├── .gitignore ├── .mvn └── wrapper │ ├── maven-wrapper.jar │ └── maven-wrapper.properties ├── README.md ├── mvnw ├── mvnw.cmd ├── pom.xml └── src ├── main ├── java │ └── com │ │ └── spring3 │ │ └── oauth │ │ └── jwt │ │ ├── OauthJwtApplication.java │ │ ├── configurations │ │ ├── JwtAuthFilter.java │ │ └── SecurityConfig.java │ │ ├── controllers │ │ └── UserController.java │ │ ├── dtos │ │ ├── AuthRequestDTO.java │ │ ├── JwtResponseDTO.java │ │ ├── RefreshTokenRequestDTO.java │ │ ├── UserRequest.java │ │ └── UserResponse.java │ │ ├── helpers │ │ ├── CustomUserDetails.java │ │ └── UserDetailsServiceImpl.java │ │ ├── models │ │ ├── RefreshToken.java │ │ ├── UserInfo.java │ │ └── UserRole.java │ │ ├── repositories │ │ ├── RefreshTokenRepository.java │ │ └── UserRepository.java │ │ └── services │ │ ├── JwtService.java │ │ ├── RefreshTokenService.java │ │ ├── UserService.java │ │ └── UserServiceImpl.java └── resources │ └── application.properties └── test └── java └── com └── spring3 └── oauth └── jwt └── OauthJwtApplicationTests.java /.gitignore: -------------------------------------------------------------------------------- 1 | HELP.md 2 | target/ 3 | !.mvn/wrapper/maven-wrapper.jar 4 | !**/src/main/**/target/ 5 | !**/src/test/**/target/ 6 | 7 | ### STS ### 8 | .apt_generated 9 | .classpath 10 | .factorypath 11 | .project 12 | .settings 13 | .springBeans 14 | .sts4-cache 15 | 16 | ### IntelliJ IDEA ### 17 | .idea 18 | *.iws 19 | *.iml 20 | *.ipr 21 | 22 | ### NetBeans ### 23 | /nbproject/private/ 24 | /nbbuild/ 25 | /dist/ 26 | /nbdist/ 27 | /.nb-gradle/ 28 | build/ 29 | !**/src/main/**/build/ 30 | !**/src/test/**/build/ 31 | 32 | ### VS Code ### 33 | .vscode/ 34 | -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/zees007/Spring-3-spring-security-6-Jwt-security-Authentication-authorization/c29c4c635bb9dd83966a1110608db3f9da5af817/.mvn/wrapper/maven-wrapper.jar -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # https://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.1/apache-maven-3.9.1-bin.zip 18 | wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.2.0/maven-wrapper-3.2.0.jar 19 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Welcome to DevZees ❤ 2 | 3 | you’ll learn how to implement JWT authentication and authorization in a Spring Boot 3.0 application using Spring Security 6 You’ll see how easy it is to secure your application and protect your endpoints using JSON Web Tokens. 4 | 5 | You can follow my blog for step by step guides: 6 | 7 | 1. Implement JWT Authentication & Authorization 8 | 9 | https://medium.com/@mhmdzeeshan/spring-boot-3-spring-security-6-jwt-authentication-authorization-98702d6313a5 10 | 11 | 2. JWT Refresh Token: Spring Security 12 | 13 | https://medium.com/spring-boot/jwt-refresh-token-spring-security-c5b4646cdbd9 14 | 15 | 3. Invalidate/Revoked the JWT : Force logout the user from spring security 16 | 17 | https://medium.com/spring-boot/invalidate-revoked-the-jwt-force-logout-the-user-from-spring-security-a20ef3a2a928 18 | 19 | 4. Invalidate/Blacklist the JWT using Redis: Logout Mechanism in Spring Security 20 | 21 | https://medium.com/gitconnected/invalidate-blacklist-the-jwt-using-redis-logout-mechanism-in-spring-security-86b23149699a 22 | 23 |

❤️ Support & Engagement ❤️

24 | 25 | ⭐ If you find this project helpful, please give it a star on [GitHub](https://github.com/zees007/Spring-3-spring-security-6-Jwt-security-Authentication-authorization)! 26 | 27 | ⭐ If you find this article informative and beneficial, please consider showing your appreciation by giving it a clap 👏👏👏, highlight it and replying on my story story. Feel free to share this article with your peers. Your support and knowledge sharing within the developer community are highly valued. 28 | 29 | ⭐ Please share on social media 30 | 31 | ⭐ Follow me on : [Medium](https://medium.com/@mhmdzeeshan) || [LinkedIn](https://www.linkedin.com/in/zeeshan-adil-a94b3867/) || [X (Formerly Twitter)](https://x.com/DevZeesCraft) 32 | 33 | ⭐ Check out my work, projects, and more on my [Linktree](https://linktr.ee/zees007) 34 | 35 | ⭐ [Check out my other articles on Medium](https://medium.com/@mhmdzeeshan) 36 | 37 | ⭐ [Subscribe to my newsletter 📧](https://medium.com/@mhmdzeeshan/subscribe), so that you don’t miss out on my latest articles. 38 | 39 | ⭐ If you enjoyed my article, please consider [buying me a coffee ❤️](https://buymeacoffee.com/mhmdzeeshan) and stay tuned to more articles about java, technologies and AI. 🧑‍💻 40 | 41 | ## Contact me 42 | 43 |
44 | 45 | linkedin logo 46 | 47 | 48 | 49 | medium logo 50 | 51 | 52 | 53 | stackoverflow logo 54 | 55 |
56 | -------------------------------------------------------------------------------- /mvnw: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # ---------------------------------------------------------------------------- 3 | # Licensed to the Apache Software Foundation (ASF) under one 4 | # or more contributor license agreements. See the NOTICE file 5 | # distributed with this work for additional information 6 | # regarding copyright ownership. The ASF licenses this file 7 | # to you under the Apache License, Version 2.0 (the 8 | # "License"); you may not use this file except in compliance 9 | # with the License. You may obtain a copy of the License at 10 | # 11 | # https://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, 14 | # software distributed under the License is distributed on an 15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | # KIND, either express or implied. See the License for the 17 | # specific language governing permissions and limitations 18 | # under the License. 19 | # ---------------------------------------------------------------------------- 20 | 21 | # ---------------------------------------------------------------------------- 22 | # Apache Maven Wrapper startup batch script, version 3.2.0 23 | # 24 | # Required ENV vars: 25 | # ------------------ 26 | # JAVA_HOME - location of a JDK home dir 27 | # 28 | # Optional ENV vars 29 | # ----------------- 30 | # MAVEN_OPTS - parameters passed to the Java VM when running Maven 31 | # e.g. to debug Maven itself, use 32 | # set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 33 | # MAVEN_SKIP_RC - flag to disable loading of mavenrc files 34 | # ---------------------------------------------------------------------------- 35 | 36 | if [ -z "$MAVEN_SKIP_RC" ] ; then 37 | 38 | if [ -f /usr/local/etc/mavenrc ] ; then 39 | . /usr/local/etc/mavenrc 40 | fi 41 | 42 | if [ -f /etc/mavenrc ] ; then 43 | . /etc/mavenrc 44 | fi 45 | 46 | if [ -f "$HOME/.mavenrc" ] ; then 47 | . "$HOME/.mavenrc" 48 | fi 49 | 50 | fi 51 | 52 | # OS specific support. $var _must_ be set to either true or false. 53 | cygwin=false; 54 | darwin=false; 55 | mingw=false 56 | case "$(uname)" in 57 | CYGWIN*) cygwin=true ;; 58 | MINGW*) mingw=true;; 59 | Darwin*) darwin=true 60 | # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home 61 | # See https://developer.apple.com/library/mac/qa/qa1170/_index.html 62 | if [ -z "$JAVA_HOME" ]; then 63 | if [ -x "/usr/libexec/java_home" ]; then 64 | JAVA_HOME="$(/usr/libexec/java_home)"; export JAVA_HOME 65 | else 66 | JAVA_HOME="/Library/Java/Home"; export JAVA_HOME 67 | fi 68 | fi 69 | ;; 70 | esac 71 | 72 | if [ -z "$JAVA_HOME" ] ; then 73 | if [ -r /etc/gentoo-release ] ; then 74 | JAVA_HOME=$(java-config --jre-home) 75 | fi 76 | fi 77 | 78 | # For Cygwin, ensure paths are in UNIX format before anything is touched 79 | if $cygwin ; then 80 | [ -n "$JAVA_HOME" ] && 81 | JAVA_HOME=$(cygpath --unix "$JAVA_HOME") 82 | [ -n "$CLASSPATH" ] && 83 | CLASSPATH=$(cygpath --path --unix "$CLASSPATH") 84 | fi 85 | 86 | # For Mingw, ensure paths are in UNIX format before anything is touched 87 | if $mingw ; then 88 | [ -n "$JAVA_HOME" ] && [ -d "$JAVA_HOME" ] && 89 | JAVA_HOME="$(cd "$JAVA_HOME" || (echo "cannot cd into $JAVA_HOME."; exit 1); pwd)" 90 | fi 91 | 92 | if [ -z "$JAVA_HOME" ]; then 93 | javaExecutable="$(which javac)" 94 | if [ -n "$javaExecutable" ] && ! [ "$(expr "\"$javaExecutable\"" : '\([^ ]*\)')" = "no" ]; then 95 | # readlink(1) is not available as standard on Solaris 10. 96 | readLink=$(which readlink) 97 | if [ ! "$(expr "$readLink" : '\([^ ]*\)')" = "no" ]; then 98 | if $darwin ; then 99 | javaHome="$(dirname "\"$javaExecutable\"")" 100 | javaExecutable="$(cd "\"$javaHome\"" && pwd -P)/javac" 101 | else 102 | javaExecutable="$(readlink -f "\"$javaExecutable\"")" 103 | fi 104 | javaHome="$(dirname "\"$javaExecutable\"")" 105 | javaHome=$(expr "$javaHome" : '\(.*\)/bin') 106 | JAVA_HOME="$javaHome" 107 | export JAVA_HOME 108 | fi 109 | fi 110 | fi 111 | 112 | if [ -z "$JAVACMD" ] ; then 113 | if [ -n "$JAVA_HOME" ] ; then 114 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 115 | # IBM's JDK on AIX uses strange locations for the executables 116 | JAVACMD="$JAVA_HOME/jre/sh/java" 117 | else 118 | JAVACMD="$JAVA_HOME/bin/java" 119 | fi 120 | else 121 | JAVACMD="$(\unset -f command 2>/dev/null; \command -v java)" 122 | fi 123 | fi 124 | 125 | if [ ! -x "$JAVACMD" ] ; then 126 | echo "Error: JAVA_HOME is not defined correctly." >&2 127 | echo " We cannot execute $JAVACMD" >&2 128 | exit 1 129 | fi 130 | 131 | if [ -z "$JAVA_HOME" ] ; then 132 | echo "Warning: JAVA_HOME environment variable is not set." 133 | fi 134 | 135 | # traverses directory structure from process work directory to filesystem root 136 | # first directory with .mvn subdirectory is considered project base directory 137 | find_maven_basedir() { 138 | if [ -z "$1" ] 139 | then 140 | echo "Path not specified to find_maven_basedir" 141 | return 1 142 | fi 143 | 144 | basedir="$1" 145 | wdir="$1" 146 | while [ "$wdir" != '/' ] ; do 147 | if [ -d "$wdir"/.mvn ] ; then 148 | basedir=$wdir 149 | break 150 | fi 151 | # workaround for JBEAP-8937 (on Solaris 10/Sparc) 152 | if [ -d "${wdir}" ]; then 153 | wdir=$(cd "$wdir/.." || exit 1; pwd) 154 | fi 155 | # end of workaround 156 | done 157 | printf '%s' "$(cd "$basedir" || exit 1; pwd)" 158 | } 159 | 160 | # concatenates all lines of a file 161 | concat_lines() { 162 | if [ -f "$1" ]; then 163 | # Remove \r in case we run on Windows within Git Bash 164 | # and check out the repository with auto CRLF management 165 | # enabled. Otherwise, we may read lines that are delimited with 166 | # \r\n and produce $'-Xarg\r' rather than -Xarg due to word 167 | # splitting rules. 168 | tr -s '\r\n' ' ' < "$1" 169 | fi 170 | } 171 | 172 | log() { 173 | if [ "$MVNW_VERBOSE" = true ]; then 174 | printf '%s\n' "$1" 175 | fi 176 | } 177 | 178 | BASE_DIR=$(find_maven_basedir "$(dirname "$0")") 179 | if [ -z "$BASE_DIR" ]; then 180 | exit 1; 181 | fi 182 | 183 | MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"}; export MAVEN_PROJECTBASEDIR 184 | log "$MAVEN_PROJECTBASEDIR" 185 | 186 | ########################################################################################## 187 | # Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 188 | # This allows using the maven wrapper in projects that prohibit checking in binary data. 189 | ########################################################################################## 190 | wrapperJarPath="$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" 191 | if [ -r "$wrapperJarPath" ]; then 192 | log "Found $wrapperJarPath" 193 | else 194 | log "Couldn't find $wrapperJarPath, downloading it ..." 195 | 196 | if [ -n "$MVNW_REPOURL" ]; then 197 | wrapperUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.2.0/maven-wrapper-3.2.0.jar" 198 | else 199 | wrapperUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.2.0/maven-wrapper-3.2.0.jar" 200 | fi 201 | while IFS="=" read -r key value; do 202 | # Remove '\r' from value to allow usage on windows as IFS does not consider '\r' as a separator ( considers space, tab, new line ('\n'), and custom '=' ) 203 | safeValue=$(echo "$value" | tr -d '\r') 204 | case "$key" in (wrapperUrl) wrapperUrl="$safeValue"; break ;; 205 | esac 206 | done < "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.properties" 207 | log "Downloading from: $wrapperUrl" 208 | 209 | if $cygwin; then 210 | wrapperJarPath=$(cygpath --path --windows "$wrapperJarPath") 211 | fi 212 | 213 | if command -v wget > /dev/null; then 214 | log "Found wget ... using wget" 215 | [ "$MVNW_VERBOSE" = true ] && QUIET="" || QUIET="--quiet" 216 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 217 | wget $QUIET "$wrapperUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath" 218 | else 219 | wget $QUIET --http-user="$MVNW_USERNAME" --http-password="$MVNW_PASSWORD" "$wrapperUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath" 220 | fi 221 | elif command -v curl > /dev/null; then 222 | log "Found curl ... using curl" 223 | [ "$MVNW_VERBOSE" = true ] && QUIET="" || QUIET="--silent" 224 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 225 | curl $QUIET -o "$wrapperJarPath" "$wrapperUrl" -f -L || rm -f "$wrapperJarPath" 226 | else 227 | curl $QUIET --user "$MVNW_USERNAME:$MVNW_PASSWORD" -o "$wrapperJarPath" "$wrapperUrl" -f -L || rm -f "$wrapperJarPath" 228 | fi 229 | else 230 | log "Falling back to using Java to download" 231 | javaSource="$MAVEN_PROJECTBASEDIR/.mvn/wrapper/MavenWrapperDownloader.java" 232 | javaClass="$MAVEN_PROJECTBASEDIR/.mvn/wrapper/MavenWrapperDownloader.class" 233 | # For Cygwin, switch paths to Windows format before running javac 234 | if $cygwin; then 235 | javaSource=$(cygpath --path --windows "$javaSource") 236 | javaClass=$(cygpath --path --windows "$javaClass") 237 | fi 238 | if [ -e "$javaSource" ]; then 239 | if [ ! -e "$javaClass" ]; then 240 | log " - Compiling MavenWrapperDownloader.java ..." 241 | ("$JAVA_HOME/bin/javac" "$javaSource") 242 | fi 243 | if [ -e "$javaClass" ]; then 244 | log " - Running MavenWrapperDownloader.java ..." 245 | ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$wrapperUrl" "$wrapperJarPath") || rm -f "$wrapperJarPath" 246 | fi 247 | fi 248 | fi 249 | fi 250 | ########################################################################################## 251 | # End of extension 252 | ########################################################################################## 253 | 254 | # If specified, validate the SHA-256 sum of the Maven wrapper jar file 255 | wrapperSha256Sum="" 256 | while IFS="=" read -r key value; do 257 | case "$key" in (wrapperSha256Sum) wrapperSha256Sum=$value; break ;; 258 | esac 259 | done < "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.properties" 260 | if [ -n "$wrapperSha256Sum" ]; then 261 | wrapperSha256Result=false 262 | if command -v sha256sum > /dev/null; then 263 | if echo "$wrapperSha256Sum $wrapperJarPath" | sha256sum -c > /dev/null 2>&1; then 264 | wrapperSha256Result=true 265 | fi 266 | elif command -v shasum > /dev/null; then 267 | if echo "$wrapperSha256Sum $wrapperJarPath" | shasum -a 256 -c > /dev/null 2>&1; then 268 | wrapperSha256Result=true 269 | fi 270 | else 271 | echo "Checksum validation was requested but neither 'sha256sum' or 'shasum' are available." 272 | echo "Please install either command, or disable validation by removing 'wrapperSha256Sum' from your maven-wrapper.properties." 273 | exit 1 274 | fi 275 | if [ $wrapperSha256Result = false ]; then 276 | echo "Error: Failed to validate Maven wrapper SHA-256, your Maven wrapper might be compromised." >&2 277 | echo "Investigate or delete $wrapperJarPath to attempt a clean download." >&2 278 | echo "If you updated your Maven version, you need to update the specified wrapperSha256Sum property." >&2 279 | exit 1 280 | fi 281 | fi 282 | 283 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS" 284 | 285 | # For Cygwin, switch paths to Windows format before running java 286 | if $cygwin; then 287 | [ -n "$JAVA_HOME" ] && 288 | JAVA_HOME=$(cygpath --path --windows "$JAVA_HOME") 289 | [ -n "$CLASSPATH" ] && 290 | CLASSPATH=$(cygpath --path --windows "$CLASSPATH") 291 | [ -n "$MAVEN_PROJECTBASEDIR" ] && 292 | MAVEN_PROJECTBASEDIR=$(cygpath --path --windows "$MAVEN_PROJECTBASEDIR") 293 | fi 294 | 295 | # Provide a "standardized" way to retrieve the CLI args that will 296 | # work with both Windows and non-Windows executions. 297 | MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $*" 298 | export MAVEN_CMD_LINE_ARGS 299 | 300 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 301 | 302 | # shellcheck disable=SC2086 # safe args 303 | exec "$JAVACMD" \ 304 | $MAVEN_OPTS \ 305 | $MAVEN_DEBUG_OPTS \ 306 | -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \ 307 | "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \ 308 | ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@" 309 | -------------------------------------------------------------------------------- /mvnw.cmd: -------------------------------------------------------------------------------- 1 | @REM ---------------------------------------------------------------------------- 2 | @REM Licensed to the Apache Software Foundation (ASF) under one 3 | @REM or more contributor license agreements. See the NOTICE file 4 | @REM distributed with this work for additional information 5 | @REM regarding copyright ownership. The ASF licenses this file 6 | @REM to you under the Apache License, Version 2.0 (the 7 | @REM "License"); you may not use this file except in compliance 8 | @REM with the License. You may obtain a copy of the License at 9 | @REM 10 | @REM https://www.apache.org/licenses/LICENSE-2.0 11 | @REM 12 | @REM Unless required by applicable law or agreed to in writing, 13 | @REM software distributed under the License is distributed on an 14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | @REM KIND, either express or implied. See the License for the 16 | @REM specific language governing permissions and limitations 17 | @REM under the License. 18 | @REM ---------------------------------------------------------------------------- 19 | 20 | @REM ---------------------------------------------------------------------------- 21 | @REM Apache Maven Wrapper startup batch script, version 3.2.0 22 | @REM 23 | @REM Required ENV vars: 24 | @REM JAVA_HOME - location of a JDK home dir 25 | @REM 26 | @REM Optional ENV vars 27 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands 28 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending 29 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven 30 | @REM e.g. to debug Maven itself, use 31 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 32 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files 33 | @REM ---------------------------------------------------------------------------- 34 | 35 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on' 36 | @echo off 37 | @REM set title of command window 38 | title %0 39 | @REM enable echoing by setting MAVEN_BATCH_ECHO to 'on' 40 | @if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO% 41 | 42 | @REM set %HOME% to equivalent of $HOME 43 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%") 44 | 45 | @REM Execute a user defined script before this one 46 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre 47 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending 48 | if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %* 49 | if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %* 50 | :skipRcPre 51 | 52 | @setlocal 53 | 54 | set ERROR_CODE=0 55 | 56 | @REM To isolate internal variables from possible post scripts, we use another setlocal 57 | @setlocal 58 | 59 | @REM ==== START VALIDATION ==== 60 | if not "%JAVA_HOME%" == "" goto OkJHome 61 | 62 | echo. 63 | echo Error: JAVA_HOME not found in your environment. >&2 64 | echo Please set the JAVA_HOME variable in your environment to match the >&2 65 | echo location of your Java installation. >&2 66 | echo. 67 | goto error 68 | 69 | :OkJHome 70 | if exist "%JAVA_HOME%\bin\java.exe" goto init 71 | 72 | echo. 73 | echo Error: JAVA_HOME is set to an invalid directory. >&2 74 | echo JAVA_HOME = "%JAVA_HOME%" >&2 75 | echo Please set the JAVA_HOME variable in your environment to match the >&2 76 | echo location of your Java installation. >&2 77 | echo. 78 | goto error 79 | 80 | @REM ==== END VALIDATION ==== 81 | 82 | :init 83 | 84 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn". 85 | @REM Fallback to current working directory if not found. 86 | 87 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR% 88 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir 89 | 90 | set EXEC_DIR=%CD% 91 | set WDIR=%EXEC_DIR% 92 | :findBaseDir 93 | IF EXIST "%WDIR%"\.mvn goto baseDirFound 94 | cd .. 95 | IF "%WDIR%"=="%CD%" goto baseDirNotFound 96 | set WDIR=%CD% 97 | goto findBaseDir 98 | 99 | :baseDirFound 100 | set MAVEN_PROJECTBASEDIR=%WDIR% 101 | cd "%EXEC_DIR%" 102 | goto endDetectBaseDir 103 | 104 | :baseDirNotFound 105 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR% 106 | cd "%EXEC_DIR%" 107 | 108 | :endDetectBaseDir 109 | 110 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig 111 | 112 | @setlocal EnableExtensions EnableDelayedExpansion 113 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a 114 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS% 115 | 116 | :endReadAdditionalConfig 117 | 118 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe" 119 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar" 120 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 121 | 122 | set WRAPPER_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.2.0/maven-wrapper-3.2.0.jar" 123 | 124 | FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO ( 125 | IF "%%A"=="wrapperUrl" SET WRAPPER_URL=%%B 126 | ) 127 | 128 | @REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 129 | @REM This allows using the maven wrapper in projects that prohibit checking in binary data. 130 | if exist %WRAPPER_JAR% ( 131 | if "%MVNW_VERBOSE%" == "true" ( 132 | echo Found %WRAPPER_JAR% 133 | ) 134 | ) else ( 135 | if not "%MVNW_REPOURL%" == "" ( 136 | SET WRAPPER_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.2.0/maven-wrapper-3.2.0.jar" 137 | ) 138 | if "%MVNW_VERBOSE%" == "true" ( 139 | echo Couldn't find %WRAPPER_JAR%, downloading it ... 140 | echo Downloading from: %WRAPPER_URL% 141 | ) 142 | 143 | powershell -Command "&{"^ 144 | "$webclient = new-object System.Net.WebClient;"^ 145 | "if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^ 146 | "$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^ 147 | "}"^ 148 | "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%WRAPPER_URL%', '%WRAPPER_JAR%')"^ 149 | "}" 150 | if "%MVNW_VERBOSE%" == "true" ( 151 | echo Finished downloading %WRAPPER_JAR% 152 | ) 153 | ) 154 | @REM End of extension 155 | 156 | @REM If specified, validate the SHA-256 sum of the Maven wrapper jar file 157 | SET WRAPPER_SHA_256_SUM="" 158 | FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO ( 159 | IF "%%A"=="wrapperSha256Sum" SET WRAPPER_SHA_256_SUM=%%B 160 | ) 161 | IF NOT %WRAPPER_SHA_256_SUM%=="" ( 162 | powershell -Command "&{"^ 163 | "$hash = (Get-FileHash \"%WRAPPER_JAR%\" -Algorithm SHA256).Hash.ToLower();"^ 164 | "If('%WRAPPER_SHA_256_SUM%' -ne $hash){"^ 165 | " Write-Output 'Error: Failed to validate Maven wrapper SHA-256, your Maven wrapper might be compromised.';"^ 166 | " Write-Output 'Investigate or delete %WRAPPER_JAR% to attempt a clean download.';"^ 167 | " Write-Output 'If you updated your Maven version, you need to update the specified wrapperSha256Sum property.';"^ 168 | " exit 1;"^ 169 | "}"^ 170 | "}" 171 | if ERRORLEVEL 1 goto error 172 | ) 173 | 174 | @REM Provide a "standardized" way to retrieve the CLI args that will 175 | @REM work with both Windows and non-Windows executions. 176 | set MAVEN_CMD_LINE_ARGS=%* 177 | 178 | %MAVEN_JAVA_EXE% ^ 179 | %JVM_CONFIG_MAVEN_PROPS% ^ 180 | %MAVEN_OPTS% ^ 181 | %MAVEN_DEBUG_OPTS% ^ 182 | -classpath %WRAPPER_JAR% ^ 183 | "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^ 184 | %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %* 185 | if ERRORLEVEL 1 goto error 186 | goto end 187 | 188 | :error 189 | set ERROR_CODE=1 190 | 191 | :end 192 | @endlocal & set ERROR_CODE=%ERROR_CODE% 193 | 194 | if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost 195 | @REM check for post script, once with legacy .bat ending and once with .cmd ending 196 | if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat" 197 | if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd" 198 | :skipRcPost 199 | 200 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on' 201 | if "%MAVEN_BATCH_PAUSE%"=="on" pause 202 | 203 | if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE% 204 | 205 | cmd /C exit /B %ERROR_CODE% 206 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | org.springframework.boot 7 | spring-boot-starter-parent 8 | 3.1.0 9 | 10 | 11 | com.spring3.oauth.jwt 12 | oauth-jwt 13 | 0.0.1-SNAPSHOT 14 | oauth-jwt 15 | Demo project for Spring Boot 16 | 17 | 17 18 | 19 | 20 | 21 | org.springframework.boot 22 | spring-boot-starter-data-jpa 23 | 24 | 25 | org.springframework.boot 26 | spring-boot-starter-oauth2-resource-server 27 | 28 | 29 | org.springframework.boot 30 | spring-boot-starter-security 31 | 32 | 33 | org.springframework.boot 34 | spring-boot-starter-web 35 | 36 | 37 | 38 | org.modelmapper 39 | modelmapper 40 | 3.1.1 41 | 42 | 43 | 44 | com.mysql 45 | mysql-connector-j 46 | runtime 47 | 48 | 49 | org.projectlombok 50 | lombok 51 | true 52 | 53 | 54 | 55 | io.jsonwebtoken 56 | jjwt-api 57 | 0.11.5 58 | 59 | 60 | 61 | io.jsonwebtoken 62 | jjwt-impl 63 | 0.11.5 64 | 65 | 66 | 67 | io.jsonwebtoken 68 | jjwt-jackson 69 | 0.11.5 70 | 71 | 72 | 73 | org.springframework.boot 74 | spring-boot-starter-test 75 | test 76 | 77 | 78 | org.springframework.security 79 | spring-security-test 80 | test 81 | 82 | 83 | 84 | 85 | 86 | 87 | org.springframework.boot 88 | spring-boot-maven-plugin 89 | 90 | 91 | 92 | org.projectlombok 93 | lombok 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/OauthJwtApplication.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | @SpringBootApplication 7 | public class OauthJwtApplication { 8 | 9 | public static void main(String[] args) { 10 | SpringApplication.run(OauthJwtApplication.class, args); 11 | } 12 | 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/configurations/JwtAuthFilter.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.configurations; 2 | 3 | import com.spring3.oauth.jwt.helpers.UserDetailsServiceImpl; 4 | import com.spring3.oauth.jwt.services.JwtService; 5 | import jakarta.servlet.FilterChain; 6 | import jakarta.servlet.ServletException; 7 | import jakarta.servlet.http.HttpServletRequest; 8 | import jakarta.servlet.http.HttpServletResponse; 9 | import org.springframework.beans.factory.annotation.Autowired; 10 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 11 | import org.springframework.security.core.context.SecurityContextHolder; 12 | import org.springframework.security.core.userdetails.UserDetails; 13 | import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; 14 | import org.springframework.stereotype.Component; 15 | import org.springframework.web.filter.OncePerRequestFilter; 16 | 17 | import java.io.IOException; 18 | 19 | /** 20 | * @author mhmdz 21 | * Created By Zeeshan on 20-05-2023 22 | * @project oauth-jwt 23 | */ 24 | 25 | @Component 26 | public class JwtAuthFilter extends OncePerRequestFilter { 27 | 28 | @Autowired 29 | private JwtService jwtService; 30 | 31 | @Autowired 32 | UserDetailsServiceImpl userDetailsServiceImpl; 33 | 34 | @Override 35 | protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { 36 | 37 | String authHeader = request.getHeader("Authorization"); 38 | String token = null; 39 | String username = null; 40 | if(authHeader != null && authHeader.startsWith("Bearer ")){ 41 | token = authHeader.substring(7); 42 | username = jwtService.extractUsername(token); 43 | } 44 | 45 | if(username != null && SecurityContextHolder.getContext().getAuthentication() == null){ 46 | UserDetails userDetails = userDetailsServiceImpl.loadUserByUsername(username); 47 | if(jwtService.validateToken(token, userDetails)){ 48 | UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities()); 49 | authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); 50 | SecurityContextHolder.getContext().setAuthentication(authenticationToken); 51 | } 52 | 53 | } 54 | 55 | filterChain.doFilter(request, response); 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/configurations/SecurityConfig.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.configurations; 2 | 3 | import com.spring3.oauth.jwt.helpers.UserDetailsServiceImpl; 4 | import org.springframework.beans.factory.annotation.Autowired; 5 | import org.springframework.context.annotation.Bean; 6 | import org.springframework.context.annotation.Configuration; 7 | import org.springframework.security.authentication.AuthenticationManager; 8 | import org.springframework.security.authentication.AuthenticationProvider; 9 | import org.springframework.security.authentication.dao.DaoAuthenticationProvider; 10 | import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; 11 | import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; 12 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 13 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 14 | import org.springframework.security.config.http.SessionCreationPolicy; 15 | import org.springframework.security.core.userdetails.UserDetailsService; 16 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 17 | import org.springframework.security.crypto.password.PasswordEncoder; 18 | import org.springframework.security.web.SecurityFilterChain; 19 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; 20 | 21 | /** 22 | * @author mhmdz 23 | * Created By Zeeshan on 20-05-2023 24 | * @project oauth-jwt 25 | */ 26 | @Configuration 27 | @EnableWebSecurity 28 | @EnableMethodSecurity 29 | public class SecurityConfig { 30 | 31 | @Autowired 32 | JwtAuthFilter jwtAuthFilter; 33 | 34 | @Bean 35 | public UserDetailsService userDetailsService(){ 36 | return new UserDetailsServiceImpl(); 37 | } 38 | 39 | // @Bean 40 | // public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { 41 | // return http.csrf().disable() 42 | // .authorizeHttpRequests() 43 | // .requestMatchers("/api/v1/save", "/api/v1/login", "/api/v1/refreshToken").permitAll() 44 | // .and() 45 | // .authorizeHttpRequests().requestMatchers("/api/v1/**") 46 | // .authenticated() 47 | // .and() 48 | // .sessionManagement() 49 | // .sessionCreationPolicy(SessionCreationPolicy.STATELESS) 50 | // .and() 51 | // .authenticationProvider(authenticationProvider()) 52 | // .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class).build(); 53 | // } 54 | 55 | @Bean 56 | public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { 57 | return http 58 | .csrf().disable() 59 | .authorizeHttpRequests((authorize) -> authorize 60 | .requestMatchers("/api/v1/save", "/api/v1/login", "/api/v1/refreshToken").permitAll() 61 | .anyRequest().authenticated() 62 | ) 63 | .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) 64 | .authenticationProvider(authenticationProvider()) 65 | .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class) 66 | .build(); 67 | } 68 | 69 | @Bean 70 | public PasswordEncoder passwordEncoder(){ 71 | return new BCryptPasswordEncoder(); 72 | } 73 | 74 | @Bean 75 | public AuthenticationProvider authenticationProvider(){ 76 | DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider(); 77 | authenticationProvider.setUserDetailsService(userDetailsService()); 78 | authenticationProvider.setPasswordEncoder(passwordEncoder()); 79 | return authenticationProvider; 80 | 81 | } 82 | 83 | @Bean 84 | public AuthenticationManager authenticationManager(AuthenticationConfiguration config) throws Exception { 85 | return config.getAuthenticationManager(); 86 | } 87 | 88 | } 89 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/controllers/UserController.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.controllers; 2 | 3 | import com.spring3.oauth.jwt.dtos.*; 4 | import com.spring3.oauth.jwt.models.RefreshToken; 5 | import com.spring3.oauth.jwt.services.JwtService; 6 | import com.spring3.oauth.jwt.services.RefreshTokenService; 7 | import com.spring3.oauth.jwt.services.UserService; 8 | import org.springframework.beans.factory.annotation.Autowired; 9 | import org.springframework.http.ResponseEntity; 10 | import org.springframework.security.access.prepost.PreAuthorize; 11 | import org.springframework.security.authentication.AuthenticationManager; 12 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 13 | import org.springframework.security.core.Authentication; 14 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 15 | import org.springframework.web.bind.annotation.*; 16 | 17 | import java.util.List; 18 | 19 | 20 | @RestController 21 | @RequestMapping("/api/v1") 22 | public class UserController { 23 | 24 | @Autowired 25 | UserService userService; 26 | 27 | @Autowired 28 | private JwtService jwtService; 29 | 30 | @Autowired 31 | RefreshTokenService refreshTokenService; 32 | 33 | 34 | @Autowired 35 | private AuthenticationManager authenticationManager; 36 | 37 | @PostMapping(value = "/save") 38 | public ResponseEntity saveUser(@RequestBody UserRequest userRequest) { 39 | try { 40 | UserResponse userResponse = userService.saveUser(userRequest); 41 | return ResponseEntity.ok(userResponse); 42 | } catch (Exception e) { 43 | throw new RuntimeException(e); 44 | } 45 | } 46 | 47 | @GetMapping("/users") 48 | public ResponseEntity getAllUsers() { 49 | try { 50 | List userResponses = userService.getAllUser(); 51 | return ResponseEntity.ok(userResponses); 52 | } catch (Exception e){ 53 | throw new RuntimeException(e); 54 | } 55 | } 56 | 57 | 58 | @PostMapping("/profile") 59 | public ResponseEntity getUserProfile() { 60 | try { 61 | UserResponse userResponse = userService.getUser(); 62 | return ResponseEntity.ok().body(userResponse); 63 | } catch (Exception e){ 64 | throw new RuntimeException(e); 65 | } 66 | } 67 | 68 | @PreAuthorize("hasAuthority('ROLE_ADMIN')") 69 | @GetMapping("/test") 70 | public String test() { 71 | try { 72 | return "Welcome"; 73 | } catch (Exception e){ 74 | throw new RuntimeException(e); 75 | } 76 | } 77 | 78 | @PostMapping("/login") 79 | public JwtResponseDTO AuthenticateAndGetToken(@RequestBody AuthRequestDTO authRequestDTO){ 80 | Authentication authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(authRequestDTO.getUsername(), authRequestDTO.getPassword())); 81 | if(authentication.isAuthenticated()){ 82 | RefreshToken refreshToken = refreshTokenService.createRefreshToken(authRequestDTO.getUsername()); 83 | return JwtResponseDTO.builder() 84 | .accessToken(jwtService.GenerateToken(authRequestDTO.getUsername())) 85 | .token(refreshToken.getToken()).build(); 86 | 87 | } else { 88 | throw new UsernameNotFoundException("invalid user request..!!"); 89 | } 90 | 91 | } 92 | 93 | 94 | @PostMapping("/refreshToken") 95 | public JwtResponseDTO refreshToken(@RequestBody RefreshTokenRequestDTO refreshTokenRequestDTO){ 96 | return refreshTokenService.findByToken(refreshTokenRequestDTO.getToken()) 97 | .map(refreshTokenService::verifyExpiration) 98 | .map(RefreshToken::getUserInfo) 99 | .map(userInfo -> { 100 | String accessToken = jwtService.GenerateToken(userInfo.getUsername()); 101 | return JwtResponseDTO.builder() 102 | .accessToken(accessToken) 103 | .token(refreshTokenRequestDTO.getToken()).build(); 104 | }).orElseThrow(() ->new RuntimeException("Refresh Token is not in DB..!!")); 105 | } 106 | 107 | } 108 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/dtos/AuthRequestDTO.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.dtos; 2 | 3 | import lombok.AllArgsConstructor; 4 | import lombok.Builder; 5 | import lombok.Data; 6 | import lombok.NoArgsConstructor; 7 | 8 | /** 9 | * @author mhmdz 10 | * Created By Zeeshan on 20-05-2023 11 | * @project oauth-jwt 12 | */ 13 | @Data 14 | @AllArgsConstructor 15 | @NoArgsConstructor 16 | @Builder 17 | public class AuthRequestDTO { 18 | 19 | private String username; 20 | private String password; 21 | } 22 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/dtos/JwtResponseDTO.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.dtos; 2 | 3 | import lombok.AllArgsConstructor; 4 | import lombok.Builder; 5 | import lombok.Data; 6 | import lombok.NoArgsConstructor; 7 | 8 | /** 9 | * @author mhmdz 10 | * Created By Zeeshan on 20-05-2023 11 | * @project oauth-jwt 12 | */ 13 | 14 | @Data 15 | @AllArgsConstructor 16 | @NoArgsConstructor 17 | @Builder 18 | public class JwtResponseDTO { 19 | 20 | private String accessToken; 21 | private String token; 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/dtos/RefreshTokenRequestDTO.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.dtos; 2 | 3 | import lombok.AllArgsConstructor; 4 | import lombok.Data; 5 | import lombok.NoArgsConstructor; 6 | 7 | /** 8 | * @author mhmdz 9 | * Created By Zeeshan on 20-05-2023 10 | * @project oauth-jwt 11 | */ 12 | 13 | @Data 14 | @AllArgsConstructor 15 | @NoArgsConstructor 16 | public class RefreshTokenRequestDTO { 17 | private String token; 18 | } 19 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/dtos/UserRequest.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.dtos; 2 | 3 | import com.spring3.oauth.jwt.models.UserRole; 4 | import lombok.AllArgsConstructor; 5 | import lombok.Data; 6 | import lombok.NoArgsConstructor; 7 | import lombok.ToString; 8 | 9 | import java.util.Set; 10 | 11 | @Data 12 | @AllArgsConstructor 13 | @NoArgsConstructor 14 | @ToString 15 | public class UserRequest { 16 | 17 | private Long id; 18 | private String username; 19 | private String password; 20 | private Set roles; 21 | 22 | 23 | } 24 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/dtos/UserResponse.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.dtos; 2 | 3 | import com.spring3.oauth.jwt.models.UserRole; 4 | import lombok.AllArgsConstructor; 5 | import lombok.Data; 6 | import lombok.NoArgsConstructor; 7 | import lombok.ToString; 8 | 9 | import java.util.Set; 10 | 11 | @Data 12 | @AllArgsConstructor 13 | @NoArgsConstructor 14 | @ToString 15 | public class UserResponse { 16 | 17 | private Long id; 18 | private String username; 19 | private Set roles; 20 | 21 | 22 | } 23 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/helpers/CustomUserDetails.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.helpers; 2 | 3 | 4 | import com.spring3.oauth.jwt.models.UserInfo; 5 | import org.springframework.security.core.GrantedAuthority; 6 | import org.springframework.security.core.authority.SimpleGrantedAuthority; 7 | import org.springframework.security.core.userdetails.UserDetails; 8 | import com.spring3.oauth.jwt.models.UserRole; 9 | 10 | import java.util.ArrayList; 11 | import java.util.Collection; 12 | import java.util.List; 13 | 14 | public class CustomUserDetails extends UserInfo implements UserDetails { 15 | 16 | private String username; 17 | private String password; 18 | Collection authorities; 19 | 20 | public CustomUserDetails(UserInfo byUsername) { 21 | this.username = byUsername.getUsername(); 22 | this.password= byUsername.getPassword(); 23 | List auths = new ArrayList<>(); 24 | 25 | for(UserRole role : byUsername.getRoles()){ 26 | 27 | auths.add(new SimpleGrantedAuthority(role.getName().toUpperCase())); 28 | } 29 | this.authorities = auths; 30 | } 31 | 32 | @Override 33 | public Collection getAuthorities() { 34 | return authorities; 35 | } 36 | 37 | @Override 38 | public String getPassword() { 39 | return password; 40 | } 41 | 42 | @Override 43 | public String getUsername() { 44 | return username; 45 | } 46 | 47 | @Override 48 | public boolean isAccountNonExpired() { 49 | return true; 50 | } 51 | 52 | @Override 53 | public boolean isAccountNonLocked() { 54 | return true; 55 | } 56 | 57 | @Override 58 | public boolean isCredentialsNonExpired() { 59 | return true; 60 | } 61 | 62 | @Override 63 | public boolean isEnabled() { 64 | return true; 65 | } 66 | } 67 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/helpers/UserDetailsServiceImpl.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.helpers; 2 | 3 | import com.spring3.oauth.jwt.models.UserInfo; 4 | import com.spring3.oauth.jwt.repositories.UserRepository; 5 | import org.slf4j.Logger; 6 | import org.slf4j.LoggerFactory; 7 | import org.springframework.beans.factory.annotation.Autowired; 8 | import org.springframework.security.core.userdetails.UserDetails; 9 | import org.springframework.security.core.userdetails.UserDetailsService; 10 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 11 | import org.springframework.stereotype.Component; 12 | 13 | @Component 14 | public class UserDetailsServiceImpl implements UserDetailsService { 15 | 16 | @Autowired 17 | private UserRepository userRepository; 18 | 19 | private static final Logger logger = LoggerFactory.getLogger(UserDetailsServiceImpl.class); 20 | 21 | @Override 22 | public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { 23 | 24 | logger.debug("Entering in loadUserByUsername Method..."); 25 | UserInfo user = userRepository.findByUsername(username); 26 | if(user == null){ 27 | logger.error("Username not found: " + username); 28 | throw new UsernameNotFoundException("could not found user..!!"); 29 | } 30 | logger.info("User Authenticated Successfully..!!!"); 31 | return new CustomUserDetails(user); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/models/RefreshToken.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.models; 2 | 3 | import jakarta.persistence.*; 4 | import lombok.AllArgsConstructor; 5 | import lombok.Builder; 6 | import lombok.Data; 7 | import lombok.NoArgsConstructor; 8 | 9 | import java.time.Instant; 10 | 11 | /** 12 | * @author mhmdz 13 | * Created By Zeeshan on 20-05-2023 14 | * @project oauth-jwt 15 | */ 16 | 17 | @Entity 18 | @Data 19 | @AllArgsConstructor 20 | @NoArgsConstructor 21 | @Builder 22 | @Table(name = "REFRESH_TOKENS") 23 | public class RefreshToken { 24 | 25 | @Id 26 | @GeneratedValue(strategy = GenerationType.IDENTITY) 27 | private int id; 28 | private String token; 29 | 30 | private Instant expiryDate; 31 | 32 | @OneToOne 33 | @JoinColumn(name = "user_id", referencedColumnName = "id") 34 | private UserInfo userInfo; 35 | 36 | } 37 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/models/UserInfo.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.models; 2 | 3 | import com.fasterxml.jackson.annotation.JsonIgnore; 4 | import jakarta.persistence.*; 5 | import lombok.AllArgsConstructor; 6 | import lombok.Data; 7 | import lombok.NoArgsConstructor; 8 | import lombok.ToString; 9 | 10 | import java.util.HashSet; 11 | import java.util.Set; 12 | 13 | 14 | @Entity 15 | @Data 16 | @ToString 17 | @NoArgsConstructor 18 | @AllArgsConstructor 19 | @Table(name = "USERS") 20 | public class UserInfo { 21 | 22 | @Id 23 | @GeneratedValue(strategy = GenerationType.AUTO) 24 | @Column(name = "ID") 25 | private long id; 26 | private String username; 27 | @JsonIgnore 28 | private String password; 29 | @ManyToMany(fetch = FetchType.EAGER) 30 | private Set roles = new HashSet<>(); 31 | 32 | 33 | } 34 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/models/UserRole.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.models; 2 | 3 | import jakarta.persistence.*; 4 | import lombok.AllArgsConstructor; 5 | import lombok.Data; 6 | import lombok.NoArgsConstructor; 7 | import lombok.ToString; 8 | 9 | 10 | @Entity 11 | @Data 12 | @ToString 13 | @NoArgsConstructor 14 | @AllArgsConstructor 15 | @Table(name = "ROLES") 16 | public class UserRole { 17 | 18 | @Id 19 | @GeneratedValue(strategy = GenerationType.AUTO) 20 | @Column(name = "ID") 21 | private long id; 22 | private String name; 23 | 24 | } 25 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/repositories/RefreshTokenRepository.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.repositories; 2 | 3 | import com.spring3.oauth.jwt.models.RefreshToken; 4 | import org.springframework.data.repository.CrudRepository; 5 | import org.springframework.stereotype.Repository; 6 | 7 | import java.util.Optional; 8 | 9 | /** 10 | * @author mhmdz 11 | * Created By Zeeshan on 20-05-2023 12 | * @project oauth-jwt 13 | */ 14 | @Repository 15 | public interface RefreshTokenRepository extends CrudRepository { 16 | 17 | Optional findByToken(String token); 18 | } 19 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/repositories/UserRepository.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.repositories; 2 | 3 | import com.spring3.oauth.jwt.models.UserInfo; 4 | import org.springframework.data.repository.CrudRepository; 5 | import org.springframework.stereotype.Repository; 6 | 7 | 8 | @Repository 9 | public interface UserRepository extends CrudRepository { 10 | 11 | public UserInfo findByUsername(String username); 12 | UserInfo findFirstById(Long id); 13 | 14 | } 15 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/services/JwtService.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.services; 2 | 3 | import io.jsonwebtoken.Claims; 4 | import io.jsonwebtoken.Jwts; 5 | import io.jsonwebtoken.SignatureAlgorithm; 6 | import io.jsonwebtoken.io.Decoders; 7 | import io.jsonwebtoken.security.Keys; 8 | import org.springframework.security.core.userdetails.UserDetails; 9 | import org.springframework.stereotype.Component; 10 | 11 | import java.security.Key; 12 | import java.util.Date; 13 | import java.util.HashMap; 14 | import java.util.Map; 15 | import java.util.function.Function; 16 | 17 | /** 18 | * @author mhmdz 19 | * Created By Zeeshan on 20-05-2023 20 | * @project oauth-jwt 21 | */ 22 | 23 | @Component 24 | public class JwtService { 25 | 26 | public static final String SECRET = "357638792F423F4428472B4B6250655368566D597133743677397A2443264629"; 27 | 28 | public String extractUsername(String token) { 29 | return extractClaim(token, Claims::getSubject); 30 | } 31 | 32 | public Date extractExpiration(String token) { 33 | return extractClaim(token, Claims::getExpiration); 34 | } 35 | 36 | public T extractClaim(String token, Function claimsResolver) { 37 | final Claims claims = extractAllClaims(token); 38 | return claimsResolver.apply(claims); 39 | } 40 | 41 | private Claims extractAllClaims(String token) { 42 | return Jwts 43 | .parserBuilder() 44 | .setSigningKey(getSignKey()) 45 | .build() 46 | .parseClaimsJws(token) 47 | .getBody(); 48 | } 49 | 50 | private Boolean isTokenExpired(String token) { 51 | return extractExpiration(token).before(new Date()); 52 | } 53 | 54 | public Boolean validateToken(String token, UserDetails userDetails) { 55 | final String username = extractUsername(token); 56 | return (username.equals(userDetails.getUsername()) && !isTokenExpired(token)); 57 | } 58 | 59 | 60 | 61 | public String GenerateToken(String username){ 62 | Map claims = new HashMap<>(); 63 | return createToken(claims, username); 64 | } 65 | 66 | 67 | 68 | private String createToken(Map claims, String username) { 69 | 70 | return Jwts.builder() 71 | .setClaims(claims) 72 | .setSubject(username) 73 | .setIssuedAt(new Date(System.currentTimeMillis())) 74 | .setExpiration(new Date(System.currentTimeMillis()+1000*60*1)) 75 | .signWith(getSignKey(), SignatureAlgorithm.HS256).compact(); 76 | } 77 | 78 | private Key getSignKey() { 79 | byte[] keyBytes = Decoders.BASE64.decode(SECRET); 80 | return Keys.hmacShaKeyFor(keyBytes); 81 | } 82 | } 83 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/services/RefreshTokenService.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.services; 2 | 3 | import com.spring3.oauth.jwt.models.RefreshToken; 4 | import com.spring3.oauth.jwt.repositories.RefreshTokenRepository; 5 | import com.spring3.oauth.jwt.repositories.UserRepository; 6 | import org.springframework.beans.factory.annotation.Autowired; 7 | import org.springframework.stereotype.Service; 8 | 9 | import java.time.Instant; 10 | import java.util.Optional; 11 | import java.util.UUID; 12 | 13 | /** 14 | * @author mhmdz 15 | * Created By Zeeshan on 20-05-2023 16 | * @project oauth-jwt 17 | */ 18 | 19 | @Service 20 | public class RefreshTokenService { 21 | 22 | @Autowired 23 | RefreshTokenRepository refreshTokenRepository; 24 | 25 | @Autowired 26 | UserRepository userRepository; 27 | 28 | public RefreshToken createRefreshToken(String username){ 29 | RefreshToken refreshToken = RefreshToken.builder() 30 | .userInfo(userRepository.findByUsername(username)) 31 | .token(UUID.randomUUID().toString()) 32 | .expiryDate(Instant.now().plusMillis(600000)) 33 | .build(); 34 | return refreshTokenRepository.save(refreshToken); 35 | } 36 | 37 | 38 | 39 | public Optional findByToken(String token){ 40 | return refreshTokenRepository.findByToken(token); 41 | } 42 | 43 | public RefreshToken verifyExpiration(RefreshToken token){ 44 | if(token.getExpiryDate().compareTo(Instant.now())<0){ 45 | refreshTokenRepository.delete(token); 46 | throw new RuntimeException(token.getToken() + " Refresh token is expired. Please make a new login..!"); 47 | } 48 | return token; 49 | 50 | } 51 | 52 | } 53 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/services/UserService.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.services; 2 | 3 | import com.spring3.oauth.jwt.dtos.UserRequest; 4 | import com.spring3.oauth.jwt.dtos.UserResponse; 5 | 6 | import java.util.List; 7 | 8 | 9 | public interface UserService { 10 | 11 | UserResponse saveUser(UserRequest userRequest); 12 | 13 | UserResponse getUser(); 14 | 15 | List getAllUser(); 16 | 17 | 18 | } 19 | -------------------------------------------------------------------------------- /src/main/java/com/spring3/oauth/jwt/services/UserServiceImpl.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt.services; 2 | 3 | import com.spring3.oauth.jwt.dtos.UserRequest; 4 | import com.spring3.oauth.jwt.dtos.UserResponse; 5 | import com.spring3.oauth.jwt.models.UserInfo; 6 | import com.spring3.oauth.jwt.repositories.UserRepository; 7 | import org.modelmapper.ModelMapper; 8 | import org.modelmapper.TypeToken; 9 | import org.springframework.beans.factory.annotation.Autowired; 10 | import org.springframework.security.core.Authentication; 11 | import org.springframework.security.core.context.SecurityContextHolder; 12 | import org.springframework.security.core.userdetails.UserDetails; 13 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 14 | import org.springframework.stereotype.Service; 15 | 16 | import java.lang.reflect.Type; 17 | import java.util.List; 18 | 19 | @Service 20 | public class UserServiceImpl implements UserService { 21 | 22 | @Autowired 23 | UserRepository userRepository; 24 | 25 | ModelMapper modelMapper = new ModelMapper(); 26 | 27 | 28 | @Override 29 | public UserResponse saveUser(UserRequest userRequest) { 30 | if(userRequest.getUsername() == null){ 31 | throw new RuntimeException("Parameter username is not found in request..!!"); 32 | } else if(userRequest.getPassword() == null){ 33 | throw new RuntimeException("Parameter password is not found in request..!!"); 34 | } 35 | 36 | 37 | // Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); 38 | // UserDetails userDetail = (UserDetails) authentication.getPrincipal(); 39 | // String usernameFromAccessToken = userDetail.getUsername(); 40 | // 41 | // UserInfo currentUser = userRepository.findByUsername(usernameFromAccessToken); 42 | 43 | UserInfo savedUser = null; 44 | 45 | BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(); 46 | String rawPassword = userRequest.getPassword(); 47 | String encodedPassword = encoder.encode(rawPassword); 48 | 49 | UserInfo user = modelMapper.map(userRequest, UserInfo.class); 50 | user.setPassword(encodedPassword); 51 | if(userRequest.getId() != null){ 52 | UserInfo oldUser = userRepository.findFirstById(userRequest.getId()); 53 | if(oldUser != null){ 54 | oldUser.setId(user.getId()); 55 | oldUser.setPassword(user.getPassword()); 56 | oldUser.setUsername(user.getUsername()); 57 | oldUser.setRoles(user.getRoles()); 58 | 59 | savedUser = userRepository.save(oldUser); 60 | } else { 61 | throw new RuntimeException("Can't find record with identifier: " + userRequest.getId()); 62 | } 63 | } else { 64 | savedUser = userRepository.save(user); 65 | } 66 | return modelMapper.map(savedUser, UserResponse.class); 67 | } 68 | 69 | @Override 70 | public UserResponse getUser() { 71 | Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); 72 | UserDetails userDetail = (UserDetails) authentication.getPrincipal(); 73 | String usernameFromAccessToken = userDetail.getUsername(); 74 | UserInfo user = userRepository.findByUsername(usernameFromAccessToken); 75 | return modelMapper.map(user, UserResponse.class); 76 | } 77 | 78 | @Override 79 | public List getAllUser() { 80 | List users = (List) userRepository.findAll(); 81 | Type setOfDTOsType = new TypeToken>(){}.getType(); 82 | return modelMapper.map(users, setOfDTOsType); 83 | } 84 | 85 | 86 | } 87 | -------------------------------------------------------------------------------- /src/main/resources/application.properties: -------------------------------------------------------------------------------- 1 | spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver 2 | spring.datasource.url=jdbc:mysql://localhost:3306/auth_db 3 | spring.datasource.username=root 4 | spring.datasource.password=root 5 | spring.jpa.show-sql=true 6 | spring.jpa.hibernate.ddl-auto=none 7 | spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.MySQL8Dialect 8 | server.port=9898 9 | -------------------------------------------------------------------------------- /src/test/java/com/spring3/oauth/jwt/OauthJwtApplicationTests.java: -------------------------------------------------------------------------------- 1 | package com.spring3.oauth.jwt; 2 | 3 | import org.junit.jupiter.api.Test; 4 | import org.springframework.boot.test.context.SpringBootTest; 5 | 6 | @SpringBootTest 7 | class OauthJwtApplicationTests { 8 | 9 | @Test 10 | void contextLoads() { 11 | } 12 | 13 | } 14 | --------------------------------------------------------------------------------