Added security

Author: akashcse

pom.xml

@@ -20,6 +20,10 @@
 	</properties>
 
 	<dependencies>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-webflux</artifactId>
@@ -51,6 +55,23 @@
 			<groupId>org.projectlombok</groupId>
 			<artifactId>lombok</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-api</artifactId>
+			<version>0.10.5</version>
+		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-impl</artifactId>
+			<version>0.10.5</version>
+			<scope>runtime</scope>
+		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-jackson</artifactId>
+			<version>0.10.5</version>
+			<scope>runtime</scope>
+		</dependency>
 	</dependencies>
 
 	<dependencyManagement>

src/main/java/net/java/forest/controller/AuthenticationREST.java

@@ -0,0 +1,56 @@
+package net.java.forest.controller;
+
+
+import net.java.forest.model.Userdata;
+import net.java.forest.security.JWTUtil;
+import net.java.forest.security.PBKDF2Encoder;
+import net.java.forest.security.model.AuthRequest;
+import net.java.forest.security.model.AuthResponse;
+import net.java.forest.service.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.reactive.function.server.ServerRequest;
+import org.springframework.web.reactive.function.server.ServerResponse;
+import reactor.core.publisher.Mono;
+
+import java.awt.print.Book;
+import java.net.URI;
+
+@RestController
+@Validated
+public class AuthenticationREST {
+
+	@Autowired
+	private JWTUtil jwtUtil;
+	
+	@Autowired
+	private PBKDF2Encoder passwordEncoder;
+
+	@Autowired
+	private UserService userService;
+
+	@RequestMapping(value = "/login", method = RequestMethod.POST)
+	public Mono<ResponseEntity<?>> login(@RequestBody AuthRequest ar) {
+		return userService.findByUsername(ar.getUsername()).map((userDetails) -> {
+			if (ar.getPassword().equals(userDetails.getPassword())) {
+			//if (passwordEncoder.encode(ar.getPassword()).equals(userDetails.getPassword())) {
+				return ResponseEntity.ok(new AuthResponse(jwtUtil.generateToken(userDetails)));
+			} else {
+				return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
+			}
+		}).defaultIfEmpty(ResponseEntity.status(HttpStatus.UNAUTHORIZED).build());
+	}
+
+	/*@RequestMapping(value = "/signup", method = RequestMethod.POST)
+	public Mono<ServerResponse> signUp(ServerRequest request) {
+
+
+	}*/
+
+}

src/main/java/net/java/forest/controller/ResourceREST.java

@@ -0,0 +1,39 @@
+package net.java.forest.controller;
+
+import net.java.forest.model.Message;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RestController;
+import reactor.core.publisher.Mono;
+
+import java.security.Principal;
+
+
+@RestController
+public class ResourceREST {
+
+	@RequestMapping(value = "/user", method = RequestMethod.GET)
+	public Mono<ResponseEntity<?>> publicUser(Principal principal) {
+		return Mono.just(ResponseEntity.ok(new Message(principal.toString())));
+	}
+	
+	@RequestMapping(value = "/resource/user", method = RequestMethod.GET)
+	@PreAuthorize("hasRole('USER')")
+	public Mono<ResponseEntity<?>> user(Principal principal) {
+		return Mono.just(ResponseEntity.ok(new Message(principal.toString())));
+	}
+	
+	@RequestMapping(value = "/resource/admin", method = RequestMethod.GET)
+	@PreAuthorize("hasRole('ADMIN')")
+	public Mono<ResponseEntity<?>> admin() {
+		return Mono.just(ResponseEntity.ok(new Message("Content for admin")));
+	}
+	
+	@RequestMapping(value = "/resource/user-or-admin", method = RequestMethod.GET)
+	@PreAuthorize("hasRole('USER') or hasRole('ADMIN')")
+	public Mono<ResponseEntity<?>> userOrAdmin() {
+		return Mono.just(ResponseEntity.ok(new Message("Content for user or admin")));
+	}
+}

src/main/java/net/java/forest/controller/UserController.java

@@ -9,6 +9,8 @@
 import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;
 
+import java.util.Arrays;
+
 @RestController
 public class UserController {
     @Autowired
@@ -21,6 +23,6 @@ public Flux<Userdata> getallUser(){
 
     @RequestMapping(value = "/adduser", method = RequestMethod.GET)
     public Mono<Userdata> addUser(){
-       return  userService.addUpdateUser(new Userdata(null, "Mahade","hassan", "12345", "mahade.hasan68@gmail.com","Bd, Khustia"));
+       return  userService.addUpdateUser(new Userdata(null, "Mahade","hassan", "12345", "mahade.hasan68@gmail.com","Bd, Khustia", Arrays.asList("USER")));
     }
 }

src/main/java/net/java/forest/model/Message.java

@@ -0,0 +1,17 @@
+package net.java.forest.model;
+
+public class Message {
+    private String content;
+
+    public Message(String content) {
+        this.content = content;
+    }
+
+    public String getContent() {
+        return content;
+    }
+
+    public void setContent(String content) {
+        this.content = content;
+    }
+}

src/main/java/net/java/forest/model/Role.java

@@ -0,0 +1,5 @@
+package net.java.forest.model;
+
+public enum Role {
+    ROLE_USER, ROLE_ADMIN
+}

src/main/java/net/java/forest/model/Userdata.java

@@ -1,12 +1,21 @@
 package net.java.forest.model;
 
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
 import org.hibernate.validator.constraints.UniqueElements;
 import org.springframework.data.annotation.Id;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
 
 import javax.validation.constraints.Email;
 import javax.validation.constraints.NotBlank;
+import java.util.Collection;
+import java.util.List;
+import java.util.stream.Collectors;
 
-public class Userdata {
+public class Userdata implements UserDetails {
     @Id
     private Long id;
     @NotBlank(message = "Firstname should not be empty")
@@ -19,14 +28,53 @@ public class Userdata {
     @UniqueElements(message = "Should be unique")
     private String email;
     private String address;
+    @NotBlank(message = "Roles should not be empty")
+    private List<String> roles;
+    private Boolean enabled;
 
-    public Userdata(Long id, String firstName, String lastName, String password, String email, String address) {
+    public Userdata(Long id, String firstName, String lastName, String password, String email, String address, List<String> roles ) {
         this.id = id;
         this.firstName = firstName;
         this.lastName = lastName;
         this.password = password;
         this.email = email;
         this.address = address;
+        this.roles = roles;
+        this.enabled = true;
+    }
+
+    public Userdata(String email, String password, boolean enabled, List<String> asList) {
+        this.enabled = enabled;
+        this.email = email;
+        this.password = password;
+        this.roles = asList;
+    }
+
+    public Userdata() {
+    }
+
+    public Boolean getEnabled() {
+        return enabled;
+    }
+
+    public void setEnabled(Boolean enabled) {
+        this.enabled = enabled;
+    }
+
+    public String getAddress() {
+        return address;
+    }
+
+    public void setAddress(String address) {
+        this.address = address;
+    }
+
+    public List<String> getRoles() {
+        return roles;
+    }
+
+    public void setRoles(List<String> roles) {
+        this.roles = roles;
     }
 
     public Long getId() {
@@ -53,10 +101,45 @@ public void setLastName(String lastName) {
         this.lastName = lastName;
     }
 
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+
+        return this.roles.stream().map(authority -> new SimpleGrantedAuthority(authority)).collect(Collectors.toList());
+    }
+
+    @JsonIgnore
+    @Override
     public String getPassword() {
         return password;
     }
 
+    @Override
+    public String getUsername() {
+        return this.email;
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+        return false;
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+        return false;
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return false;
+    }
+
+    @Override
+    public boolean isEnabled() {
+        return false;
+    }
+
+    @JsonProperty
     public void setPassword(String password) {
         this.password = password;
     }
@@ -69,23 +152,16 @@ public void setEmail(String email) {
         this.email = email;
     }
 
-    public String getAdddress() {
-        return address;
-    }
-
-    public void setAdddress(String adddress) {
-        this.address = adddress;
-    }
-
     @Override
     public String toString() {
-        return "User{" +
+        return "Userdata{" +
                 "id=" + id +
                 ", firstName='" + firstName + '\'' +
                 ", lastName='" + lastName + '\'' +
                 ", password='" + password + '\'' +
                 ", email='" + email + '\'' +
                 ", address='" + address + '\'' +
+                ", roles=" + roles +
                 '}';
     }
 }

src/main/java/net/java/forest/repository/UserRepository.java

@@ -1,11 +1,13 @@
 package net.java.forest.repository;
 
 import net.java.forest.model.Userdata;
+import org.springframework.data.r2dbc.repository.query.Query;
 import org.springframework.data.repository.reactive.ReactiveCrudRepository;
 import org.springframework.stereotype.Repository;
+import reactor.core.publisher.Mono;
 
 @Repository
 public interface UserRepository extends ReactiveCrudRepository<Userdata, Long> {
-    /*@Query("Select * from user where user.email=")
-    Mono<User> findByEmail(String email);*/
+    @Query("select * from userdata where email = :email")
+    Mono<Userdata> findByEmail(String email);
 }

src/main/java/net/java/forest/security/AuthenticationManager.java

@@ -0,0 +1,50 @@
+package net.java.forest.security;
+
+import io.jsonwebtoken.Claims;
+import net.java.forest.model.Role;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.ReactiveAuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.stereotype.Component;
+import reactor.core.publisher.Mono;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.stream.Collectors;
+
+@Component
+public class AuthenticationManager implements ReactiveAuthenticationManager {
+
+	@Autowired
+	private  JWTUtil jwtUtil;
+	
+	@Override
+	@SuppressWarnings("unchecked")
+	public Mono<Authentication> authenticate(Authentication authentication) {
+		String authToken = authentication.getCredentials().toString();
+		
+		String username;
+		try {
+			username = jwtUtil.getUsernameFromToken(authToken);
+		} catch (Exception e) {
+			username = null;
+		}
+		if (username != null && jwtUtil.validateToken(authToken)) {
+			Claims claims = jwtUtil.getAllClaimsFromToken(authToken);
+			List<String> rolesMap = claims.get("role", List.class);
+			List<Role> roles = new ArrayList<>();
+			for (String rolemap : rolesMap) {
+				roles.add(Role.valueOf(rolemap));
+			}
+			UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(
+				username,
+				null,
+				roles.stream().map(authority -> new SimpleGrantedAuthority(authority.name())).collect(Collectors.toList())
+			);
+			return Mono.just(auth);
+		} else {
+			return Mono.empty();
+		}
+	}
+}