[GlueCoders#14] Basic http auth for books resources. Added credential…

…s and members models, dao. Added registration module.

pom.xml

@@ -14,6 +14,7 @@
  <java.version>1.8</java.version>
  <spring.version>1.5.4.RELEASE</spring.version>
  <nosqlunit.version>0.7.6</nosqlunit.version>
+ <swagger.version>2.7.0</swagger.version>
  </properties>
 
  <dependencies>
@@ -49,6 +50,17 @@
  <artifactId>spring-boot-starter-log4j2</artifactId>
  <version>${spring.version}</version>
  </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-security</artifactId>
+ <version>${spring.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-test</artifactId>
+ <version>4.2.3.RELEASE</version>
+ <scope>test</scope>
+ </dependency>
  <dependency>
  <groupId>org.springframework.boot</groupId>
  <artifactId>spring-boot-starter-data-mongodb</artifactId>
@@ -57,12 +69,12 @@
  <dependency>
  <groupId>io.springfox</groupId>
  <artifactId>springfox-swagger2</artifactId>
- <version>2.7.0</version>
+ <version>${swagger.version}</version>
  </dependency>
  <dependency>
  <groupId>io.springfox</groupId>
  <artifactId>springfox-swagger-ui</artifactId>
- <version>2.7.0</version>
+ <version>${swagger.version}</version>
  </dependency>
  <dependency>
  <groupId>com.fasterxml.jackson.datatype</groupId>

src/main/java/org/gluecoders/library/config/SpringSecurityAdapter.java

@@ -0,0 +1,60 @@
+package org.gluecoders.library.config;
+
+import org.gluecoders.library.security.PrincipalService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+import javax.servlet.http.HttpServletResponse;
+import java.util.Optional;
+
+/**
+ * Created by Anand_Rajneesh on 7/1/2017.
+ */
+@EnableWebSecurity(debug = true)
+public class SpringSecurityAdapter extends WebSecurityConfigurerAdapter {
+
+ @Autowired
+ private PrincipalService principalService;
+
+ @Override
+ @Bean
+ protected UserDetailsService userDetailsService() {
+ return username -> Optional.ofNullable(principalService.findUser(username))
+ .map(credential -> User.withUsername(credential.getUsername())
+ .password(credential.getSaltedPwd())
+ .roles(credential.getRole())
+ .build())
+ .orElseThrow(() -> new UsernameNotFoundException(username + " not found"));
+ }
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .authorizeRequests()
+ .mvcMatchers(HttpMethod.POST, "/unsecured/register").permitAll()
+ .mvcMatchers(HttpMethod.GET, "/books").hasRole("USER")
+ .mvcMatchers(HttpMethod.GET, "/books/*").hasRole("USER")
+ .and()
+ .httpBasic().and()
+ .exceptionHandling()
+ .authenticationEntryPoint((request, response, e) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED, e.getMessage()))
+ .and()
+ .csrf().disable()
+ ;
+ }
+
+ @Bean
+ public PasswordEncoder passwordEncoder(){
+ return new BCryptPasswordEncoder();
+ }
+
+}

src/main/java/org/gluecoders/library/dao/CredentialsDao.java

@@ -0,0 +1,14 @@
+package org.gluecoders.library.dao;
+
+import org.gluecoders.library.models.Credentials;
+import org.springframework.data.mongodb.repository.MongoRepository;
+import org.springframework.stereotype.Repository;
+
+/**
+ * Created by Anand_Rajneesh on 7/1/2017.
+ */
+@Repository
+public interface CredentialsDao extends MongoRepository<Credentials, String> {
+
+ Credentials findDistinctByUsername(String username);
+}

src/main/java/org/gluecoders/library/dao/MemberDao.java

@@ -0,0 +1,12 @@
+package org.gluecoders.library.dao;
+
+import org.gluecoders.library.models.Member;
+import org.springframework.data.mongodb.repository.MongoRepository;
+import org.springframework.stereotype.Repository;
+
+/**
+ * Created by Anand_Rajneesh on 7/1/2017.
+ */
+@Repository
+public interface MemberDao extends MongoRepository<Member, String> {
+}

src/main/java/org/gluecoders/library/exceptions/ResourceAlreadyExistsException.java

@@ -0,0 +1,12 @@
+package org.gluecoders.library.exceptions;
+
+/**
+ * Created by Anand_Rajneesh on 7/1/2017.
+ */
+public class ResourceAlreadyExistsException extends ResourceException {
+
+ public ResourceAlreadyExistsException(String message) {
+ super(message, StatusCode.CONFLICT);
+ }
+
+}

src/main/java/org/gluecoders/library/exceptions/StatusCode.java

@@ -7,6 +7,7 @@
  */
 public enum StatusCode implements IntSupplier{
  BAD_REQUEST(400),
+ CONFLICT(409),
  INTERNAL_SERVER_ERROR(500);
 
  @Override

src/main/java/org/gluecoders/library/models/Credentials.java

@@ -0,0 +1,72 @@
+package org.gluecoders.library.models;
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import net.sf.oval.constraint.NotEmpty;
+import net.sf.oval.constraint.NotNull;
+import org.springframework.data.annotation.Id;
+import org.springframework.data.annotation.Transient;
+import org.springframework.data.mongodb.core.mapping.Document;
+
+/**
+ * Created by Anand_Rajneesh on 7/1/2017.
+ */
+@Document(collection = "creds")
+public class Credentials {
+
+ @Id
+ @JsonIgnore
+ private String id;
+ @NotNull @NotEmpty
+ private String username;
+ @Transient @NotNull @NotEmpty
+ private String pwd;
+ @JsonIgnore
+ private String role;
+ @JsonIgnore
+ private String saltedPwd;
+
+ public String getUsername() {
+ return username;
+ }
+
+ public void setUsername(String username) {
+ this.username = username;
+ }
+
+ public String getPwd() {
+ return pwd;
+ }
+
+ public void setPwd(String pwd) {
+ this.pwd = pwd;
+ }
+
+ public String getSaltedPwd() {
+ return saltedPwd;
+ }
+
+ public void setSaltedPwd(String saltedPwd) {
+ this.saltedPwd = saltedPwd;
+ }
+
+ public String getId() {
+ return id;
+ }
+
+ public void setId(String id) {
+ this.id = id;
+ }
+
+ public String getRole() {
+ return role;
+ }
+
+ public void setRole(String role) {
+ this.role = role;
+ }
+
+ @Override
+ public String toString() {
+ return "{\"username\":\""+username+"\"}";
+ }
+}