Commit 93c1488

author

Davr bank

committed

Basic Auth

1 parent 788215d commit 93c1488Copy full SHA for 93c1488

File tree

7 files changed

+230

-0

lines changed

Advanced-SpringSecure/1. simple-secure/secure-start
- pom.xml
- src/main
  - java/com/secure/sytem/securestart
    - controller
      - StudentManagementController.java
    - security
  - resources/static
    - index.html

7 files changed

+230

-0

lines changed

`‎Advanced-SpringSecure/1. simple-secure/secure-start/pom.xml`

Lines changed: 7 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -61,10 +61,17 @@`
`61`	`61`	`<artifactId>spring-boot-starter-test</artifactId>`
`62`	`62`	`<scope>test</scope>`
`63`	`63`	`</dependency>`
	`64`	`+ <!-- Security configuration .-->`
`64`	`65`	`<dependency>`
`65`	`66`	`<groupId>org.springframework.boot</groupId>`
`66`	`67`	`<artifactId>spring-boot-starter-security</artifactId>`
`67`	`68`	`</dependency>`
	`69`	`+ <dependency>`
	`70`	`+ <groupId>com.google.guava</groupId>`
	`71`	`+ <artifactId>guava</artifactId>`
	`72`	`+ <version>31.1-jre</version>`
	`73`	`+ </dependency>`
	`74`	`+ <!-- Secure end. -->`
`68`	`75`	`</dependencies>`
`69`	`76`
`70`	`77`	`<build>`

`‎Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/controller/StudentManagementController.java`

Lines changed: 47 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,47 @@`
	`1`	`+package com.secure.sytem.securestart.controller;`
	`2`	`+`
	`3`	`+import com.secure.sytem.securestart.entity.Student;`
	`4`	`+import org.springframework.web.bind.annotation.*;`
	`5`	`+`
	`6`	`+import java.util.Arrays;`
	`7`	`+import java.util.List;`
	`8`	`+`
	`9`	`+/**`
	`10`	`+ * @project: secure-start`
	`11`	`+ * @Date: 12.08.2022`
	`12`	`+ * @author: H_Urunov`
	`13`	`+ **/`
	`14`	`+@RestController`
	`15`	`+@RequestMapping("/management/api/v1/students")`
	`16`	`+public class StudentManagementController {`
	`17`	`+ //`
	`18`	`+ private static final List<Student> STUDENTS = Arrays.asList(`
	`19`	`+ new Student(1, "James Bond"),`
	`20`	`+ new Student(2, "Lary Gaga"),`
	`21`	`+ new Student(3, "Faktor2"),`
	`22`	`+ new Student(4, "Anna "),`
	`23`	`+ new Student(5, "Anna German ")`
	`24`	`+ );`
	`25`	`+`
	`26`	`+ @GetMapping`
	`27`	`+ public List<Student> getAllStudents(){`
	`28`	`+ return STUDENTS;`
	`29`	`+ }`
	`30`	`+`
	`31`	`+ @PostMapping`
	`32`	`+ public void registerNewStudent(@RequestBody Student student){`
	`33`	`+ System.out.println("registerNewStudent");`
	`34`	`+ System.out.println(student);`
	`35`	`+ }`
	`36`	`+`
	`37`	`+ @DeleteMapping(path = "{studentId}")`
	`38`	`+ public void deleteStudent(@PathVariable() Integer studentId){`
	`39`	`+ System.out.println("deleteStudent");`
	`40`	`+ System.out.println(studentId);`
	`41`	`+ }`
	`42`	`+ @PutMapping(path = "{studentId}")`
	`43`	`+ public void updateStudent(@PathVariable("studentId") Integer studentId, @RequestBody Student student){`
	`44`	`+ System.out.println("Update student INFO.");`
	`45`	`+ System.out.println(String.format("%s %s", studentId, student));`
	`46`	`+ }`
	`47`	`+}`

`‎Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/ApplicationSecurityConfig.java`

Lines changed: 83 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,83 @@`
	`1`	`+package com.secure.sytem.securestart.security;`
	`2`	`+`
	`3`	`+import org.springframework.beans.factory.annotation.Autowired;`
	`4`	`+import org.springframework.context.annotation.Bean;`
	`5`	`+import org.springframework.context.annotation.Configuration;`
	`6`	`+import org.springframework.http.HttpMethod;`
	`7`	`+import org.springframework.security.config.annotation.web.builders.HttpSecurity;`
	`8`	`+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;`
	`9`	`+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;`
	`10`	`+import org.springframework.security.core.userdetails.User;`
	`11`	`+import org.springframework.security.core.userdetails.UserDetails;`
	`12`	`+import org.springframework.security.core.userdetails.UserDetailsService;`
	`13`	`+import org.springframework.security.crypto.password.PasswordEncoder;`
	`14`	`+import org.springframework.security.provisioning.InMemoryUserDetailsManager;`
	`15`	`+`
	`16`	`+import static com.secure.sytem.securestart.security.ApplicationUserPermission.COURSE_WRITE;`
	`17`	`+import static com.secure.sytem.securestart.security.ApplicationUserRole.*;`
	`18`	`+`
	`19`	`+/**`
	`20`	`+ * @project: secure-start`
	`21`	`+ * @Date: 12.08.2022`
	`22`	`+ * @author: H_Urunov`
	`23`	`+ **/`
	`24`	`+@Configuration`
	`25`	`+@EnableWebSecurity`
	`26`	`+public class ApplicationSecurityConfig extends WebSecurityConfigurerAdapter {`
	`27`	`+ //`
	`28`	`+ private final PasswordEncoder passwordEncoder;`
	`29`	`+`
	`30`	`+ @Autowired`
	`31`	`+ public ApplicationSecurityConfig(PasswordEncoder passwordEncoder) {`
	`32`	`+ this.passwordEncoder = passwordEncoder;`
	`33`	`+ }`
	`34`	`+`
	`35`	`+ @Override`
	`36`	`+ protected void configure(HttpSecurity http) throws Exception {`
	`37`	`+ http`
	`38`	`+ .csrf().disable()`
	`39`	`+ .authorizeRequests()`
	`40`	`+ .antMatchers("/", "index", "/css/", "/js/").permitAll()`
	`41`	`+ .antMatchers("/api/**").hasRole(STUDENT.name())`
	`42`	`+ .antMatchers(HttpMethod.DELETE,"/management/api/**").hasAuthority(COURSE_WRITE.name())`
	`43`	`+ .antMatchers(HttpMethod.POST, "/management/api/**").hasAuthority(COURSE_WRITE.name())`
	`44`	`+ .antMatchers(HttpMethod.PUT, "/management/api/**").hasAuthority(COURSE_WRITE.name())`
	`45`	`+ .antMatchers(HttpMethod.GET, "/management/api/**").hasAnyRole(ADMIN.name(), ADMINTRAINEE.name())`
	`46`	`+ .anyRequest()`
	`47`	`+ .authenticated()`
	`48`	`+ .and()`
	`49`	`+ .httpBasic();`
	`50`	`+ }`
	`51`	`+`
	`52`	`+ @Override`
	`53`	`+ @Bean`
	`54`	`+ protected UserDetailsService userDetailsService() {`
	`55`	`+ // Permission User(s)`
	`56`	`+ UserDetails urunovUser =`
	`57`	`+ User.builder()`
	`58`	`+ .username("urunov")`
	`59`	`+ .password(passwordEncoder.encode("urunov1987"))`
	`60`	`+ .authorities(STUDENT.getGrantedAuthorities())`
	`61`	`+// .roles(STUDENT.name()) // ROLE_STUDENT`
	`62`	`+ .build();`
	`63`	`+`
	`64`	`+ UserDetails lindaUser = User.builder()`
	`65`	`+ .username("linda")`
	`66`	`+ .password(passwordEncoder.encode("linda333"))`
	`67`	`+ .authorities(ADMIN.getGrantedAuthorities())`
	`68`	`+// .roles(ADMIN.name()) // ROLE_ADMIN`
	`69`	`+ .build();`
	`70`	`+`
	`71`	`+ UserDetails tomUser = User.builder()`
	`72`	`+ .username("tom")`
	`73`	`+ .password(passwordEncoder.encode("tom555"))`
	`74`	`+ .authorities(ADMINTRAINEE.getGrantedAuthorities())`
	`75`	`+// .roles(ADMINTRAINEE.name()) // ROLE ADMINTRAINEE`
	`76`	`+ .build();`
	`77`	`+ return new InMemoryUserDetailsManager(`
	`78`	`+ lindaUser,`
	`79`	`+ urunovUser,`
	`80`	`+ tomUser`
	`81`	`+ );`
	`82`	`+ }`
	`83`	`+}`

`‎Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/ApplicationUserPermission.java`

Lines changed: 24 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,24 @@`
	`1`	`+package com.secure.sytem.securestart.security;`
	`2`	`+`
	`3`	`+/**`
	`4`	`+ * @project: secure-start`
	`5`	`+ * @Date: 12.08.2022`
	`6`	`+ * @author: H_Urunov`
	`7`	`+ **/`
	`8`	`+`
	`9`	`+public enum ApplicationUserPermission {`
	`10`	`+ STUDENT_READ("student: read"),`
	`11`	`+ STUDENT_WRITE("student: write"),`
	`12`	`+ COURSE_READ("course:read"),`
	`13`	`+ COURSE_WRITE("course: write");`
	`14`	`+`
	`15`	`+ private final String permission;`
	`16`	`+`
	`17`	`+ ApplicationUserPermission(String permission) {`
	`18`	`+ this.permission = permission;`
	`19`	`+ }`
	`20`	`+`
	`21`	`+ public String getPermission(){`
	`22`	`+ return permission;`
	`23`	`+ }`
	`24`	`+}`

`‎Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/ApplicationUserRole.java`

Lines changed: 39 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,39 @@`
	`1`	`+package com.secure.sytem.securestart.security;`
	`2`	`+`
	`3`	`+import com.google.common.collect.Sets;`
	`4`	`+import org.springframework.security.core.GrantedAuthority;`
	`5`	`+import org.springframework.security.core.authority.SimpleGrantedAuthority;`
	`6`	`+`
	`7`	`+import java.util.Set;`
	`8`	`+import java.util.stream.Collectors;`
	`9`	`+`
	`10`	`+import static com.secure.sytem.securestart.security.ApplicationUserPermission.*;`
	`11`	`+`
	`12`	`+/**`
	`13`	`+ * @project: secure-start`
	`14`	`+ * @Date: 12.08.2022`
	`15`	`+ * @author: H_Urunov`
	`16`	`+ **/`
	`17`	`+public enum ApplicationUserRole {`
	`18`	`+ ADMIN(Sets.newHashSet(COURSE_READ, COURSE_WRITE, STUDENT_READ, STUDENT_WRITE)),`
	`19`	`+ STUDENT(Sets.newHashSet()),`
	`20`	`+ ADMINTRAINEE(Sets.newHashSet()),`
	`21`	`+ MANAGER(Sets.newHashSet(COURSE_READ, STUDENT_READ));`
	`22`	`+`
	`23`	`+ private final Set<ApplicationUserPermission> permissions;`
	`24`	`+`
	`25`	`+ ApplicationUserRole(Set<ApplicationUserPermission> permissions) {`
	`26`	`+ this.permissions = permissions;`
	`27`	`+ }`
	`28`	`+`
	`29`	`+ public Set<ApplicationUserPermission> getPermissions(){`
	`30`	`+ return permissions;`
	`31`	`+ }`
	`32`	`+ public Set<SimpleGrantedAuthority> getGrantedAuthorities(){`
	`33`	`+ Set<SimpleGrantedAuthority> permissions = getPermissions().stream()`
	`34`	`+ .map(permission -> new SimpleGrantedAuthority(permission.getPermission()))`
	`35`	`+ .collect(Collectors.toSet());`
	`36`	`+ permissions.add(new SimpleGrantedAuthority("ROLE_" +this.name()));`
	`37`	`+ return permissions;`
	`38`	`+ }`
	`39`	`+}`

`‎Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/PasswordConfig.java`

Lines changed: 20 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,20 @@`
	`1`	`+package com.secure.sytem.securestart.security;`
	`2`	`+`
	`3`	`+import org.springframework.context.annotation.Bean;`
	`4`	`+import org.springframework.context.annotation.Configuration;`
	`5`	`+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;`
	`6`	`+import org.springframework.security.crypto.password.PasswordEncoder;`
	`7`	`+`
	`8`	`+/**`
	`9`	`+ * @project: secure-start`
	`10`	`+ * @Date: 12.08.2022`
	`11`	`+ * @author: H_Urunov`
	`12`	`+ **/`
	`13`	`+@Configuration`
	`14`	`+public class PasswordConfig {`
	`15`	`+ //`
	`16`	`+ @Bean`
	`17`	`+ public PasswordEncoder passwordEncoder(){`
	`18`	`+ return new BCryptPasswordEncoder(10);`
	`19`	`+ }`
	`20`	`+}`

`‎Advanced-SpringSecure/1. simple-secure/secure-start/src/main/resources/static/index.html`

Lines changed: 10 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,10 @@`
	`1`	`+<!DOCTYPE html>`
	`2`	`+<html lang="en">`
	`3`	`+<head>`
	`4`	`+ <meta charset="UTF-8">`
	`5`	`+ <title>Title</title>`
	`6`	`+</head>`
	`7`	`+<body>`
	`8`	`+ <h1>Hello Spring Boot Security</h1>`
	`9`	`+</body>`
	`10`	`+</html>`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit 93c1488

File tree

7 files changed

7 files changed

`‎Advanced-SpringSecure/1. simple-secure/secure-start/pom.xml`

`‎Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/controller/StudentManagementController.java`

`‎Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/ApplicationSecurityConfig.java`

`‎Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/ApplicationUserPermission.java`

`‎Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/ApplicationUserRole.java`

`‎Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/PasswordConfig.java`

`‎Advanced-SpringSecure/1. simple-secure/secure-start/src/main/resources/static/index.html`

0 commit comments