diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/build.gradle b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/build.gradle new file mode 100644 index 0000000..c3f293d --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/build.gradle @@ -0,0 +1,23 @@ +plugins { + id 'io.spring.dependency-management' version '1.0.10.RELEASE' + id 'org.springframework.boot' version '2.4.0' + id "nebula.integtest" version "7.0.9" + id 'java' +} + +repositories { + jcenter() + maven { url "https://repo.spring.io/snapshot" } +} + +dependencies { + implementation 'org.springframework.boot:spring-boot-starter-security' + implementation 'org.springframework.boot:spring-boot-starter-web' + + testImplementation 'org.springframework.boot:spring-boot-starter-test' + testImplementation 'org.springframework.security:spring-security-test' +} + +tasks.withType(Test).configureEach { + useJUnitPlatform() +} diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradle.properties b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradle.properties new file mode 100644 index 0000000..ffc10d7 --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradle.properties @@ -0,0 +1,2 @@ +version=5.5.0-SNAPSHOT +spring-security.version=5.5.0-SNAPSHOT diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradle/wrapper/gradle-wrapper.jar b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradle/wrapper/gradle-wrapper.jar new file mode 100644 index 0000000..62d4c05 Binary files /dev/null and b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradle/wrapper/gradle-wrapper.jar differ diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradle/wrapper/gradle-wrapper.properties b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradle/wrapper/gradle-wrapper.properties new file mode 100644 index 0000000..be52383 --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradle/wrapper/gradle-wrapper.properties @@ -0,0 +1,5 @@ +distributionBase=GRADLE_USER_HOME +distributionPath=wrapper/dists +distributionUrl=https\://services.gradle.org/distributions/gradle-6.7-bin.zip +zipStoreBase=GRADLE_USER_HOME +zipStorePath=wrapper/dists diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradlew b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradlew new file mode 100755 index 0000000..fbd7c51 --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradlew @@ -0,0 +1,185 @@ +#!/usr/bin/env sh + +# +# Copyright 2015 the original author or authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +############################################################################## +## +## Gradle start up script for UN*X +## +############################################################################## + +# Attempt to set APP_HOME +# Resolve links: $0 may be a link +PRG="$0" +# Need this for relative symlinks. +while [ -h "$PRG" ] ; do + ls=`ls -ld "$PRG"` + link=`expr "$ls" : '.*-> \(.*\)$'` + if expr "$link" : '/.*' > /dev/null; then + PRG="$link" + else + PRG=`dirname "$PRG"`"/$link" + fi +done +SAVED="`pwd`" +cd "`dirname \"$PRG\"`/" >/dev/null +APP_HOME="`pwd -P`" +cd "$SAVED" >/dev/null + +APP_NAME="Gradle" +APP_BASE_NAME=`basename "$0"` + +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' + +# Use the maximum available, or set MAX_FD != -1 to use that value. +MAX_FD="maximum" + +warn () { + echo "$*" +} + +die () { + echo + echo "$*" + echo + exit 1 +} + +# OS specific support (must be 'true' or 'false'). +cygwin=false +msys=false +darwin=false +nonstop=false +case "`uname`" in + CYGWIN* ) + cygwin=true + ;; + Darwin* ) + darwin=true + ;; + MINGW* ) + msys=true + ;; + NONSTOP* ) + nonstop=true + ;; +esac + +CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + + +# Determine the Java command to use to start the JVM. +if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD="$JAVA_HOME/jre/sh/java" + else + JAVACMD="$JAVA_HOME/bin/java" + fi + if [ ! -x "$JAVACMD" ] ; then + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +else + JAVACMD="java" + which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." +fi + +# Increase the maximum file descriptors if we can. +if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then + MAX_FD_LIMIT=`ulimit -H -n` + if [ $? -eq 0 ] ; then + if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then + MAX_FD="$MAX_FD_LIMIT" + fi + ulimit -n $MAX_FD + if [ $? -ne 0 ] ; then + warn "Could not set maximum file descriptor limit: $MAX_FD" + fi + else + warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" + fi +fi + +# For Darwin, add options to specify how the application appears in the dock +if $darwin; then + GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" +fi + +# For Cygwin or MSYS, switch paths to Windows format before running java +if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then + APP_HOME=`cygpath --path --mixed "$APP_HOME"` + CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` + + JAVACMD=`cygpath --unix "$JAVACMD"` + + # We build the pattern for arguments to be converted via cygpath + ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` + SEP="" + for dir in $ROOTDIRSRAW ; do + ROOTDIRS="$ROOTDIRS$SEP$dir" + SEP="|" + done + OURCYGPATTERN="(^($ROOTDIRS))" + # Add a user-defined pattern to the cygpath arguments + if [ "$GRADLE_CYGPATTERN" != "" ] ; then + OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" + fi + # Now convert the arguments - kludge to limit ourselves to /bin/sh + i=0 + for arg in "$@" ; do + CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` + CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option + + if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition + eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` + else + eval `echo args$i`="\"$arg\"" + fi + i=`expr $i + 1` + done + case $i in + 0) set -- ;; + 1) set -- "$args0" ;; + 2) set -- "$args0" "$args1" ;; + 3) set -- "$args0" "$args1" "$args2" ;; + 4) set -- "$args0" "$args1" "$args2" "$args3" ;; + 5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; + 6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; + 7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; + 8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; + 9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; + esac +fi + +# Escape application args +save () { + for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done + echo " " +} +APP_ARGS=`save "$@"` + +# Collect all arguments for the java command, following the shell quoting and substitution rules +eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" + +exec "$JAVACMD" "$@" diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradlew.bat b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradlew.bat new file mode 100644 index 0000000..a9f778a --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/gradlew.bat @@ -0,0 +1,104 @@ +@rem +@rem Copyright 2015 the original author or authors. +@rem +@rem Licensed under the Apache License, Version 2.0 (the "License"); +@rem you may not use this file except in compliance with the License. +@rem You may obtain a copy of the License at +@rem +@rem https://www.apache.org/licenses/LICENSE-2.0 +@rem +@rem Unless required by applicable law or agreed to in writing, software +@rem distributed under the License is distributed on an "AS IS" BASIS, +@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +@rem See the License for the specific language governing permissions and +@rem limitations under the License. +@rem + +@if "%DEBUG%" == "" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%" == "" set DIRNAME=. +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Resolve any "." and ".." in APP_HOME to make it shorter. +for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if "%ERRORLEVEL%" == "0" goto init + +echo. +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto init + +echo. +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:init +@rem Get command-line arguments, handling Windows variants + +if not "%OS%" == "Windows_NT" goto win9xME_args + +:win9xME_args +@rem Slurp the command line arguments. +set CMD_LINE_ARGS= +set _SKIP=2 + +:win9xME_args_slurp +if "x%~1" == "x" goto execute + +set CMD_LINE_ARGS=%* + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% + +:end +@rem End local scope for the variables with windows NT shell +if "%ERRORLEVEL%"=="0" goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 +exit /b 1 + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/settings.gradle b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/settings.gradle new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/settings.gradle @@ -0,0 +1 @@ + diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/integTest/java/example/HelloSecurityExplicitITests.java b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/integTest/java/example/HelloSecurityExplicitITests.java new file mode 100644 index 0000000..1ad3bce --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/integTest/java/example/HelloSecurityExplicitITests.java @@ -0,0 +1,44 @@ +/* + * Copyright 2002-2018 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package example; + +import org.junit.jupiter.api.Test; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.boot.test.web.client.TestRestTemplate; + +import static org.assertj.core.api.Assertions.assertThat; + +/** + * Integration tests. + * + * @author Michael Simons + */ +@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) +public class HelloSecurityExplicitITests { + + @Autowired + private TestRestTemplate rest; + + @Test + void login() { + CustomUser result = this.rest.withBasicAuth("user@example.com", "password").getForObject("/user", + CustomUser.class); + assertThat(result.getEmail()).isEqualTo("user@example.com"); + } + +} diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/CurrentUser.java b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/CurrentUser.java new file mode 100644 index 0000000..b3cfeba --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/CurrentUser.java @@ -0,0 +1,28 @@ +/* + * Copyright 2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package example; + +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; + +import org.springframework.security.core.annotation.AuthenticationPrincipal; + +@AuthenticationPrincipal +@Retention(RetentionPolicy.RUNTIME) +public @interface CurrentUser { + +} diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/CustomUser.java b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/CustomUser.java new file mode 100644 index 0000000..3dfa7e5 --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/CustomUser.java @@ -0,0 +1,55 @@ +/* + * Copyright 2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package example; + +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonIgnore; + +/** + * A custom user representation. + * + * @author Rob Winch + */ +public class CustomUser { + + private final long id; + + private final String email; + + @JsonIgnore + private final String password; + + @JsonCreator + public CustomUser(long id, String email, String password) { + this.id = id; + this.email = email; + this.password = password; + } + + public long getId() { + return this.id; + } + + public String getEmail() { + return this.email; + } + + public String getPassword() { + return this.password; + } + +} diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/CustomUserRepository.java b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/CustomUserRepository.java new file mode 100644 index 0000000..99d5a3f --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/CustomUserRepository.java @@ -0,0 +1,23 @@ +/* + * Copyright 2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package example; + +public interface CustomUserRepository { + + CustomUser findCustomUserByEmail(String email); + +} diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/CustomUserRepositoryUserDetailsService.java b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/CustomUserRepositoryUserDetailsService.java new file mode 100644 index 0000000..8dad7a8 --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/CustomUserRepositoryUserDetailsService.java @@ -0,0 +1,89 @@ +/* + * Copyright 2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package example; + +import java.util.Collection; +import java.util.Collections; +import java.util.List; + +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.AuthorityUtils; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Service; + +@Service +public class CustomUserRepositoryUserDetailsService implements UserDetailsService { + + private final CustomUserRepository userRepository; + + public CustomUserRepositoryUserDetailsService(CustomUserRepository userRepository) { + this.userRepository = userRepository; + } + + @Override + public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { + CustomUser customUser = this.userRepository.findCustomUserByEmail(username); + if (customUser == null) { + throw new UsernameNotFoundException("username " + username + " is not found"); + } + return new CustomUserDetails(customUser); + } + + static final class CustomUserDetails extends CustomUser implements UserDetails { + + private static final List ROLE_USER = Collections + .unmodifiableList(AuthorityUtils.createAuthorityList("ROLE_USER")); + + CustomUserDetails(CustomUser customUser) { + super(customUser.getId(), customUser.getEmail(), customUser.getPassword()); + } + + @Override + public Collection getAuthorities() { + return ROLE_USER; + } + + @Override + public String getUsername() { + return getEmail(); + } + + @Override + public boolean isAccountNonExpired() { + return true; + } + + @Override + public boolean isAccountNonLocked() { + return true; + } + + @Override + public boolean isCredentialsNonExpired() { + return true; + } + + @Override + public boolean isEnabled() { + return true; + } + + } + +} diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/MapCustomUserRepository.java b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/MapCustomUserRepository.java new file mode 100644 index 0000000..ee9fdf2 --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/MapCustomUserRepository.java @@ -0,0 +1,34 @@ +/* + * Copyright 2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package example; + +import java.util.Map; + +public class MapCustomUserRepository implements CustomUserRepository { + + private final Map emailToCustomUser; + + public MapCustomUserRepository(Map emailToCustomUser) { + this.emailToCustomUser = emailToCustomUser; + } + + @Override + public CustomUser findCustomUserByEmail(String email) { + return this.emailToCustomUser.get(email); + } + +} diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/UserController.java b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/UserController.java new file mode 100644 index 0000000..463497c --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/UserController.java @@ -0,0 +1,34 @@ +/* + * Copyright 2002-2016 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package example; + +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RestController; + +/** + * Controller for exposing User information. + * + * @author Rob Winch + */ +@RestController +public class UserController { + + @GetMapping("/user") + public CustomUser user(@CurrentUser CustomUser currentUser) { + return currentUser; + } + +} diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/UserDetailsServiceApplication.java b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/UserDetailsServiceApplication.java new file mode 100644 index 0000000..cb71f6e --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/main/java/example/UserDetailsServiceApplication.java @@ -0,0 +1,55 @@ +/* + * Copyright 2012-2016 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package example; + +import java.util.HashMap; +import java.util.Map; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.context.annotation.Bean; + +/** + * Hello Security application. + * + * @author Joe Grandja + */ +@SpringBootApplication +public class UserDetailsServiceApplication { + + public static void main(String[] args) { + SpringApplication.run(UserDetailsServiceApplication.class, args); + } + + @Bean + MapCustomUserRepository userRepository() { + // the hashed password was calculated using the following code + // the hash should be done up front, so malicious users cannot discover the + // password + // PasswordEncoder encoder = + // PasswordEncoderFactories.createDelegatingPasswordEncoder(); + // String encodedPassword = encoder.encode("password"); + + // the raw password is "password" + String encodedPassword = "{bcrypt}$2a$10$h/AJueu7Xt9yh3qYuAXtk.WZJ544Uc2kdOKlHu2qQzCh/A3rq46qm"; + + CustomUser customUser = new CustomUser(1L, "user@example.com", encodedPassword); + Map emailToCustomUser = new HashMap<>(); + emailToCustomUser.put(customUser.getEmail(), customUser); + return new MapCustomUserRepository(emailToCustomUser); + } + +} diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/UserDetailsServiceApplicationTests.java b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/UserDetailsServiceApplicationTests.java new file mode 100644 index 0000000..204731a --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/UserDetailsServiceApplicationTests.java @@ -0,0 +1,111 @@ +/* + * Copyright 2012-2016 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package example; + +import org.junit.jupiter.api.Test; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.security.test.context.support.WithUserDetails; +import org.springframework.test.web.servlet.MockMvc; + +import static org.hamcrest.Matchers.equalTo; +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; + +/** + * @author Rob Winch + */ +@SpringBootTest +@AutoConfigureMockMvc +public class UserDetailsServiceApplicationTests { + + @Autowired + private MockMvc mockMvc; + + @Test + void userWhenNotAuthenticated() throws Exception { + // @formatter:off + this.mockMvc.perform(get("/user")) + .andExpect(status().isUnauthorized()); + // @formatter:on + } + + /** + * WithUserDetails looks up the user from the UserDetailsService. The advantage is + * this is easy to use. The disadvantage, is that the user must exist so it relies our + * our data being set up properly. Alternatively, consider using a custom annotation + * like {@link #userWhenWithMockCustomUserThenOk()}. + */ + @Test + @WithUserDetails("user@example.com") + void userWhenWithUserDetailsThenOk() throws Exception { + // @formatter:off + this.mockMvc.perform(get("/user")) + .andExpect(status().isOk()) + .andExpect(jsonPath("$.id", equalTo(1))); + // @formatter:on + } + + /** + * WithUser is annotated with WithUserDetails to create a concrete persona for our + * testing. It is a little extra code, but makes it less error prone. + */ + @Test + @WithUser + void userWhenWithUserThenOk() throws Exception { + // @formatter:off + this.mockMvc.perform(get("/user")) + .andExpect(status().isOk()) + .andExpect(jsonPath("$.id", equalTo(1))); + // @formatter:on + } + + /** + * WithMockCustomUser is a little more code then using {@link WithUserDetails}, but we + * don't need to ensure that the + * {@link org.springframework.security.core.userdetails.UserDetails} is defined. The + * {@link CustomUser} with email "admin@example.com" is not setup, but we can still + * use it for testing here. + */ + @Test + @WithMockCustomUser(email = "admin@example.com") + void userWhenWithMockCustomUserThenOk() throws Exception { + // @formatter:off + this.mockMvc.perform(get("/user")) + .andExpect(status().isOk()) + .andExpect(jsonPath("$.email", equalTo("admin@example.com"))); + // @formatter:on + } + + /** + * {@link WithMockCustomAdmin} is annotated with {@link WithMockCustomUser} to create + * a concrete persona for our testing. This is a little extra code, but it is less + * error prone. + */ + @Test + @WithMockCustomUser(email = "admin@example.com") + void userWhenWithMockCustomAdminThenOk() throws Exception { + // @formatter:off + this.mockMvc.perform(get("/user")) + .andExpect(status().isOk()) + .andExpect(jsonPath("$.email", equalTo("admin@example.com"))); + // @formatter:on + } + +} diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/WithMockCustomAdmin.java b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/WithMockCustomAdmin.java new file mode 100644 index 0000000..ea9625a --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/WithMockCustomAdmin.java @@ -0,0 +1,22 @@ +/* + * Copyright 2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package example; + +@WithMockCustomUser(email = "admin@example.com") +public @interface WithMockCustomAdmin { + +} diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/WithMockCustomUser.java b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/WithMockCustomUser.java new file mode 100644 index 0000000..3e5c32d --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/WithMockCustomUser.java @@ -0,0 +1,32 @@ +/* + * Copyright 2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package example; + +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; + +import org.springframework.security.test.context.support.WithSecurityContext; + +@Retention(RetentionPolicy.RUNTIME) +@WithSecurityContext(factory = WithMockCustomUserSecurityContextFactory.class) +public @interface WithMockCustomUser { + + String email() default "user@example.com"; + + int id() default 1; + +} diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/WithMockCustomUserSecurityContextFactory.java b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/WithMockCustomUserSecurityContextFactory.java new file mode 100644 index 0000000..b5073f0 --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/WithMockCustomUserSecurityContextFactory.java @@ -0,0 +1,43 @@ +/* + * Copyright 2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package example; + +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.context.SecurityContext; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.test.context.support.WithSecurityContextFactory; + +public class WithMockCustomUserSecurityContextFactory implements WithSecurityContextFactory { + + @Override + public SecurityContext createSecurityContext(WithMockCustomUser mockCustomUser) { + String username = mockCustomUser.email(); + // a stub CustomUserRepository that returns the user defined in the annotation + CustomUserRepository userRepository = (email) -> new CustomUser(mockCustomUser.id(), username, ""); + // CustomUserRepositoryUserDetailsService ensures our UserDetails is consistent + // with our production application + CustomUserRepositoryUserDetailsService userDetailsService = new CustomUserRepositoryUserDetailsService( + userRepository); + UserDetails userDetails = userDetailsService.loadUserByUsername(username); + SecurityContext securityContext = SecurityContextHolder.createEmptyContext(); + securityContext.setAuthentication(new UsernamePasswordAuthenticationToken(userDetails, + userDetails.getPassword(), userDetails.getAuthorities())); + return securityContext; + } + +} diff --git a/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/WithUser.java b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/WithUser.java new file mode 100644 index 0000000..1a94193 --- /dev/null +++ b/servlet/spring-boot/java/authentication/username-password/user-details-service/custom-user/src/test/java/example/WithUser.java @@ -0,0 +1,28 @@ +/* + * Copyright 2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package example; + +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; + +import org.springframework.security.test.context.support.WithUserDetails; + +@WithUserDetails("user@example.com") +@Retention(RetentionPolicy.RUNTIME) +public @interface WithUser { + +} diff --git a/settings.gradle b/settings.gradle index 3777ed7..3983c89 100644 --- a/settings.gradle +++ b/settings.gradle @@ -39,6 +39,7 @@ include ":servlet:java-configuration:hello-mvc-security" include ":servlet:java-configuration:hello-security" include ":servlet:java-configuration:hello-security-explicit" include ":servlet:java-configuration:max-sessions" +include ":servlet:spring-boot:java:authentication:username-password:user-details-service:custom-user" include ":servlet:spring-boot:java:hello" include ":servlet:spring-boot:java:hello-security" include ":servlet:spring-boot:java:hello-security-explicit" @@ -51,6 +52,4 @@ include ":servlet:spring-boot:java:oauth2:resource-server:opaque" include ":servlet:spring-boot:java:oauth2:resource-server:static" include ":servlet:spring-boot:java:oauth2:webclient" include ":servlet:spring-boot:java:saml2-login" -include ":servlet:spring-boot:kotlin:hello-security" - - +include ":servlet:spring-boot:kotlin:hello-security" \ No newline at end of file