|
||||
private Boolean recatchaEnabled;
|
||||
@Autowired
|
||||
private JwtTokenUtil jwtTokenUtil;
|
||||
|
||||
@Value("${accounts.exclusion.domain:''}")
|
||||
private String domainBanExclusion;
|
||||
|
||||
private void doLogin(HttpServletRequest request, String email) {
|
||||
PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(email,null);
|
||||
Authentication auth = authManager.authenticate(token);
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
// update spring mvc session
|
||||
HttpSession session = request.getSession(true);
|
||||
session.setAttribute("SPRING_SECURITY_CONTEXT", SecurityContextHolder.getContext());
|
||||
}
|
||||
@RequestMapping(method = RequestMethod.POST, value = "googlecallback", produces = {"application/json"})
|
||||
@ResponseStatus(value = HttpStatus.OK)
|
||||
public RestOath2CallbackResponse processGoogleCallback(@NotNull @RequestParam String code, @NotNull HttpServletResponse response, @NotNull HttpServletRequest request) throws WiseMappingException {
|
||||
User user = userService.createAndAuthUserFromGoogle(code);
|
||||
if (user.getGoogleSync()) {
|
||||
jwtTokenUtil.doLogin(response, user.getEmail());
|
||||
}
|
||||
|
||||
@RequestMapping(method = RequestMethod.POST, value = "/oauth2/googlecallback", produces = { "application/json" })
|
||||
@ResponseStatus(value = HttpStatus.OK)
|
||||
public RestOath2CallbackResponse processGoogleCallback(@NotNull @RequestParam String code, @NotNull HttpServletRequest request) throws WiseMappingException {
|
||||
User user = userService.createUserFromGoogle(code);
|
||||
if (user.getGoogleSync() != null && user.getGoogleSync()) {
|
||||
doLogin(request, user.getEmail());
|
||||
}
|
||||
RestOath2CallbackResponse response = new RestOath2CallbackResponse();
|
||||
response.setEmail(user.getEmail());
|
||||
response.setGoogleSync(user.getGoogleSync());
|
||||
response.setSyncCode(user.getSyncCode());
|
||||
return response;
|
||||
}
|
||||
// Response ...
|
||||
final RestOath2CallbackResponse result = new RestOath2CallbackResponse();
|
||||
result.setEmail(user.getEmail());
|
||||
result.setGoogleSync(user.getGoogleSync());
|
||||
result.setSyncCode(user.getSyncCode());
|
||||
return result;
|
||||
}
|
||||
|
||||
@RequestMapping(method = RequestMethod.PUT, value = "/oauth2/confirmaccountsync", produces = { "application/json" })
|
||||
@ResponseStatus(value = HttpStatus.OK)
|
||||
public void confirmAccountSync(@NotNull @RequestParam String email, @NotNull @RequestParam String code, @NotNull HttpServletRequest request) throws WiseMappingException {
|
||||
userService.confirmAccountSync(email, code);
|
||||
doLogin(request, email);
|
||||
}
|
||||
@RequestMapping(method = RequestMethod.PUT, value = "confirmaccountsync", produces = {"application/json"})
|
||||
@ResponseStatus(value = HttpStatus.OK)
|
||||
public void confirmAccountSync(@NotNull @RequestParam String email, @NotNull @RequestParam String code, @NotNull HttpServletResponse response) throws WiseMappingException {
|
||||
// Authenticate ...
|
||||
userService.createAndAuthUserFromGoogle(code);
|
||||
|
||||
// Update login
|
||||
userService.confirmAccountSync(email, code);
|
||||
|
||||
// Add header ...
|
||||
jwtTokenUtil.doLogin(response, email);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user