diff --git a/mozen/src/main/java/mozen/auth/JwtAuthenticationFilter.java b/mozen/src/main/java/mozen/auth/JwtAuthenticationFilter.java
index 6feaf4b6bb6e1f1efb96cca94f5c25cfef6500e5..934baad45cba152a460de9d159c2c8a3a043de03 100644
--- a/mozen/src/main/java/mozen/auth/JwtAuthenticationFilter.java
+++ b/mozen/src/main/java/mozen/auth/JwtAuthenticationFilter.java
@@ -1,11 +1,7 @@
package mozen.auth;
import java.io.IOException;
-import java.security.Key;
-import java.time.LocalDateTime;
-import java.time.ZoneId;
import java.util.ArrayList;
-import java.util.Date;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
@@ -18,14 +14,11 @@ import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SignatureAlgorithm;
import mozen.model.LoginMessage;
-import mozen.utils.KeyGenerator;
+import mozen.utils.JwtUtils;
public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilter{
private AuthenticationManager authenticationManager;
@@ -53,24 +46,9 @@ public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilte
protected void successfulAuthentication(HttpServletRequest req, HttpServletResponse res, FilterChain chain, Authentication auth)
throws IOException, ServletException {
User user = (User) auth.getPrincipal();
- Key key = KeyGenerator.generateKey();
- // ! A modifier si gestion multi roles (cf UserDetailsService)
- SimpleGrantedAuthority authority = (SimpleGrantedAuthority) user.getAuthorities().toArray()[0];
-
- String token = Jwts.builder()
- .setSubject(user.getUsername())
- .claim("username",user.getUsername())
- .claim("role",authority.getAuthority())
- .setIssuedAt(new Date())
- .setExpiration(toDate(LocalDateTime.now().plusDays(1L)))
- .signWith(SignatureAlgorithm.HS512, key)
- .compact();
+ String token = JwtUtils.generateToken(user.getUsername());
res.addHeader("Authorization", "Bearer " + token);
}
-
- private Date toDate(LocalDateTime localDateTime) {
- return Date.from(localDateTime.atZone(ZoneId.systemDefault()).toInstant());
- }
}
\ No newline at end of file
diff --git a/mozen/src/main/java/mozen/auth/JwtAuthorizationFilter.java b/mozen/src/main/java/mozen/auth/JwtAuthorizationFilter.java
index 963fc3206a7654327d302d4c4b2f724f6da35a2c..a874066216e05de5a2d7e26e01b9ead917833af4 100644
--- a/mozen/src/main/java/mozen/auth/JwtAuthorizationFilter.java
+++ b/mozen/src/main/java/mozen/auth/JwtAuthorizationFilter.java
@@ -15,7 +15,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import io.jsonwebtoken.Jwts;
-import mozen.utils.KeyGenerator;
+import mozen.utils.JwtUtils;
public class JwtAuthorizationFilter extends BasicAuthenticationFilter {
@@ -42,7 +42,7 @@ public class JwtAuthorizationFilter extends BasicAuthenticationFilter {
private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest request) {
String token = request.getHeader("Authorization");
if(token != null) {
- Key key = KeyGenerator.generateKey();
+ Key key = JwtUtils.generateKey();
String username = Jwts.parser()
.setSigningKey(key)
.parseClaimsJws(token.replace("Bearer ", ""))
diff --git a/mozen/src/main/java/mozen/utils/JwtUtils.java b/mozen/src/main/java/mozen/utils/JwtUtils.java
new file mode 100644
index 0000000000000000000000000000000000000000..11c01364355c0b1ade9c4f534f5c83c7ccc5bef9
--- /dev/null
+++ b/mozen/src/main/java/mozen/utils/JwtUtils.java
@@ -0,0 +1,33 @@
+package mozen.utils;
+
+import java.security.Key;
+import java.time.LocalDateTime;
+import java.time.ZoneId;
+import java.util.Date;
+
+import javax.crypto.spec.SecretKeySpec;
+
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+
+public class JwtUtils {
+ public static Key generateKey() {
+ String keyString = "LePetitBonhommeEnMousse";
+ Key key = new SecretKeySpec(keyString.getBytes(), 0, keyString.getBytes().length, "DES");
+ return key;
+ }
+
+ public static String generateToken(String username) {
+ return Jwts.builder()
+ .setSubject(username)
+ .claim("username", username)
+ .setIssuedAt(new Date())
+ .setExpiration(toDate(LocalDateTime.now().plusDays(1L)))
+ .signWith(SignatureAlgorithm.HS512, generateKey())
+ .compact();
+ }
+
+ private static Date toDate(LocalDateTime localDateTime) {
+ return Date.from(localDateTime.atZone(ZoneId.systemDefault()).toInstant());
+ }
+}
\ No newline at end of file
diff --git a/mozen/src/main/java/mozen/utils/KeyGenerator.java b/mozen/src/main/java/mozen/utils/KeyGenerator.java
deleted file mode 100644
index 75f0bdd610eb7524f3979afb2f4440357d40b6ad..0000000000000000000000000000000000000000
--- a/mozen/src/main/java/mozen/utils/KeyGenerator.java
+++ /dev/null
@@ -1,12 +0,0 @@
-package mozen.utils;
-
-import java.security.Key;
-import javax.crypto.spec.SecretKeySpec;
-
-public class KeyGenerator {
- public static Key generateKey() {
- String keyString = "LePetitBonhommeEnMousse";
- Key key = new SecretKeySpec(keyString.getBytes(), 0, keyString.getBytes().length, "DES");
- return key;
- }
-}
\ No newline at end of file
diff --git a/mozen/src/main/java/mozen/web/ModelController.java b/mozen/src/main/java/mozen/web/ModelController.java
index 351b81f5383d7802b421915d7ebbd23493ba97a8..e9ec2614ba3ae8ed2c1a19be048bd52066a1cb42 100644
--- a/mozen/src/main/java/mozen/web/ModelController.java
+++ b/mozen/src/main/java/mozen/web/ModelController.java
@@ -10,7 +10,6 @@ import org.springframework.http.ResponseEntity;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
@@ -47,6 +46,7 @@ public class ModelController {
if(user != null) {
return ResponseEntity.ok().body(user.getModels());
} else {
+ if(id == null) return ResponseEntity.badRequest().build();
return ResponseEntity.ok().body(modelManager.getModel(id));
}
}
@@ -158,8 +158,8 @@ public class ModelController {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (!(auth instanceof AnonymousAuthenticationToken)) {
- UserDetails userDetails = (UserDetails) auth.getPrincipal();
- return userManager.getUserByUsername(userDetails.getUsername());
+ String username = (String) auth.getPrincipal();
+ return userManager.getUserByUsername(username);
} else {
return null;
}
diff --git a/mozen/src/main/java/mozen/web/UserController.java b/mozen/src/main/java/mozen/web/UserController.java
index d09ce028acff63d2ac4ce4d304a7cff40b1c5118..8fb2965a27efdbcead00ba337b19673eb98e598b 100644
--- a/mozen/src/main/java/mozen/web/UserController.java
+++ b/mozen/src/main/java/mozen/web/UserController.java
@@ -5,7 +5,6 @@ import javax.validation.Valid;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.GetMapping;
@@ -18,6 +17,7 @@ import mozen.business.IUserManager;
import mozen.model.ResponseMessage;
import mozen.model.SignupMessage;
import mozen.model.User;
+import mozen.utils.JwtUtils;
@RestController
@RequestMapping("/user")
@@ -28,15 +28,24 @@ public class UserController {
@GetMapping("")
public User getUser() {
- UserDetails userDetails = (UserDetails) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
- return manager.getUserByUsername(userDetails.getUsername());
+ String username = (String) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
+ return manager.getUserByUsername(username);
}
@PostMapping("/signup")
public ResponseEntity<ResponseMessage> addUser(@RequestBody @Valid SignupMessage message, BindingResult result) {
System.err.println("SIGNUP u:"+message.getUsername()+" e:"+message.getEmail()+" p:"+message.getPassword());
- manager.addUser(message);
ResponseMessage response = new ResponseMessage(false, "");
+
+ try {
+ manager.addUser(message);
+ response.setMessage(JwtUtils.generateToken(message.getUsername()));
+ } catch (Exception e) {
+ response.setError(true);
+ response.setMessage(e.getMessage());
+ }
+
return ResponseEntity.ok(response);
}
+
}
\ No newline at end of file