1 | package parkup.configs;
|
---|
2 |
|
---|
3 | import com.auth0.jwt.JWT;
|
---|
4 | import com.auth0.jwt.JWTVerifier;
|
---|
5 | import com.auth0.jwt.algorithms.Algorithm;
|
---|
6 | import com.auth0.jwt.interfaces.DecodedJWT;
|
---|
7 | import com.fasterxml.jackson.databind.ObjectMapper;
|
---|
8 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
---|
9 | import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
---|
10 | import org.springframework.security.core.context.SecurityContextHolder;
|
---|
11 | import org.springframework.util.MimeTypeUtils;
|
---|
12 | import org.springframework.web.bind.annotation.CrossOrigin;
|
---|
13 | import org.springframework.web.filter.OncePerRequestFilter;
|
---|
14 |
|
---|
15 | import javax.servlet.FilterChain;
|
---|
16 | import javax.servlet.ServletException;
|
---|
17 | import javax.servlet.http.HttpServletRequest;
|
---|
18 | import javax.servlet.http.HttpServletResponse;
|
---|
19 | import java.io.IOException;
|
---|
20 | import java.util.ArrayList;
|
---|
21 | import java.util.Collection;
|
---|
22 | import java.util.HashMap;
|
---|
23 | import java.util.Map;
|
---|
24 |
|
---|
25 | import static java.util.Arrays.stream;
|
---|
26 | import static org.springframework.http.HttpHeaders.AUTHORIZATION;
|
---|
27 | import static org.springframework.http.HttpStatus.FORBIDDEN;
|
---|
28 |
|
---|
29 |
|
---|
30 | @CrossOrigin
|
---|
31 | public class CustomAuthorizationFilter extends OncePerRequestFilter {
|
---|
32 | @Override
|
---|
33 | protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
|
---|
34 | if(request.getServletPath().equals("/api/login") || request.getServletPath().equals("/api/token/refresh")) {
|
---|
35 | filterChain.doFilter(request, response);
|
---|
36 | } else {
|
---|
37 | String authorizationHeader = request.getHeader(AUTHORIZATION);
|
---|
38 | if(authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
|
---|
39 | try {
|
---|
40 | String token = authorizationHeader.substring("Bearer ".length());
|
---|
41 | Algorithm algorithm = Algorithm.HMAC256("secret".getBytes());
|
---|
42 | JWTVerifier verifier = JWT.require(algorithm).build();
|
---|
43 | DecodedJWT decodedJWT = verifier.verify(token);
|
---|
44 | String username = decodedJWT.getSubject();
|
---|
45 | String[] roles = decodedJWT.getClaim("roles").asArray(String.class);
|
---|
46 | Collection<SimpleGrantedAuthority> authorities = new ArrayList<>();
|
---|
47 | stream(roles).forEach(role -> {
|
---|
48 | authorities.add(new SimpleGrantedAuthority(role));
|
---|
49 | });
|
---|
50 | UsernamePasswordAuthenticationToken authenticationToken =
|
---|
51 | new UsernamePasswordAuthenticationToken(username, null, authorities);
|
---|
52 | SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
---|
53 | filterChain.doFilter(request, response);
|
---|
54 | }catch (Exception exception) {
|
---|
55 | response.setHeader("error", exception.getMessage());
|
---|
56 | response.setStatus(FORBIDDEN.value());
|
---|
57 | //response.sendError(FORBIDDEN.value());
|
---|
58 | Map<String, String> error = new HashMap<>();
|
---|
59 | error.put("error_message", exception.getMessage());
|
---|
60 | response.setContentType(MimeTypeUtils.APPLICATION_JSON_VALUE);
|
---|
61 | new ObjectMapper().writeValue(response.getOutputStream(), error);
|
---|
62 | }
|
---|
63 | } else {
|
---|
64 | filterChain.doFilter(request, response);
|
---|
65 | }
|
---|
66 | }
|
---|
67 | }
|
---|
68 | }
|
---|