├── .gitignore
├── .mvn
└── wrapper
│ ├── MavenWrapperDownloader.java
│ ├── maven-wrapper.jar
│ └── maven-wrapper.properties
├── SpringSecurity.postman_collection.json
├── mvnw
├── mvnw.cmd
├── pom.xml
└── src
└── main
├── java
└── com
│ └── akhianand
│ └── springrolejwt
│ ├── SpringRoleJwtApplication.java
│ ├── config
│ ├── CORSFilter.java
│ ├── JwtAuthenticationFilter.java
│ ├── TokenProvider.java
│ ├── UnauthorizedEntryPoint.java
│ └── WebSecurityConfig.java
│ ├── controller
│ └── UserController.java
│ ├── dao
│ ├── RoleDao.java
│ └── UserDao.java
│ ├── model
│ ├── AuthToken.java
│ ├── LoginUser.java
│ ├── Role.java
│ ├── User.java
│ └── UserDto.java
│ └── service
│ ├── RoleService.java
│ ├── UserService.java
│ └── impl
│ ├── RoleServiceImpl.java
│ └── UserServiceImpl.java
└── resources
├── application.properties
└── query.sql
/.gitignore:
--------------------------------------------------------------------------------
1 | HELP.md
2 | target/
3 | !.mvn/wrapper/maven-wrapper.jar
4 | !**/src/main/**
5 | !**/src/test/**
6 |
7 | ### STS ###
8 | .apt_generated
9 | .classpath
10 | .factorypath
11 | .project
12 | .settings
13 | .springBeans
14 | .sts4-cache
15 |
16 | ### IntelliJ IDEA ###
17 | .idea
18 | *.iws
19 | *.iml
20 | *.ipr
21 |
22 | ### NetBeans ###
23 | /nbproject/private/
24 | /nbbuild/
25 | /dist/
26 | /nbdist/
27 | /.nb-gradle/
28 | build/
29 |
30 | ### VS Code ###
31 | .vscode/
32 |
--------------------------------------------------------------------------------
/.mvn/wrapper/MavenWrapperDownloader.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright 2007-present the original author or authors.
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * https://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 | import java.net.*;
17 | import java.io.*;
18 | import java.nio.channels.*;
19 | import java.util.Properties;
20 |
21 | public class MavenWrapperDownloader {
22 |
23 | private static final String WRAPPER_VERSION = "0.5.6";
24 | /**
25 | * Default URL to download the maven-wrapper.jar from, if no 'downloadUrl' is provided.
26 | */
27 | private static final String DEFAULT_DOWNLOAD_URL = "https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/"
28 | + WRAPPER_VERSION + "/maven-wrapper-" + WRAPPER_VERSION + ".jar";
29 |
30 | /**
31 | * Path to the maven-wrapper.properties file, which might contain a downloadUrl property to
32 | * use instead of the default one.
33 | */
34 | private static final String MAVEN_WRAPPER_PROPERTIES_PATH =
35 | ".mvn/wrapper/maven-wrapper.properties";
36 |
37 | /**
38 | * Path where the maven-wrapper.jar will be saved to.
39 | */
40 | private static final String MAVEN_WRAPPER_JAR_PATH =
41 | ".mvn/wrapper/maven-wrapper.jar";
42 |
43 | /**
44 | * Name of the property which should be used to override the default download url for the wrapper.
45 | */
46 | private static final String PROPERTY_NAME_WRAPPER_URL = "wrapperUrl";
47 |
48 | public static void main(String args[]) {
49 | System.out.println("- Downloader started");
50 | File baseDirectory = new File(args[0]);
51 | System.out.println("- Using base directory: " + baseDirectory.getAbsolutePath());
52 |
53 | // If the maven-wrapper.properties exists, read it and check if it contains a custom
54 | // wrapperUrl parameter.
55 | File mavenWrapperPropertyFile = new File(baseDirectory, MAVEN_WRAPPER_PROPERTIES_PATH);
56 | String url = DEFAULT_DOWNLOAD_URL;
57 | if(mavenWrapperPropertyFile.exists()) {
58 | FileInputStream mavenWrapperPropertyFileInputStream = null;
59 | try {
60 | mavenWrapperPropertyFileInputStream = new FileInputStream(mavenWrapperPropertyFile);
61 | Properties mavenWrapperProperties = new Properties();
62 | mavenWrapperProperties.load(mavenWrapperPropertyFileInputStream);
63 | url = mavenWrapperProperties.getProperty(PROPERTY_NAME_WRAPPER_URL, url);
64 | } catch (IOException e) {
65 | System.out.println("- ERROR loading '" + MAVEN_WRAPPER_PROPERTIES_PATH + "'");
66 | } finally {
67 | try {
68 | if(mavenWrapperPropertyFileInputStream != null) {
69 | mavenWrapperPropertyFileInputStream.close();
70 | }
71 | } catch (IOException e) {
72 | // Ignore ...
73 | }
74 | }
75 | }
76 | System.out.println("- Downloading from: " + url);
77 |
78 | File outputFile = new File(baseDirectory.getAbsolutePath(), MAVEN_WRAPPER_JAR_PATH);
79 | if(!outputFile.getParentFile().exists()) {
80 | if(!outputFile.getParentFile().mkdirs()) {
81 | System.out.println(
82 | "- ERROR creating output directory '" + outputFile.getParentFile().getAbsolutePath() + "'");
83 | }
84 | }
85 | System.out.println("- Downloading to: " + outputFile.getAbsolutePath());
86 | try {
87 | downloadFileFromURL(url, outputFile);
88 | System.out.println("Done");
89 | System.exit(0);
90 | } catch (Throwable e) {
91 | System.out.println("- Error downloading");
92 | e.printStackTrace();
93 | System.exit(1);
94 | }
95 | }
96 |
97 | private static void downloadFileFromURL(String urlString, File destination) throws Exception {
98 | if (System.getenv("MVNW_USERNAME") != null && System.getenv("MVNW_PASSWORD") != null) {
99 | String username = System.getenv("MVNW_USERNAME");
100 | char[] password = System.getenv("MVNW_PASSWORD").toCharArray();
101 | Authenticator.setDefault(new Authenticator() {
102 | @Override
103 | protected PasswordAuthentication getPasswordAuthentication() {
104 | return new PasswordAuthentication(username, password);
105 | }
106 | });
107 | }
108 | URL website = new URL(urlString);
109 | ReadableByteChannel rbc;
110 | rbc = Channels.newChannel(website.openStream());
111 | FileOutputStream fos = new FileOutputStream(destination);
112 | fos.getChannel().transferFrom(rbc, 0, Long.MAX_VALUE);
113 | fos.close();
114 | rbc.close();
115 | }
116 |
117 | }
118 |
--------------------------------------------------------------------------------
/.mvn/wrapper/maven-wrapper.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/akhileshmalini/spring-security-role-jwt/63effa348377c5b9ca755d0eda3e0d9bad12d443/.mvn/wrapper/maven-wrapper.jar
--------------------------------------------------------------------------------
/.mvn/wrapper/maven-wrapper.properties:
--------------------------------------------------------------------------------
1 | distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.6.3/apache-maven-3.6.3-bin.zip
2 | wrapperUrl=https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar
3 |
--------------------------------------------------------------------------------
/SpringSecurity.postman_collection.json:
--------------------------------------------------------------------------------
1 | {
2 | "info": {
3 | "_postman_id": "d525b099-e846-4598-b2ed-85a6eef51be8",
4 | "name": "SpringSecurity",
5 | "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
6 | },
7 | "item": [
8 | {
9 | "name": "User",
10 | "item": [
11 | {
12 | "name": "Register as User",
13 | "event": [
14 | {
15 | "listen": "test",
16 | "script": {
17 | "id": "ad4a3769-7bf5-4598-bf53-b4fbdacc436f",
18 | "exec": [
19 | ""
20 | ],
21 | "type": "text/javascript"
22 | }
23 | }
24 | ],
25 | "request": {
26 | "method": "POST",
27 | "header": [],
28 | "body": {
29 | "mode": "raw",
30 | "raw": "{\n \"username\": \"user1\",\n \"email\": \"user1@random.edu\",\n \"password\": \"abc123\",\n \"name\": \"John Doe\",\n \"phone\": \"1234567789\",\n \"businessTitle\": \"Student\" \n}",
31 | "options": {
32 | "raw": {
33 | "language": "json"
34 | }
35 | }
36 | },
37 | "url": {
38 | "raw": "http://{{host}}:{{port}}/users/register",
39 | "protocol": "http",
40 | "host": [
41 | "{{host}}"
42 | ],
43 | "port": "{{port}}",
44 | "path": [
45 | "users",
46 | "register"
47 | ]
48 | }
49 | },
50 | "response": []
51 | },
52 | {
53 | "name": "Authenticate as User (Fetch Token)",
54 | "event": [
55 | {
56 | "listen": "test",
57 | "script": {
58 | "id": "6c5258a2-70fe-4d91-9dc1-64cfc96627e8",
59 | "exec": [
60 | "var token = responseBody;",
61 | "postman.setEnvironmentVariable(\"userToken\", token.token);"
62 | ],
63 | "type": "text/javascript"
64 | }
65 | }
66 | ],
67 | "request": {
68 | "method": "POST",
69 | "header": [],
70 | "body": {
71 | "mode": "raw",
72 | "raw": "{\n\t\"username\": \"user1\",\n\t\"password\": \"abc123\"\n}",
73 | "options": {
74 | "raw": {
75 | "language": "json"
76 | }
77 | }
78 | },
79 | "url": {
80 | "raw": "http://{{host}}:{{port}}/users/authenticate",
81 | "protocol": "http",
82 | "host": [
83 | "{{host}}"
84 | ],
85 | "port": "{{port}}",
86 | "path": [
87 | "users",
88 | "authenticate"
89 | ]
90 | }
91 | },
92 | "response": []
93 | },
94 | {
95 | "name": "User Ping as User",
96 | "request": {
97 | "auth": {
98 | "type": "noauth"
99 | },
100 | "method": "GET",
101 | "header": [
102 | {
103 | "key": "Authorization",
104 | "value": "Bearer {{token}}",
105 | "type": "text"
106 | }
107 | ],
108 | "url": {
109 | "raw": "http://{{host}}:{{port}}/users/userping",
110 | "protocol": "http",
111 | "host": [
112 | "{{host}}"
113 | ],
114 | "port": "{{port}}",
115 | "path": [
116 | "users",
117 | "userping"
118 | ]
119 | }
120 | },
121 | "response": []
122 | },
123 | {
124 | "name": "Admin Ping as User",
125 | "request": {
126 | "auth": {
127 | "type": "noauth"
128 | },
129 | "method": "GET",
130 | "header": [
131 | {
132 | "key": "Authorization",
133 | "value": "Bearer {{userToken}}",
134 | "type": "text"
135 | }
136 | ],
137 | "url": {
138 | "raw": "http://{{host}}:{{port}}/users/adminping",
139 | "protocol": "http",
140 | "host": [
141 | "{{host}}"
142 | ],
143 | "port": "{{port}}",
144 | "path": [
145 | "users",
146 | "adminping"
147 | ]
148 | }
149 | },
150 | "response": []
151 | },
152 | {
153 | "name": "Register as Admin",
154 | "event": [
155 | {
156 | "listen": "test",
157 | "script": {
158 | "id": "fd99df03-edcd-4fa5-ba50-00a35634c9f3",
159 | "exec": [
160 | "var jsonData = JSON.parse(responseBody);",
161 | "postman.setEnvironmentVariable(\"userid\", jsonData.id);"
162 | ],
163 | "type": "text/javascript"
164 | }
165 | }
166 | ],
167 | "request": {
168 | "method": "POST",
169 | "header": [],
170 | "body": {
171 | "mode": "raw",
172 | "raw": "{\n \"username\": \"user2\",\n \"email\": \"user2@admin.edu\",\n \"password\": \"abc123\",\n \"name\": \"Jane Doe\",\n \"phone\": \"9876543321\",\n \"businessTitle\": \"Admin\" \n}",
173 | "options": {
174 | "raw": {
175 | "language": "json"
176 | }
177 | }
178 | },
179 | "url": {
180 | "raw": "http://{{host}}:{{port}}/users/register",
181 | "protocol": "http",
182 | "host": [
183 | "{{host}}"
184 | ],
185 | "port": "{{port}}",
186 | "path": [
187 | "users",
188 | "register"
189 | ]
190 | }
191 | },
192 | "response": []
193 | },
194 | {
195 | "name": "Authenticate as Admin (Fetch Token)",
196 | "event": [
197 | {
198 | "listen": "test",
199 | "script": {
200 | "id": "04a416c9-93bb-4f0b-b5ca-fbf2ee7c8310",
201 | "exec": [
202 | "var token = JSON.parse(responseBody);",
203 | "postman.setEnvironmentVariable(\"adminToken\", token.token);"
204 | ],
205 | "type": "text/javascript"
206 | }
207 | }
208 | ],
209 | "request": {
210 | "method": "POST",
211 | "header": [],
212 | "body": {
213 | "mode": "raw",
214 | "raw": "{\n\t\"username\": \"user2\",\n\t\"password\": \"abc123\"\n}",
215 | "options": {
216 | "raw": {
217 | "language": "json"
218 | }
219 | }
220 | },
221 | "url": {
222 | "raw": "http://{{host}}:{{port}}/users/authenticate",
223 | "protocol": "http",
224 | "host": [
225 | "{{host}}"
226 | ],
227 | "port": "{{port}}",
228 | "path": [
229 | "users",
230 | "authenticate"
231 | ]
232 | }
233 | },
234 | "response": []
235 | },
236 | {
237 | "name": "User Ping as Admin",
238 | "request": {
239 | "auth": {
240 | "type": "noauth"
241 | },
242 | "method": "GET",
243 | "header": [
244 | {
245 | "key": "Authorization",
246 | "value": "Bearer {{adminToken}}",
247 | "type": "text"
248 | }
249 | ],
250 | "url": {
251 | "raw": "http://{{host}}:{{port}}/users/userping",
252 | "protocol": "http",
253 | "host": [
254 | "{{host}}"
255 | ],
256 | "port": "{{port}}",
257 | "path": [
258 | "users",
259 | "userping"
260 | ]
261 | }
262 | },
263 | "response": []
264 | },
265 | {
266 | "name": "Admin Ping as Admin",
267 | "request": {
268 | "auth": {
269 | "type": "noauth"
270 | },
271 | "method": "GET",
272 | "header": [
273 | {
274 | "key": "Authorization",
275 | "value": "Bearer {{adminToken}}",
276 | "type": "text"
277 | }
278 | ],
279 | "url": {
280 | "raw": "http://{{host}}:{{port}}/users/adminping",
281 | "protocol": "http",
282 | "host": [
283 | "{{host}}"
284 | ],
285 | "port": "{{port}}",
286 | "path": [
287 | "users",
288 | "adminping"
289 | ]
290 | }
291 | },
292 | "response": []
293 | }
294 | ],
295 | "protocolProfileBehavior": {}
296 | }
297 | ],
298 | "protocolProfileBehavior": {}
299 | }
--------------------------------------------------------------------------------
/mvnw:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | # ----------------------------------------------------------------------------
3 | # Licensed to the Apache Software Foundation (ASF) under one
4 | # or more contributor license agreements. See the NOTICE file
5 | # distributed with this work for additional information
6 | # regarding copyright ownership. The ASF licenses this file
7 | # to you under the Apache License, Version 2.0 (the
8 | # "License"); you may not use this file except in compliance
9 | # with the License. You may obtain a copy of the License at
10 | #
11 | # https://www.apache.org/licenses/LICENSE-2.0
12 | #
13 | # Unless required by applicable law or agreed to in writing,
14 | # software distributed under the License is distributed on an
15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16 | # KIND, either express or implied. See the License for the
17 | # specific language governing permissions and limitations
18 | # under the License.
19 | # ----------------------------------------------------------------------------
20 |
21 | # ----------------------------------------------------------------------------
22 | # Maven Start Up Batch script
23 | #
24 | # Required ENV vars:
25 | # ------------------
26 | # JAVA_HOME - location of a JDK home dir
27 | #
28 | # Optional ENV vars
29 | # -----------------
30 | # M2_HOME - location of maven2's installed home dir
31 | # MAVEN_OPTS - parameters passed to the Java VM when running Maven
32 | # e.g. to debug Maven itself, use
33 | # set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
34 | # MAVEN_SKIP_RC - flag to disable loading of mavenrc files
35 | # ----------------------------------------------------------------------------
36 |
37 | if [ -z "$MAVEN_SKIP_RC" ] ; then
38 |
39 | if [ -f /etc/mavenrc ] ; then
40 | . /etc/mavenrc
41 | fi
42 |
43 | if [ -f "$HOME/.mavenrc" ] ; then
44 | . "$HOME/.mavenrc"
45 | fi
46 |
47 | fi
48 |
49 | # OS specific support. $var _must_ be set to either true or false.
50 | cygwin=false;
51 | darwin=false;
52 | mingw=false
53 | case "`uname`" in
54 | CYGWIN*) cygwin=true ;;
55 | MINGW*) mingw=true;;
56 | Darwin*) darwin=true
57 | # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home
58 | # See https://developer.apple.com/library/mac/qa/qa1170/_index.html
59 | if [ -z "$JAVA_HOME" ]; then
60 | if [ -x "/usr/libexec/java_home" ]; then
61 | export JAVA_HOME="`/usr/libexec/java_home`"
62 | else
63 | export JAVA_HOME="/Library/Java/Home"
64 | fi
65 | fi
66 | ;;
67 | esac
68 |
69 | if [ -z "$JAVA_HOME" ] ; then
70 | if [ -r /etc/gentoo-release ] ; then
71 | JAVA_HOME=`java-config --jre-home`
72 | fi
73 | fi
74 |
75 | if [ -z "$M2_HOME" ] ; then
76 | ## resolve links - $0 may be a link to maven's home
77 | PRG="$0"
78 |
79 | # need this for relative symlinks
80 | while [ -h "$PRG" ] ; do
81 | ls=`ls -ld "$PRG"`
82 | link=`expr "$ls" : '.*-> \(.*\)$'`
83 | if expr "$link" : '/.*' > /dev/null; then
84 | PRG="$link"
85 | else
86 | PRG="`dirname "$PRG"`/$link"
87 | fi
88 | done
89 |
90 | saveddir=`pwd`
91 |
92 | M2_HOME=`dirname "$PRG"`/..
93 |
94 | # make it fully qualified
95 | M2_HOME=`cd "$M2_HOME" && pwd`
96 |
97 | cd "$saveddir"
98 | # echo Using m2 at $M2_HOME
99 | fi
100 |
101 | # For Cygwin, ensure paths are in UNIX format before anything is touched
102 | if $cygwin ; then
103 | [ -n "$M2_HOME" ] &&
104 | M2_HOME=`cygpath --unix "$M2_HOME"`
105 | [ -n "$JAVA_HOME" ] &&
106 | JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
107 | [ -n "$CLASSPATH" ] &&
108 | CLASSPATH=`cygpath --path --unix "$CLASSPATH"`
109 | fi
110 |
111 | # For Mingw, ensure paths are in UNIX format before anything is touched
112 | if $mingw ; then
113 | [ -n "$M2_HOME" ] &&
114 | M2_HOME="`(cd "$M2_HOME"; pwd)`"
115 | [ -n "$JAVA_HOME" ] &&
116 | JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`"
117 | fi
118 |
119 | if [ -z "$JAVA_HOME" ]; then
120 | javaExecutable="`which javac`"
121 | if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then
122 | # readlink(1) is not available as standard on Solaris 10.
123 | readLink=`which readlink`
124 | if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then
125 | if $darwin ; then
126 | javaHome="`dirname \"$javaExecutable\"`"
127 | javaExecutable="`cd \"$javaHome\" && pwd -P`/javac"
128 | else
129 | javaExecutable="`readlink -f \"$javaExecutable\"`"
130 | fi
131 | javaHome="`dirname \"$javaExecutable\"`"
132 | javaHome=`expr "$javaHome" : '\(.*\)/bin'`
133 | JAVA_HOME="$javaHome"
134 | export JAVA_HOME
135 | fi
136 | fi
137 | fi
138 |
139 | if [ -z "$JAVACMD" ] ; then
140 | if [ -n "$JAVA_HOME" ] ; then
141 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
142 | # IBM's JDK on AIX uses strange locations for the executables
143 | JAVACMD="$JAVA_HOME/jre/sh/java"
144 | else
145 | JAVACMD="$JAVA_HOME/bin/java"
146 | fi
147 | else
148 | JAVACMD="`which java`"
149 | fi
150 | fi
151 |
152 | if [ ! -x "$JAVACMD" ] ; then
153 | echo "Error: JAVA_HOME is not defined correctly." >&2
154 | echo " We cannot execute $JAVACMD" >&2
155 | exit 1
156 | fi
157 |
158 | if [ -z "$JAVA_HOME" ] ; then
159 | echo "Warning: JAVA_HOME environment variable is not set."
160 | fi
161 |
162 | CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher
163 |
164 | # traverses directory structure from process work directory to filesystem root
165 | # first directory with .mvn subdirectory is considered project base directory
166 | find_maven_basedir() {
167 |
168 | if [ -z "$1" ]
169 | then
170 | echo "Path not specified to find_maven_basedir"
171 | return 1
172 | fi
173 |
174 | basedir="$1"
175 | wdir="$1"
176 | while [ "$wdir" != '/' ] ; do
177 | if [ -d "$wdir"/.mvn ] ; then
178 | basedir=$wdir
179 | break
180 | fi
181 | # workaround for JBEAP-8937 (on Solaris 10/Sparc)
182 | if [ -d "${wdir}" ]; then
183 | wdir=`cd "$wdir/.."; pwd`
184 | fi
185 | # end of workaround
186 | done
187 | echo "${basedir}"
188 | }
189 |
190 | # concatenates all lines of a file
191 | concat_lines() {
192 | if [ -f "$1" ]; then
193 | echo "$(tr -s '\n' ' ' < "$1")"
194 | fi
195 | }
196 |
197 | BASE_DIR=`find_maven_basedir "$(pwd)"`
198 | if [ -z "$BASE_DIR" ]; then
199 | exit 1;
200 | fi
201 |
202 | ##########################################################################################
203 | # Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
204 | # This allows using the maven wrapper in projects that prohibit checking in binary data.
205 | ##########################################################################################
206 | if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then
207 | if [ "$MVNW_VERBOSE" = true ]; then
208 | echo "Found .mvn/wrapper/maven-wrapper.jar"
209 | fi
210 | else
211 | if [ "$MVNW_VERBOSE" = true ]; then
212 | echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..."
213 | fi
214 | if [ -n "$MVNW_REPOURL" ]; then
215 | jarUrl="$MVNW_REPOURL/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar"
216 | else
217 | jarUrl="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar"
218 | fi
219 | while IFS="=" read key value; do
220 | case "$key" in (wrapperUrl) jarUrl="$value"; break ;;
221 | esac
222 | done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties"
223 | if [ "$MVNW_VERBOSE" = true ]; then
224 | echo "Downloading from: $jarUrl"
225 | fi
226 | wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar"
227 | if $cygwin; then
228 | wrapperJarPath=`cygpath --path --windows "$wrapperJarPath"`
229 | fi
230 |
231 | if command -v wget > /dev/null; then
232 | if [ "$MVNW_VERBOSE" = true ]; then
233 | echo "Found wget ... using wget"
234 | fi
235 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
236 | wget "$jarUrl" -O "$wrapperJarPath"
237 | else
238 | wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath"
239 | fi
240 | elif command -v curl > /dev/null; then
241 | if [ "$MVNW_VERBOSE" = true ]; then
242 | echo "Found curl ... using curl"
243 | fi
244 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
245 | curl -o "$wrapperJarPath" "$jarUrl" -f
246 | else
247 | curl --user $MVNW_USERNAME:$MVNW_PASSWORD -o "$wrapperJarPath" "$jarUrl" -f
248 | fi
249 |
250 | else
251 | if [ "$MVNW_VERBOSE" = true ]; then
252 | echo "Falling back to using Java to download"
253 | fi
254 | javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java"
255 | # For Cygwin, switch paths to Windows format before running javac
256 | if $cygwin; then
257 | javaClass=`cygpath --path --windows "$javaClass"`
258 | fi
259 | if [ -e "$javaClass" ]; then
260 | if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then
261 | if [ "$MVNW_VERBOSE" = true ]; then
262 | echo " - Compiling MavenWrapperDownloader.java ..."
263 | fi
264 | # Compiling the Java class
265 | ("$JAVA_HOME/bin/javac" "$javaClass")
266 | fi
267 | if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then
268 | # Running the downloader
269 | if [ "$MVNW_VERBOSE" = true ]; then
270 | echo " - Running MavenWrapperDownloader.java ..."
271 | fi
272 | ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR")
273 | fi
274 | fi
275 | fi
276 | fi
277 | ##########################################################################################
278 | # End of extension
279 | ##########################################################################################
280 |
281 | export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"}
282 | if [ "$MVNW_VERBOSE" = true ]; then
283 | echo $MAVEN_PROJECTBASEDIR
284 | fi
285 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS"
286 |
287 | # For Cygwin, switch paths to Windows format before running java
288 | if $cygwin; then
289 | [ -n "$M2_HOME" ] &&
290 | M2_HOME=`cygpath --path --windows "$M2_HOME"`
291 | [ -n "$JAVA_HOME" ] &&
292 | JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"`
293 | [ -n "$CLASSPATH" ] &&
294 | CLASSPATH=`cygpath --path --windows "$CLASSPATH"`
295 | [ -n "$MAVEN_PROJECTBASEDIR" ] &&
296 | MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"`
297 | fi
298 |
299 | # Provide a "standardized" way to retrieve the CLI args that will
300 | # work with both Windows and non-Windows executions.
301 | MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $@"
302 | export MAVEN_CMD_LINE_ARGS
303 |
304 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
305 |
306 | exec "$JAVACMD" \
307 | $MAVEN_OPTS \
308 | -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \
309 | "-Dmaven.home=${M2_HOME}" "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \
310 | ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@"
311 |
--------------------------------------------------------------------------------
/mvnw.cmd:
--------------------------------------------------------------------------------
1 | @REM ----------------------------------------------------------------------------
2 | @REM Licensed to the Apache Software Foundation (ASF) under one
3 | @REM or more contributor license agreements. See the NOTICE file
4 | @REM distributed with this work for additional information
5 | @REM regarding copyright ownership. The ASF licenses this file
6 | @REM to you under the Apache License, Version 2.0 (the
7 | @REM "License"); you may not use this file except in compliance
8 | @REM with the License. You may obtain a copy of the License at
9 | @REM
10 | @REM https://www.apache.org/licenses/LICENSE-2.0
11 | @REM
12 | @REM Unless required by applicable law or agreed to in writing,
13 | @REM software distributed under the License is distributed on an
14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 | @REM KIND, either express or implied. See the License for the
16 | @REM specific language governing permissions and limitations
17 | @REM under the License.
18 | @REM ----------------------------------------------------------------------------
19 |
20 | @REM ----------------------------------------------------------------------------
21 | @REM Maven Start Up Batch script
22 | @REM
23 | @REM Required ENV vars:
24 | @REM JAVA_HOME - location of a JDK home dir
25 | @REM
26 | @REM Optional ENV vars
27 | @REM M2_HOME - location of maven2's installed home dir
28 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands
29 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending
30 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven
31 | @REM e.g. to debug Maven itself, use
32 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
33 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files
34 | @REM ----------------------------------------------------------------------------
35 |
36 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on'
37 | @echo off
38 | @REM set title of command window
39 | title %0
40 | @REM enable echoing by setting MAVEN_BATCH_ECHO to 'on'
41 | @if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO%
42 |
43 | @REM set %HOME% to equivalent of $HOME
44 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%")
45 |
46 | @REM Execute a user defined script before this one
47 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre
48 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending
49 | if exist "%HOME%\mavenrc_pre.bat" call "%HOME%\mavenrc_pre.bat"
50 | if exist "%HOME%\mavenrc_pre.cmd" call "%HOME%\mavenrc_pre.cmd"
51 | :skipRcPre
52 |
53 | @setlocal
54 |
55 | set ERROR_CODE=0
56 |
57 | @REM To isolate internal variables from possible post scripts, we use another setlocal
58 | @setlocal
59 |
60 | @REM ==== START VALIDATION ====
61 | if not "%JAVA_HOME%" == "" goto OkJHome
62 |
63 | echo.
64 | echo Error: JAVA_HOME not found in your environment. >&2
65 | echo Please set the JAVA_HOME variable in your environment to match the >&2
66 | echo location of your Java installation. >&2
67 | echo.
68 | goto error
69 |
70 | :OkJHome
71 | if exist "%JAVA_HOME%\bin\java.exe" goto init
72 |
73 | echo.
74 | echo Error: JAVA_HOME is set to an invalid directory. >&2
75 | echo JAVA_HOME = "%JAVA_HOME%" >&2
76 | echo Please set the JAVA_HOME variable in your environment to match the >&2
77 | echo location of your Java installation. >&2
78 | echo.
79 | goto error
80 |
81 | @REM ==== END VALIDATION ====
82 |
83 | :init
84 |
85 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn".
86 | @REM Fallback to current working directory if not found.
87 |
88 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR%
89 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir
90 |
91 | set EXEC_DIR=%CD%
92 | set WDIR=%EXEC_DIR%
93 | :findBaseDir
94 | IF EXIST "%WDIR%"\.mvn goto baseDirFound
95 | cd ..
96 | IF "%WDIR%"=="%CD%" goto baseDirNotFound
97 | set WDIR=%CD%
98 | goto findBaseDir
99 |
100 | :baseDirFound
101 | set MAVEN_PROJECTBASEDIR=%WDIR%
102 | cd "%EXEC_DIR%"
103 | goto endDetectBaseDir
104 |
105 | :baseDirNotFound
106 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR%
107 | cd "%EXEC_DIR%"
108 |
109 | :endDetectBaseDir
110 |
111 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig
112 |
113 | @setlocal EnableExtensions EnableDelayedExpansion
114 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a
115 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS%
116 |
117 | :endReadAdditionalConfig
118 |
119 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
120 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
121 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
122 |
123 | set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar"
124 |
125 | FOR /F "tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
126 | IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B
127 | )
128 |
129 | @REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
130 | @REM This allows using the maven wrapper in projects that prohibit checking in binary data.
131 | if exist %WRAPPER_JAR% (
132 | if "%MVNW_VERBOSE%" == "true" (
133 | echo Found %WRAPPER_JAR%
134 | )
135 | ) else (
136 | if not "%MVNW_REPOURL%" == "" (
137 | SET DOWNLOAD_URL="%MVNW_REPOURL%/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar"
138 | )
139 | if "%MVNW_VERBOSE%" == "true" (
140 | echo Couldn't find %WRAPPER_JAR%, downloading it ...
141 | echo Downloading from: %DOWNLOAD_URL%
142 | )
143 |
144 | powershell -Command "&{"^
145 | "$webclient = new-object System.Net.WebClient;"^
146 | "if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^
147 | "$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^
148 | "}"^
149 | "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^
150 | "}"
151 | if "%MVNW_VERBOSE%" == "true" (
152 | echo Finished downloading %WRAPPER_JAR%
153 | )
154 | )
155 | @REM End of extension
156 |
157 | @REM Provide a "standardized" way to retrieve the CLI args that will
158 | @REM work with both Windows and non-Windows executions.
159 | set MAVEN_CMD_LINE_ARGS=%*
160 |
161 | %MAVEN_JAVA_EXE% %JVM_CONFIG_MAVEN_PROPS% %MAVEN_OPTS% %MAVEN_DEBUG_OPTS% -classpath %WRAPPER_JAR% "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
162 | if ERRORLEVEL 1 goto error
163 | goto end
164 |
165 | :error
166 | set ERROR_CODE=1
167 |
168 | :end
169 | @endlocal & set ERROR_CODE=%ERROR_CODE%
170 |
171 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPost
172 | @REM check for post script, once with legacy .bat ending and once with .cmd ending
173 | if exist "%HOME%\mavenrc_post.bat" call "%HOME%\mavenrc_post.bat"
174 | if exist "%HOME%\mavenrc_post.cmd" call "%HOME%\mavenrc_post.cmd"
175 | :skipRcPost
176 |
177 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on'
178 | if "%MAVEN_BATCH_PAUSE%" == "on" pause
179 |
180 | if "%MAVEN_TERMINATE_CMD%" == "on" exit %ERROR_CODE%
181 |
182 | exit /B %ERROR_CODE%
183 |
--------------------------------------------------------------------------------
/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.springframework.boot
7 | spring-boot-starter-parent
8 | 2.3.1.RELEASE
9 |
10 |
11 | com.akhianand
12 | spring-role-jwt
13 | 0.0.1-SNAPSHOT
14 | spring-role-jwt
15 | A Spring Boot Project User Management Project with JWT and Role based API Access
16 |
17 |
18 | 1.8
19 |
20 |
21 |
22 | org.springframework.boot
23 | spring-boot-starter-data-jpa
24 |
25 |
26 | org.springframework.boot
27 | spring-boot-starter-security
28 |
29 |
30 | org.springframework.boot
31 | spring-boot-starter-web
32 |
33 |
34 |
35 | mysql
36 | mysql-connector-java
37 | runtime
38 |
39 |
40 | org.springframework.boot
41 | spring-boot-starter-test
42 | test
43 |
44 |
45 | org.junit.vintage
46 | junit-vintage-engine
47 |
48 |
49 |
50 |
51 | io.jsonwebtoken
52 | jjwt
53 | 0.9.1
54 |
55 |
56 | org.springframework.security
57 | spring-security-test
58 | test
59 |
60 |
61 |
62 |
63 |
64 |
65 | org.springframework.boot
66 | spring-boot-maven-plugin
67 |
68 |
69 |
70 |
71 |
72 |
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/SpringRoleJwtApplication.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 |
6 | @SpringBootApplication
7 | public class SpringRoleJwtApplication {
8 |
9 | public static void main(String[] args) {
10 | SpringApplication.run(SpringRoleJwtApplication.class, args);
11 | }
12 |
13 | }
14 |
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/config/CORSFilter.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.config;
2 |
3 | import javax.servlet.*;
4 | import javax.servlet.http.HttpServletResponse;
5 | import java.io.IOException;
6 |
7 |
8 | public class CORSFilter implements Filter {
9 |
10 | public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
11 | HttpServletResponse response = (HttpServletResponse) res;
12 | response.setHeader("Access-Control-Allow-Origin", "*");
13 | response.setHeader("Access-Control-Allow-Credentials", "true");
14 | response.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE");
15 | response.setHeader("Access-Control-Max-Age", "3600");
16 | response.setHeader("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, Authorization, Origin, Accept, Access-Control-Request-Method, Access-Control-Request-Headers");
17 | chain.doFilter(req, res);
18 | }
19 |
20 | public void init(FilterConfig filterConfig) {}
21 |
22 | public void destroy() {}
23 |
24 | }
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/config/JwtAuthenticationFilter.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.config;
2 |
3 | import io.jsonwebtoken.ExpiredJwtException;
4 | import io.jsonwebtoken.SignatureException;
5 | import org.springframework.beans.factory.annotation.Autowired;
6 | import org.springframework.beans.factory.annotation.Value;
7 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
8 | import org.springframework.security.core.context.SecurityContextHolder;
9 | import org.springframework.security.core.userdetails.UserDetails;
10 | import org.springframework.security.core.userdetails.UserDetailsService;
11 | import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
12 | import org.springframework.web.filter.OncePerRequestFilter;
13 |
14 | import javax.annotation.Resource;
15 | import javax.servlet.FilterChain;
16 | import javax.servlet.ServletException;
17 | import javax.servlet.http.HttpServletRequest;
18 | import javax.servlet.http.HttpServletResponse;
19 | import java.io.IOException;
20 |
21 | public class JwtAuthenticationFilter extends OncePerRequestFilter {
22 |
23 | @Value("${jwt.header.string}")
24 | public String HEADER_STRING;
25 |
26 | @Value("${jwt.token.prefix}")
27 | public String TOKEN_PREFIX;
28 |
29 | @Resource(name = "userService")
30 | private UserDetailsService userDetailsService;
31 |
32 | @Autowired
33 | private TokenProvider jwtTokenUtil;
34 |
35 | @Override
36 | protected void doFilterInternal(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException {
37 | String header = req.getHeader(HEADER_STRING);
38 | String username = null;
39 | String authToken = null;
40 | if (header != null && header.startsWith(TOKEN_PREFIX)) {
41 | authToken = header.replace(TOKEN_PREFIX,"");
42 | try {
43 | username = jwtTokenUtil.getUsernameFromToken(authToken);
44 | } catch (IllegalArgumentException e) {
45 | logger.error("An error occurred while fetching Username from Token", e);
46 | } catch (ExpiredJwtException e) {
47 | logger.warn("The token has expired", e);
48 | } catch(SignatureException e){
49 | logger.error("Authentication Failed. Username or Password not valid.");
50 | }
51 | } else {
52 | logger.warn("Couldn't find bearer string, header will be ignored");
53 | }
54 | if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
55 |
56 | UserDetails userDetails = userDetailsService.loadUserByUsername(username);
57 |
58 | if (jwtTokenUtil.validateToken(authToken, userDetails)) {
59 | UsernamePasswordAuthenticationToken authentication = jwtTokenUtil.getAuthenticationToken(authToken, SecurityContextHolder.getContext().getAuthentication(), userDetails);
60 | authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(req));
61 | logger.info("authenticated user " + username + ", setting security context");
62 | SecurityContextHolder.getContext().setAuthentication(authentication);
63 | }
64 | }
65 |
66 | chain.doFilter(req, res);
67 | }
68 | }
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/config/TokenProvider.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.config;
2 |
3 | import io.jsonwebtoken.*;
4 | import org.springframework.beans.factory.annotation.Value;
5 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
6 | import org.springframework.security.core.Authentication;
7 | import org.springframework.security.core.GrantedAuthority;
8 | import org.springframework.security.core.authority.SimpleGrantedAuthority;
9 | import org.springframework.security.core.userdetails.UserDetails;
10 | import org.springframework.stereotype.Component;
11 |
12 | import java.io.Serializable;
13 | import java.util.Arrays;
14 | import java.util.Collection;
15 | import java.util.Date;
16 | import java.util.function.Function;
17 | import java.util.stream.Collectors;
18 |
19 | @Component
20 | public class TokenProvider implements Serializable {
21 |
22 | @Value("${jwt.token.validity}")
23 | public long TOKEN_VALIDITY;
24 |
25 | @Value("${jwt.signing.key}")
26 | public String SIGNING_KEY;
27 |
28 | @Value("${jwt.authorities.key}")
29 | public String AUTHORITIES_KEY;
30 |
31 | public String getUsernameFromToken(String token) {
32 | return getClaimFromToken(token, Claims::getSubject);
33 | }
34 |
35 | public Date getExpirationDateFromToken(String token) {
36 | return getClaimFromToken(token, Claims::getExpiration);
37 | }
38 |
39 | public T getClaimFromToken(String token, Function claimsResolver) {
40 | final Claims claims = getAllClaimsFromToken(token);
41 | return claimsResolver.apply(claims);
42 | }
43 |
44 | private Claims getAllClaimsFromToken(String token) {
45 | return Jwts.parser()
46 | .setSigningKey(SIGNING_KEY)
47 | .parseClaimsJws(token)
48 | .getBody();
49 | }
50 |
51 | private Boolean isTokenExpired(String token) {
52 | final Date expiration = getExpirationDateFromToken(token);
53 | return expiration.before(new Date());
54 | }
55 |
56 | public String generateToken(Authentication authentication) {
57 | String authorities = authentication.getAuthorities().stream()
58 | .map(GrantedAuthority::getAuthority)
59 | .collect(Collectors.joining(","));
60 |
61 | return Jwts.builder()
62 | .setSubject(authentication.getName())
63 | .claim(AUTHORITIES_KEY, authorities)
64 | .setIssuedAt(new Date(System.currentTimeMillis()))
65 | .setExpiration(new Date(System.currentTimeMillis() + TOKEN_VALIDITY*1000))
66 | .signWith(SignatureAlgorithm.HS256, SIGNING_KEY)
67 | .compact();
68 | }
69 |
70 | public Boolean validateToken(String token, UserDetails userDetails) {
71 | final String username = getUsernameFromToken(token);
72 | return (username.equals(userDetails.getUsername()) && !isTokenExpired(token));
73 | }
74 |
75 | UsernamePasswordAuthenticationToken getAuthenticationToken(final String token, final Authentication existingAuth, final UserDetails userDetails) {
76 |
77 | final JwtParser jwtParser = Jwts.parser().setSigningKey(SIGNING_KEY);
78 |
79 | final Jws claimsJws = jwtParser.parseClaimsJws(token);
80 |
81 | final Claims claims = claimsJws.getBody();
82 |
83 | final Collection authorities =
84 | Arrays.stream(claims.get(AUTHORITIES_KEY).toString().split(","))
85 | .map(SimpleGrantedAuthority::new)
86 | .collect(Collectors.toList());
87 |
88 | return new UsernamePasswordAuthenticationToken(userDetails, "", authorities);
89 | }
90 |
91 | }
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/config/UnauthorizedEntryPoint.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.config;
2 |
3 | import org.springframework.security.core.AuthenticationException;
4 | import org.springframework.security.web.AuthenticationEntryPoint;
5 | import org.springframework.stereotype.Component;
6 |
7 | import javax.servlet.http.HttpServletRequest;
8 | import javax.servlet.http.HttpServletResponse;
9 | import java.io.IOException;
10 | import java.io.Serializable;
11 |
12 |
13 | @Component
14 | public class UnauthorizedEntryPoint implements AuthenticationEntryPoint, Serializable {
15 |
16 | @Override
17 | public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException {
18 | response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
19 | }
20 |
21 | }
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/config/WebSecurityConfig.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.config;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.context.annotation.Bean;
5 | import org.springframework.context.annotation.Configuration;
6 | import org.springframework.security.authentication.AuthenticationManager;
7 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
8 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
9 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
10 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
11 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
12 | import org.springframework.security.config.http.SessionCreationPolicy;
13 | import org.springframework.security.core.userdetails.UserDetailsService;
14 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
15 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
16 |
17 | import javax.annotation.Resource;
18 |
19 |
20 | @Configuration
21 | @EnableWebSecurity
22 | @EnableGlobalMethodSecurity(prePostEnabled = true)
23 | public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
24 |
25 | @Resource(name = "userService")
26 | private UserDetailsService userDetailsService;
27 |
28 | @Autowired
29 | private UnauthorizedEntryPoint unauthorizedEntryPoint;
30 |
31 | @Override
32 | public void configure(AuthenticationManagerBuilder auth) throws Exception {
33 | auth.userDetailsService(userDetailsService).passwordEncoder(encoder());
34 | }
35 |
36 | @Override
37 | protected void configure(HttpSecurity http) throws Exception {
38 | http.cors().and().csrf().disable()
39 | .authorizeRequests()
40 | .antMatchers("/users/authenticate", "/users/register").permitAll()
41 | .anyRequest().authenticated()
42 | .and()
43 | .exceptionHandling().authenticationEntryPoint(unauthorizedEntryPoint).and()
44 | .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
45 |
46 | http.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
47 | }
48 |
49 | @Bean
50 | public BCryptPasswordEncoder encoder(){
51 | return new BCryptPasswordEncoder();
52 | }
53 |
54 | @Override
55 | @Bean
56 | public AuthenticationManager authenticationManagerBean() throws Exception {
57 | return super.authenticationManagerBean();
58 | }
59 |
60 | @Bean
61 | public JwtAuthenticationFilter authenticationTokenFilterBean() throws Exception {
62 | return new JwtAuthenticationFilter();
63 | }
64 |
65 | }
66 |
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/controller/UserController.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.controller;
2 |
3 | import com.akhianand.springrolejwt.config.TokenProvider;
4 | import com.akhianand.springrolejwt.model.AuthToken;
5 | import com.akhianand.springrolejwt.model.LoginUser;
6 | import com.akhianand.springrolejwt.model.User;
7 | import com.akhianand.springrolejwt.model.UserDto;
8 | import com.akhianand.springrolejwt.service.UserService;
9 | import org.springframework.beans.factory.annotation.Autowired;
10 | import org.springframework.http.ResponseEntity;
11 | import org.springframework.security.access.prepost.PreAuthorize;
12 | import org.springframework.security.authentication.AuthenticationManager;
13 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
14 | import org.springframework.security.core.Authentication;
15 | import org.springframework.security.core.AuthenticationException;
16 | import org.springframework.security.core.context.SecurityContextHolder;
17 | import org.springframework.web.bind.annotation.*;
18 |
19 | import java.util.List;
20 |
21 | @CrossOrigin(origins = "*", maxAge = 3600)
22 | @RestController
23 | @RequestMapping("/users")
24 | public class UserController {
25 |
26 | @Autowired
27 | private AuthenticationManager authenticationManager;
28 |
29 | @Autowired
30 | private TokenProvider jwtTokenUtil;
31 |
32 | @Autowired
33 | private UserService userService;
34 |
35 | @RequestMapping(value = "/authenticate", method = RequestMethod.POST)
36 | public ResponseEntity generateToken(@RequestBody LoginUser loginUser) throws AuthenticationException {
37 |
38 | final Authentication authentication = authenticationManager.authenticate(
39 | new UsernamePasswordAuthenticationToken(
40 | loginUser.getUsername(),
41 | loginUser.getPassword()
42 | )
43 | );
44 | SecurityContextHolder.getContext().setAuthentication(authentication);
45 | final String token = jwtTokenUtil.generateToken(authentication);
46 | return ResponseEntity.ok(new AuthToken(token));
47 | }
48 |
49 | @RequestMapping(value="/register", method = RequestMethod.POST)
50 | public User saveUser(@RequestBody UserDto user){
51 | return userService.save(user);
52 | }
53 |
54 |
55 |
56 | @PreAuthorize("hasRole('ADMIN')")
57 | @RequestMapping(value="/adminping", method = RequestMethod.GET)
58 | public String adminPing(){
59 | return "Only Admins Can Read This";
60 | }
61 |
62 | @PreAuthorize("hasRole('USER')")
63 | @RequestMapping(value="/userping", method = RequestMethod.GET)
64 | public String userPing(){
65 | return "Any User Can Read This";
66 | }
67 |
68 | }
69 |
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/dao/RoleDao.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.dao;
2 |
3 | import com.akhianand.springrolejwt.model.Role;
4 | import org.springframework.data.repository.CrudRepository;
5 | import org.springframework.stereotype.Repository;
6 |
7 | @Repository
8 | public interface RoleDao extends CrudRepository {
9 | Role findRoleByName(String name);
10 | }
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/dao/UserDao.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.dao;
2 |
3 | import com.akhianand.springrolejwt.model.User;
4 | import org.springframework.data.repository.CrudRepository;
5 | import org.springframework.stereotype.Repository;
6 |
7 | @Repository
8 | public interface UserDao extends CrudRepository {
9 | User findByUsername(String username);
10 | }
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/model/AuthToken.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.model;
2 |
3 | public class AuthToken {
4 |
5 | private String token;
6 |
7 | public AuthToken(){
8 |
9 | }
10 |
11 | public AuthToken(String token){
12 | this.token = token;
13 | }
14 |
15 | public String getToken() {
16 | return token;
17 | }
18 |
19 | public void setToken(String token) {
20 | this.token = token;
21 | }
22 |
23 | }
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/model/LoginUser.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.model;
2 |
3 | public class LoginUser {
4 |
5 | private String username;
6 | private String password;
7 |
8 | public String getUsername() {
9 | return username;
10 | }
11 |
12 | public void setUsername(String username) {
13 | this.username = username;
14 | }
15 |
16 | public String getPassword() {
17 | return password;
18 | }
19 |
20 | public void setPassword(String password) {
21 | this.password = password;
22 | }
23 | }
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/model/Role.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.model;
2 |
3 | import javax.persistence.*;
4 |
5 | @Entity
6 | public class Role {
7 |
8 | @Id
9 | @GeneratedValue(strategy= GenerationType.IDENTITY)
10 | private long id;
11 |
12 | @Column
13 | private String name;
14 |
15 | @Column
16 | private String description;
17 |
18 | public long getId() {
19 | return id;
20 | }
21 |
22 | public void setId(long id) {
23 | this.id = id;
24 | }
25 |
26 | public String getName() {
27 | return name;
28 | }
29 |
30 | public void setName(String name) {
31 | this.name = name;
32 | }
33 |
34 | public String getDescription() {
35 | return description;
36 | }
37 |
38 | public void setDescription(String description) {
39 | this.description = description;
40 | }
41 | }
42 |
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/model/User.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.model;
2 |
3 | import com.fasterxml.jackson.annotation.JsonIgnore;
4 | import javax.persistence.*;
5 | import java.util.Set;
6 |
7 | @Entity
8 | public class User {
9 |
10 | @Id
11 | @GeneratedValue(strategy= GenerationType.IDENTITY)
12 | private long id;
13 |
14 | @Column
15 | private String username;
16 |
17 | @Column
18 | @JsonIgnore
19 | private String password;
20 |
21 | @Column
22 | private String email;
23 |
24 | @Column
25 | private String phone;
26 |
27 | @Column
28 | private String name;
29 |
30 | @Column
31 | private String businessTitle;
32 |
33 | @ManyToMany(fetch = FetchType.EAGER, cascade = CascadeType.ALL)
34 | @JoinTable(name = "USER_ROLES",
35 | joinColumns = {
36 | @JoinColumn(name = "USER_ID")
37 | },
38 | inverseJoinColumns = {
39 | @JoinColumn(name = "ROLE_ID") })
40 | private Set roles;
41 |
42 | public long getId() {
43 | return id;
44 | }
45 |
46 | public void setId(long id) {
47 | this.id = id;
48 | }
49 |
50 | public String getUsername() {
51 | return username;
52 | }
53 |
54 | public void setUsername(String username) {
55 | this.username = username;
56 | }
57 |
58 | public String getPassword() {
59 | return password;
60 | }
61 |
62 | public void setPassword(String password) {
63 | this.password = password;
64 | }
65 |
66 | public String getEmail() {
67 | return email;
68 | }
69 |
70 | public void setEmail(String email) {
71 | this.email = email;
72 | }
73 |
74 | public String getPhone() {
75 | return phone;
76 | }
77 |
78 | public void setPhone(String phone) {
79 | this.phone = phone;
80 | }
81 |
82 | public String getName() {
83 | return name;
84 | }
85 |
86 | public void setName(String name) {
87 | this.name = name;
88 | }
89 |
90 | public String getBusinessTitle() {
91 | return businessTitle;
92 | }
93 |
94 | public void setBusinessTitle(String businessTitle) {
95 | this.businessTitle = businessTitle;
96 | }
97 |
98 | public Set getRoles() {
99 | return roles;
100 | }
101 |
102 | public void setRoles(Set roles) {
103 | this.roles = roles;
104 | }
105 | }
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/model/UserDto.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.model;
2 |
3 | public class UserDto {
4 |
5 | private String username;
6 | private String password;
7 | private String email;
8 | private String phone;
9 | private String name;
10 | private String businessTitle;
11 |
12 |
13 | public String getUsername() {
14 | return username;
15 | }
16 |
17 | public void setUsername(String username) {
18 | this.username = username;
19 | }
20 |
21 | public String getPassword() {
22 | return password;
23 | }
24 |
25 | public void setPassword(String password) {
26 | this.password = password;
27 | }
28 |
29 | public String getEmail() {
30 | return email;
31 | }
32 |
33 | public void setEmail(String email) {
34 | this.email = email;
35 | }
36 |
37 | public String getPhone() {
38 | return phone;
39 | }
40 |
41 | public void setPhone(String phone) {
42 | this.phone = phone;
43 | }
44 |
45 | public String getName() {
46 | return name;
47 | }
48 |
49 | public void setName(String name) {
50 | this.name = name;
51 | }
52 |
53 | public String getBusinessTitle() {
54 | return businessTitle;
55 | }
56 |
57 | public void setBusinessTitle(String businessTitle) {
58 | this.businessTitle = businessTitle;
59 | }
60 |
61 | public User getUserFromDto(){
62 | User user = new User();
63 | user.setUsername(username);
64 | user.setPassword(password);
65 | user.setEmail(email);
66 | user.setPhone(phone);
67 | user.setName(name);
68 | user.setBusinessTitle(businessTitle);
69 |
70 | return user;
71 | }
72 |
73 | }
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/service/RoleService.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.service;
2 |
3 | import com.akhianand.springrolejwt.model.Role;
4 |
5 | public interface RoleService {
6 | Role findByName(String name);
7 | }
8 |
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/service/UserService.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.service;
2 |
3 | import com.akhianand.springrolejwt.model.User;
4 | import com.akhianand.springrolejwt.model.UserDto;
5 |
6 | import java.util.List;
7 |
8 | public interface UserService {
9 | User save(UserDto user);
10 | List findAll();
11 | User findOne(String username);
12 | }
13 |
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/service/impl/RoleServiceImpl.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.service.impl;
2 |
3 | import com.akhianand.springrolejwt.dao.RoleDao;
4 | import com.akhianand.springrolejwt.model.Role;
5 | import com.akhianand.springrolejwt.service.RoleService;
6 | import org.springframework.beans.factory.annotation.Autowired;
7 | import org.springframework.stereotype.Service;
8 |
9 | @Service(value = "roleService")
10 | public class RoleServiceImpl implements RoleService {
11 |
12 | @Autowired
13 | private RoleDao roleDao;
14 |
15 | @Override
16 | public Role findByName(String name) {
17 | Role role = roleDao.findRoleByName(name);
18 | return role;
19 | }
20 | }
21 |
--------------------------------------------------------------------------------
/src/main/java/com/akhianand/springrolejwt/service/impl/UserServiceImpl.java:
--------------------------------------------------------------------------------
1 | package com.akhianand.springrolejwt.service.impl;
2 |
3 | import java.util.ArrayList;
4 | import java.util.HashSet;
5 | import java.util.List;
6 | import java.util.Set;
7 | import com.akhianand.springrolejwt.dao.UserDao;
8 | import com.akhianand.springrolejwt.model.Role;
9 | import com.akhianand.springrolejwt.model.User;
10 | import com.akhianand.springrolejwt.model.UserDto;
11 | import com.akhianand.springrolejwt.service.RoleService;
12 | import com.akhianand.springrolejwt.service.UserService;
13 | import org.springframework.beans.factory.annotation.Autowired;
14 | import org.springframework.security.core.authority.SimpleGrantedAuthority;
15 | import org.springframework.security.core.userdetails.UserDetails;
16 | import org.springframework.security.core.userdetails.UserDetailsService;
17 | import org.springframework.security.core.userdetails.UsernameNotFoundException;
18 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
19 | import org.springframework.stereotype.Service;
20 |
21 | @Service(value = "userService")
22 | public class UserServiceImpl implements UserDetailsService, UserService {
23 |
24 | @Autowired
25 | private RoleService roleService;
26 |
27 | @Autowired
28 | private UserDao userDao;
29 |
30 | @Autowired
31 | private BCryptPasswordEncoder bcryptEncoder;
32 |
33 | public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
34 | User user = userDao.findByUsername(username);
35 | if(user == null){
36 | throw new UsernameNotFoundException("Invalid username or password.");
37 | }
38 | return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), getAuthority(user));
39 | }
40 |
41 | private Set getAuthority(User user) {
42 | Set authorities = new HashSet<>();
43 | user.getRoles().forEach(role -> {
44 | authorities.add(new SimpleGrantedAuthority("ROLE_" + role.getName()));
45 | });
46 | return authorities;
47 | }
48 |
49 | public List findAll() {
50 | List list = new ArrayList<>();
51 | userDao.findAll().iterator().forEachRemaining(list::add);
52 | return list;
53 | }
54 |
55 | @Override
56 | public User findOne(String username) {
57 | return userDao.findByUsername(username);
58 | }
59 |
60 | @Override
61 | public User save(UserDto user) {
62 |
63 | User nUser = user.getUserFromDto();
64 | nUser.setPassword(bcryptEncoder.encode(user.getPassword()));
65 |
66 | Role role = roleService.findByName("USER");
67 | Set roleSet = new HashSet<>();
68 | roleSet.add(role);
69 |
70 | if(nUser.getEmail().split("@")[1].equals("admin.edu")){
71 | role = roleService.findByName("ADMIN");
72 | roleSet.add(role);
73 | }
74 |
75 | nUser.setRoles(roleSet);
76 | return userDao.save(nUser);
77 | }
78 | }
79 |
--------------------------------------------------------------------------------
/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | jwt.token.validity=18000
2 | jwt.signing.key=signingkey
3 | jwt.authorities.key=roles
4 | jwt.token.prefix=Bearer
5 | jwt.header.string=Authorization
6 |
7 | spring.datasource.url=jdbc:mysql://localhost:3306/springsecurity
8 | spring.datasource.username=root
9 | spring.datasource.password=password
10 | spring.jpa.show-sql=true
11 | spring.jpa.hibernate.ddl-auto=create-drop
12 | spring.user.datasource.driver-class-name=com.mysql.jdbc.Driver
13 | spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL5Dialect
14 | server.port=8080
15 |
16 |
17 |
--------------------------------------------------------------------------------
/src/main/resources/query.sql:
--------------------------------------------------------------------------------
1 | drop table if exists role;
2 | drop table if exists user;
3 | drop table if exists user_roles;
4 | create table role (id bigint not null auto_increment, description varchar(255), name varchar(255), primary key (id)) engine=MyISAM;
5 | create table user_roles (user_id bigint not null, role_id bigint not null, primary key (user_id, role_id)) engine=MyISAM;
6 |
7 |
8 | INSERT INTO role (id, description, name) VALUES (4, 'Admin role', 'ADMIN');
9 | INSERT INTO role (id, description, name) VALUES (5, 'User role', 'USER');
10 |
11 |
--------------------------------------------------------------------------------