All Downloads are FREE. Search and download functionalities are using the official Maven repository.

cn.spark2fire.auth.config.UserAuthConfiguration.kt Maven / Gradle / Ivy

package cn.spark2fire.auth.config

import cn.spark2fire.auth.token.InMemoryTokenService
import cn.spark2fire.auth.token.TokenFilter
import cn.spark2fire.auth.token.TokenService
import cn.spark2fire.auth.web.AuthEndpoint
import cn.spark2fire.auth.web.FrameworkEndpointHandlerMapping
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean
import org.springframework.boot.context.properties.EnableConfigurationProperties
import org.springframework.boot.web.servlet.FilterRegistrationBean
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.core.annotation.Order
import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.http.SessionCreationPolicy
import org.springframework.security.core.userdetails.UserDetailsService
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
import org.springframework.security.crypto.password.PasswordEncoder
import org.springframework.security.web.AuthenticationEntryPoint
import javax.servlet.http.HttpServletResponse

@Configuration(proxyBeanMethods = false)
@EnableConfigurationProperties(value = [AuthProperties::class])
class UserAuthConfiguration {
    @Bean
    @ConditionalOnMissingBean
    fun authenticationEntryPoint(): AuthenticationEntryPoint {
        return AuthenticationEntryPoint { _, response, _ ->
            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized")
        }
    }

    @Order(90)
    @Configuration
    class DefaultWebSecurityConfigurer : WebSecurityConfigurerAdapter() {
        override fun configure(http: HttpSecurity) {
            http
                    .sessionManagement()
                    .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                    .and()
                    .csrf().disable()
                    .formLogin().disable()
                    .logout().disable()
        }
    }

    @Bean
    @ConditionalOnMissingBean
    fun passwordEncoder(): PasswordEncoder = BCryptPasswordEncoder()

    @Bean
    fun authEndpoint(passwordEncoder: PasswordEncoder, userDetailsService: UserDetailsService, tokenService: TokenService): AuthEndpoint {
        return AuthEndpoint(passwordEncoder, userDetailsService, tokenService)
    }

    @Bean
    fun mapping() = FrameworkEndpointHandlerMapping()

    @Bean
    fun tokenFilter(tokenService: TokenService, properties: AuthProperties): FilterRegistrationBean {
        val registration = FilterRegistrationBean()
        registration.filter = TokenFilter(tokenService, properties)
        return registration
    }

    @Bean
    @ConditionalOnMissingBean
    fun tokenService(properties: AuthProperties): TokenService = InMemoryTokenService(properties)
}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy