├── .gitignore ├── .mvn └── wrapper │ ├── maven-wrapper.jar │ └── maven-wrapper.properties ├── README.md ├── mvnw ├── mvnw.cmd ├── pom.xml └── src ├── main ├── java │ └── cl │ │ └── javadevs │ │ └── springsecurityjwt │ │ ├── SpringSecurityJwtApplication.java │ │ ├── controllers │ │ ├── RestControllerAuth.java │ │ └── RestControllerSmartPhone.java │ │ ├── dtos │ │ ├── DtoAuthRespuesta.java │ │ ├── DtoLogin.java │ │ └── DtoRegistro.java │ │ ├── models │ │ ├── Roles.java │ │ ├── SmartPhone.java │ │ └── Usuarios.java │ │ ├── repositories │ │ ├── IRolesRepository.java │ │ ├── ISmartPhoneRepository.java │ │ └── IUsuariosRepository.java │ │ ├── security │ │ ├── ConstantesSeguridad.java │ │ ├── CustomUsersDetailsService.java │ │ ├── JwtAuthenticationEntryPoint.java │ │ ├── JwtAuthenticationFilter.java │ │ ├── JwtGenerador.java │ │ └── SecurityConfig.java │ │ └── services │ │ └── SmartPhoneService.java └── resources │ └── application.properties └── test └── java └── cl └── javadevs └── springsecurityjwt └── SpringSecurityJwtApplicationTests.java /.gitignore: -------------------------------------------------------------------------------- 1 | HELP.md 2 | target/ 3 | !.mvn/wrapper/maven-wrapper.jar 4 | !**/src/main/**/target/ 5 | !**/src/test/**/target/ 6 | 7 | ### STS ### 8 | .apt_generated 9 | .classpath 10 | .factorypath 11 | .project 12 | .settings 13 | .springBeans 14 | .sts4-cache 15 | 16 | ### IntelliJ IDEA ### 17 | .idea 18 | *.iws 19 | *.iml 20 | *.ipr 21 | 22 | ### NetBeans ### 23 | /nbproject/private/ 24 | /nbbuild/ 25 | /dist/ 26 | /nbdist/ 27 | /.nb-gradle/ 28 | build/ 29 | !**/src/main/**/build/ 30 | !**/src/test/**/build/ 31 | 32 | ### VS Code ### 33 | .vscode/ 34 | -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/LeoOlivaresD/Spring-Security-JWT/5551f379832a56f4d4f3ced0e65002e05aa59738/.mvn/wrapper/maven-wrapper.jar -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # https://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.8.7/apache-maven-3.8.7-bin.zip 18 | wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.1/maven-wrapper-3.1.1.jar 19 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Spring Security 6 + Jwt en Spring Boot 3 2 |

Proyecto realizado en la versión 17 de Java en conjunto a Spring Boot 3, compartiendo todo el proceso en mi canal de youtube con el fin de que otros puedan aprender. 3 |


4 |

En esta ocasión creamos un proyecto sencillo en el cual implementaremos seguridad a tráves de roles de usuarios por medio de spring security y autenticación por medio 5 | de json web token. Permitiendo de esta manera realizar ciertas operaciones CRUD sobre un API REST según determinados roles de autorización para cada usuario


6 |
7 |

Si quieres ver todo el proceso de creación puedes chequear el código en este repositorio, o bien puedes hacer clic en la imagen central y esta te direccionará directamente a la lista de reproducción de youtube que he creado.

8 |
9 |                      10 | lista youtube


11 | 12 |

Si por el contrario deseas ver solo el resultado final, haz click en el enlace de abajo y este te direccionará a un video donde enseño el proyecto concluido

13 | 14 |

Proyecto Concluido 15 | 16 | -------------------------------------------------------------------------------- /mvnw: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # ---------------------------------------------------------------------------- 3 | # Licensed to the Apache Software Foundation (ASF) under one 4 | # or more contributor license agreements. See the NOTICE file 5 | # distributed with this work for additional information 6 | # regarding copyright ownership. The ASF licenses this file 7 | # to you under the Apache License, Version 2.0 (the 8 | # "License"); you may not use this file except in compliance 9 | # with the License. You may obtain a copy of the License at 10 | # 11 | # https://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, 14 | # software distributed under the License is distributed on an 15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | # KIND, either express or implied. See the License for the 17 | # specific language governing permissions and limitations 18 | # under the License. 19 | # ---------------------------------------------------------------------------- 20 | 21 | # ---------------------------------------------------------------------------- 22 | # Maven Start Up Batch script 23 | # 24 | # Required ENV vars: 25 | # ------------------ 26 | # JAVA_HOME - location of a JDK home dir 27 | # 28 | # Optional ENV vars 29 | # ----------------- 30 | # M2_HOME - location of maven2's installed home dir 31 | # MAVEN_OPTS - parameters passed to the Java VM when running Maven 32 | # e.g. to debug Maven itself, use 33 | # set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 34 | # MAVEN_SKIP_RC - flag to disable loading of mavenrc files 35 | # ---------------------------------------------------------------------------- 36 | 37 | if [ -z "$MAVEN_SKIP_RC" ] ; then 38 | 39 | if [ -f /usr/local/etc/mavenrc ] ; then 40 | . /usr/local/etc/mavenrc 41 | fi 42 | 43 | if [ -f /etc/mavenrc ] ; then 44 | . /etc/mavenrc 45 | fi 46 | 47 | if [ -f "$HOME/.mavenrc" ] ; then 48 | . "$HOME/.mavenrc" 49 | fi 50 | 51 | fi 52 | 53 | # OS specific support. $var _must_ be set to either true or false. 54 | cygwin=false; 55 | darwin=false; 56 | mingw=false 57 | case "`uname`" in 58 | CYGWIN*) cygwin=true ;; 59 | MINGW*) mingw=true;; 60 | Darwin*) darwin=true 61 | # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home 62 | # See https://developer.apple.com/library/mac/qa/qa1170/_index.html 63 | if [ -z "$JAVA_HOME" ]; then 64 | if [ -x "/usr/libexec/java_home" ]; then 65 | export JAVA_HOME="`/usr/libexec/java_home`" 66 | else 67 | export JAVA_HOME="/Library/Java/Home" 68 | fi 69 | fi 70 | ;; 71 | esac 72 | 73 | if [ -z "$JAVA_HOME" ] ; then 74 | if [ -r /etc/gentoo-release ] ; then 75 | JAVA_HOME=`java-config --jre-home` 76 | fi 77 | fi 78 | 79 | if [ -z "$M2_HOME" ] ; then 80 | ## resolve links - $0 may be a link to maven's home 81 | PRG="$0" 82 | 83 | # need this for relative symlinks 84 | while [ -h "$PRG" ] ; do 85 | ls=`ls -ld "$PRG"` 86 | link=`expr "$ls" : '.*-> \(.*\)$'` 87 | if expr "$link" : '/.*' > /dev/null; then 88 | PRG="$link" 89 | else 90 | PRG="`dirname "$PRG"`/$link" 91 | fi 92 | done 93 | 94 | saveddir=`pwd` 95 | 96 | M2_HOME=`dirname "$PRG"`/.. 97 | 98 | # make it fully qualified 99 | M2_HOME=`cd "$M2_HOME" && pwd` 100 | 101 | cd "$saveddir" 102 | # echo Using m2 at $M2_HOME 103 | fi 104 | 105 | # For Cygwin, ensure paths are in UNIX format before anything is touched 106 | if $cygwin ; then 107 | [ -n "$M2_HOME" ] && 108 | M2_HOME=`cygpath --unix "$M2_HOME"` 109 | [ -n "$JAVA_HOME" ] && 110 | JAVA_HOME=`cygpath --unix "$JAVA_HOME"` 111 | [ -n "$CLASSPATH" ] && 112 | CLASSPATH=`cygpath --path --unix "$CLASSPATH"` 113 | fi 114 | 115 | # For Mingw, ensure paths are in UNIX format before anything is touched 116 | if $mingw ; then 117 | [ -n "$M2_HOME" ] && 118 | M2_HOME="`(cd "$M2_HOME"; pwd)`" 119 | [ -n "$JAVA_HOME" ] && 120 | JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" 121 | fi 122 | 123 | if [ -z "$JAVA_HOME" ]; then 124 | javaExecutable="`which javac`" 125 | if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then 126 | # readlink(1) is not available as standard on Solaris 10. 127 | readLink=`which readlink` 128 | if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then 129 | if $darwin ; then 130 | javaHome="`dirname \"$javaExecutable\"`" 131 | javaExecutable="`cd \"$javaHome\" && pwd -P`/javac" 132 | else 133 | javaExecutable="`readlink -f \"$javaExecutable\"`" 134 | fi 135 | javaHome="`dirname \"$javaExecutable\"`" 136 | javaHome=`expr "$javaHome" : '\(.*\)/bin'` 137 | JAVA_HOME="$javaHome" 138 | export JAVA_HOME 139 | fi 140 | fi 141 | fi 142 | 143 | if [ -z "$JAVACMD" ] ; then 144 | if [ -n "$JAVA_HOME" ] ; then 145 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 146 | # IBM's JDK on AIX uses strange locations for the executables 147 | JAVACMD="$JAVA_HOME/jre/sh/java" 148 | else 149 | JAVACMD="$JAVA_HOME/bin/java" 150 | fi 151 | else 152 | JAVACMD="`\\unset -f command; \\command -v java`" 153 | fi 154 | fi 155 | 156 | if [ ! -x "$JAVACMD" ] ; then 157 | echo "Error: JAVA_HOME is not defined correctly." >&2 158 | echo " We cannot execute $JAVACMD" >&2 159 | exit 1 160 | fi 161 | 162 | if [ -z "$JAVA_HOME" ] ; then 163 | echo "Warning: JAVA_HOME environment variable is not set." 164 | fi 165 | 166 | CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher 167 | 168 | # traverses directory structure from process work directory to filesystem root 169 | # first directory with .mvn subdirectory is considered project base directory 170 | find_maven_basedir() { 171 | 172 | if [ -z "$1" ] 173 | then 174 | echo "Path not specified to find_maven_basedir" 175 | return 1 176 | fi 177 | 178 | basedir="$1" 179 | wdir="$1" 180 | while [ "$wdir" != '/' ] ; do 181 | if [ -d "$wdir"/.mvn ] ; then 182 | basedir=$wdir 183 | break 184 | fi 185 | # workaround for JBEAP-8937 (on Solaris 10/Sparc) 186 | if [ -d "${wdir}" ]; then 187 | wdir=`cd "$wdir/.."; pwd` 188 | fi 189 | # end of workaround 190 | done 191 | echo "${basedir}" 192 | } 193 | 194 | # concatenates all lines of a file 195 | concat_lines() { 196 | if [ -f "$1" ]; then 197 | echo "$(tr -s '\n' ' ' < "$1")" 198 | fi 199 | } 200 | 201 | BASE_DIR=`find_maven_basedir "$(pwd)"` 202 | if [ -z "$BASE_DIR" ]; then 203 | exit 1; 204 | fi 205 | 206 | ########################################################################################## 207 | # Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 208 | # This allows using the maven wrapper in projects that prohibit checking in binary data. 209 | ########################################################################################## 210 | if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then 211 | if [ "$MVNW_VERBOSE" = true ]; then 212 | echo "Found .mvn/wrapper/maven-wrapper.jar" 213 | fi 214 | else 215 | if [ "$MVNW_VERBOSE" = true ]; then 216 | echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..." 217 | fi 218 | if [ -n "$MVNW_REPOURL" ]; then 219 | jarUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 220 | else 221 | jarUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 222 | fi 223 | while IFS="=" read key value; do 224 | case "$key" in (wrapperUrl) jarUrl="$value"; break ;; 225 | esac 226 | done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties" 227 | if [ "$MVNW_VERBOSE" = true ]; then 228 | echo "Downloading from: $jarUrl" 229 | fi 230 | wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" 231 | if $cygwin; then 232 | wrapperJarPath=`cygpath --path --windows "$wrapperJarPath"` 233 | fi 234 | 235 | if command -v wget > /dev/null; then 236 | if [ "$MVNW_VERBOSE" = true ]; then 237 | echo "Found wget ... using wget" 238 | fi 239 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 240 | wget "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath" 241 | else 242 | wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath" 243 | fi 244 | elif command -v curl > /dev/null; then 245 | if [ "$MVNW_VERBOSE" = true ]; then 246 | echo "Found curl ... using curl" 247 | fi 248 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 249 | curl -o "$wrapperJarPath" "$jarUrl" -f 250 | else 251 | curl --user $MVNW_USERNAME:$MVNW_PASSWORD -o "$wrapperJarPath" "$jarUrl" -f 252 | fi 253 | 254 | else 255 | if [ "$MVNW_VERBOSE" = true ]; then 256 | echo "Falling back to using Java to download" 257 | fi 258 | javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java" 259 | # For Cygwin, switch paths to Windows format before running javac 260 | if $cygwin; then 261 | javaClass=`cygpath --path --windows "$javaClass"` 262 | fi 263 | if [ -e "$javaClass" ]; then 264 | if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 265 | if [ "$MVNW_VERBOSE" = true ]; then 266 | echo " - Compiling MavenWrapperDownloader.java ..." 267 | fi 268 | # Compiling the Java class 269 | ("$JAVA_HOME/bin/javac" "$javaClass") 270 | fi 271 | if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 272 | # Running the downloader 273 | if [ "$MVNW_VERBOSE" = true ]; then 274 | echo " - Running MavenWrapperDownloader.java ..." 275 | fi 276 | ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR") 277 | fi 278 | fi 279 | fi 280 | fi 281 | ########################################################################################## 282 | # End of extension 283 | ########################################################################################## 284 | 285 | export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"} 286 | if [ "$MVNW_VERBOSE" = true ]; then 287 | echo $MAVEN_PROJECTBASEDIR 288 | fi 289 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS" 290 | 291 | # For Cygwin, switch paths to Windows format before running java 292 | if $cygwin; then 293 | [ -n "$M2_HOME" ] && 294 | M2_HOME=`cygpath --path --windows "$M2_HOME"` 295 | [ -n "$JAVA_HOME" ] && 296 | JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"` 297 | [ -n "$CLASSPATH" ] && 298 | CLASSPATH=`cygpath --path --windows "$CLASSPATH"` 299 | [ -n "$MAVEN_PROJECTBASEDIR" ] && 300 | MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"` 301 | fi 302 | 303 | # Provide a "standardized" way to retrieve the CLI args that will 304 | # work with both Windows and non-Windows executions. 305 | MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $@" 306 | export MAVEN_CMD_LINE_ARGS 307 | 308 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 309 | 310 | exec "$JAVACMD" \ 311 | $MAVEN_OPTS \ 312 | $MAVEN_DEBUG_OPTS \ 313 | -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \ 314 | "-Dmaven.home=${M2_HOME}" \ 315 | "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \ 316 | ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@" 317 | -------------------------------------------------------------------------------- /mvnw.cmd: -------------------------------------------------------------------------------- 1 | @REM ---------------------------------------------------------------------------- 2 | @REM Licensed to the Apache Software Foundation (ASF) under one 3 | @REM or more contributor license agreements. See the NOTICE file 4 | @REM distributed with this work for additional information 5 | @REM regarding copyright ownership. The ASF licenses this file 6 | @REM to you under the Apache License, Version 2.0 (the 7 | @REM "License"); you may not use this file except in compliance 8 | @REM with the License. You may obtain a copy of the License at 9 | @REM 10 | @REM https://www.apache.org/licenses/LICENSE-2.0 11 | @REM 12 | @REM Unless required by applicable law or agreed to in writing, 13 | @REM software distributed under the License is distributed on an 14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | @REM KIND, either express or implied. See the License for the 16 | @REM specific language governing permissions and limitations 17 | @REM under the License. 18 | @REM ---------------------------------------------------------------------------- 19 | 20 | @REM ---------------------------------------------------------------------------- 21 | @REM Maven Start Up Batch script 22 | @REM 23 | @REM Required ENV vars: 24 | @REM JAVA_HOME - location of a JDK home dir 25 | @REM 26 | @REM Optional ENV vars 27 | @REM M2_HOME - location of maven2's installed home dir 28 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands 29 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending 30 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven 31 | @REM e.g. to debug Maven itself, use 32 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 33 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files 34 | @REM ---------------------------------------------------------------------------- 35 | 36 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on' 37 | @echo off 38 | @REM set title of command window 39 | title %0 40 | @REM enable echoing by setting MAVEN_BATCH_ECHO to 'on' 41 | @if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO% 42 | 43 | @REM set %HOME% to equivalent of $HOME 44 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%") 45 | 46 | @REM Execute a user defined script before this one 47 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre 48 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending 49 | if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %* 50 | if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %* 51 | :skipRcPre 52 | 53 | @setlocal 54 | 55 | set ERROR_CODE=0 56 | 57 | @REM To isolate internal variables from possible post scripts, we use another setlocal 58 | @setlocal 59 | 60 | @REM ==== START VALIDATION ==== 61 | if not "%JAVA_HOME%" == "" goto OkJHome 62 | 63 | echo. 64 | echo Error: JAVA_HOME not found in your environment. >&2 65 | echo Please set the JAVA_HOME variable in your environment to match the >&2 66 | echo location of your Java installation. >&2 67 | echo. 68 | goto error 69 | 70 | :OkJHome 71 | if exist "%JAVA_HOME%\bin\java.exe" goto init 72 | 73 | echo. 74 | echo Error: JAVA_HOME is set to an invalid directory. >&2 75 | echo JAVA_HOME = "%JAVA_HOME%" >&2 76 | echo Please set the JAVA_HOME variable in your environment to match the >&2 77 | echo location of your Java installation. >&2 78 | echo. 79 | goto error 80 | 81 | @REM ==== END VALIDATION ==== 82 | 83 | :init 84 | 85 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn". 86 | @REM Fallback to current working directory if not found. 87 | 88 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR% 89 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir 90 | 91 | set EXEC_DIR=%CD% 92 | set WDIR=%EXEC_DIR% 93 | :findBaseDir 94 | IF EXIST "%WDIR%"\.mvn goto baseDirFound 95 | cd .. 96 | IF "%WDIR%"=="%CD%" goto baseDirNotFound 97 | set WDIR=%CD% 98 | goto findBaseDir 99 | 100 | :baseDirFound 101 | set MAVEN_PROJECTBASEDIR=%WDIR% 102 | cd "%EXEC_DIR%" 103 | goto endDetectBaseDir 104 | 105 | :baseDirNotFound 106 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR% 107 | cd "%EXEC_DIR%" 108 | 109 | :endDetectBaseDir 110 | 111 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig 112 | 113 | @setlocal EnableExtensions EnableDelayedExpansion 114 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a 115 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS% 116 | 117 | :endReadAdditionalConfig 118 | 119 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe" 120 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar" 121 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 122 | 123 | set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 124 | 125 | FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO ( 126 | IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B 127 | ) 128 | 129 | @REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 130 | @REM This allows using the maven wrapper in projects that prohibit checking in binary data. 131 | if exist %WRAPPER_JAR% ( 132 | if "%MVNW_VERBOSE%" == "true" ( 133 | echo Found %WRAPPER_JAR% 134 | ) 135 | ) else ( 136 | if not "%MVNW_REPOURL%" == "" ( 137 | SET DOWNLOAD_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 138 | ) 139 | if "%MVNW_VERBOSE%" == "true" ( 140 | echo Couldn't find %WRAPPER_JAR%, downloading it ... 141 | echo Downloading from: %DOWNLOAD_URL% 142 | ) 143 | 144 | powershell -Command "&{"^ 145 | "$webclient = new-object System.Net.WebClient;"^ 146 | "if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^ 147 | "$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^ 148 | "}"^ 149 | "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^ 150 | "}" 151 | if "%MVNW_VERBOSE%" == "true" ( 152 | echo Finished downloading %WRAPPER_JAR% 153 | ) 154 | ) 155 | @REM End of extension 156 | 157 | @REM Provide a "standardized" way to retrieve the CLI args that will 158 | @REM work with both Windows and non-Windows executions. 159 | set MAVEN_CMD_LINE_ARGS=%* 160 | 161 | %MAVEN_JAVA_EXE% ^ 162 | %JVM_CONFIG_MAVEN_PROPS% ^ 163 | %MAVEN_OPTS% ^ 164 | %MAVEN_DEBUG_OPTS% ^ 165 | -classpath %WRAPPER_JAR% ^ 166 | "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^ 167 | %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %* 168 | if ERRORLEVEL 1 goto error 169 | goto end 170 | 171 | :error 172 | set ERROR_CODE=1 173 | 174 | :end 175 | @endlocal & set ERROR_CODE=%ERROR_CODE% 176 | 177 | if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost 178 | @REM check for post script, once with legacy .bat ending and once with .cmd ending 179 | if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat" 180 | if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd" 181 | :skipRcPost 182 | 183 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on' 184 | if "%MAVEN_BATCH_PAUSE%"=="on" pause 185 | 186 | if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE% 187 | 188 | cmd /C exit /B %ERROR_CODE% 189 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | org.springframework.boot 7 | spring-boot-starter-parent 8 | 3.0.6 9 | 10 | 11 | cl.javadevs 12 | Spring-Security-JWT 13 | 0.0.1-SNAPSHOT 14 | Spring-Security-JWT 15 | Spring-Security-JWT 16 | 17 | 17 18 | 19 | 20 | 21 | org.springframework.boot 22 | spring-boot-starter-data-jpa 23 | 24 | 25 | org.springframework.boot 26 | spring-boot-starter-security 27 | 28 | 29 | org.springframework.boot 30 | spring-boot-starter-web 31 | 32 | 33 | 34 | com.mysql 35 | mysql-connector-j 36 | runtime 37 | 38 | 39 | org.projectlombok 40 | lombok 41 | true 42 | 43 | 44 | org.springframework.boot 45 | spring-boot-starter-test 46 | test 47 | 48 | 49 | org.springframework.security 50 | spring-security-test 51 | test 52 | 53 | 54 | 55 | io.jsonwebtoken 56 | jjwt 57 | 0.9.1 58 | 59 | 60 | 61 | 62 | 63 | javax.xml.bind 64 | jaxb-api 65 | 2.4.0-b180830.0359 66 | 67 | 68 | 69 | 70 | 71 | 72 | org.springframework.boot 73 | spring-boot-maven-plugin 74 | 75 | 76 | 77 | org.projectlombok 78 | lombok 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/SpringSecurityJwtApplication.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | @SpringBootApplication 7 | public class SpringSecurityJwtApplication { 8 | 9 | public static void main(String[] args) { 10 | SpringApplication.run(SpringSecurityJwtApplication.class, args); 11 | } 12 | 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/controllers/RestControllerAuth.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.controllers; 2 | 3 | import cl.javadevs.springsecurityjwt.dtos.DtoAuthRespuesta; 4 | import cl.javadevs.springsecurityjwt.dtos.DtoLogin; 5 | import cl.javadevs.springsecurityjwt.dtos.DtoRegistro; 6 | import cl.javadevs.springsecurityjwt.models.Roles; 7 | import cl.javadevs.springsecurityjwt.models.Usuarios; 8 | import cl.javadevs.springsecurityjwt.repositories.IRolesRepository; 9 | import cl.javadevs.springsecurityjwt.repositories.IUsuariosRepository; 10 | import cl.javadevs.springsecurityjwt.security.JwtGenerador; 11 | import org.springframework.beans.factory.annotation.Autowired; 12 | import org.springframework.http.HttpStatus; 13 | import org.springframework.http.ResponseEntity; 14 | import org.springframework.security.authentication.AuthenticationManager; 15 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 16 | import org.springframework.security.core.Authentication; 17 | import org.springframework.security.core.context.SecurityContextHolder; 18 | import org.springframework.security.crypto.password.PasswordEncoder; 19 | import org.springframework.web.bind.annotation.PostMapping; 20 | import org.springframework.web.bind.annotation.RequestBody; 21 | import org.springframework.web.bind.annotation.RequestMapping; 22 | import org.springframework.web.bind.annotation.RestController; 23 | 24 | import java.util.Collections; 25 | 26 | @RestController 27 | @RequestMapping("/api/auth/") 28 | public class RestControllerAuth { 29 | private AuthenticationManager authenticationManager; 30 | private PasswordEncoder passwordEncoder; 31 | private IRolesRepository rolesRepository; 32 | private IUsuariosRepository usuariosRepository; 33 | private JwtGenerador jwtGenerador; 34 | 35 | @Autowired 36 | 37 | public RestControllerAuth(AuthenticationManager authenticationManager, PasswordEncoder passwordEncoder, IRolesRepository rolesRepository, IUsuariosRepository usuariosRepository, JwtGenerador jwtGenerador) { 38 | this.authenticationManager = authenticationManager; 39 | this.passwordEncoder = passwordEncoder; 40 | this.rolesRepository = rolesRepository; 41 | this.usuariosRepository = usuariosRepository; 42 | this.jwtGenerador = jwtGenerador; 43 | } 44 | //Método para poder registrar usuarios con role "user" 45 | @PostMapping("register") 46 | public ResponseEntity registrar(@RequestBody DtoRegistro dtoRegistro) { 47 | if (usuariosRepository.existsByUsername(dtoRegistro.getUsername())) { 48 | return new ResponseEntity<>("el usuario ya existe, intenta con otro", HttpStatus.BAD_REQUEST); 49 | } 50 | Usuarios usuarios = new Usuarios(); 51 | usuarios.setUsername(dtoRegistro.getUsername()); 52 | usuarios.setPassword(passwordEncoder.encode(dtoRegistro.getPassword())); 53 | Roles roles = rolesRepository.findByName("USER").get(); 54 | usuarios.setRoles(Collections.singletonList(roles)); 55 | usuariosRepository.save(usuarios); 56 | return new ResponseEntity<>("Registro de usuario exitoso", HttpStatus.OK); 57 | } 58 | 59 | //Método para poder guardar usuarios de tipo ADMIN 60 | @PostMapping("registerAdm") 61 | public ResponseEntity registrarAdmin(@RequestBody DtoRegistro dtoRegistro) { 62 | if (usuariosRepository.existsByUsername(dtoRegistro.getUsername())) { 63 | return new ResponseEntity<>("el usuario ya existe, intenta con otro", HttpStatus.BAD_REQUEST); 64 | } 65 | Usuarios usuarios = new Usuarios(); 66 | usuarios.setUsername(dtoRegistro.getUsername()); 67 | usuarios.setPassword(passwordEncoder.encode(dtoRegistro.getPassword())); 68 | Roles roles = rolesRepository.findByName("ADMIN").get(); 69 | usuarios.setRoles(Collections.singletonList(roles)); 70 | usuariosRepository.save(usuarios); 71 | return new ResponseEntity<>("Registro de admin exitoso", HttpStatus.OK); 72 | } 73 | 74 | //Método para poder logear un usuario y obtener un token 75 | @PostMapping("login") 76 | public ResponseEntity login(@RequestBody DtoLogin dtoLogin) { 77 | Authentication authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken( 78 | dtoLogin.getUsername(), dtoLogin.getPassword())); 79 | SecurityContextHolder.getContext().setAuthentication(authentication); 80 | String token = jwtGenerador.generarToken(authentication); 81 | return new ResponseEntity<>(new DtoAuthRespuesta(token), HttpStatus.OK); 82 | } 83 | 84 | 85 | } 86 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/controllers/RestControllerSmartPhone.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.controllers; 2 | 3 | import cl.javadevs.springsecurityjwt.models.SmartPhone; 4 | import cl.javadevs.springsecurityjwt.services.SmartPhoneService; 5 | import org.springframework.beans.factory.annotation.Autowired; 6 | import org.springframework.web.bind.annotation.*; 7 | 8 | import java.util.List; 9 | import java.util.Optional; 10 | 11 | @RestController 12 | @RequestMapping("/api/celular/") 13 | public class RestControllerSmartPhone { 14 | private SmartPhoneService phoneService; 15 | 16 | @Autowired 17 | public RestControllerSmartPhone(SmartPhoneService phoneService) { 18 | this.phoneService = phoneService; 19 | } 20 | 21 | //Petición para crear un celular 22 | @PostMapping(value = "crear", headers = "Accept=application/json") 23 | public void crearCelular(@RequestBody SmartPhone smartPhone) { 24 | phoneService.crear(smartPhone); 25 | } 26 | 27 | //Petición para obtener todos los celulares en la BD 28 | @GetMapping(value = "listar", headers = "Accept=application/json") 29 | public List listarCelulares() { 30 | return phoneService.readAll(); 31 | } 32 | 33 | //Petición para obtener celular mediante "ID" 34 | @GetMapping(value = "listarId/{id}", headers = "Accept=application/json") 35 | public Optional obtenerCelularPorId(@PathVariable Long id) { 36 | return phoneService.readOne(id); 37 | } 38 | 39 | //Petición para actualizar un celular 40 | @PutMapping(value = "actualizar", headers = "Accept=application/json") 41 | public void actualizarCelular(@RequestBody SmartPhone smartPhone) { 42 | phoneService.update(smartPhone); 43 | } 44 | 45 | //Petición para eliminar un celular por "Id" 46 | @DeleteMapping(value = "eliminar/{id}", headers = "Accept=application/json") 47 | public void eliminarCelular(@PathVariable Long id) { 48 | phoneService.delete(id); 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/dtos/DtoAuthRespuesta.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.dtos; 2 | 3 | import lombok.Data; 4 | 5 | //Esta clase va a ser la que nos devolverá la información con el token y el tipo que tenga este 6 | @Data 7 | public class DtoAuthRespuesta { 8 | private String accessToken; 9 | private String tokenType = "Bearer "; 10 | 11 | public DtoAuthRespuesta(String accessToken) { 12 | this.accessToken = accessToken; 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/dtos/DtoLogin.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.dtos; 2 | 3 | import lombok.Data; 4 | 5 | @Data 6 | public class DtoLogin { 7 | private String username; 8 | private String password; 9 | } 10 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/dtos/DtoRegistro.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.dtos; 2 | 3 | import lombok.Data; 4 | 5 | @Data 6 | public class DtoRegistro { 7 | private String username; 8 | private String password; 9 | } 10 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/models/Roles.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.models; 2 | import jakarta.persistence.*; 3 | import lombok.AllArgsConstructor; 4 | import lombok.Data; 5 | import lombok.NoArgsConstructor; 6 | 7 | @Data 8 | @NoArgsConstructor 9 | @AllArgsConstructor 10 | @Entity 11 | @Table(name = "role") 12 | public class Roles { 13 | @Id 14 | @GeneratedValue(strategy = GenerationType.IDENTITY) 15 | @Column(name = "id_role") 16 | private Long idRole; 17 | private String name; 18 | } 19 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/models/SmartPhone.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.models; 2 | 3 | import jakarta.persistence.*; 4 | import lombok.AllArgsConstructor; 5 | import lombok.Data; 6 | import lombok.NoArgsConstructor; 7 | 8 | @Data 9 | @NoArgsConstructor 10 | @AllArgsConstructor 11 | @Entity 12 | @Table(name = "smartphone") 13 | public class SmartPhone { 14 | @Id 15 | @GeneratedValue(strategy = GenerationType.IDENTITY) 16 | @Column(name = "id_smartphone") 17 | private Long idSmartPhone; 18 | private String marca; 19 | private Long precio; 20 | } 21 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/models/Usuarios.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.models; 2 | 3 | import jakarta.persistence.*; 4 | import lombok.AllArgsConstructor; 5 | import lombok.Data; 6 | import lombok.NoArgsConstructor; 7 | 8 | import java.util.ArrayList; 9 | import java.util.List; 10 | 11 | @Data 12 | @AllArgsConstructor 13 | @NoArgsConstructor 14 | @Entity 15 | @Table(name = "usuario") 16 | public class Usuarios { 17 | @Id 18 | @GeneratedValue(strategy = GenerationType.IDENTITY) 19 | @Column(name = "id_usuario") 20 | private Long idUsuario; 21 | private String username; 22 | private String password; 23 | //Usamos fetchType en EAGER para que cada vez que se acceda o se extraiga un usuario de la BD, este se traiga todos sus roles 24 | @ManyToMany(fetch = FetchType.EAGER, cascade = CascadeType.ALL) 25 | /*Con JoinTable estaremos creando una tabla que unirá la tabla de usuario y role, con lo cual tendremos un total de 3 tablas 26 | relacionadas en la tabla "usuarios_roles", a través de sus columnas usuario_id que apuntara al ID de la tabla usuario 27 | y role_id que apuntara al Id de la tabla role */ 28 | @JoinTable(name = "usuarios_roles", joinColumns = @JoinColumn(name = "usuario_id", referencedColumnName = "id_usuario") 29 | ,inverseJoinColumns = @JoinColumn(name = "role_id", referencedColumnName = "id_role")) 30 | private List roles = new ArrayList<>(); 31 | } 32 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/repositories/IRolesRepository.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.repositories; 2 | 3 | import cl.javadevs.springsecurityjwt.models.Roles; 4 | import org.springframework.data.jpa.repository.JpaRepository; 5 | import org.springframework.stereotype.Repository; 6 | 7 | import java.util.Optional; 8 | 9 | @Repository 10 | public interface IRolesRepository extends JpaRepository { 11 | //Método para buscar un role por su nombre en nuestra base de datos 12 | Optional findByName(String name); 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/repositories/ISmartPhoneRepository.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.repositories; 2 | 3 | import cl.javadevs.springsecurityjwt.models.SmartPhone; 4 | import org.springframework.data.jpa.repository.JpaRepository; 5 | import org.springframework.stereotype.Repository; 6 | 7 | @Repository 8 | public interface ISmartPhoneRepository extends JpaRepository { 9 | } 10 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/repositories/IUsuariosRepository.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.repositories; 2 | 3 | import cl.javadevs.springsecurityjwt.models.Usuarios; 4 | import org.springframework.data.jpa.repository.JpaRepository; 5 | import org.springframework.stereotype.Repository; 6 | 7 | import java.util.Optional; 8 | 9 | @Repository 10 | public interface IUsuariosRepository extends JpaRepository { 11 | //Método para poder buscar un usuario mediante su nombre 12 | Optional findByUsername(String username); 13 | 14 | //Método para poder verificar si un usuario existe en nuestra base de datos 15 | Boolean existsByUsername(String username); 16 | } 17 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/security/ConstantesSeguridad.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.security; 2 | 3 | public class ConstantesSeguridad { 4 | public static final long JWT_EXPIRATION_TOKEN = 300000; //equivaler a 5 min, donde 60000 = a 1 min 5 | public static final String JWT_FIRMA = "firma"; 6 | } 7 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/security/CustomUsersDetailsService.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.security; 2 | import cl.javadevs.springsecurityjwt.models.Roles; 3 | import cl.javadevs.springsecurityjwt.models.Usuarios; 4 | import cl.javadevs.springsecurityjwt.repositories.IUsuariosRepository; 5 | import org.springframework.beans.factory.annotation.Autowired; 6 | import org.springframework.security.core.GrantedAuthority; 7 | import org.springframework.security.core.authority.SimpleGrantedAuthority; 8 | import org.springframework.security.core.userdetails.User; 9 | import org.springframework.security.core.userdetails.UserDetails; 10 | import org.springframework.security.core.userdetails.UserDetailsService; 11 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 12 | import org.springframework.stereotype.Service; 13 | import java.util.Collection; 14 | import java.util.List; 15 | import java.util.stream.Collectors; 16 | 17 | @Service 18 | public class CustomUsersDetailsService implements UserDetailsService { 19 | private IUsuariosRepository usuariosRepo; 20 | 21 | @Autowired 22 | public CustomUsersDetailsService(IUsuariosRepository usuariosRepo) { 23 | this.usuariosRepo = usuariosRepo; 24 | } 25 | //Método para traernos una lista de autoridades por medio de una lista de roles 26 | public Collection mapToAuthorities(List roles){ 27 | return roles.stream().map(role -> new SimpleGrantedAuthority(role.getName())).collect(Collectors.toList()); 28 | } 29 | //Método para traernos un usuario con todos sus datos por medio de sus username 30 | @Override 31 | public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { 32 | Usuarios usuarios = usuariosRepo.findByUsername(username).orElseThrow(() -> new UsernameNotFoundException("Usuario no encontrado")); 33 | return new User(usuarios.getUsername(), usuarios.getPassword(), mapToAuthorities(usuarios.getRoles())); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/security/JwtAuthenticationEntryPoint.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.security; 2 | 3 | import jakarta.servlet.ServletException; 4 | import jakarta.servlet.http.HttpServletRequest; 5 | import jakarta.servlet.http.HttpServletResponse; 6 | import org.springframework.security.core.AuthenticationException; 7 | import org.springframework.security.web.AuthenticationEntryPoint; 8 | import org.springframework.stereotype.Component; 9 | 10 | import java.io.IOException; 11 | //Clase para poder manejar las excepciones de tipo autenticación en nuestra app 12 | @Component 13 | public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint { 14 | @Override 15 | public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { 16 | response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.getMessage()); 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/security/JwtAuthenticationFilter.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.security; 2 | 3 | import jakarta.servlet.FilterChain; 4 | import jakarta.servlet.ServletException; 5 | import jakarta.servlet.http.HttpServletRequest; 6 | import jakarta.servlet.http.HttpServletResponse; 7 | import org.springframework.beans.factory.annotation.Autowired; 8 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 9 | import org.springframework.security.core.GrantedAuthority; 10 | import org.springframework.security.core.context.SecurityContextHolder; 11 | import org.springframework.security.core.userdetails.UserDetails; 12 | import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; 13 | import org.springframework.util.StringUtils; 14 | import org.springframework.web.filter.OncePerRequestFilter; 15 | 16 | import java.io.IOException; 17 | import java.util.List; 18 | 19 | /*La función de esta clase será validar la información del token y si esto es exitoso, 20 | establecerá la autenticación de un usuario en la solicitud o en el contexto de seguridad de nuestra aplicación*/ 21 | public class JwtAuthenticationFilter extends OncePerRequestFilter { 22 | 23 | @Autowired 24 | private CustomUsersDetailsService customUsersDetailsService; 25 | @Autowired 26 | private JwtGenerador jwtGenerador; 27 | 28 | /*Con el siguiente método extraeremos el token JWT de la cabecera de nuestra petición Http("Authorization") 29 | * luego lo validaremos y finalmente se retornará*/ 30 | private String obtenerTokenDeSolicitud(HttpServletRequest request) { 31 | String bearerToken = request.getHeader("Authorization"); 32 | if (StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer ")) { 33 | //Aca si se encuentra el token JWT, se devuelve una subcadena de "bearerToken" que comienza después de los primeros 7 caracteres hasta el final de la cadena 34 | return bearerToken.substring(7, bearerToken.length()); 35 | } 36 | return null; 37 | } 38 | 39 | @Override //Solicitud entrante 40 | protected void doFilterInternal(HttpServletRequest request, 41 | //Respuesta saliente 42 | HttpServletResponse response, 43 | //Mecanismo para invocar el siguiente filtro en la siguiente cadena de filtros 44 | FilterChain filterChain) throws ServletException, IOException { 45 | //Obtenemos los datos del token mediante el método desarrollado arriba 46 | String token = obtenerTokenDeSolicitud(request); 47 | // Validamos la información del token 48 | if (StringUtils.hasText(token) && jwtGenerador.validarToken(token)) { 49 | //Asignamos el nombre de usuario contenido en el objeto "token" y lo pasamos a nuestra variable "username" 50 | String username = jwtGenerador.obtenerUsernameDeJwt(token); 51 | //Luego creamos el objeto userDetails el cual contendrá todos los detalles de nuestro username, ósea nombre, pw y roles segun el método loadUserByUsername 52 | UserDetails userDetails = customUsersDetailsService.loadUserByUsername(username); 53 | //Cargamos una lista de String con los roles alojados en BD 54 | List userRoles = userDetails.getAuthorities().stream().map(GrantedAuthority::getAuthority).toList(); 55 | //Comprobamos que el usuario autenticado posee alguno de los siguientes roles alojados en BD 56 | if (userRoles.contains("USER") || userRoles.contains("ADMIN")) { 57 | /*Creamos el objeto UsernamePasswordAuthenticationToken el cual contendrá los detalles de autenticación del usuario*/ 58 | UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(userDetails, 59 | null, userDetails.getAuthorities()); 60 | //Aca establecimos información adicional de la autenticación, como por ejemplo la dirección ip del usuario, o el agente de usuario para hacer la solicitud etc. 61 | authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); 62 | //Establecemos el objeto anterior (autenticación del usuario) en el contexto de seguridad 63 | SecurityContextHolder.getContext().setAuthentication(authenticationToken); 64 | } 65 | } 66 | //Permite que la solicitud continue hacia el siguiente filtro en la cadena de filtro. 67 | filterChain.doFilter(request, response); 68 | } 69 | } 70 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/security/JwtGenerador.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.security; 2 | 3 | import io.jsonwebtoken.Claims; 4 | import io.jsonwebtoken.Jwts; 5 | import io.jsonwebtoken.SignatureAlgorithm; 6 | import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException; 7 | import org.springframework.security.core.Authentication; 8 | import org.springframework.stereotype.Component; 9 | 10 | import java.util.Date; 11 | 12 | @Component 13 | public class JwtGenerador { 14 | 15 | //Método para crear un token por medio de la authentication 16 | public String generarToken(Authentication authentication) { 17 | 18 | String username = authentication.getName(); 19 | Date tiempoActual = new Date(); 20 | Date expiracionToken = new Date(tiempoActual.getTime() + ConstantesSeguridad.JWT_EXPIRATION_TOKEN); 21 | 22 | //Linea para generar el token 23 | String token = Jwts.builder() //Construimos un token JWT llamado token 24 | .setSubject(username) //Aca establecemos el nombre de usuario que está iniciando sesión 25 | .setIssuedAt(new Date()) //Establecemos la fecha de emisión del token en el momento actual 26 | .setExpiration(expiracionToken) //Establecemos la fecha de caducidad del token 27 | .signWith(SignatureAlgorithm.HS512, ConstantesSeguridad.JWT_FIRMA) /*Utilizamos este método para firmar 28 | nuestro token y de esta manera evitar la manipulación o modificación de este*/ 29 | .compact(); //Este método finaliza la construcción del token y lo convierte en una cadena compacta 30 | return token; 31 | } 32 | 33 | //Método para extraer un Username apartir de un token 34 | public String obtenerUsernameDeJwt(String token) { 35 | Claims claims = Jwts.parser() // El método parser se utiliza con el fin de analizar el token 36 | .setSigningKey(ConstantesSeguridad.JWT_FIRMA)// Establece la clave de firma, que se utiliza para verificar la firma del token 37 | .parseClaimsJws(token) //Se utiliza para verificar la firma del token, apartir del String "token" 38 | .getBody(); /*Obtenemos el claims(cuerpo) ya verificado del token el cual contendrá la información de 39 | nombre de usuario, fecha de expiración y firma del token*/ 40 | return claims.getSubject(); //Devolvemos el nombre de usuario 41 | } 42 | 43 | //Método para validar el token 44 | public Boolean validarToken(String token) { 45 | try { 46 | //Validación del token por medio de la firma que contiene el String token(token) 47 | //Si son idénticas validara el token o caso contrario saltara la excepción de abajo 48 | Jwts.parser().setSigningKey(ConstantesSeguridad.JWT_FIRMA).parseClaimsJws(token); 49 | return true; 50 | } catch (Exception e) { 51 | throw new AuthenticationCredentialsNotFoundException("Jwt ah expirado o esta incorrecto"); 52 | } 53 | } 54 | } 55 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/security/SecurityConfig.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.security; 2 | 3 | import org.springframework.beans.factory.annotation.Autowired; 4 | import org.springframework.context.annotation.Bean; 5 | import org.springframework.context.annotation.Configuration; 6 | import org.springframework.http.HttpMethod; 7 | import org.springframework.security.authentication.AuthenticationManager; 8 | import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; 9 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 10 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 11 | import org.springframework.security.config.http.SessionCreationPolicy; 12 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 13 | import org.springframework.security.crypto.password.PasswordEncoder; 14 | import org.springframework.security.web.SecurityFilterChain; 15 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; 16 | 17 | @Configuration 18 | //Le indica al contenedor de spring que esta es una clase de seguridad al momento de arrancar la aplicación 19 | @EnableWebSecurity 20 | //Indicamos que se activa la seguridad web en nuestra aplicación y además esta será una clase la cual contendrá toda la configuración referente a la seguridad 21 | public class SecurityConfig { 22 | private JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint; 23 | 24 | @Autowired 25 | public SecurityConfig(JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint) { 26 | this.jwtAuthenticationEntryPoint = jwtAuthenticationEntryPoint; 27 | } 28 | 29 | //Este bean va a encargarse de verificar la información de los usuarios que se loguearán en nuestra api 30 | @Bean 31 | AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception { 32 | return authenticationConfiguration.getAuthenticationManager(); 33 | } 34 | 35 | //Con este bean nos encargaremos de encriptar todas nuestras contraseñas 36 | @Bean 37 | PasswordEncoder passwordEncoder() { 38 | return new BCryptPasswordEncoder(); 39 | } 40 | 41 | //Este bean incorporará el filtro de seguridad de json web token que creamos en nuestra clase anterior 42 | @Bean 43 | JwtAuthenticationFilter jwtAuthenticationFilter() { 44 | return new JwtAuthenticationFilter(); 45 | } 46 | 47 | //Vamos a crear un bean el cual va a establecer una cadena de filtros de seguridad en nuestra aplicación. 48 | // Y es aquí donde determinaremos los permisos segun los roles de usuarios para acceder a nuestra aplicación 49 | @Bean 50 | SecurityFilterChain filterChain(HttpSecurity http) throws Exception{ 51 | http 52 | .csrf().disable() 53 | .exceptionHandling() //Permitimos el manejo de excepciones 54 | .authenticationEntryPoint(jwtAuthenticationEntryPoint) //Nos establece un punto de entrada personalizado de autenticación para el manejo de autenticaciones no autorizadas 55 | .and() 56 | .sessionManagement() //Permite la gestión de sessiones 57 | .sessionCreationPolicy(SessionCreationPolicy.STATELESS) 58 | .and() 59 | .authorizeHttpRequests() //Toda petición http debe ser autorizada 60 | .requestMatchers("/api/auth/**").permitAll() 61 | .requestMatchers(HttpMethod.POST, "/api/celular/crear").hasAuthority("ADMIN") 62 | .requestMatchers(HttpMethod.GET,"/api/celular/listar").hasAnyAuthority("ADMIN" , "USER") 63 | .requestMatchers(HttpMethod.GET,"/api/celular/listarId/**").hasAnyAuthority("ADMIN" , "USER") 64 | .requestMatchers(HttpMethod.DELETE,"/api/celular/eliminar/**").hasAuthority("ADMIN") 65 | .requestMatchers(HttpMethod.PUT, "/api/celular/actualizar").hasAuthority("ADMIN") 66 | .anyRequest().authenticated() 67 | .and() 68 | .httpBasic(); 69 | http.addFilterBefore(jwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class); 70 | return http.build(); 71 | } 72 | } 73 | -------------------------------------------------------------------------------- /src/main/java/cl/javadevs/springsecurityjwt/services/SmartPhoneService.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt.services; 2 | 3 | import cl.javadevs.springsecurityjwt.models.SmartPhone; 4 | import cl.javadevs.springsecurityjwt.repositories.ISmartPhoneRepository; 5 | import org.springframework.beans.factory.annotation.Autowired; 6 | import org.springframework.stereotype.Service; 7 | 8 | import java.util.List; 9 | import java.util.Optional; 10 | 11 | @Service 12 | public class SmartPhoneService { 13 | private ISmartPhoneRepository smartPhoneRepo; 14 | 15 | @Autowired 16 | public SmartPhoneService(ISmartPhoneRepository smartPhoneRepo) { 17 | this.smartPhoneRepo = smartPhoneRepo; 18 | } 19 | 20 | //Creamos un celular 21 | public void crear(SmartPhone smartPhone) { 22 | smartPhoneRepo.save(smartPhone); 23 | } 24 | 25 | //Obtenemos toda una lista de celulares 26 | public List readAll() { 27 | return smartPhoneRepo.findAll(); 28 | } 29 | 30 | //Obtenemos un celular por su id 31 | public Optional readOne(Long id) { 32 | return smartPhoneRepo.findById(id); 33 | } 34 | 35 | //Actualizamos un celular 36 | public void update(SmartPhone smartPhone) { 37 | smartPhoneRepo.save(smartPhone); 38 | } 39 | 40 | //Eliminamos un celular 41 | public void delete(Long id) { 42 | smartPhoneRepo.deleteById(id); 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /src/main/resources/application.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/LeoOlivaresD/Spring-Security-JWT/5551f379832a56f4d4f3ced0e65002e05aa59738/src/main/resources/application.properties -------------------------------------------------------------------------------- /src/test/java/cl/javadevs/springsecurityjwt/SpringSecurityJwtApplicationTests.java: -------------------------------------------------------------------------------- 1 | package cl.javadevs.springsecurityjwt; 2 | 3 | import org.junit.jupiter.api.Test; 4 | import org.springframework.boot.test.context.SpringBootTest; 5 | 6 | @SpringBootTest 7 | class SpringSecurityJwtApplicationTests { 8 | 9 | @Test 10 | void contextLoads() { 11 | } 12 | 13 | } 14 | --------------------------------------------------------------------------------