Added forbiden urls and protected

2020-09-14 14:02:05 +02:00
parent 478ea27480
commit 82c4c9d0fe
6 changed files with 225 additions and 0 deletions
--- a/restservice/src/main/java/com/plannaplan/security/AuthenticationProvider.java
+++ b/restservice/src/main/java/com/plannaplan/security/AuthenticationProvider.java
@ -0,0 +1,91 @@
+package com.plannaplan.security;
+
+import java.util.Collection;
+
+import com.plannaplan.entities.User;
+import com.plannaplan.services.UserService;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Component;
+
+@Component
+public class AuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
+
+    @Autowired
+    private UserService userService;
+
+    @Override
+    protected void additionalAuthenticationChecks(UserDetails userDetails,
+            UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
+        // TODO Auto-generated method stub
+
+    }
+
+    @Override
+    protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication)
+            throws AuthenticationException {
+
+        String token = authentication.getCredentials().toString();
+
+        User user = this.userService.getByToken(token);
+
+        if (user == null) {
+            throw new UsernameNotFoundException("Cannot find user with authentication token=" + token);
+        }
+
+        UserDetails response = new UserDetails() {
+
+            /**
+             *
+             */
+            private static final long serialVersionUID = 1L;
+
+            @Override
+            public Collection<? extends GrantedAuthority> getAuthorities() {
+                // TODO Auto-generated method stub
+                return null;
+            }
+
+            @Override
+            public String getPassword() {
+                return null;
+            }
+
+            @Override
+            public String getUsername() {
+                return user.getName() + " " + user.getSurname();
+            }
+
+            @Override
+            public boolean isAccountNonExpired() {
+                return true;
+            }
+
+            @Override
+            public boolean isAccountNonLocked() {
+                return true;
+            }
+
+            @Override
+            public boolean isCredentialsNonExpired() {
+                // TODO Auto-generated method stub
+                return true;
+            }
+
+            @Override
+            public boolean isEnabled() {
+                return true;
+            }
+
+        };
+
+        return response;
+    }
+
+}