diff --git a/pom.xml b/pom.xml
index 74d24dc..436f368 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,7 +7,7 @@
org.springframework.boot
spring-boot-starter-parent
- 2.1.7.RELEASE
+ 2.1.9.RELEASE
@@ -15,7 +15,7 @@
com.oauth2
project-example-springboot-oauth2-rbac
- 1.0.0
+ 2.0.0
project-example-springboot-oauth2-rbac
Project Example with Spring Boot and OAuth2 and RBAC.
@@ -23,6 +23,7 @@
1.8
+ 2.1.9.RELEASE
@@ -45,38 +46,34 @@
org.springframework.security.oauth.boot
spring-security-oauth2-autoconfigure
- 2.1.7.RELEASE
+ ${spring.oauth2.autoconfigure.version}
-
+
org.springframework.boot
spring-boot-starter-data-jpa
-
org.postgresql
postgresql
-
-
+
org.springframework.boot
spring-boot-starter-actuator
-
io.springfox
springfox-swagger2
2.9.2
-
io.springfox
springfox-swagger-ui
@@ -99,17 +96,17 @@
runtime
-
+
+
- com.h2database
- h2
+ org.springframework.boot
+ spring-boot-starter-test
test
-
- org.springframework.boot
- spring-boot-starter-test
+ com.h2database
+ h2
test
diff --git a/src/main/java/com/oauth2/config/auth/WebSecurityConfig.java b/src/main/java/com/oauth2/config/auth/WebSecurityConfig.java
index 4fb60f4..5ffbec5 100644
--- a/src/main/java/com/oauth2/config/auth/WebSecurityConfig.java
+++ b/src/main/java/com/oauth2/config/auth/WebSecurityConfig.java
@@ -23,7 +23,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
"/**.html",
"/configuration/**"};
-
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
diff --git a/src/main/java/com/oauth2/config/auth/custom/CustomPermissionEvaluator.java b/src/main/java/com/oauth2/config/auth/custom/CustomPermissionEvaluator.java
index fb59575..1979c4a 100644
--- a/src/main/java/com/oauth2/config/auth/custom/CustomPermissionEvaluator.java
+++ b/src/main/java/com/oauth2/config/auth/custom/CustomPermissionEvaluator.java
@@ -24,10 +24,7 @@ public class CustomPermissionEvaluator implements PermissionEvaluator {
@Autowired
private IUserService userService;
-
- //OR -> @PreAuthorize("hasPermission(returnObject, {'user_create', 'user_update', 'abcd_create', 'abcd_read', 'user_read'})")
- //AND -> @PreAuthorize("hasPermission(returnObject, {'user_read'}) AND hasPermission(returnObject, {'user_update'})")
@Override
public boolean hasPermission(Authentication auth, Object targetDomainObject, Object permission) {
@@ -46,21 +43,17 @@ public boolean hasPermission(Authentication auth, Object targetDomainObject, Obj
log.info("Permission Invalid for this method");
return false;
}
-
} catch (Exception e) {
log.error("Error in method hasPermission in class CustomPermissionEvaluator: " + e.getMessage());
return false;
}
}
-
- //@PreAuthorize("hasPermission(#id, 'Foo', 'read')")
@Override
public boolean hasPermission(Authentication auth, Serializable targetId, String targetType, Object permission) {
return true;
}
-
private List validPermissions(Authentication auth, Object permission) {
log.info("Begin - validating user permission in method validPermissions in class CustomPermissionEvaluator");
@@ -91,3 +84,10 @@ private List validPermissions(Authentication auth, Object permission) {
}
}
+
+/*
+Exemplos:
+OR -> @PreAuthorize("hasPermission(returnObject, {'user_create', 'user_update', 'abcd_create', 'abcd_read', 'user_read'})")
+AND -> @PreAuthorize("hasPermission(returnObject, {'user_read'}) AND hasPermission(returnObject, {'user_update'})")
+@PreAuthorize("hasPermission(#id, 'Foo', 'read')")
+ */
diff --git a/src/main/java/com/oauth2/config/errors/ApiError.java b/src/main/java/com/oauth2/config/errors/ApiError.java
index c9c0849..4bc6ddf 100644
--- a/src/main/java/com/oauth2/config/errors/ApiError.java
+++ b/src/main/java/com/oauth2/config/errors/ApiError.java
@@ -23,7 +23,6 @@ class ApiError {
private String debugMessage;
private String customMessage;
-
private ApiError() {
this.timestamp = LocalDateTime.now();
}
@@ -73,4 +72,5 @@ public String idFromValueAndType(Object value, Class suggestedType) {
public JsonTypeInfo.Id getMechanism() {
return JsonTypeInfo.Id.CUSTOM;
}
+
}
diff --git a/src/main/java/com/oauth2/config/swagger/SwaggerConfiguration.java b/src/main/java/com/oauth2/config/swagger/SwaggerConfiguration.java
index 3c8a53a..8ca6ad0 100644
--- a/src/main/java/com/oauth2/config/swagger/SwaggerConfiguration.java
+++ b/src/main/java/com/oauth2/config/swagger/SwaggerConfiguration.java
@@ -42,7 +42,6 @@ public Docket forumApi() {
.apiInfo(apiInfo());
}
-
private ApiInfo apiInfo() {
return new ApiInfoBuilder()
.title("Project Example OAuth2 RBAC - API")
@@ -54,13 +53,12 @@ private ApiInfo apiInfo() {
.build();
}
-
//Method that returns templates that will be hidden in the API documentation
@SuppressWarnings("rawtypes")
private Class[] disableTemplateClassesModels(){
ArrayList classForDisable = new ArrayList();
- //Entities - Models - DTO and others....
+ //Entities - Models - DTO and others...
classForDisable.add(User.class);
return classForDisable.toArray(new Class[classForDisable.size()]);
diff --git a/src/main/java/com/oauth2/controllers/AuthController.java b/src/main/java/com/oauth2/controllers/AuthController.java
new file mode 100644
index 0000000..459047c
--- /dev/null
+++ b/src/main/java/com/oauth2/controllers/AuthController.java
@@ -0,0 +1,58 @@
+package com.oauth2.controllers;
+
+import java.util.UUID;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import com.oauth2.entities.User;
+import com.oauth2.models.dto.auth.AuthUserRoleAndAuthoritiesDTO;
+import com.oauth2.services.IUserService;
+
+import io.swagger.annotations.Api;
+import lombok.extern.slf4j.Slf4j;
+
+@RequestMapping("/auth")
+@Api(tags="Authorities", description="This is about Authentication")
+@RestController
+@Slf4j
+public class AuthController {
+
+ @Autowired
+ private IUserService userService;
+
+ @GetMapping(value = "/authorities/{uuid}", produces = MediaType.APPLICATION_JSON_VALUE)
+ public ResponseEntity getAuthorities(@PathVariable String uuid){
+ try {
+ UUID uuid_user = UUID.fromString(uuid.toString());
+
+ User user = userService.findByUuid(uuid_user)
+ .orElseThrow(() -> new UsernameNotFoundException("Error -> hasPermission for UUID: " + uuid_user));
+
+ return ResponseEntity.ok(new AuthUserRoleAndAuthoritiesDTO(user));
+ } catch (IllegalArgumentException ie) {
+ log.error("Error method getAuthorities in class AuthController: "+ie.getMessage());
+ return ResponseEntity.badRequest().build();//400
+ }
+ catch (Exception ex) {
+ log.error("Error method getAuthorities in class AuthController: "+ex.getMessage());
+ return ResponseEntity.badRequest().build();//400
+ }
+ }
+
+ @PreAuthorize("hasPermission(returnObject, {'user_create', 'user_update', 'abcd_create', 'abcd_read', 'user_read'})")
+ @DeleteMapping("/test")
+ public ResponseEntity testAuthorities(){
+ System.out.print("I'm in the method!");
+ return ResponseEntity.ok(new String("OK -> Permission OK"));
+ }
+
+}
diff --git a/src/main/java/com/oauth2/controllers/HomeController.java b/src/main/java/com/oauth2/controllers/HomeController.java
index ea0db9b..d6f088a 100644
--- a/src/main/java/com/oauth2/controllers/HomeController.java
+++ b/src/main/java/com/oauth2/controllers/HomeController.java
@@ -1,65 +1,21 @@
package com.oauth2.controllers;
-import java.util.UUID;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.MediaType;
-import org.springframework.http.ResponseEntity;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
-import com.oauth2.entities.User;
-import com.oauth2.models.dto.auth.AuthUserRoleAndAuthoritiesDTO;
-import com.oauth2.services.IUserService;
-
import io.swagger.annotations.Api;
@RequestMapping("/")
-@Api(tags="Home - Test", description="Test Request")
+@Api(tags="Home - Test", description="Unrestricted request testing")
@RestController
public class HomeController {
- @Autowired
- private IUserService userService;
-
@GetMapping()
@ResponseBody
public String home() {
return "Hello World - Welcome API REST";
}
- @GetMapping(value = "authorities/{uuid}", produces = MediaType.APPLICATION_JSON_VALUE)
- public ResponseEntity getAuthorities(@PathVariable String uuid){
-
- try {
- UUID uuid_user = UUID.fromString(uuid.toString());
-
- User user = userService.findByUuid(uuid_user)
- .orElseThrow(() -> new UsernameNotFoundException("Error -> hasPermission for UUID: " + uuid_user));
-
- AuthUserRoleAndAuthoritiesDTO dto = new AuthUserRoleAndAuthoritiesDTO(user);
-
- return ResponseEntity.ok(dto);
- } catch (Exception e) {
- return null;
- }
-
-
- }
-
-
- @PreAuthorize("hasPermission(returnObject, {'user_create', 'user_update', 'abcd_create', 'abcd_read', 'user_read'})")
- @DeleteMapping("/user")
- public ResponseEntity update(){
- System.out.print("I'm in the method!");
- return ResponseEntity.ok(new String("OK -> Permission OK"));
- }
-
-
}
diff --git a/src/main/java/com/oauth2/entities/Permission.java b/src/main/java/com/oauth2/entities/Permission.java
index 8364e19..c9eee26 100644
--- a/src/main/java/com/oauth2/entities/Permission.java
+++ b/src/main/java/com/oauth2/entities/Permission.java
@@ -32,7 +32,6 @@ public class Permission {
@ManyToMany(mappedBy = "permissions", cascade = CascadeType.PERSIST, fetch = FetchType.EAGER)
private Set roles;
-
@Override
public int hashCode() {
if (permissionId != null) {
diff --git a/src/main/java/com/oauth2/entities/Role.java b/src/main/java/com/oauth2/entities/Role.java
index a8995b1..77a71ed 100644
--- a/src/main/java/com/oauth2/entities/Role.java
+++ b/src/main/java/com/oauth2/entities/Role.java
@@ -44,11 +44,9 @@ public class Role implements GrantedAuthority{
name = "permission_id", referencedColumnName = "permissionId"))
private Set permissions;
-
@ManyToMany(mappedBy = "roles")
@Fetch(org.hibernate.annotations.FetchMode.SUBSELECT)
private List users;
-
@Override
public String getAuthority() {
@@ -57,7 +55,6 @@ public String getAuthority() {
.collect(Collectors.joining(","));
}
-
@Override
public int hashCode() {
if (roleId != null) {
diff --git a/src/main/java/com/oauth2/models/dto/auth/AuthRolesDTO.java b/src/main/java/com/oauth2/models/dto/auth/AuthRolesDTO.java
index 36534fd..fdb0d1f 100644
--- a/src/main/java/com/oauth2/models/dto/auth/AuthRolesDTO.java
+++ b/src/main/java/com/oauth2/models/dto/auth/AuthRolesDTO.java
@@ -25,6 +25,5 @@ public AuthRolesDTO(Role role) {
.map(AuthPermissionsDTO::new)
.collect(Collectors.toList()));
}
-
}
diff --git a/src/main/java/com/oauth2/repositories/IPermissionRepository.java b/src/main/java/com/oauth2/repositories/IPermissionRepository.java
deleted file mode 100644
index 92a75e4..0000000
--- a/src/main/java/com/oauth2/repositories/IPermissionRepository.java
+++ /dev/null
@@ -1,17 +0,0 @@
-package com.oauth2.repositories;
-
-import java.util.List;
-import java.util.Set;
-
-import org.springframework.data.jpa.repository.JpaRepository;
-import org.springframework.stereotype.Repository;
-
-import com.oauth2.entities.Permission;
-import com.oauth2.entities.Role;
-
-@Repository
-public interface IPermissionRepository extends JpaRepository{
-
- public List findByRoles(Set set);
-
-}
diff --git a/src/main/java/com/oauth2/repositories/IRoleRepository.java b/src/main/java/com/oauth2/repositories/IRoleRepository.java
deleted file mode 100644
index 9843bcc..0000000
--- a/src/main/java/com/oauth2/repositories/IRoleRepository.java
+++ /dev/null
@@ -1,13 +0,0 @@
-package com.oauth2.repositories;
-
-import org.springframework.data.jpa.repository.JpaRepository;
-import org.springframework.stereotype.Repository;
-
-import com.oauth2.entities.Role;
-
-@Repository
-public interface IRoleRepository extends JpaRepository{
-
- //public List findByRoles(Set set);
-
-}