[9dd526f] | 1 | package parkup.configs;
|
---|
| 2 |
|
---|
| 3 | import com.auth0.jwt.JWT;
|
---|
| 4 | import com.auth0.jwt.JWTVerifier;
|
---|
| 5 | import com.auth0.jwt.algorithms.Algorithm;
|
---|
| 6 | import com.auth0.jwt.interfaces.DecodedJWT;
|
---|
| 7 | import com.fasterxml.jackson.databind.ObjectMapper;
|
---|
| 8 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
---|
| 9 | import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
---|
| 10 | import org.springframework.security.core.context.SecurityContextHolder;
|
---|
| 11 | import org.springframework.util.MimeTypeUtils;
|
---|
| 12 | import org.springframework.web.bind.annotation.CrossOrigin;
|
---|
| 13 | import org.springframework.web.filter.OncePerRequestFilter;
|
---|
| 14 |
|
---|
| 15 | import javax.servlet.FilterChain;
|
---|
| 16 | import javax.servlet.ServletException;
|
---|
| 17 | import javax.servlet.http.HttpServletRequest;
|
---|
| 18 | import javax.servlet.http.HttpServletResponse;
|
---|
| 19 | import java.io.IOException;
|
---|
| 20 | import java.util.ArrayList;
|
---|
| 21 | import java.util.Collection;
|
---|
| 22 | import java.util.HashMap;
|
---|
| 23 | import java.util.Map;
|
---|
| 24 |
|
---|
| 25 | import static java.util.Arrays.stream;
|
---|
| 26 | import static org.springframework.http.HttpHeaders.AUTHORIZATION;
|
---|
| 27 | import static org.springframework.http.HttpStatus.FORBIDDEN;
|
---|
| 28 |
|
---|
| 29 |
|
---|
| 30 | @CrossOrigin
|
---|
| 31 | public class CustomAuthorizationFilter extends OncePerRequestFilter {
|
---|
| 32 | @Override
|
---|
| 33 | protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
|
---|
| 34 | if(request.getServletPath().equals("/api/login") || request.getServletPath().equals("/api/token/refresh")) {
|
---|
| 35 | filterChain.doFilter(request, response);
|
---|
| 36 | } else {
|
---|
| 37 | String authorizationHeader = request.getHeader(AUTHORIZATION);
|
---|
| 38 | if(authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
|
---|
| 39 | try {
|
---|
| 40 | String token = authorizationHeader.substring("Bearer ".length());
|
---|
| 41 | Algorithm algorithm = Algorithm.HMAC256("secret".getBytes());
|
---|
| 42 | JWTVerifier verifier = JWT.require(algorithm).build();
|
---|
| 43 | DecodedJWT decodedJWT = verifier.verify(token);
|
---|
| 44 | String username = decodedJWT.getSubject();
|
---|
| 45 | String[] roles = decodedJWT.getClaim("roles").asArray(String.class);
|
---|
| 46 | Collection<SimpleGrantedAuthority> authorities = new ArrayList<>();
|
---|
| 47 | stream(roles).forEach(role -> {
|
---|
| 48 | authorities.add(new SimpleGrantedAuthority(role));
|
---|
| 49 | });
|
---|
| 50 | UsernamePasswordAuthenticationToken authenticationToken =
|
---|
| 51 | new UsernamePasswordAuthenticationToken(username, null, authorities);
|
---|
| 52 | SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
---|
| 53 | filterChain.doFilter(request, response);
|
---|
| 54 | }catch (Exception exception) {
|
---|
| 55 | response.setHeader("error", exception.getMessage());
|
---|
| 56 | response.setStatus(FORBIDDEN.value());
|
---|
| 57 | //response.sendError(FORBIDDEN.value());
|
---|
| 58 | Map<String, String> error = new HashMap<>();
|
---|
| 59 | error.put("error_message", exception.getMessage());
|
---|
| 60 | response.setContentType(MimeTypeUtils.APPLICATION_JSON_VALUE);
|
---|
| 61 | new ObjectMapper().writeValue(response.getOutputStream(), error);
|
---|
| 62 | }
|
---|
| 63 | } else {
|
---|
| 64 | filterChain.doFilter(request, response);
|
---|
| 65 | }
|
---|
| 66 | }
|
---|
| 67 | }
|
---|
| 68 | }
|
---|