├── .gitignore ├── .mvn └── wrapper │ ├── maven-wrapper.jar │ └── maven-wrapper.properties ├── README.md ├── mvnw ├── mvnw.cmd ├── pom.xml └── src ├── main ├── java │ └── com │ │ └── example │ │ └── api │ │ ├── ApiAuthenticationApplication.java │ │ ├── config │ │ └── WebSecurityConfig.java │ │ ├── controller │ │ ├── AuthenticationController.java │ │ └── UserController.java │ │ ├── model │ │ └── User.java │ │ ├── repository │ │ └── UserRepository.java │ │ ├── service │ │ └── JwtUserDetailsService.java │ │ └── util │ │ ├── JwtRequestFilter.java │ │ └── JwtTokenUtil.java └── resources │ └── application.properties └── test └── java └── com └── example └── api └── ApiAuthenticationApplicationTests.java /.gitignore: -------------------------------------------------------------------------------- 1 | HELP.md 2 | target/ 3 | !.mvn/wrapper/maven-wrapper.jar 4 | !**/src/main/**/target/ 5 | !**/src/test/**/target/ 6 | 7 | ### STS ### 8 | .apt_generated 9 | .classpath 10 | .factorypath 11 | .project 12 | .settings 13 | .springBeans 14 | .sts4-cache 15 | 16 | ### IntelliJ IDEA ### 17 | .idea 18 | *.iws 19 | *.iml 20 | *.ipr 21 | 22 | ### NetBeans ### 23 | /nbproject/private/ 24 | /nbbuild/ 25 | /dist/ 26 | /nbdist/ 27 | /.nb-gradle/ 28 | build/ 29 | !**/src/main/**/build/ 30 | !**/src/test/**/build/ 31 | 32 | ### VS Code ### 33 | .vscode/ 34 | -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/iamprafful/rest-api-authentication-tutorial/353bfdff8ab467b8f1dc8f1eef3042f30a4c68b2/.mvn/wrapper/maven-wrapper.jar -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- 1 | distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.8.3/apache-maven-3.8.3-bin.zip 2 | wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ![banner.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1642352194340/nOY8Qkcmy.jpeg?w=1600&h=840&fit=crop&crop=entropy&auto=compress,format&format=webp) 2 | 3 | # Spring Boot REST API authentication best practices using JWT 4 | Token based API authentication with Spring Security and JWT (JSON web Token) 5 | 6 | ### Overview 7 | 8 | This repository is made to share source code of my blog post [Spring Boot + JWT](https://blog.iamprafful.com/spring-boot-rest-api-authentication-best-practices-using-jwt-2022) 9 | where I have explained how to do token based authentication for your Spring boot REST API using JSON web tokens(JWT). 10 | 11 | ### Output 12 | 13 | * Handling unauthorized access to protected routes with error 401: 14 | 15 | ![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1642342414144/xtiMe7v6k.png) 16 | 17 | * Get token in response of register request 18 | 19 | ![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1642347680561/609V-5XxI.png) 20 | 21 | * Invalid credentials response when wrong username password is supplied: 22 | 23 | ![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1642347577674/Y9WSd7xZC.png) 24 | 25 | * Show content from protected route when Auth token is provided in header. 26 | 27 | ![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1642349417849/HrrTRjKh1.png) 28 | -------------------------------------------------------------------------------- /mvnw: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # ---------------------------------------------------------------------------- 3 | # Licensed to the Apache Software Foundation (ASF) under one 4 | # or more contributor license agreements. See the NOTICE file 5 | # distributed with this work for additional information 6 | # regarding copyright ownership. The ASF licenses this file 7 | # to you under the Apache License, Version 2.0 (the 8 | # "License"); you may not use this file except in compliance 9 | # with the License. You may obtain a copy of the License at 10 | # 11 | # https://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, 14 | # software distributed under the License is distributed on an 15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | # KIND, either express or implied. See the License for the 17 | # specific language governing permissions and limitations 18 | # under the License. 19 | # ---------------------------------------------------------------------------- 20 | 21 | # ---------------------------------------------------------------------------- 22 | # Maven Start Up Batch script 23 | # 24 | # Required ENV vars: 25 | # ------------------ 26 | # JAVA_HOME - location of a JDK home dir 27 | # 28 | # Optional ENV vars 29 | # ----------------- 30 | # M2_HOME - location of maven2's installed home dir 31 | # MAVEN_OPTS - parameters passed to the Java VM when running Maven 32 | # e.g. to debug Maven itself, use 33 | # set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 34 | # MAVEN_SKIP_RC - flag to disable loading of mavenrc files 35 | # ---------------------------------------------------------------------------- 36 | 37 | if [ -z "$MAVEN_SKIP_RC" ] ; then 38 | 39 | if [ -f /usr/local/etc/mavenrc ] ; then 40 | . /usr/local/etc/mavenrc 41 | fi 42 | 43 | if [ -f /etc/mavenrc ] ; then 44 | . /etc/mavenrc 45 | fi 46 | 47 | if [ -f "$HOME/.mavenrc" ] ; then 48 | . "$HOME/.mavenrc" 49 | fi 50 | 51 | fi 52 | 53 | # OS specific support. $var _must_ be set to either true or false. 54 | cygwin=false; 55 | darwin=false; 56 | mingw=false 57 | case "`uname`" in 58 | CYGWIN*) cygwin=true ;; 59 | MINGW*) mingw=true;; 60 | Darwin*) darwin=true 61 | # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home 62 | # See https://developer.apple.com/library/mac/qa/qa1170/_index.html 63 | if [ -z "$JAVA_HOME" ]; then 64 | if [ -x "/usr/libexec/java_home" ]; then 65 | export JAVA_HOME="`/usr/libexec/java_home`" 66 | else 67 | export JAVA_HOME="/Library/Java/Home" 68 | fi 69 | fi 70 | ;; 71 | esac 72 | 73 | if [ -z "$JAVA_HOME" ] ; then 74 | if [ -r /etc/gentoo-release ] ; then 75 | JAVA_HOME=`java-config --jre-home` 76 | fi 77 | fi 78 | 79 | if [ -z "$M2_HOME" ] ; then 80 | ## resolve links - $0 may be a link to maven's home 81 | PRG="$0" 82 | 83 | # need this for relative symlinks 84 | while [ -h "$PRG" ] ; do 85 | ls=`ls -ld "$PRG"` 86 | link=`expr "$ls" : '.*-> \(.*\)$'` 87 | if expr "$link" : '/.*' > /dev/null; then 88 | PRG="$link" 89 | else 90 | PRG="`dirname "$PRG"`/$link" 91 | fi 92 | done 93 | 94 | saveddir=`pwd` 95 | 96 | M2_HOME=`dirname "$PRG"`/.. 97 | 98 | # make it fully qualified 99 | M2_HOME=`cd "$M2_HOME" && pwd` 100 | 101 | cd "$saveddir" 102 | # echo Using m2 at $M2_HOME 103 | fi 104 | 105 | # For Cygwin, ensure paths are in UNIX format before anything is touched 106 | if $cygwin ; then 107 | [ -n "$M2_HOME" ] && 108 | M2_HOME=`cygpath --unix "$M2_HOME"` 109 | [ -n "$JAVA_HOME" ] && 110 | JAVA_HOME=`cygpath --unix "$JAVA_HOME"` 111 | [ -n "$CLASSPATH" ] && 112 | CLASSPATH=`cygpath --path --unix "$CLASSPATH"` 113 | fi 114 | 115 | # For Mingw, ensure paths are in UNIX format before anything is touched 116 | if $mingw ; then 117 | [ -n "$M2_HOME" ] && 118 | M2_HOME="`(cd "$M2_HOME"; pwd)`" 119 | [ -n "$JAVA_HOME" ] && 120 | JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" 121 | fi 122 | 123 | if [ -z "$JAVA_HOME" ]; then 124 | javaExecutable="`which javac`" 125 | if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then 126 | # readlink(1) is not available as standard on Solaris 10. 127 | readLink=`which readlink` 128 | if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then 129 | if $darwin ; then 130 | javaHome="`dirname \"$javaExecutable\"`" 131 | javaExecutable="`cd \"$javaHome\" && pwd -P`/javac" 132 | else 133 | javaExecutable="`readlink -f \"$javaExecutable\"`" 134 | fi 135 | javaHome="`dirname \"$javaExecutable\"`" 136 | javaHome=`expr "$javaHome" : '\(.*\)/bin'` 137 | JAVA_HOME="$javaHome" 138 | export JAVA_HOME 139 | fi 140 | fi 141 | fi 142 | 143 | if [ -z "$JAVACMD" ] ; then 144 | if [ -n "$JAVA_HOME" ] ; then 145 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 146 | # IBM's JDK on AIX uses strange locations for the executables 147 | JAVACMD="$JAVA_HOME/jre/sh/java" 148 | else 149 | JAVACMD="$JAVA_HOME/bin/java" 150 | fi 151 | else 152 | JAVACMD="`\\unset -f command; \\command -v java`" 153 | fi 154 | fi 155 | 156 | if [ ! -x "$JAVACMD" ] ; then 157 | echo "Error: JAVA_HOME is not defined correctly." >&2 158 | echo " We cannot execute $JAVACMD" >&2 159 | exit 1 160 | fi 161 | 162 | if [ -z "$JAVA_HOME" ] ; then 163 | echo "Warning: JAVA_HOME environment variable is not set." 164 | fi 165 | 166 | CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher 167 | 168 | # traverses directory structure from process work directory to filesystem root 169 | # first directory with .mvn subdirectory is considered project base directory 170 | find_maven_basedir() { 171 | 172 | if [ -z "$1" ] 173 | then 174 | echo "Path not specified to find_maven_basedir" 175 | return 1 176 | fi 177 | 178 | basedir="$1" 179 | wdir="$1" 180 | while [ "$wdir" != '/' ] ; do 181 | if [ -d "$wdir"/.mvn ] ; then 182 | basedir=$wdir 183 | break 184 | fi 185 | # workaround for JBEAP-8937 (on Solaris 10/Sparc) 186 | if [ -d "${wdir}" ]; then 187 | wdir=`cd "$wdir/.."; pwd` 188 | fi 189 | # end of workaround 190 | done 191 | echo "${basedir}" 192 | } 193 | 194 | # concatenates all lines of a file 195 | concat_lines() { 196 | if [ -f "$1" ]; then 197 | echo "$(tr -s '\n' ' ' < "$1")" 198 | fi 199 | } 200 | 201 | BASE_DIR=`find_maven_basedir "$(pwd)"` 202 | if [ -z "$BASE_DIR" ]; then 203 | exit 1; 204 | fi 205 | 206 | ########################################################################################## 207 | # Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 208 | # This allows using the maven wrapper in projects that prohibit checking in binary data. 209 | ########################################################################################## 210 | if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then 211 | if [ "$MVNW_VERBOSE" = true ]; then 212 | echo "Found .mvn/wrapper/maven-wrapper.jar" 213 | fi 214 | else 215 | if [ "$MVNW_VERBOSE" = true ]; then 216 | echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..." 217 | fi 218 | if [ -n "$MVNW_REPOURL" ]; then 219 | jarUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 220 | else 221 | jarUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 222 | fi 223 | while IFS="=" read key value; do 224 | case "$key" in (wrapperUrl) jarUrl="$value"; break ;; 225 | esac 226 | done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties" 227 | if [ "$MVNW_VERBOSE" = true ]; then 228 | echo "Downloading from: $jarUrl" 229 | fi 230 | wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" 231 | if $cygwin; then 232 | wrapperJarPath=`cygpath --path --windows "$wrapperJarPath"` 233 | fi 234 | 235 | if command -v wget > /dev/null; then 236 | if [ "$MVNW_VERBOSE" = true ]; then 237 | echo "Found wget ... using wget" 238 | fi 239 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 240 | wget "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath" 241 | else 242 | wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath" 243 | fi 244 | elif command -v curl > /dev/null; then 245 | if [ "$MVNW_VERBOSE" = true ]; then 246 | echo "Found curl ... using curl" 247 | fi 248 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 249 | curl -o "$wrapperJarPath" "$jarUrl" -f 250 | else 251 | curl --user $MVNW_USERNAME:$MVNW_PASSWORD -o "$wrapperJarPath" "$jarUrl" -f 252 | fi 253 | 254 | else 255 | if [ "$MVNW_VERBOSE" = true ]; then 256 | echo "Falling back to using Java to download" 257 | fi 258 | javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java" 259 | # For Cygwin, switch paths to Windows format before running javac 260 | if $cygwin; then 261 | javaClass=`cygpath --path --windows "$javaClass"` 262 | fi 263 | if [ -e "$javaClass" ]; then 264 | if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 265 | if [ "$MVNW_VERBOSE" = true ]; then 266 | echo " - Compiling MavenWrapperDownloader.java ..." 267 | fi 268 | # Compiling the Java class 269 | ("$JAVA_HOME/bin/javac" "$javaClass") 270 | fi 271 | if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 272 | # Running the downloader 273 | if [ "$MVNW_VERBOSE" = true ]; then 274 | echo " - Running MavenWrapperDownloader.java ..." 275 | fi 276 | ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR") 277 | fi 278 | fi 279 | fi 280 | fi 281 | ########################################################################################## 282 | # End of extension 283 | ########################################################################################## 284 | 285 | export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"} 286 | if [ "$MVNW_VERBOSE" = true ]; then 287 | echo $MAVEN_PROJECTBASEDIR 288 | fi 289 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS" 290 | 291 | # For Cygwin, switch paths to Windows format before running java 292 | if $cygwin; then 293 | [ -n "$M2_HOME" ] && 294 | M2_HOME=`cygpath --path --windows "$M2_HOME"` 295 | [ -n "$JAVA_HOME" ] && 296 | JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"` 297 | [ -n "$CLASSPATH" ] && 298 | CLASSPATH=`cygpath --path --windows "$CLASSPATH"` 299 | [ -n "$MAVEN_PROJECTBASEDIR" ] && 300 | MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"` 301 | fi 302 | 303 | # Provide a "standardized" way to retrieve the CLI args that will 304 | # work with both Windows and non-Windows executions. 305 | MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $@" 306 | export MAVEN_CMD_LINE_ARGS 307 | 308 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 309 | 310 | exec "$JAVACMD" \ 311 | $MAVEN_OPTS \ 312 | $MAVEN_DEBUG_OPTS \ 313 | -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \ 314 | "-Dmaven.home=${M2_HOME}" \ 315 | "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \ 316 | ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@" 317 | -------------------------------------------------------------------------------- /mvnw.cmd: -------------------------------------------------------------------------------- 1 | @REM ---------------------------------------------------------------------------- 2 | @REM Licensed to the Apache Software Foundation (ASF) under one 3 | @REM or more contributor license agreements. See the NOTICE file 4 | @REM distributed with this work for additional information 5 | @REM regarding copyright ownership. The ASF licenses this file 6 | @REM to you under the Apache License, Version 2.0 (the 7 | @REM "License"); you may not use this file except in compliance 8 | @REM with the License. You may obtain a copy of the License at 9 | @REM 10 | @REM https://www.apache.org/licenses/LICENSE-2.0 11 | @REM 12 | @REM Unless required by applicable law or agreed to in writing, 13 | @REM software distributed under the License is distributed on an 14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | @REM KIND, either express or implied. See the License for the 16 | @REM specific language governing permissions and limitations 17 | @REM under the License. 18 | @REM ---------------------------------------------------------------------------- 19 | 20 | @REM ---------------------------------------------------------------------------- 21 | @REM Maven Start Up Batch script 22 | @REM 23 | @REM Required ENV vars: 24 | @REM JAVA_HOME - location of a JDK home dir 25 | @REM 26 | @REM Optional ENV vars 27 | @REM M2_HOME - location of maven2's installed home dir 28 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands 29 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending 30 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven 31 | @REM e.g. to debug Maven itself, use 32 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 33 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files 34 | @REM ---------------------------------------------------------------------------- 35 | 36 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on' 37 | @echo off 38 | @REM set title of command window 39 | title %0 40 | @REM enable echoing by setting MAVEN_BATCH_ECHO to 'on' 41 | @if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO% 42 | 43 | @REM set %HOME% to equivalent of $HOME 44 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%") 45 | 46 | @REM Execute a user defined script before this one 47 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre 48 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending 49 | if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %* 50 | if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %* 51 | :skipRcPre 52 | 53 | @setlocal 54 | 55 | set ERROR_CODE=0 56 | 57 | @REM To isolate internal variables from possible post scripts, we use another setlocal 58 | @setlocal 59 | 60 | @REM ==== START VALIDATION ==== 61 | if not "%JAVA_HOME%" == "" goto OkJHome 62 | 63 | echo. 64 | echo Error: JAVA_HOME not found in your environment. >&2 65 | echo Please set the JAVA_HOME variable in your environment to match the >&2 66 | echo location of your Java installation. >&2 67 | echo. 68 | goto error 69 | 70 | :OkJHome 71 | if exist "%JAVA_HOME%\bin\java.exe" goto init 72 | 73 | echo. 74 | echo Error: JAVA_HOME is set to an invalid directory. >&2 75 | echo JAVA_HOME = "%JAVA_HOME%" >&2 76 | echo Please set the JAVA_HOME variable in your environment to match the >&2 77 | echo location of your Java installation. >&2 78 | echo. 79 | goto error 80 | 81 | @REM ==== END VALIDATION ==== 82 | 83 | :init 84 | 85 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn". 86 | @REM Fallback to current working directory if not found. 87 | 88 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR% 89 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir 90 | 91 | set EXEC_DIR=%CD% 92 | set WDIR=%EXEC_DIR% 93 | :findBaseDir 94 | IF EXIST "%WDIR%"\.mvn goto baseDirFound 95 | cd .. 96 | IF "%WDIR%"=="%CD%" goto baseDirNotFound 97 | set WDIR=%CD% 98 | goto findBaseDir 99 | 100 | :baseDirFound 101 | set MAVEN_PROJECTBASEDIR=%WDIR% 102 | cd "%EXEC_DIR%" 103 | goto endDetectBaseDir 104 | 105 | :baseDirNotFound 106 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR% 107 | cd "%EXEC_DIR%" 108 | 109 | :endDetectBaseDir 110 | 111 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig 112 | 113 | @setlocal EnableExtensions EnableDelayedExpansion 114 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a 115 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS% 116 | 117 | :endReadAdditionalConfig 118 | 119 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe" 120 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar" 121 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 122 | 123 | set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 124 | 125 | FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO ( 126 | IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B 127 | ) 128 | 129 | @REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 130 | @REM This allows using the maven wrapper in projects that prohibit checking in binary data. 131 | if exist %WRAPPER_JAR% ( 132 | if "%MVNW_VERBOSE%" == "true" ( 133 | echo Found %WRAPPER_JAR% 134 | ) 135 | ) else ( 136 | if not "%MVNW_REPOURL%" == "" ( 137 | SET DOWNLOAD_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar" 138 | ) 139 | if "%MVNW_VERBOSE%" == "true" ( 140 | echo Couldn't find %WRAPPER_JAR%, downloading it ... 141 | echo Downloading from: %DOWNLOAD_URL% 142 | ) 143 | 144 | powershell -Command "&{"^ 145 | "$webclient = new-object System.Net.WebClient;"^ 146 | "if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^ 147 | "$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^ 148 | "}"^ 149 | "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^ 150 | "}" 151 | if "%MVNW_VERBOSE%" == "true" ( 152 | echo Finished downloading %WRAPPER_JAR% 153 | ) 154 | ) 155 | @REM End of extension 156 | 157 | @REM Provide a "standardized" way to retrieve the CLI args that will 158 | @REM work with both Windows and non-Windows executions. 159 | set MAVEN_CMD_LINE_ARGS=%* 160 | 161 | %MAVEN_JAVA_EXE% ^ 162 | %JVM_CONFIG_MAVEN_PROPS% ^ 163 | %MAVEN_OPTS% ^ 164 | %MAVEN_DEBUG_OPTS% ^ 165 | -classpath %WRAPPER_JAR% ^ 166 | "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^ 167 | %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %* 168 | if ERRORLEVEL 1 goto error 169 | goto end 170 | 171 | :error 172 | set ERROR_CODE=1 173 | 174 | :end 175 | @endlocal & set ERROR_CODE=%ERROR_CODE% 176 | 177 | if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost 178 | @REM check for post script, once with legacy .bat ending and once with .cmd ending 179 | if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat" 180 | if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd" 181 | :skipRcPost 182 | 183 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on' 184 | if "%MAVEN_BATCH_PAUSE%"=="on" pause 185 | 186 | if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE% 187 | 188 | cmd /C exit /B %ERROR_CODE% 189 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | org.springframework.boot 7 | spring-boot-starter-parent 8 | 2.6.2 9 | 10 | 11 | com.example 12 | api 13 | 0.0.1-SNAPSHOT 14 | API Authentication 15 | API Authentication 16 | 17 | 11 18 | 19 | 20 | 21 | org.springframework.boot 22 | spring-boot-starter-data-mongodb 23 | 24 | 25 | org.springframework.boot 26 | spring-boot-starter-security 27 | 28 | 29 | org.springframework.boot 30 | spring-boot-starter-web 31 | 32 | 33 | io.jsonwebtoken 34 | jjwt-api 35 | 0.11.2 36 | 37 | 38 | io.jsonwebtoken 39 | jjwt-impl 40 | 0.11.2 41 | runtime 42 | 43 | 44 | io.jsonwebtoken 45 | jjwt-jackson 46 | 0.11.2 47 | runtime 48 | 49 | 50 | org.apache.commons 51 | commons-lang3 52 | 3.12.0 53 | 54 | 55 | org.springframework.boot 56 | spring-boot-devtools 57 | runtime 58 | true 59 | 60 | 61 | org.projectlombok 62 | lombok 63 | true 64 | 65 | 66 | org.springframework.boot 67 | spring-boot-starter-test 68 | test 69 | 70 | 71 | org.springframework.security 72 | spring-security-test 73 | test 74 | 75 | 76 | 77 | 78 | 79 | 80 | org.springframework.boot 81 | spring-boot-maven-plugin 82 | 83 | 84 | 85 | org.projectlombok 86 | lombok 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | -------------------------------------------------------------------------------- /src/main/java/com/example/api/ApiAuthenticationApplication.java: -------------------------------------------------------------------------------- 1 | package com.example.api; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | @SpringBootApplication 7 | public class ApiAuthenticationApplication { 8 | 9 | public static void main(String[] args) { 10 | SpringApplication.run(ApiAuthenticationApplication.class, args); 11 | } 12 | 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/com/example/api/config/WebSecurityConfig.java: -------------------------------------------------------------------------------- 1 | package com.example.api.config; 2 | 3 | import com.example.api.util.JwtRequestFilter; 4 | import com.fasterxml.jackson.databind.ObjectMapper; 5 | import org.springframework.beans.factory.annotation.Autowired; 6 | import org.springframework.context.annotation.Bean; 7 | import org.springframework.context.annotation.Configuration; 8 | import org.springframework.security.authentication.AuthenticationManager; 9 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 10 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; 11 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 12 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 13 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 14 | import org.springframework.security.config.http.SessionCreationPolicy; 15 | import org.springframework.security.core.userdetails.UserDetailsService; 16 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 17 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; 18 | 19 | import java.util.HashMap; 20 | import java.util.Map; 21 | 22 | @Configuration 23 | @EnableWebSecurity 24 | @EnableGlobalMethodSecurity(prePostEnabled = true) 25 | public class WebSecurityConfig extends WebSecurityConfigurerAdapter { 26 | 27 | private final UserDetailsService jwtUserDetailsService; 28 | private final JwtRequestFilter jwtRequestFilter; 29 | 30 | public WebSecurityConfig(UserDetailsService jwtUserDetailsService, JwtRequestFilter jwtRequestFilter) { 31 | this.jwtUserDetailsService = jwtUserDetailsService; 32 | this.jwtRequestFilter = jwtRequestFilter; 33 | } 34 | 35 | @Autowired 36 | public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { 37 | auth.userDetailsService(jwtUserDetailsService).passwordEncoder(new BCryptPasswordEncoder()); 38 | } 39 | 40 | @Bean 41 | @Override 42 | public AuthenticationManager authenticationManagerBean() throws Exception { 43 | return super.authenticationManagerBean(); 44 | } 45 | 46 | @Override 47 | protected void configure(HttpSecurity httpSecurity) throws Exception { 48 | httpSecurity.csrf().disable().authorizeRequests().antMatchers("/auth/*").permitAll().anyRequest().authenticated().and().exceptionHandling().authenticationEntryPoint((request, response, authException) -> { 49 | Map responseMap = new HashMap<>(); 50 | ObjectMapper mapper = new ObjectMapper(); 51 | response.setStatus(401); 52 | responseMap.put("error", true); 53 | responseMap.put("message", "Unauthorized"); 54 | response.setHeader("content-type", "application/json"); 55 | String responseMsg = mapper.writeValueAsString(responseMap); 56 | response.getWriter().write(responseMsg); 57 | }).and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class); 58 | } 59 | } 60 | -------------------------------------------------------------------------------- /src/main/java/com/example/api/controller/AuthenticationController.java: -------------------------------------------------------------------------------- 1 | package com.example.api.controller; 2 | 3 | import com.example.api.model.User; 4 | import com.example.api.repository.UserRepository; 5 | import com.example.api.service.JwtUserDetailsService; 6 | import com.example.api.util.JwtTokenUtil; 7 | import org.apache.commons.logging.Log; 8 | import org.apache.commons.logging.LogFactory; 9 | import org.springframework.http.ResponseEntity; 10 | import org.springframework.security.authentication.AuthenticationManager; 11 | import org.springframework.security.authentication.BadCredentialsException; 12 | import org.springframework.security.authentication.DisabledException; 13 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 14 | import org.springframework.security.core.Authentication; 15 | import org.springframework.security.core.userdetails.UserDetails; 16 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 17 | import org.springframework.web.bind.annotation.PostMapping; 18 | import org.springframework.web.bind.annotation.RequestMapping; 19 | import org.springframework.web.bind.annotation.RequestParam; 20 | import org.springframework.web.bind.annotation.RestController; 21 | 22 | import java.util.HashMap; 23 | import java.util.Map; 24 | 25 | @RestController 26 | @RequestMapping("/auth") 27 | public class AuthenticationController { 28 | 29 | protected final Log logger = LogFactory.getLog(getClass()); 30 | 31 | final UserRepository userRepository; 32 | final AuthenticationManager authenticationManager; 33 | final JwtUserDetailsService userDetailsService; 34 | final JwtTokenUtil jwtTokenUtil; 35 | 36 | public AuthenticationController(UserRepository userRepository, AuthenticationManager authenticationManager, 37 | JwtUserDetailsService userDetailsService, JwtTokenUtil jwtTokenUtil) { 38 | this.userRepository = userRepository; 39 | this.authenticationManager = authenticationManager; 40 | this.userDetailsService = userDetailsService; 41 | this.jwtTokenUtil = jwtTokenUtil; 42 | } 43 | 44 | @PostMapping("/login") 45 | public ResponseEntity loginUser(@RequestParam("user_name") String username, 46 | @RequestParam("password") String password) { 47 | Map responseMap = new HashMap<>(); 48 | try { 49 | Authentication auth = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username 50 | , password)); 51 | if (auth.isAuthenticated()) { 52 | logger.info("Logged In"); 53 | UserDetails userDetails = userDetailsService.loadUserByUsername(username); 54 | String token = jwtTokenUtil.generateToken(userDetails); 55 | responseMap.put("error", false); 56 | responseMap.put("message", "Logged In"); 57 | responseMap.put("token", token); 58 | return ResponseEntity.ok(responseMap); 59 | } else { 60 | responseMap.put("error", true); 61 | responseMap.put("message", "Invalid Credentials"); 62 | return ResponseEntity.status(401).body(responseMap); 63 | } 64 | } catch (DisabledException e) { 65 | e.printStackTrace(); 66 | responseMap.put("error", true); 67 | responseMap.put("message", "User is disabled"); 68 | return ResponseEntity.status(500).body(responseMap); 69 | } catch (BadCredentialsException e) { 70 | responseMap.put("error", true); 71 | responseMap.put("message", "Invalid Credentials"); 72 | return ResponseEntity.status(401).body(responseMap); 73 | } catch (Exception e) { 74 | e.printStackTrace(); 75 | responseMap.put("error", true); 76 | responseMap.put("message", "Something went wrong"); 77 | return ResponseEntity.status(500).body(responseMap); 78 | } 79 | } 80 | 81 | @PostMapping("/register") 82 | public ResponseEntity saveUser(@RequestParam("first_name") String firstName, 83 | @RequestParam("last_name") String lastName, 84 | @RequestParam("user_name") String userName, @RequestParam("email") String email 85 | , @RequestParam("password") String password) { 86 | Map responseMap = new HashMap<>(); 87 | User user = new User(); 88 | user.setFirstName(firstName); 89 | user.setLastName(lastName); 90 | user.setEmail(email); 91 | user.setPassword(new BCryptPasswordEncoder().encode(password)); 92 | user.setRole("USER"); 93 | user.setUserName(userName); 94 | UserDetails userDetails = userDetailsService.createUserDetails(userName, user.getPassword()); 95 | String token = jwtTokenUtil.generateToken(userDetails); 96 | userRepository.save(user); 97 | responseMap.put("error", false); 98 | responseMap.put("username", userName); 99 | responseMap.put("message", "Account created successfully"); 100 | responseMap.put("token", token); 101 | return ResponseEntity.ok(responseMap); 102 | } 103 | } 104 | -------------------------------------------------------------------------------- /src/main/java/com/example/api/controller/UserController.java: -------------------------------------------------------------------------------- 1 | package com.example.api.controller; 2 | 3 | import org.springframework.security.core.Authentication; 4 | import org.springframework.security.core.context.SecurityContextHolder; 5 | import org.springframework.web.bind.annotation.GetMapping; 6 | import org.springframework.web.bind.annotation.RequestMapping; 7 | import org.springframework.web.bind.annotation.RestController; 8 | 9 | import java.util.HashMap; 10 | import java.util.Map; 11 | 12 | @RestController 13 | @RequestMapping("/user") 14 | public class UserController { 15 | 16 | @GetMapping 17 | public Map getUserName() { 18 | Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); 19 | Map userMap = new HashMap<>(); 20 | userMap.put("username", authentication.getName()); 21 | userMap.put("error", false); 22 | return userMap; 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /src/main/java/com/example/api/model/User.java: -------------------------------------------------------------------------------- 1 | package com.example.api.model; 2 | 3 | import lombok.AllArgsConstructor; 4 | import lombok.Getter; 5 | import lombok.NoArgsConstructor; 6 | import lombok.Setter; 7 | import org.springframework.data.annotation.Id; 8 | import org.springframework.data.mongodb.core.index.Indexed; 9 | import org.springframework.data.mongodb.core.mapping.Document; 10 | 11 | @Document("users") 12 | @Getter 13 | @Setter 14 | @AllArgsConstructor 15 | @NoArgsConstructor 16 | public class User { 17 | 18 | @Id 19 | private String userName; 20 | private String firstName; 21 | private String lastName; 22 | @Indexed(unique = true) 23 | private String email; 24 | private String password; 25 | private String role; 26 | 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/com/example/api/repository/UserRepository.java: -------------------------------------------------------------------------------- 1 | package com.example.api.repository; 2 | 3 | import com.example.api.model.User; 4 | import org.springframework.data.mongodb.repository.MongoRepository; 5 | import org.springframework.data.mongodb.repository.Query; 6 | 7 | public interface UserRepository extends MongoRepository { 8 | 9 | @Query(value = "{userName:'?0'}") 10 | User findUserByUsername(String username); 11 | } 12 | -------------------------------------------------------------------------------- /src/main/java/com/example/api/service/JwtUserDetailsService.java: -------------------------------------------------------------------------------- 1 | package com.example.api.service; 2 | 3 | import com.example.api.repository.UserRepository; 4 | import org.springframework.security.core.GrantedAuthority; 5 | import org.springframework.security.core.authority.SimpleGrantedAuthority; 6 | import org.springframework.security.core.userdetails.User; 7 | import org.springframework.security.core.userdetails.UserDetails; 8 | import org.springframework.security.core.userdetails.UserDetailsService; 9 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 10 | import org.springframework.stereotype.Service; 11 | 12 | import java.util.ArrayList; 13 | import java.util.List; 14 | 15 | @Service 16 | public class JwtUserDetailsService implements UserDetailsService { 17 | 18 | final UserRepository userRepository; 19 | 20 | public JwtUserDetailsService(UserRepository userRepository) { 21 | this.userRepository = userRepository; 22 | } 23 | 24 | @Override 25 | public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { 26 | com.example.api.model.User user = userRepository.findUserByUsername(username); 27 | List authorityList = new ArrayList<>(); 28 | authorityList.add(new SimpleGrantedAuthority("USER_ROLE")); 29 | return new User(user.getUserName(), user.getPassword(), authorityList); 30 | } 31 | 32 | public UserDetails createUserDetails(String username, String password) { 33 | List authorityList = new ArrayList<>(); 34 | authorityList.add(new SimpleGrantedAuthority("USER_ROLE")); 35 | return new User(username, password, authorityList); 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /src/main/java/com/example/api/util/JwtRequestFilter.java: -------------------------------------------------------------------------------- 1 | package com.example.api.util; 2 | 3 | import com.example.api.service.JwtUserDetailsService; 4 | import io.jsonwebtoken.ExpiredJwtException; 5 | import org.apache.commons.lang3.StringUtils; 6 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 7 | import org.springframework.security.core.context.SecurityContextHolder; 8 | import org.springframework.security.core.userdetails.UserDetails; 9 | import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; 10 | import org.springframework.stereotype.Component; 11 | import org.springframework.web.filter.OncePerRequestFilter; 12 | 13 | import javax.servlet.FilterChain; 14 | import javax.servlet.ServletException; 15 | import javax.servlet.http.HttpServletRequest; 16 | import javax.servlet.http.HttpServletResponse; 17 | import java.io.IOException; 18 | 19 | @Component 20 | public class JwtRequestFilter extends OncePerRequestFilter { 21 | 22 | private final JwtUserDetailsService jwtUserDetailsService; 23 | private final JwtTokenUtil jwtTokenUtil; 24 | 25 | public JwtRequestFilter(JwtUserDetailsService jwtUserDetailsService, JwtTokenUtil jwtTokenUtil) { 26 | this.jwtUserDetailsService = jwtUserDetailsService; 27 | this.jwtTokenUtil = jwtTokenUtil; 28 | } 29 | 30 | @Override 31 | protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) 32 | throws ServletException, IOException { 33 | 34 | final String requestTokenHeader = request.getHeader("Authorization"); 35 | if (StringUtils.startsWith(requestTokenHeader,"Bearer ")) { 36 | String jwtToken = requestTokenHeader.substring(7); 37 | try { 38 | String username = jwtTokenUtil.getUsernameFromToken(jwtToken); 39 | if (StringUtils.isNotEmpty(username) 40 | && null == SecurityContextHolder.getContext().getAuthentication()) { 41 | UserDetails userDetails = jwtUserDetailsService.loadUserByUsername(username); 42 | if (jwtTokenUtil.validateToken(jwtToken, userDetails)) { 43 | UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = 44 | new UsernamePasswordAuthenticationToken( 45 | userDetails, null, userDetails.getAuthorities()); 46 | usernamePasswordAuthenticationToken 47 | .setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); 48 | SecurityContextHolder.getContext() 49 | .setAuthentication(usernamePasswordAuthenticationToken); 50 | } 51 | } 52 | } catch (IllegalArgumentException e) { 53 | logger.error("Unable to fetch JWT Token"); 54 | } catch (ExpiredJwtException e) { 55 | logger.error("JWT Token is expired"); 56 | } catch (Exception e) { 57 | logger.error(e.getMessage()); 58 | } 59 | } else { 60 | logger.warn("JWT Token does not begin with Bearer String"); 61 | } 62 | chain.doFilter(request, response); 63 | } 64 | 65 | } -------------------------------------------------------------------------------- /src/main/java/com/example/api/util/JwtTokenUtil.java: -------------------------------------------------------------------------------- 1 | package com.example.api.util; 2 | 3 | import io.jsonwebtoken.Claims; 4 | import io.jsonwebtoken.Jwts; 5 | import io.jsonwebtoken.SignatureAlgorithm; 6 | import io.jsonwebtoken.security.Keys; 7 | import org.springframework.security.core.userdetails.UserDetails; 8 | import org.springframework.stereotype.Component; 9 | 10 | import java.io.Serializable; 11 | import java.security.Key; 12 | import java.util.Date; 13 | import java.util.HashMap; 14 | import java.util.Map; 15 | import java.util.function.Function; 16 | 17 | @Component 18 | public class JwtTokenUtil implements Serializable { 19 | 20 | public static final long JWT_TOKEN_VALIDITY = 5 * 60 * 60; 21 | 22 | Key key = Keys.secretKeyFor(SignatureAlgorithm.HS256); 23 | 24 | public String getUsernameFromToken(String token) { 25 | return getClaimFromToken(token, Claims::getSubject); 26 | } 27 | 28 | public Date getExpirationDateFromToken(String token) { 29 | return getClaimFromToken(token, Claims::getExpiration); 30 | } 31 | 32 | public T getClaimFromToken(String token, Function claimsResolver) { 33 | final Claims claims = getAllClaimsFromToken(token); 34 | return claimsResolver.apply(claims); 35 | } 36 | 37 | private Claims getAllClaimsFromToken(String token) { 38 | return Jwts.parserBuilder().setSigningKey(key).build().parseClaimsJws(token).getBody(); 39 | } 40 | 41 | private Boolean isTokenExpired(String token) { 42 | final Date expiration = getExpirationDateFromToken(token); 43 | return expiration.before(new Date()); 44 | } 45 | 46 | public String generateToken(UserDetails userDetails) { 47 | Map claims = new HashMap<>(); 48 | return Jwts.builder().setClaims(claims).setSubject(userDetails.getUsername()).setIssuedAt(new Date(System.currentTimeMillis())).setExpiration(new Date(System.currentTimeMillis() + JWT_TOKEN_VALIDITY * 1000)).signWith(key).compact(); 49 | } 50 | 51 | public Boolean validateToken(String token, UserDetails userDetails) { 52 | final String username = getUsernameFromToken(token); 53 | return (username.equals(userDetails.getUsername()) && !isTokenExpired(token)); 54 | } 55 | } -------------------------------------------------------------------------------- /src/main/resources/application.properties: -------------------------------------------------------------------------------- 1 | 2 | spring.data.mongodb.database=your_db_name_here 3 | spring.data.mongodb.port=27017 -------------------------------------------------------------------------------- /src/test/java/com/example/api/ApiAuthenticationApplicationTests.java: -------------------------------------------------------------------------------- 1 | package com.example.api; 2 | 3 | import org.junit.jupiter.api.Test; 4 | import org.springframework.boot.test.context.SpringBootTest; 5 | 6 | @SpringBootTest 7 | class ApiAuthenticationApplicationTests { 8 | 9 | @Test 10 | void contextLoads() { 11 | } 12 | 13 | } 14 | --------------------------------------------------------------------------------