test a working...

dancier · Dec 23, 2023 · e95644a · e95644a
1 parent 4fdba63
commit e95644a
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 14 deletions.
diff --git a/pom.xml b/pom.xml
@@ -166,7 +166,7 @@
 			<plugin>
 				<groupId>org.jacoco</groupId>
 				<artifactId>jacoco-maven-plugin</artifactId>
-				<version>0.8.7</version>
+				<version>0.8.11</version>
 				<executions>
 					<execution>
 						<goals>

diff --git a/src/main/java/net/dancier/dancer/authentication/service/AuthenticationService.java b/src/main/java/net/dancier/dancer/authentication/service/AuthenticationService.java
@@ -11,12 +11,14 @@
 import net.dancier.dancer.core.exception.NotFoundException;
 import net.dancier.dancer.mail.service.MailCreationService;
 import net.dancier.dancer.mail.service.MailEnqueueService;
+import net.dancier.dancer.security.AuthenticatedUser;
 import net.dancier.dancer.security.JwtTokenProvider;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.http.ResponseCookie;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
@@ -44,7 +46,7 @@ public class AuthenticationService {
 
     private final PasswordResetCodeRepository passwordResetCodeRepository;
 
-    private final AuthenticationManager authenticationManager;
+    private final AuthenticationProvider authenticationProvider;
 
     private final JwtTokenProvider tokenProvider;
 
@@ -58,7 +60,7 @@ public class AuthenticationService {
     private final CookieConfiguration cookieConfiguration;
 
     public Authentication authenticate(Authentication authentication) {
-        return this.authenticationManager.authenticate(authentication);
+        return this.authenticationProvider.authenticate(authentication);
     }
     public String generateJwtToken(Authentication authentication) {
         return this.tokenProvider.generateJwtToken(authentication);

diff --git a/src/main/java/net/dancier/dancer/core/config/SecurityConfiguration.java b/src/main/java/net/dancier/dancer/core/config/SecurityConfiguration.java
@@ -2,31 +2,56 @@
 
 
 import lombok.RequiredArgsConstructor;
-import net.dancier.dancer.security.CustomUserDetailsService;
+import net.dancier.dancer.security.JwtAuthenticationFilter;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 @Configuration
 @RequiredArgsConstructor
 public class SecurityConfiguration {
 
-    private final CustomUserDetailsService customUserDetailsService;
+    @Bean
+    AuthenticationProvider authenticationProvider(UserDetailsService userDetailsService, PasswordEncoder passwordEncoder) {
+        DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
+        authenticationProvider.setUserDetailsService(userDetailsService);
+        authenticationProvider.setPasswordEncoder(passwordEncoder);
+        return authenticationProvider;
+    }
 
     @Bean
-    AuthenticationManager authenticationManager() {
-        return null;
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
     }
 
     @Bean
-    SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
-        httpSecurity.
-                authorizeHttpRequests(
-                        authz -> authz. anyRequest().authenticated()
-                );
+    SecurityFilterChain filterChain(HttpSecurity httpSecurity,
+                                    AuthenticationProvider authenticationProvider,
+                                    JwtAuthenticationFilter jwtAuthenticationFilter) throws Exception {
+        httpSecurity
+                .cors(Customizer.withDefaults())
+                .csrf(c -> c.disable())
+                .exceptionHandling(Customizer.withDefaults())
+                .authorizeHttpRequests(
+                        authz -> authz
+                                .requestMatchers(
+                                        "/authentication/**",
+                                        "/eventlog/**"
+
+                                )
+                                .permitAll()
+                                .anyRequest().authenticated()
+                )
+                .authenticationProvider(authenticationProvider)
+                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
         return httpSecurity.build();
     }