1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150
|
@RestController
@RequestMapping("/api/v3")
@CrossOrigin()
@Tag(description = "Authentification au service")
public class AuthentificationEndpoint {
@Autowired
private IAuthentificationService iAuthentificationService;
@Autowired
private AuthenticationManager authenticationManager;
@Operation(summary = "CECI EST UN TEST : Authentification LDAP")
@PostMapping(value = "/ldapAuth", consumes = APPLICATION_JSON_VALUE, produces = APPLICATION_JSON_VALUE)
@ResponseStatus(HttpStatus.OK)
public void ldap(@Valid @RequestBody UserAuthentificationDTO userAuth) {
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(userAuth.getEmail(),
userAuth.getPassword()));
}
@Operation(summary = "Authentification à l'API par un utilisateur")
@PostMapping(value = "/authentificate", consumes = APPLICATION_JSON_VALUE, produces = APPLICATION_JSON_VALUE)
@ResponseStatus(HttpStatus.OK)
public JwtModelDTO authentificate(@Valid @RequestBody UserAuthentificationDTO userAuth) {
return iAuthentificationService.authentificate(userAuth.getEmail(), userAuth.getPassword());
}
}
@RequiredArgsConstructor
@Service
@Slf4j
public class AuthentificationRepositoryAdapter implements AuthentificationRepository {
private final UserJpaRepository userJpaRepository;
private final PasswordEncoder passwordEncoder;
private final JwtTokenProvider jwtTokenProvider;
private final AuthenticationManager authenticationManager;
private final TokenService tokenService;
@Autowired
private ModelMapper modelMapper;
@Override
public JwtModelDTO authentificate(String email, String password) { // Cette methode fonctionne, authentification depuis la base de données
try {
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(email, password));
AppUser appUser = userJpaRepository.findByEmail(email);
JwtModelDTO jwtModel = jwtTokenProvider.createToken(appUser, AppConstants.ACCESS_TOKEN_EXPIRATION_FOR_USER);
jwtTokenProvider.insertTokenIntoRedis(jwtModel);
return jwtModel;
} catch (AuthenticationException e) {
throw new InternalServerErrorException("Il semblerait qu'une erreur de frappe soit présente...");
}
}
}
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
// @RequiredArgsConstructor
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private JwtTokenProvider jwtTokenProvider;
private OpenLdapAuthenticationProvider openLdapAuthenticationProvider;
public WebSecurityConfig(OpenLdapAuthenticationProvider openLdapAuthenticationProvider,
JwtTokenProvider jwtTokenProvider) {
this.openLdapAuthenticationProvider = openLdapAuthenticationProvider;
this.jwtTokenProvider = jwtTokenProvider;
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(openLdapAuthenticationProvider);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.addFilterBefore(corsFilter(), ChannelProcessingFilter.class);
http.csrf().disable();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
http.authorizeRequests()
.antMatchers("/api/v3/authentificate").permitAll() // On doit pouvoir s'authentifier d'ici
.antMatchers("/api/v3/signup").permitAll()
.antMatchers("/api/v3/ldapAuth").permitAll() // Uniquement pour tester
.anyRequest().authenticated();
http.apply(new JwtTokenFilterConfigurer(jwtTokenProvider));
}
@Override
public void configure(WebSecurity web) throws Exception {
// Allow swagger to be accessed without authentication
web.ignoring().antMatchers("/v3/api-docs/**")//
.antMatchers("/swagger-resources/**")//
.antMatchers("/swagger-ui/**")
.antMatchers("/swagger-ui.html");
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(12);
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
@Component
public class OpenLdapAuthenticationProvider implements AuthenticationProvider {
@Autowired
private LdapTemplate ldapTemplate;
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
Filter filter = new EqualsFilter("mail", authentication.getName());
Boolean authenticate = ldapTemplate.authenticate(LdapUtils.emptyLdapName(), filter.encode(),
authentication.getCredentials().toString());
if (authenticate) {
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_USER"));
UserDetails userDetails = new User(authentication.getName(), authentication.getCredentials().toString(),
grantedAuthorities);
Authentication auth = new UsernamePasswordAuthenticationToken(userDetails,
authentication.getCredentials().toString(), grantedAuthorities);
return auth;
} else {
System.out.println("auth FAIL");
return null;
}
}
@Override
public boolean supports(Class<?> authentication) {
return authentication.equals(UsernamePasswordAuthenticationToken.class);
}
} |
Partager