From 871d9e55e420a506344c69e529ad5d527351671e Mon Sep 17 00:00:00 2001
From: Sir DICO <88980314+SirDICO@users.noreply.github.com>
Date: Fri, 29 Jul 2022 13:18:54 +0100
Subject: [PATCH] role Based Authentication
---
pom.xml | 11 ++++-
.../security/ApplicationSecurityConfig.java | 44 +++++++++++++++++--
.../authedemo/security/UserPermission.java | 19 ++++++++
.../com/dico/authedemo/security/UserRole.java | 24 ++++++++++
.../authedemo/security/passwordConfig.java | 16 +++++++
5 files changed, 109 insertions(+), 5 deletions(-)
create mode 100644 src/main/java/com/dico/authedemo/security/UserPermission.java
create mode 100644 src/main/java/com/dico/authedemo/security/UserRole.java
create mode 100644 src/main/java/com/dico/authedemo/security/passwordConfig.java
diff --git a/pom.xml b/pom.xml
index 928287c..3f5e36a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -25,12 +25,21 @@
org.springframework.boot
spring-boot-starter-security
-
+
+ com.google.guava
+ guava
+ 28.1-jre
+
org.springframework.boot
spring-boot-starter-test
test
+
+ com.google.guava
+ guava
+ 28.2-android
+
diff --git a/src/main/java/com/dico/authedemo/security/ApplicationSecurityConfig.java b/src/main/java/com/dico/authedemo/security/ApplicationSecurityConfig.java
index 981e1d0..2607936 100644
--- a/src/main/java/com/dico/authedemo/security/ApplicationSecurityConfig.java
+++ b/src/main/java/com/dico/authedemo/security/ApplicationSecurityConfig.java
@@ -1,22 +1,37 @@
package com.dico.authedemo.security;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+
+import static com.dico.authedemo.security.UserRole.STUDENT;
@Configuration
@EnableWebSecurity
public class ApplicationSecurityConfig extends WebSecurityConfigurerAdapter {
+
+ private final PasswordEncoder passwordEncoder;
+ @Autowired
+ public ApplicationSecurityConfig(PasswordEncoder passwordEncoder) {
+ this.passwordEncoder = passwordEncoder;
+ }
+
@Override
protected void configure(HttpSecurity http) throws Exception {
http
//ensure authourization
.authorizeRequests()
- //disable authourization
- .antMatchers("/", "index","/css/*", "/js/*")
- //permit all url specified in antmatcher
- .permitAll()
+ //disable authourization for this set of guys
+ .antMatchers("/", "index","/css/*", "/js/*").permitAll()
+ .antMatchers("/api/**").hasRole(STUDENT.name())
//ensure it's done on any request
.anyRequest()
//then authenticate the request
@@ -26,4 +41,25 @@ protected void configure(HttpSecurity http) throws Exception {
//then use basic authentication type for access
.httpBasic();
}
+
+ @Override
+ @Bean
+ protected UserDetailsService userDetailsService() {
+ UserDetails UserIkenna = User.builder()
+ .username("ikenna")
+ .password(passwordEncoder.encode("password"))
+ .roles(UserRole.ADMIN.name())
+ .build();
+
+ UserDetails UserLinda = User.builder()
+ .username("linda")
+ .password(passwordEncoder.encode("password1"))
+ .roles(STUDENT.name())
+ .build();
+ return new InMemoryUserDetailsManager(
+ UserLinda,
+ UserIkenna
+ );
+
+ }
}
diff --git a/src/main/java/com/dico/authedemo/security/UserPermission.java b/src/main/java/com/dico/authedemo/security/UserPermission.java
new file mode 100644
index 0000000..318519c
--- /dev/null
+++ b/src/main/java/com/dico/authedemo/security/UserPermission.java
@@ -0,0 +1,19 @@
+package com.dico.authedemo.security;
+
+
+public enum UserPermission {
+
+ STUDENT_READ("student:read"),
+ STUDENT_WRITE("student:write"),
+ COURSE_READ("course:read"),
+ COURSE_WRITE("course:write");
+ private final String permission;
+
+ public String getPermission() {
+ return permission;
+ }
+
+ UserPermission(String permission) {
+ this.permission = permission;
+ }
+}
diff --git a/src/main/java/com/dico/authedemo/security/UserRole.java b/src/main/java/com/dico/authedemo/security/UserRole.java
new file mode 100644
index 0000000..c47eb91
--- /dev/null
+++ b/src/main/java/com/dico/authedemo/security/UserRole.java
@@ -0,0 +1,24 @@
+package com.dico.authedemo.security;
+
+
+import com.google.common.collect.Sets;
+
+import java.util.Set;
+
+import static com.dico.authedemo.security.UserPermission.*;
+
+public enum UserRole {
+
+ STUDENT(Sets.newHashSet()),
+ ADMIN(Sets.newHashSet(COURSE_READ,COURSE_WRITE,STUDENT_READ,STUDENT_WRITE));
+
+ public Set getPermissions() {
+ return permissions;
+ }
+
+ private final Set permissions;
+
+ UserRole(Set permissions) {
+ this.permissions = permissions;
+ }
+}
diff --git a/src/main/java/com/dico/authedemo/security/passwordConfig.java b/src/main/java/com/dico/authedemo/security/passwordConfig.java
new file mode 100644
index 0000000..0ba1065
--- /dev/null
+++ b/src/main/java/com/dico/authedemo/security/passwordConfig.java
@@ -0,0 +1,16 @@
+package com.dico.authedemo.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class passwordConfig {
+
+ @Bean
+ public PasswordEncoder passwordEncoder(){
+ return new BCryptPasswordEncoder( 10);
+ }
+
+}