diff --git a/movies-rest-api-monogdb/src/main/resources/application.properties b/movies-rest-api-monogdb/src/main/resources/application.properties index b7b9a5c..0ce6de1 100644 --- a/movies-rest-api-monogdb/src/main/resources/application.properties +++ b/movies-rest-api-monogdb/src/main/resources/application.properties @@ -1,6 +1,6 @@ spring.data.mongodb.uri=mongodb://localhost:27017/movies?locale=en -spring.data.mongodb.username= -spring.data.mongodb.password= +spring.data.mongodb.username=root +spring.data.mongodb.password=Passw0rd #open API path springdoc.api-docs.path=/api-docs \ No newline at end of file diff --git a/ratelimit-api-using-bucket4j/pom.xml b/ratelimit-api-using-bucket4j/pom.xml index 44766a1..1b94505 100644 --- a/ratelimit-api-using-bucket4j/pom.xml +++ b/ratelimit-api-using-bucket4j/pom.xml @@ -1,71 +1,65 @@ - + ratelimit-api-using-bucket4j + Demo project for Spring Boot + com.stacktips 4.0.0 + movies-api + 0.0.1-SNAPSHOT - org.springframework.boot spring-boot-starter-parent - 3.3.2 - + org.springframework.boot + + 3.3.2 - com.stacktips - springboot-rest-api-monogdb - 0.0.1-SNAPSHOT - movies-api - Demo project for Spring Boot 17 + + + + spring-boot-maven-plugin + org.springframework.boot + + + - - com.bucket4j bucket4j_jdk17-core + com.bucket4j 8.13.1 + - org.springframework.boot - spring-boot-starter-data-mongodb - - - org.springframework.boot spring-boot-starter-web + org.springframework.boot - org.springframework.boot spring-boot-starter-test + org.springframework.boot test - io.rest-assured rest-assured - 5.3.1 + io.rest-assured test + 5.3.1 - - io.rest-assured json-path - 5.3.1 + io.rest-assured test + 5.3.1 + - org.projectlombok lombok + org.projectlombok annotationProcessor - - - - - - org.springframework.boot - spring-boot-maven-plugin - - - - diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/MyApiApplication.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/MyApiApplication.java new file mode 100644 index 0000000..a8a6098 --- /dev/null +++ b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/MyApiApplication.java @@ -0,0 +1,13 @@ +package com.stacktips.movies; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; + +@SpringBootApplication +public class MyApiApplication { + + public static void main(String[] args) { + SpringApplication.run(MyApiApplication.class, args); + } + +} diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/api/GlobalExceptionHandler.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/api/GlobalExceptionHandler.java deleted file mode 100644 index 5a3811c..0000000 --- a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/api/GlobalExceptionHandler.java +++ /dev/null @@ -1,16 +0,0 @@ -package com.stacktips.movies.api; - -import com.stacktips.movies.exception.MovieNotFoundException; -import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.ControllerAdvice; -import org.springframework.web.bind.annotation.ExceptionHandler; - -@ControllerAdvice -public class GlobalExceptionHandler { - - @ExceptionHandler(MovieNotFoundException.class) - ResponseEntity handleNotFoundException(MovieNotFoundException ex) { - return ResponseEntity.notFound() - .build(); - } -} diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/api/HelloController.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/api/HelloController.java new file mode 100644 index 0000000..2746c91 --- /dev/null +++ b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/api/HelloController.java @@ -0,0 +1,22 @@ +package com.stacktips.movies.api; + +import lombok.RequiredArgsConstructor; +import org.springframework.http.MediaType; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +import java.util.Collections; +import java.util.Map; + +@RestController +@RequiredArgsConstructor +@RequestMapping(value = "/hello", + produces = {MediaType.APPLICATION_JSON_VALUE}) +public class HelloController { + + @GetMapping + public Map hello() { + return Collections.singletonMap("hello", "world!"); + } +} diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/api/MoviesController.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/api/MoviesController.java deleted file mode 100644 index 5488942..0000000 --- a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/api/MoviesController.java +++ /dev/null @@ -1,45 +0,0 @@ -package com.stacktips.movies.api; - -import com.stacktips.movies.dto.MovieDto; -import com.stacktips.movies.models.Movie; -import com.stacktips.movies.services.MovieService; -import lombok.RequiredArgsConstructor; -import org.springframework.http.MediaType; -import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.*; - -import java.util.List; - -@RestController -@RequiredArgsConstructor -@RequestMapping(value = "/api/1.0/movies", produces = {MediaType.APPLICATION_JSON_VALUE}) -public class MoviesController { - - private final MovieService movieService; - - @GetMapping - public List getMovies() { - return movieService.getMovies(); - } - - @PostMapping - public Movie createMovie(@RequestBody MovieDto movieDto) { - return movieService.createMovie(movieDto); - } - - @GetMapping(path = "/{movieId}") - public Movie getMovie(@PathVariable String movieId) { - return movieService.getMovie(movieId); - } - - @PatchMapping(path = "/{movieId}") - public Movie getMovie(@PathVariable String movieId, @RequestBody MovieDto movieDto) { - return movieService.updateMovie(movieId, movieDto); - } - - @DeleteMapping(path = "/{movieId}") - public ResponseEntity deleteMovie(@PathVariable String movieId) { - movieService.deleteMovie(movieId); - return ResponseEntity.ok().build(); - } -} diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/BucketConfig.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/BucketConfig.java new file mode 100644 index 0000000..fb4b951 --- /dev/null +++ b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/BucketConfig.java @@ -0,0 +1,24 @@ +package com.stacktips.movies.config; + +import lombok.Data; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +import java.time.Duration; +import java.util.Map; + +@Data +@Configuration +@ConfigurationProperties(prefix = "rate-limiting") +public class BucketConfig { + + private Map clients; + + @Data + public static class ClientBucketConfig { + + private int capacity; + private int refillTokens; + private Duration refillDuration; + } +} \ No newline at end of file diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/FilterConfig.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/FilterConfig.java index c14f4f3..063b2c7 100644 --- a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/FilterConfig.java +++ b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/FilterConfig.java @@ -1,5 +1,6 @@ package com.stacktips.movies.config; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -8,18 +9,19 @@ public class FilterConfig { // @Bean -// public FilterRegistrationBean RateLimitingFilter() { +// public FilterRegistrationBean rateLimitingFilter() { // FilterRegistrationBean registrationBean = new FilterRegistrationBean<>(); // registrationBean.setFilter(new RateLimitingFilter()); -// registrationBean.addUrlPatterns("/api/1.0/movies/*"); +// registrationBean.addUrlPatterns("/hello/*"); // return registrationBean; // } @Bean - public FilterRegistrationBean rateLimitingClientFilter() { + public FilterRegistrationBean rateLimitingClientFilter( + @Autowired BucketConfig bucketConfig) { FilterRegistrationBean registrationBean = new FilterRegistrationBean<>(); - registrationBean.setFilter(new RateLimitingClientFilter()); - registrationBean.addUrlPatterns("/api/1.0/movies/*"); + registrationBean.setFilter(new RateLimitingClientFilter(bucketConfig)); + registrationBean.addUrlPatterns("/hello/*"); return registrationBean; } } \ No newline at end of file diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/RateLimitingClientFilter.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/RateLimitingClientFilter.java index 456d6dc..5097789 100644 --- a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/RateLimitingClientFilter.java +++ b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/RateLimitingClientFilter.java @@ -2,20 +2,22 @@ import io.github.bucket4j.Bucket; import io.github.bucket4j.ConsumptionProbe; -import jakarta.servlet.FilterConfig; import jakarta.servlet.*; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; +import lombok.RequiredArgsConstructor; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import java.io.IOException; -import java.time.Duration; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.TimeUnit; +@RequiredArgsConstructor public class RateLimitingClientFilter implements Filter { + private final BucketConfig bucketConfig; + private final ConcurrentHashMap buckets = new ConcurrentHashMap<>(); @Override @@ -23,12 +25,12 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha throws IOException, ServletException { HttpServletResponse httpResponse = (HttpServletResponse) response; HttpServletRequest httpRequest = (HttpServletRequest) request; - - String apiKey = httpRequest.getHeader("X-API-Key"); + String apiKey = httpRequest.getHeader("X-Client-ID"); if (apiKey == null) { + httpResponse.setStatus(HttpStatus.BAD_REQUEST.value()); httpResponse.setContentType(MediaType.TEXT_PLAIN_VALUE); - httpResponse.getWriter().write("Missing X-API-Key header"); + httpResponse.getWriter().write("Missing X-Client-ID header"); return; } @@ -46,20 +48,16 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha } } - private Bucket createNewBucket(String apiKey) { - return Bucket.builder() - .addLimit(limit -> limit.capacity(10) - .refillIntervally(1, Duration.ofMinutes(1))) - .build(); - } - - @Override - public void init(FilterConfig filterConfig) { - - } - - @Override - public void destroy() { + private Bucket createNewBucket(String clientId) { + BucketConfig.ClientBucketConfig config = bucketConfig.getClients().get(clientId); + if (config == null) { + throw new IllegalArgumentException("Unknown client: " + clientId); + } + return Bucket.builder() + .addLimit(limit -> + limit.capacity(config.getCapacity()) + .refillIntervally(config.getRefillTokens(), config.getRefillDuration()) + ).build(); } } \ No newline at end of file diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/RateLimitingFilter.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/RateLimitingFilter.java index e886b19..c23a027 100644 --- a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/RateLimitingFilter.java +++ b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/config/RateLimitingFilter.java @@ -2,7 +2,6 @@ import io.github.bucket4j.Bucket; import io.github.bucket4j.ConsumptionProbe; -import jakarta.servlet.FilterConfig; import jakarta.servlet.*; import jakarta.servlet.http.HttpServletResponse; import org.springframework.http.HttpStatus; @@ -13,40 +12,36 @@ import java.util.concurrent.TimeUnit; public class RateLimitingFilter implements Filter { - private final Bucket bucket; public RateLimitingFilter() { - bucket = Bucket.builder().addLimit(limit -> limit.capacity(10) - .refillIntervally(1, Duration.ofMinutes(1)) - ).build(); + bucket = Bucket.builder() + .addLimit(limit -> + limit.capacity(10) + .refillIntervally(1, Duration.ofMinutes(1)) + ).build(); } @Override - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) + public void doFilter(ServletRequest servletRequest, + ServletResponse response, + FilterChain filterChain) throws IOException, ServletException { - HttpServletResponse httpResponse = (HttpServletResponse) response; ConsumptionProbe probe = bucket.tryConsumeAndReturnRemaining(1); + if (probe.isConsumed()) { - httpResponse.setHeader("X-Rate-Limit-Remaining", String.valueOf(probe.getRemainingTokens())); - chain.doFilter(request, response); + httpResponse.setHeader("X-Rate-Limit-Remaining", + String.valueOf(probe.getRemainingTokens())); + + //continue with the request + filterChain.doFilter(servletRequest, httpResponse); } else { httpResponse.setStatus(HttpStatus.TOO_MANY_REQUESTS.value()); - httpResponse.setHeader("X-Rate-Limit-Retry-After-Seconds", - String.valueOf(TimeUnit.NANOSECONDS.toSeconds(probe.getNanosToWaitForRefill()))); + long waitUntil = TimeUnit.NANOSECONDS.toSeconds(probe.getNanosToWaitForRefill()); + httpResponse.setHeader("X-Rate-Limit-Retry-After-Seconds", String.valueOf(waitUntil)); httpResponse.setContentType(MediaType.TEXT_PLAIN_VALUE); httpResponse.getWriter().write("Too many requests"); } } - - @Override - public void init(FilterConfig filterConfig) { - - } - - @Override - public void destroy() { - - } } \ No newline at end of file diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/dto/ErrorResponse.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/dto/ErrorResponse.java deleted file mode 100644 index 2b241dc..0000000 --- a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/dto/ErrorResponse.java +++ /dev/null @@ -1,12 +0,0 @@ -package com.stacktips.movies.dto; - -import lombok.AllArgsConstructor; -import lombok.Getter; -import lombok.Setter; - -@Getter -@Setter -@AllArgsConstructor -public class ErrorResponse { - private String message; -} diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/dto/MovieDto.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/dto/MovieDto.java deleted file mode 100644 index efac581..0000000 --- a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/dto/MovieDto.java +++ /dev/null @@ -1,25 +0,0 @@ -package com.stacktips.movies.dto; - -import com.stacktips.movies.models.ContentRating; -import lombok.AllArgsConstructor; -import lombok.Getter; -import lombok.NoArgsConstructor; -import lombok.Setter; - -import java.util.List; - -@Getter -@Setter -@NoArgsConstructor -@AllArgsConstructor -public class MovieDto { - - private String title; - private String headline; - private String thumbnail; - private String language; - private String region; - private List actors; - private List genres; - private ContentRating rating; -} diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/dto/SearchRequest.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/dto/SearchRequest.java deleted file mode 100644 index 55cf4ae..0000000 --- a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/dto/SearchRequest.java +++ /dev/null @@ -1,20 +0,0 @@ -package com.stacktips.movies.dto; - -import com.stacktips.movies.models.ContentRating; -import lombok.AllArgsConstructor; -import lombok.Getter; -import lombok.NoArgsConstructor; -import lombok.Setter; - -@Getter -@Setter -@AllArgsConstructor -@NoArgsConstructor -public class SearchRequest { - - private ContentRating rating; - private String language; - private String[] genres; - private String[] actors; - -} diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/exception/MovieNotFoundException.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/exception/MovieNotFoundException.java deleted file mode 100644 index fe491fe..0000000 --- a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/exception/MovieNotFoundException.java +++ /dev/null @@ -1,8 +0,0 @@ -package com.stacktips.movies.exception; - -public class MovieNotFoundException extends RuntimeException { - - public MovieNotFoundException(String message) { - super(message); - } -} diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/models/ContentRating.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/models/ContentRating.java deleted file mode 100644 index bff7f33..0000000 --- a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/models/ContentRating.java +++ /dev/null @@ -1,9 +0,0 @@ -package com.stacktips.movies.models; - -public enum ContentRating { - G, - PG, - PG13, - R, - NC17 -} diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/models/Movie.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/models/Movie.java deleted file mode 100644 index b308bd7..0000000 --- a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/models/Movie.java +++ /dev/null @@ -1,29 +0,0 @@ -package com.stacktips.movies.models; - -import lombok.AllArgsConstructor; -import lombok.Getter; -import lombok.NoArgsConstructor; -import lombok.Setter; -import org.springframework.data.annotation.Id; -import org.springframework.data.mongodb.core.mapping.Document; - -import java.util.List; - -@Getter -@Setter -@NoArgsConstructor -@AllArgsConstructor -@Document(collection = "movies") -public class Movie { - - @Id - private String id; - private String title; - private String headline; - private String thumbnail; - private String language; - private String region; - private List actors; - private List genres; - private ContentRating rating; -} diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/repository/MovieRepository.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/repository/MovieRepository.java deleted file mode 100644 index 270b802..0000000 --- a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/repository/MovieRepository.java +++ /dev/null @@ -1,8 +0,0 @@ -package com.stacktips.movies.repository; - -import com.stacktips.movies.models.Movie; -import org.springframework.data.mongodb.repository.MongoRepository; - -public interface MovieRepository extends MongoRepository { - -} diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/services/MovieService.java b/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/services/MovieService.java deleted file mode 100644 index c70e550..0000000 --- a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/services/MovieService.java +++ /dev/null @@ -1,51 +0,0 @@ -package com.stacktips.movies.services; - -import com.stacktips.movies.dto.MovieDto; -import com.stacktips.movies.exception.MovieNotFoundException; -import com.stacktips.movies.models.Movie; -import com.stacktips.movies.repository.MovieRepository; -import lombok.RequiredArgsConstructor; -import org.springframework.beans.BeanUtils; -import org.springframework.stereotype.Service; - -import java.util.List; - -@Service -@RequiredArgsConstructor -public class MovieService { - - private final MovieRepository repository; - - public List getMovies() { - return repository.findAll(); - } - - public Movie createMovie(MovieDto movieDto) { - Movie movie = new Movie(); - BeanUtils.copyProperties(movieDto, movie); - return repository.save(movie); - } - - public Movie getMovie(String movieId) { - return repository.findById(movieId) - .orElseThrow(() -> new MovieNotFoundException("Movie with id '" + movieId + "' not found.")); - } - - public Movie updateMovie(String movieId, MovieDto movieDto) { - if (!repository.existsById(movieId)) { - throw new MovieNotFoundException("Movie with id '" + movieId + "' not found."); - } - - Movie movie = new Movie(); - BeanUtils.copyProperties(movieDto, movie); - movie.setId(movieId); - return repository.save(movie); - } - - public void deleteMovie(String movieId) { - if (!repository.existsById(movieId)) { - throw new MovieNotFoundException("Movie with id '" + movieId + "' not found."); - } - repository.deleteById(movieId); - } -} \ No newline at end of file diff --git a/ratelimit-api-using-bucket4j/src/main/resources/application.properties b/ratelimit-api-using-bucket4j/src/main/resources/application.properties deleted file mode 100644 index b7b9a5c..0000000 --- a/ratelimit-api-using-bucket4j/src/main/resources/application.properties +++ /dev/null @@ -1,6 +0,0 @@ -spring.data.mongodb.uri=mongodb://localhost:27017/movies?locale=en -spring.data.mongodb.username= -spring.data.mongodb.password= - -#open API path -springdoc.api-docs.path=/api-docs \ No newline at end of file diff --git a/ratelimit-api-using-bucket4j/src/main/resources/application.yaml b/ratelimit-api-using-bucket4j/src/main/resources/application.yaml new file mode 100644 index 0000000..f4b45e1 --- /dev/null +++ b/ratelimit-api-using-bucket4j/src/main/resources/application.yaml @@ -0,0 +1,10 @@ +rate-limiting: + clients: + client1: + capacity: 10 + refill-tokens: 1 + refill-duration: PT1M + client2: + capacity: 10 + refill-tokens: 1 + refill-duration: PT1M \ No newline at end of file diff --git a/ratelimit-api-using-bucket4j/src/test/java/com/stacktips/movies/RateLimitingClientFilterTest.java b/ratelimit-api-using-bucket4j/src/test/java/com/stacktips/movies/RateLimitingClientFilterTest.java index b385144..9433c5d 100644 --- a/ratelimit-api-using-bucket4j/src/test/java/com/stacktips/movies/RateLimitingClientFilterTest.java +++ b/ratelimit-api-using-bucket4j/src/test/java/com/stacktips/movies/RateLimitingClientFilterTest.java @@ -5,6 +5,7 @@ import org.junit.jupiter.api.Test; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.boot.test.web.server.LocalServerPort; + import static io.restassured.RestAssured.given; import static org.hamcrest.Matchers.notNullValue; @@ -22,27 +23,27 @@ void setUp() { @Test void testRateLimiting() { for (int i = 0; i < 10; i++) { - given().header("X-API-Key", "app1") - .get("/api/1.0/movies").then() + given().header("X-Client-ID", "client1") + .get("/hello").then() .statusCode(200) .header("X-Rate-Limit-Remaining", notNullValue()); } for (int i = 0; i < 10; i++) { - given().header("X-API-Key", "app2") - .get("/api/1.0/movies").then() + given().header("X-Client-ID", "client2") + .get("/hello").then() .statusCode(200) .header("X-Rate-Limit-Remaining", notNullValue()); } - given().header("X-API-Key", "app1") - .get("/api/1.0/movies") + given().header("X-Client-ID", "client1") + .get("/hello") .then() .statusCode(429) .header("X-Rate-Limit-Retry-After-Seconds", notNullValue()); - given().header("X-API-Key", "app2") - .get("/api/1.0/movies") + given().header("X-Client-ID", "client2") + .get("/hello") .then() .statusCode(429) .header("X-Rate-Limit-Retry-After-Seconds", notNullValue()); diff --git a/ratelimit-api-using-bucket4j/src/test/java/com/stacktips/movies/RateLimitingFilterTest.java b/ratelimit-api-using-bucket4j/src/test/java/com/stacktips/movies/RateLimitingFilterTest.java index 417daf3..c472679 100644 --- a/ratelimit-api-using-bucket4j/src/test/java/com/stacktips/movies/RateLimitingFilterTest.java +++ b/ratelimit-api-using-bucket4j/src/test/java/com/stacktips/movies/RateLimitingFilterTest.java @@ -1,45 +1,26 @@ package com.stacktips.movies; -import io.restassured.RestAssured; -import io.restassured.response.Response; -import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.test.web.server.LocalServerPort; -import static io.restassured.RestAssured.*; +import static io.restassured.RestAssured.get; import static org.hamcrest.Matchers.notNullValue; @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) class RateLimitingFilterTest { - @LocalServerPort - private int port; - - @BeforeEach - void setUp() { - RestAssured.port = port; - } - @Test void testRateLimiting() { for (int i = 0; i < 10; i++) { - Response response = get("/api/1.0/movies"); - response.then() + get("/hello") + .then() .statusCode(200) .header("X-Rate-Limit-Remaining", notNullValue()); - printResponse(response); } - get("/api/1.0/movies") + get("/hello") .then() .statusCode(429) .header("X-Rate-Limit-Retry-After-Seconds", notNullValue()); } - - private void printResponse(Response response) { - response.headers().forEach(System.out::println); - System.out.println(response.getBody().asString()); - System.out.println("-----------------------------"); - } } diff --git a/spring-boot-movies-xml-api/src/main/resources/application.properties b/spring-boot-movies-xml-api/src/main/resources/application.properties index f27c895..5e06a4b 100644 --- a/spring-boot-movies-xml-api/src/main/resources/application.properties +++ b/spring-boot-movies-xml-api/src/main/resources/application.properties @@ -1,4 +1,4 @@ spring.data.mongodb.uri=mongodb://localhost:27017/movies?locale=en -spring.data.mongodb.username= -spring.data.mongodb.password= +spring.data.mongodb.username=root +spring.data.mongodb.password=Passw0rd spring.data.mongodb.authentication-database= diff --git a/spring-security/c1-spring-security-login/.gitattributes b/spring-security/c1-spring-security-login/.gitattributes new file mode 100644 index 0000000..8af972c --- /dev/null +++ b/spring-security/c1-spring-security-login/.gitattributes @@ -0,0 +1,3 @@ +/gradlew text eol=lf +*.bat text eol=crlf +*.jar binary diff --git a/spring-security-jwt/.gitignore b/spring-security/c1-spring-security-login/.gitignore similarity index 100% rename from spring-security-jwt/.gitignore rename to spring-security/c1-spring-security-login/.gitignore diff --git a/spring-security/c1-spring-security-login/build.gradle b/spring-security/c1-spring-security-login/build.gradle new file mode 100644 index 0000000..591ef52 --- /dev/null +++ b/spring-security/c1-spring-security-login/build.gradle @@ -0,0 +1,29 @@ +plugins { + id 'java' + id 'org.springframework.boot' version '3.4.1' + id 'io.spring.dependency-management' version '1.1.7' +} + +group = 'com.stacktips.security.login' +version = '0.0.1-SNAPSHOT' + +java { + toolchain { + languageVersion = JavaLanguageVersion.of(17) + } +} + +repositories { + mavenCentral() +} + +dependencies { + implementation 'org.springframework.boot:spring-boot-starter-web' + implementation 'org.springframework.boot:spring-boot-starter-security' + testImplementation 'org.springframework.boot:spring-boot-starter-test' + testRuntimeOnly 'org.junit.platform:junit-platform-launcher' +} + +tasks.named('test') { + useJUnitPlatform() +} diff --git a/spring-security/c1-spring-security-login/gradle/wrapper/gradle-wrapper.jar b/spring-security/c1-spring-security-login/gradle/wrapper/gradle-wrapper.jar new file mode 100644 index 0000000..a4b76b9 Binary files /dev/null and b/spring-security/c1-spring-security-login/gradle/wrapper/gradle-wrapper.jar differ diff --git a/spring-security/c1-spring-security-login/gradle/wrapper/gradle-wrapper.properties b/spring-security/c1-spring-security-login/gradle/wrapper/gradle-wrapper.properties new file mode 100644 index 0000000..e2847c8 --- /dev/null +++ b/spring-security/c1-spring-security-login/gradle/wrapper/gradle-wrapper.properties @@ -0,0 +1,7 @@ +distributionBase=GRADLE_USER_HOME +distributionPath=wrapper/dists +distributionUrl=https\://services.gradle.org/distributions/gradle-8.11.1-bin.zip +networkTimeout=10000 +validateDistributionUrl=true +zipStoreBase=GRADLE_USER_HOME +zipStorePath=wrapper/dists diff --git a/spring-security/c1-spring-security-login/gradlew b/spring-security/c1-spring-security-login/gradlew new file mode 100755 index 0000000..f5feea6 --- /dev/null +++ b/spring-security/c1-spring-security-login/gradlew @@ -0,0 +1,252 @@ +#!/bin/sh + +# +# Copyright © 2015-2021 the original authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# + +############################################################################## +# +# Gradle start up script for POSIX generated by Gradle. +# +# Important for running: +# +# (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is +# noncompliant, but you have some other compliant shell such as ksh or +# bash, then to run this script, type that shell name before the whole +# command line, like: +# +# ksh Gradle +# +# Busybox and similar reduced shells will NOT work, because this script +# requires all of these POSIX shell features: +# * functions; +# * expansions «$var», «${var}», «${var:-default}», «${var+SET}», +# «${var#prefix}», «${var%suffix}», and «$( cmd )»; +# * compound commands having a testable exit status, especially «case»; +# * various built-in commands including «command», «set», and «ulimit». +# +# Important for patching: +# +# (2) This script targets any POSIX shell, so it avoids extensions provided +# by Bash, Ksh, etc; in particular arrays are avoided. +# +# The "traditional" practice of packing multiple parameters into a +# space-separated string is a well documented source of bugs and security +# problems, so this is (mostly) avoided, by progressively accumulating +# options in "$@", and eventually passing that to Java. +# +# Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS, +# and GRADLE_OPTS) rely on word-splitting, this is performed explicitly; +# see the in-line comments for details. +# +# There are tweaks for specific operating systems such as AIX, CygWin, +# Darwin, MinGW, and NonStop. +# +# (3) This script is generated from the Groovy template +# https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt +# within the Gradle project. +# +# You can find Gradle at https://github.com/gradle/gradle/. +# +############################################################################## + +# Attempt to set APP_HOME + +# Resolve links: $0 may be a link +app_path=$0 + +# Need this for daisy-chained symlinks. +while + APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path + [ -h "$app_path" ] +do + ls=$( ls -ld "$app_path" ) + link=${ls#*' -> '} + case $link in #( + /*) app_path=$link ;; #( + *) app_path=$APP_HOME$link ;; + esac +done + +# This is normally unused +# shellcheck disable=SC2034 +APP_BASE_NAME=${0##*/} +# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036) +APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s +' "$PWD" ) || exit + +# Use the maximum available, or set MAX_FD != -1 to use that value. +MAX_FD=maximum + +warn () { + echo "$*" +} >&2 + +die () { + echo + echo "$*" + echo + exit 1 +} >&2 + +# OS specific support (must be 'true' or 'false'). +cygwin=false +msys=false +darwin=false +nonstop=false +case "$( uname )" in #( + CYGWIN* ) cygwin=true ;; #( + Darwin* ) darwin=true ;; #( + MSYS* | MINGW* ) msys=true ;; #( + NONSTOP* ) nonstop=true ;; +esac + +CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + + +# Determine the Java command to use to start the JVM. +if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD=$JAVA_HOME/jre/sh/java + else + JAVACMD=$JAVA_HOME/bin/java + fi + if [ ! -x "$JAVACMD" ] ; then + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +else + JAVACMD=java + if ! command -v java >/dev/null 2>&1 + then + die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +fi + +# Increase the maximum file descriptors if we can. +if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then + case $MAX_FD in #( + max*) + # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked. + # shellcheck disable=SC2039,SC3045 + MAX_FD=$( ulimit -H -n ) || + warn "Could not query maximum file descriptor limit" + esac + case $MAX_FD in #( + '' | soft) :;; #( + *) + # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked. + # shellcheck disable=SC2039,SC3045 + ulimit -n "$MAX_FD" || + warn "Could not set maximum file descriptor limit to $MAX_FD" + esac +fi + +# Collect all arguments for the java command, stacking in reverse order: +# * args from the command line +# * the main class name +# * -classpath +# * -D...appname settings +# * --module-path (only if needed) +# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables. + +# For Cygwin or MSYS, switch paths to Windows format before running java +if "$cygwin" || "$msys" ; then + APP_HOME=$( cygpath --path --mixed "$APP_HOME" ) + CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" ) + + JAVACMD=$( cygpath --unix "$JAVACMD" ) + + # Now convert the arguments - kludge to limit ourselves to /bin/sh + for arg do + if + case $arg in #( + -*) false ;; # don't mess with options #( + /?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath + [ -e "$t" ] ;; #( + *) false ;; + esac + then + arg=$( cygpath --path --ignore --mixed "$arg" ) + fi + # Roll the args list around exactly as many times as the number of + # args, so each arg winds up back in the position where it started, but + # possibly modified. + # + # NB: a `for` loop captures its iteration list before it begins, so + # changing the positional parameters here affects neither the number of + # iterations, nor the values presented in `arg`. + shift # remove old arg + set -- "$@" "$arg" # push replacement arg + done +fi + + +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' + +# Collect all arguments for the java command: +# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments, +# and any embedded shellness will be escaped. +# * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be +# treated as '${Hostname}' itself on the command line. + +set -- \ + "-Dorg.gradle.appname=$APP_BASE_NAME" \ + -classpath "$CLASSPATH" \ + org.gradle.wrapper.GradleWrapperMain \ + "$@" + +# Stop when "xargs" is not available. +if ! command -v xargs >/dev/null 2>&1 +then + die "xargs is not available" +fi + +# Use "xargs" to parse quoted args. +# +# With -n1 it outputs one arg per line, with the quotes and backslashes removed. +# +# In Bash we could simply go: +# +# readarray ARGS < <( xargs -n1 <<<"$var" ) && +# set -- "${ARGS[@]}" "$@" +# +# but POSIX shell has neither arrays nor command substitution, so instead we +# post-process each arg (as a line of input to sed) to backslash-escape any +# character that might be a shell metacharacter, then use eval to reverse +# that process (while maintaining the separation between arguments), and wrap +# the whole thing up as a single "set" statement. +# +# This will of course break if any of these variables contains a newline or +# an unmatched quote. +# + +eval "set -- $( + printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" | + xargs -n1 | + sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' | + tr '\n' ' ' + )" '"$@"' + +exec "$JAVACMD" "$@" diff --git a/spring-security/c1-spring-security-login/gradlew.bat b/spring-security/c1-spring-security-login/gradlew.bat new file mode 100644 index 0000000..9d21a21 --- /dev/null +++ b/spring-security/c1-spring-security-login/gradlew.bat @@ -0,0 +1,94 @@ +@rem +@rem Copyright 2015 the original author or authors. +@rem +@rem Licensed under the Apache License, Version 2.0 (the "License"); +@rem you may not use this file except in compliance with the License. +@rem You may obtain a copy of the License at +@rem +@rem https://www.apache.org/licenses/LICENSE-2.0 +@rem +@rem Unless required by applicable law or agreed to in writing, software +@rem distributed under the License is distributed on an "AS IS" BASIS, +@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +@rem See the License for the specific language governing permissions and +@rem limitations under the License. +@rem +@rem SPDX-License-Identifier: Apache-2.0 +@rem + +@if "%DEBUG%"=="" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%"=="" set DIRNAME=. +@rem This is normally unused +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Resolve any "." and ".." in APP_HOME to make it shorter. +for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if %ERRORLEVEL% equ 0 goto execute + +echo. 1>&2 +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2 +echo. 1>&2 +echo Please set the JAVA_HOME variable in your environment to match the 1>&2 +echo location of your Java installation. 1>&2 + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto execute + +echo. 1>&2 +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2 +echo. 1>&2 +echo Please set the JAVA_HOME variable in your environment to match the 1>&2 +echo location of your Java installation. 1>&2 + +goto fail + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %* + +:end +@rem End local scope for the variables with windows NT shell +if %ERRORLEVEL% equ 0 goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +set EXIT_CODE=%ERRORLEVEL% +if %EXIT_CODE% equ 0 set EXIT_CODE=1 +if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE% +exit /b %EXIT_CODE% + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/spring-security/c1-spring-security-login/settings.gradle b/spring-security/c1-spring-security-login/settings.gradle new file mode 100644 index 0000000..8c7daba --- /dev/null +++ b/spring-security/c1-spring-security-login/settings.gradle @@ -0,0 +1 @@ +rootProject.name = 'spring-sercurity-login' diff --git a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/MoviesApiApplication.java b/spring-security/c1-spring-security-login/src/main/java/com/stacktips/security/SpringSecurityApplication.java similarity index 58% rename from ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/MoviesApiApplication.java rename to spring-security/c1-spring-security-login/src/main/java/com/stacktips/security/SpringSecurityApplication.java index 92cd546..6e3a936 100644 --- a/ratelimit-api-using-bucket4j/src/main/java/com/stacktips/movies/MoviesApiApplication.java +++ b/spring-security/c1-spring-security-login/src/main/java/com/stacktips/security/SpringSecurityApplication.java @@ -1,13 +1,13 @@ -package com.stacktips.movies; +package com.stacktips.security; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @SpringBootApplication -public class MoviesApiApplication { +public class SpringSecurityApplication { public static void main(String[] args) { - SpringApplication.run(MoviesApiApplication.class, args); + SpringApplication.run(SpringSecurityApplication.class, args); } } diff --git a/spring-security/c1-spring-security-login/src/main/java/com/stacktips/security/config/SecurityConfig.java b/spring-security/c1-spring-security-login/src/main/java/com/stacktips/security/config/SecurityConfig.java new file mode 100644 index 0000000..c357214 --- /dev/null +++ b/spring-security/c1-spring-security-login/src/main/java/com/stacktips/security/config/SecurityConfig.java @@ -0,0 +1,45 @@ +package com.stacktips.security.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.core.userdetails.User; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.provisioning.InMemoryUserDetailsManager; +import org.springframework.security.provisioning.UserDetailsManager; +import org.springframework.security.web.SecurityFilterChain; + +@Configuration +@EnableWebSecurity +public class SecurityConfig { + + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + http.authorizeHttpRequests(auth -> auth + // public endpoints + .requestMatchers("/public") + .permitAll() + + // Require authentication for all requests + .anyRequest().authenticated() + ).formLogin(formLogin -> + formLogin.defaultSuccessUrl("/hello") + ); + + return http.build(); + } + + @Bean + public UserDetailsManager users() { + UserDetails user = User + .withDefaultPasswordEncoder() + .username("user") + .password("password") + .roles("USER") + .build(); + + return new InMemoryUserDetailsManager(user); + } + +} \ No newline at end of file diff --git a/spring-security/c1-spring-security-login/src/main/java/com/stacktips/security/controller/HomeController.java b/spring-security/c1-spring-security-login/src/main/java/com/stacktips/security/controller/HomeController.java new file mode 100644 index 0000000..6b390ac --- /dev/null +++ b/spring-security/c1-spring-security-login/src/main/java/com/stacktips/security/controller/HomeController.java @@ -0,0 +1,23 @@ +package com.stacktips.security.controller; + +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RestController; + +@RestController +public class HomeController { + + @GetMapping("/hello") + public String hello() { + return "Hello World!"; + } + + @GetMapping("/private") + public String home() { + return "This is a secured page!"; + } + + @GetMapping("/public") + public String publicEndpoint() { + return "This is a public page!"; + } +} \ No newline at end of file diff --git a/spring-security/c1-spring-security-login/src/main/resources/application.properties b/spring-security/c1-spring-security-login/src/main/resources/application.properties new file mode 100644 index 0000000..cbe7a74 --- /dev/null +++ b/spring-security/c1-spring-security-login/src/main/resources/application.properties @@ -0,0 +1 @@ +spring.application.name=spring-sercurity-login diff --git a/spring-security/c2-spring-security-jdbc/.gitattributes b/spring-security/c2-spring-security-jdbc/.gitattributes new file mode 100644 index 0000000..8af972c --- /dev/null +++ b/spring-security/c2-spring-security-jdbc/.gitattributes @@ -0,0 +1,3 @@ +/gradlew text eol=lf +*.bat text eol=crlf +*.jar binary diff --git a/spring-security/c2-spring-security-jdbc/.gitignore b/spring-security/c2-spring-security-jdbc/.gitignore new file mode 100644 index 0000000..c2065bc --- /dev/null +++ b/spring-security/c2-spring-security-jdbc/.gitignore @@ -0,0 +1,37 @@ +HELP.md +.gradle +build/ +!gradle/wrapper/gradle-wrapper.jar +!**/src/main/**/build/ +!**/src/test/**/build/ + +### STS ### +.apt_generated +.classpath +.factorypath +.project +.settings +.springBeans +.sts4-cache +bin/ +!**/src/main/**/bin/ +!**/src/test/**/bin/ + +### IntelliJ IDEA ### +.idea +*.iws +*.iml +*.ipr +out/ +!**/src/main/**/out/ +!**/src/test/**/out/ + +### NetBeans ### +/nbproject/private/ +/nbbuild/ +/dist/ +/nbdist/ +/.nb-gradle/ + +### VS Code ### +.vscode/ diff --git a/spring-security/c2-spring-security-jdbc/build.gradle b/spring-security/c2-spring-security-jdbc/build.gradle new file mode 100644 index 0000000..266f649 --- /dev/null +++ b/spring-security/c2-spring-security-jdbc/build.gradle @@ -0,0 +1,38 @@ +plugins { + id 'java' + id 'org.springframework.boot' version '3.4.1' + id 'io.spring.dependency-management' version '1.1.7' +} + +group = 'com.stacktips.security.login' +version = '0.0.1-SNAPSHOT' + +java { + toolchain { + languageVersion = JavaLanguageVersion.of(17) + } +} + +repositories { + mavenCentral() +} + +dependencies { + implementation 'org.springframework.boot:spring-boot-starter-web' + implementation 'org.springframework.boot:spring-boot-starter-security' + + runtimeOnly 'com.mysql:mysql-connector-j' + implementation 'org.springframework.boot:spring-boot-starter-data-jpa' + + implementation 'org.flywaydb:flyway-core' + implementation 'org.flywaydb:flyway-mysql' + + implementation 'org.bouncycastle:bcprov-jdk15on:1.70' + + testImplementation 'org.springframework.boot:spring-boot-starter-test' + testRuntimeOnly 'org.junit.platform:junit-platform-launcher' +} + +tasks.named('test') { + useJUnitPlatform() +} diff --git a/spring-security/c2-spring-security-jdbc/gradle/wrapper/gradle-wrapper.jar b/spring-security/c2-spring-security-jdbc/gradle/wrapper/gradle-wrapper.jar new file mode 100644 index 0000000..a4b76b9 Binary files /dev/null and b/spring-security/c2-spring-security-jdbc/gradle/wrapper/gradle-wrapper.jar differ diff --git a/spring-security/c2-spring-security-jdbc/gradle/wrapper/gradle-wrapper.properties b/spring-security/c2-spring-security-jdbc/gradle/wrapper/gradle-wrapper.properties new file mode 100644 index 0000000..e2847c8 --- /dev/null +++ b/spring-security/c2-spring-security-jdbc/gradle/wrapper/gradle-wrapper.properties @@ -0,0 +1,7 @@ +distributionBase=GRADLE_USER_HOME +distributionPath=wrapper/dists +distributionUrl=https\://services.gradle.org/distributions/gradle-8.11.1-bin.zip +networkTimeout=10000 +validateDistributionUrl=true +zipStoreBase=GRADLE_USER_HOME +zipStorePath=wrapper/dists diff --git a/spring-security/c2-spring-security-jdbc/gradlew b/spring-security/c2-spring-security-jdbc/gradlew new file mode 100755 index 0000000..f5feea6 --- /dev/null +++ b/spring-security/c2-spring-security-jdbc/gradlew @@ -0,0 +1,252 @@ +#!/bin/sh + +# +# Copyright © 2015-2021 the original authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# + +############################################################################## +# +# Gradle start up script for POSIX generated by Gradle. +# +# Important for running: +# +# (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is +# noncompliant, but you have some other compliant shell such as ksh or +# bash, then to run this script, type that shell name before the whole +# command line, like: +# +# ksh Gradle +# +# Busybox and similar reduced shells will NOT work, because this script +# requires all of these POSIX shell features: +# * functions; +# * expansions «$var», «${var}», «${var:-default}», «${var+SET}», +# «${var#prefix}», «${var%suffix}», and «$( cmd )»; +# * compound commands having a testable exit status, especially «case»; +# * various built-in commands including «command», «set», and «ulimit». +# +# Important for patching: +# +# (2) This script targets any POSIX shell, so it avoids extensions provided +# by Bash, Ksh, etc; in particular arrays are avoided. +# +# The "traditional" practice of packing multiple parameters into a +# space-separated string is a well documented source of bugs and security +# problems, so this is (mostly) avoided, by progressively accumulating +# options in "$@", and eventually passing that to Java. +# +# Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS, +# and GRADLE_OPTS) rely on word-splitting, this is performed explicitly; +# see the in-line comments for details. +# +# There are tweaks for specific operating systems such as AIX, CygWin, +# Darwin, MinGW, and NonStop. +# +# (3) This script is generated from the Groovy template +# https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt +# within the Gradle project. +# +# You can find Gradle at https://github.com/gradle/gradle/. +# +############################################################################## + +# Attempt to set APP_HOME + +# Resolve links: $0 may be a link +app_path=$0 + +# Need this for daisy-chained symlinks. +while + APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path + [ -h "$app_path" ] +do + ls=$( ls -ld "$app_path" ) + link=${ls#*' -> '} + case $link in #( + /*) app_path=$link ;; #( + *) app_path=$APP_HOME$link ;; + esac +done + +# This is normally unused +# shellcheck disable=SC2034 +APP_BASE_NAME=${0##*/} +# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036) +APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s +' "$PWD" ) || exit + +# Use the maximum available, or set MAX_FD != -1 to use that value. +MAX_FD=maximum + +warn () { + echo "$*" +} >&2 + +die () { + echo + echo "$*" + echo + exit 1 +} >&2 + +# OS specific support (must be 'true' or 'false'). +cygwin=false +msys=false +darwin=false +nonstop=false +case "$( uname )" in #( + CYGWIN* ) cygwin=true ;; #( + Darwin* ) darwin=true ;; #( + MSYS* | MINGW* ) msys=true ;; #( + NONSTOP* ) nonstop=true ;; +esac + +CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + + +# Determine the Java command to use to start the JVM. +if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD=$JAVA_HOME/jre/sh/java + else + JAVACMD=$JAVA_HOME/bin/java + fi + if [ ! -x "$JAVACMD" ] ; then + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +else + JAVACMD=java + if ! command -v java >/dev/null 2>&1 + then + die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +fi + +# Increase the maximum file descriptors if we can. +if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then + case $MAX_FD in #( + max*) + # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked. + # shellcheck disable=SC2039,SC3045 + MAX_FD=$( ulimit -H -n ) || + warn "Could not query maximum file descriptor limit" + esac + case $MAX_FD in #( + '' | soft) :;; #( + *) + # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked. + # shellcheck disable=SC2039,SC3045 + ulimit -n "$MAX_FD" || + warn "Could not set maximum file descriptor limit to $MAX_FD" + esac +fi + +# Collect all arguments for the java command, stacking in reverse order: +# * args from the command line +# * the main class name +# * -classpath +# * -D...appname settings +# * --module-path (only if needed) +# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables. + +# For Cygwin or MSYS, switch paths to Windows format before running java +if "$cygwin" || "$msys" ; then + APP_HOME=$( cygpath --path --mixed "$APP_HOME" ) + CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" ) + + JAVACMD=$( cygpath --unix "$JAVACMD" ) + + # Now convert the arguments - kludge to limit ourselves to /bin/sh + for arg do + if + case $arg in #( + -*) false ;; # don't mess with options #( + /?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath + [ -e "$t" ] ;; #( + *) false ;; + esac + then + arg=$( cygpath --path --ignore --mixed "$arg" ) + fi + # Roll the args list around exactly as many times as the number of + # args, so each arg winds up back in the position where it started, but + # possibly modified. + # + # NB: a `for` loop captures its iteration list before it begins, so + # changing the positional parameters here affects neither the number of + # iterations, nor the values presented in `arg`. + shift # remove old arg + set -- "$@" "$arg" # push replacement arg + done +fi + + +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' + +# Collect all arguments for the java command: +# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments, +# and any embedded shellness will be escaped. +# * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be +# treated as '${Hostname}' itself on the command line. + +set -- \ + "-Dorg.gradle.appname=$APP_BASE_NAME" \ + -classpath "$CLASSPATH" \ + org.gradle.wrapper.GradleWrapperMain \ + "$@" + +# Stop when "xargs" is not available. +if ! command -v xargs >/dev/null 2>&1 +then + die "xargs is not available" +fi + +# Use "xargs" to parse quoted args. +# +# With -n1 it outputs one arg per line, with the quotes and backslashes removed. +# +# In Bash we could simply go: +# +# readarray ARGS < <( xargs -n1 <<<"$var" ) && +# set -- "${ARGS[@]}" "$@" +# +# but POSIX shell has neither arrays nor command substitution, so instead we +# post-process each arg (as a line of input to sed) to backslash-escape any +# character that might be a shell metacharacter, then use eval to reverse +# that process (while maintaining the separation between arguments), and wrap +# the whole thing up as a single "set" statement. +# +# This will of course break if any of these variables contains a newline or +# an unmatched quote. +# + +eval "set -- $( + printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" | + xargs -n1 | + sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' | + tr '\n' ' ' + )" '"$@"' + +exec "$JAVACMD" "$@" diff --git a/spring-security/c2-spring-security-jdbc/gradlew.bat b/spring-security/c2-spring-security-jdbc/gradlew.bat new file mode 100644 index 0000000..9d21a21 --- /dev/null +++ b/spring-security/c2-spring-security-jdbc/gradlew.bat @@ -0,0 +1,94 @@ +@rem +@rem Copyright 2015 the original author or authors. +@rem +@rem Licensed under the Apache License, Version 2.0 (the "License"); +@rem you may not use this file except in compliance with the License. +@rem You may obtain a copy of the License at +@rem +@rem https://www.apache.org/licenses/LICENSE-2.0 +@rem +@rem Unless required by applicable law or agreed to in writing, software +@rem distributed under the License is distributed on an "AS IS" BASIS, +@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +@rem See the License for the specific language governing permissions and +@rem limitations under the License. +@rem +@rem SPDX-License-Identifier: Apache-2.0 +@rem + +@if "%DEBUG%"=="" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%"=="" set DIRNAME=. +@rem This is normally unused +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Resolve any "." and ".." in APP_HOME to make it shorter. +for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if %ERRORLEVEL% equ 0 goto execute + +echo. 1>&2 +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2 +echo. 1>&2 +echo Please set the JAVA_HOME variable in your environment to match the 1>&2 +echo location of your Java installation. 1>&2 + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto execute + +echo. 1>&2 +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2 +echo. 1>&2 +echo Please set the JAVA_HOME variable in your environment to match the 1>&2 +echo location of your Java installation. 1>&2 + +goto fail + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %* + +:end +@rem End local scope for the variables with windows NT shell +if %ERRORLEVEL% equ 0 goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +set EXIT_CODE=%ERRORLEVEL% +if %EXIT_CODE% equ 0 set EXIT_CODE=1 +if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE% +exit /b %EXIT_CODE% + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/spring-security/c2-spring-security-jdbc/settings.gradle b/spring-security/c2-spring-security-jdbc/settings.gradle new file mode 100644 index 0000000..fcbfd99 --- /dev/null +++ b/spring-security/c2-spring-security-jdbc/settings.gradle @@ -0,0 +1 @@ +rootProject.name = 'spring-security-jdbc' diff --git a/spring-security/c2-spring-security-jdbc/src/main/java/com/stacktips/security/SpringSecurityApplication.java b/spring-security/c2-spring-security-jdbc/src/main/java/com/stacktips/security/SpringSecurityApplication.java new file mode 100644 index 0000000..b9b7672 --- /dev/null +++ b/spring-security/c2-spring-security-jdbc/src/main/java/com/stacktips/security/SpringSecurityApplication.java @@ -0,0 +1,12 @@ +package com.stacktips.security; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; + +@SpringBootApplication +public class SpringSecurityApplication { + + public static void main(String[] args) { + SpringApplication.run(SpringSecurityApplication.class, args); + } +} diff --git a/spring-security/c2-spring-security-jdbc/src/main/java/com/stacktips/security/config/SecurityConfig.java b/spring-security/c2-spring-security-jdbc/src/main/java/com/stacktips/security/config/SecurityConfig.java new file mode 100644 index 0000000..bc15634 --- /dev/null +++ b/spring-security/c2-spring-security-jdbc/src/main/java/com/stacktips/security/config/SecurityConfig.java @@ -0,0 +1,57 @@ +package com.stacktips.security.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.crypto.argon2.Argon2PasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.provisioning.JdbcUserDetailsManager; +import org.springframework.security.provisioning.UserDetailsManager; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.core.userdetails.User; +import org.springframework.security.core.userdetails.UserDetails; + +import javax.sql.DataSource; + + +@Configuration +@EnableWebSecurity +public class SecurityConfig { + + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + http.authorizeHttpRequests(auth -> auth + // public endpoints + .requestMatchers("/public") + .permitAll() + + // Require authentication for all requests + .anyRequest().authenticated() + ).formLogin(formLogin -> + formLogin.defaultSuccessUrl("/hello") + ); + + return http.build(); + } + + @Bean + public PasswordEncoder passwordEncoder() { + return Argon2PasswordEncoder.defaultsForSpringSecurity_v5_8(); + } + + @Bean + public UserDetailsManager users(DataSource dataSource, PasswordEncoder passwordEncoder) { + JdbcUserDetailsManager users = new JdbcUserDetailsManager(dataSource); + if (!users.userExists("user")) { + UserDetails user = User + .withUsername("user") + .password(passwordEncoder.encode("password")) + .roles("USER") + .build(); + users.createUser(user); + } + return users; + } + +} \ No newline at end of file diff --git a/spring-security/c2-spring-security-jdbc/src/main/java/com/stacktips/security/controller/HomeController.java b/spring-security/c2-spring-security-jdbc/src/main/java/com/stacktips/security/controller/HomeController.java new file mode 100644 index 0000000..6b390ac --- /dev/null +++ b/spring-security/c2-spring-security-jdbc/src/main/java/com/stacktips/security/controller/HomeController.java @@ -0,0 +1,23 @@ +package com.stacktips.security.controller; + +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RestController; + +@RestController +public class HomeController { + + @GetMapping("/hello") + public String hello() { + return "Hello World!"; + } + + @GetMapping("/private") + public String home() { + return "This is a secured page!"; + } + + @GetMapping("/public") + public String publicEndpoint() { + return "This is a public page!"; + } +} \ No newline at end of file diff --git a/spring-security/c2-spring-security-jdbc/src/main/resources/application.properties b/spring-security/c2-spring-security-jdbc/src/main/resources/application.properties new file mode 100644 index 0000000..6a32c12 --- /dev/null +++ b/spring-security/c2-spring-security-jdbc/src/main/resources/application.properties @@ -0,0 +1,11 @@ +spring.application.name=spring-sercurity-login + + +spring.datasource.url=jdbc:mysql://localhost:3306/spring_security_login +spring.datasource.username=root +spring.datasource.password=Passw0rd +spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver + +spring.jpa.show-sql=true +spring.flyway.enabled=true +#spring.flyway.locations=classpath:db/migrations diff --git a/spring-security/c2-spring-security-jdbc/src/main/resources/db/migration/V1__create_user_tables.sql b/spring-security/c2-spring-security-jdbc/src/main/resources/db/migration/V1__create_user_tables.sql new file mode 100644 index 0000000..3402574 --- /dev/null +++ b/spring-security/c2-spring-security-jdbc/src/main/resources/db/migration/V1__create_user_tables.sql @@ -0,0 +1,13 @@ +CREATE TABLE users +( + username VARCHAR(50) NOT NULL PRIMARY KEY, + password VARCHAR(100) NOT NULL, + enabled BOOLEAN NOT NULL +); + +CREATE TABLE authorities +( + username VARCHAR(50) NOT NULL, + authority VARCHAR(50) NOT NULL, + FOREIGN KEY (username) REFERENCES users (username) +); \ No newline at end of file diff --git a/spring-security/c3-spring-security-custom-login-form/.gitattributes b/spring-security/c3-spring-security-custom-login-form/.gitattributes new file mode 100644 index 0000000..8af972c --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/.gitattributes @@ -0,0 +1,3 @@ +/gradlew text eol=lf +*.bat text eol=crlf +*.jar binary diff --git a/spring-security/c3-spring-security-custom-login-form/.gitignore b/spring-security/c3-spring-security-custom-login-form/.gitignore new file mode 100644 index 0000000..c2065bc --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/.gitignore @@ -0,0 +1,37 @@ +HELP.md +.gradle +build/ +!gradle/wrapper/gradle-wrapper.jar +!**/src/main/**/build/ +!**/src/test/**/build/ + +### STS ### +.apt_generated +.classpath +.factorypath +.project +.settings +.springBeans +.sts4-cache +bin/ +!**/src/main/**/bin/ +!**/src/test/**/bin/ + +### IntelliJ IDEA ### +.idea +*.iws +*.iml +*.ipr +out/ +!**/src/main/**/out/ +!**/src/test/**/out/ + +### NetBeans ### +/nbproject/private/ +/nbbuild/ +/dist/ +/nbdist/ +/.nb-gradle/ + +### VS Code ### +.vscode/ diff --git a/spring-security/c3-spring-security-custom-login-form/build.gradle b/spring-security/c3-spring-security-custom-login-form/build.gradle new file mode 100644 index 0000000..5a5829a --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/build.gradle @@ -0,0 +1,45 @@ +plugins { + id 'java' + id 'org.springframework.boot' version '3.4.1' + id 'io.spring.dependency-management' version '1.1.7' +} + +group = 'com.stacktips.security.login' +version = '0.0.1-SNAPSHOT' + +java { + toolchain { + languageVersion = JavaLanguageVersion.of(17) + } +} + +repositories { + mavenCentral() +} + +dependencies { + implementation 'org.springframework.boot:spring-boot-starter-web' + implementation 'org.springframework.boot:spring-boot-starter-security' + implementation 'org.springframework.boot:spring-boot-starter-thymeleaf' + implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity6' + implementation 'org.springframework.boot:spring-boot-starter-validation' + + implementation 'org.projectlombok:lombok' + annotationProcessor 'org.projectlombok:lombok' + + + runtimeOnly 'com.mysql:mysql-connector-j' + implementation 'org.springframework.boot:spring-boot-starter-data-jpa' + + implementation 'org.flywaydb:flyway-core' + implementation 'org.flywaydb:flyway-mysql' + + implementation 'org.bouncycastle:bcprov-jdk15on:1.70' + + testImplementation 'org.springframework.boot:spring-boot-starter-test' + testRuntimeOnly 'org.junit.platform:junit-platform-launcher' +} + +tasks.named('test') { + useJUnitPlatform() +} diff --git a/spring-security/c3-spring-security-custom-login-form/gradle/wrapper/gradle-wrapper.jar b/spring-security/c3-spring-security-custom-login-form/gradle/wrapper/gradle-wrapper.jar new file mode 100644 index 0000000..a4b76b9 Binary files /dev/null and b/spring-security/c3-spring-security-custom-login-form/gradle/wrapper/gradle-wrapper.jar differ diff --git a/spring-security/c3-spring-security-custom-login-form/gradle/wrapper/gradle-wrapper.properties b/spring-security/c3-spring-security-custom-login-form/gradle/wrapper/gradle-wrapper.properties new file mode 100644 index 0000000..e2847c8 --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/gradle/wrapper/gradle-wrapper.properties @@ -0,0 +1,7 @@ +distributionBase=GRADLE_USER_HOME +distributionPath=wrapper/dists +distributionUrl=https\://services.gradle.org/distributions/gradle-8.11.1-bin.zip +networkTimeout=10000 +validateDistributionUrl=true +zipStoreBase=GRADLE_USER_HOME +zipStorePath=wrapper/dists diff --git a/spring-security/c3-spring-security-custom-login-form/gradlew b/spring-security/c3-spring-security-custom-login-form/gradlew new file mode 100755 index 0000000..f5feea6 --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/gradlew @@ -0,0 +1,252 @@ +#!/bin/sh + +# +# Copyright © 2015-2021 the original authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# + +############################################################################## +# +# Gradle start up script for POSIX generated by Gradle. +# +# Important for running: +# +# (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is +# noncompliant, but you have some other compliant shell such as ksh or +# bash, then to run this script, type that shell name before the whole +# command line, like: +# +# ksh Gradle +# +# Busybox and similar reduced shells will NOT work, because this script +# requires all of these POSIX shell features: +# * functions; +# * expansions «$var», «${var}», «${var:-default}», «${var+SET}», +# «${var#prefix}», «${var%suffix}», and «$( cmd )»; +# * compound commands having a testable exit status, especially «case»; +# * various built-in commands including «command», «set», and «ulimit». +# +# Important for patching: +# +# (2) This script targets any POSIX shell, so it avoids extensions provided +# by Bash, Ksh, etc; in particular arrays are avoided. +# +# The "traditional" practice of packing multiple parameters into a +# space-separated string is a well documented source of bugs and security +# problems, so this is (mostly) avoided, by progressively accumulating +# options in "$@", and eventually passing that to Java. +# +# Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS, +# and GRADLE_OPTS) rely on word-splitting, this is performed explicitly; +# see the in-line comments for details. +# +# There are tweaks for specific operating systems such as AIX, CygWin, +# Darwin, MinGW, and NonStop. +# +# (3) This script is generated from the Groovy template +# https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt +# within the Gradle project. +# +# You can find Gradle at https://github.com/gradle/gradle/. +# +############################################################################## + +# Attempt to set APP_HOME + +# Resolve links: $0 may be a link +app_path=$0 + +# Need this for daisy-chained symlinks. +while + APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path + [ -h "$app_path" ] +do + ls=$( ls -ld "$app_path" ) + link=${ls#*' -> '} + case $link in #( + /*) app_path=$link ;; #( + *) app_path=$APP_HOME$link ;; + esac +done + +# This is normally unused +# shellcheck disable=SC2034 +APP_BASE_NAME=${0##*/} +# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036) +APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s +' "$PWD" ) || exit + +# Use the maximum available, or set MAX_FD != -1 to use that value. +MAX_FD=maximum + +warn () { + echo "$*" +} >&2 + +die () { + echo + echo "$*" + echo + exit 1 +} >&2 + +# OS specific support (must be 'true' or 'false'). +cygwin=false +msys=false +darwin=false +nonstop=false +case "$( uname )" in #( + CYGWIN* ) cygwin=true ;; #( + Darwin* ) darwin=true ;; #( + MSYS* | MINGW* ) msys=true ;; #( + NONSTOP* ) nonstop=true ;; +esac + +CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + + +# Determine the Java command to use to start the JVM. +if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD=$JAVA_HOME/jre/sh/java + else + JAVACMD=$JAVA_HOME/bin/java + fi + if [ ! -x "$JAVACMD" ] ; then + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +else + JAVACMD=java + if ! command -v java >/dev/null 2>&1 + then + die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +fi + +# Increase the maximum file descriptors if we can. +if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then + case $MAX_FD in #( + max*) + # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked. + # shellcheck disable=SC2039,SC3045 + MAX_FD=$( ulimit -H -n ) || + warn "Could not query maximum file descriptor limit" + esac + case $MAX_FD in #( + '' | soft) :;; #( + *) + # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked. + # shellcheck disable=SC2039,SC3045 + ulimit -n "$MAX_FD" || + warn "Could not set maximum file descriptor limit to $MAX_FD" + esac +fi + +# Collect all arguments for the java command, stacking in reverse order: +# * args from the command line +# * the main class name +# * -classpath +# * -D...appname settings +# * --module-path (only if needed) +# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables. + +# For Cygwin or MSYS, switch paths to Windows format before running java +if "$cygwin" || "$msys" ; then + APP_HOME=$( cygpath --path --mixed "$APP_HOME" ) + CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" ) + + JAVACMD=$( cygpath --unix "$JAVACMD" ) + + # Now convert the arguments - kludge to limit ourselves to /bin/sh + for arg do + if + case $arg in #( + -*) false ;; # don't mess with options #( + /?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath + [ -e "$t" ] ;; #( + *) false ;; + esac + then + arg=$( cygpath --path --ignore --mixed "$arg" ) + fi + # Roll the args list around exactly as many times as the number of + # args, so each arg winds up back in the position where it started, but + # possibly modified. + # + # NB: a `for` loop captures its iteration list before it begins, so + # changing the positional parameters here affects neither the number of + # iterations, nor the values presented in `arg`. + shift # remove old arg + set -- "$@" "$arg" # push replacement arg + done +fi + + +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' + +# Collect all arguments for the java command: +# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments, +# and any embedded shellness will be escaped. +# * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be +# treated as '${Hostname}' itself on the command line. + +set -- \ + "-Dorg.gradle.appname=$APP_BASE_NAME" \ + -classpath "$CLASSPATH" \ + org.gradle.wrapper.GradleWrapperMain \ + "$@" + +# Stop when "xargs" is not available. +if ! command -v xargs >/dev/null 2>&1 +then + die "xargs is not available" +fi + +# Use "xargs" to parse quoted args. +# +# With -n1 it outputs one arg per line, with the quotes and backslashes removed. +# +# In Bash we could simply go: +# +# readarray ARGS < <( xargs -n1 <<<"$var" ) && +# set -- "${ARGS[@]}" "$@" +# +# but POSIX shell has neither arrays nor command substitution, so instead we +# post-process each arg (as a line of input to sed) to backslash-escape any +# character that might be a shell metacharacter, then use eval to reverse +# that process (while maintaining the separation between arguments), and wrap +# the whole thing up as a single "set" statement. +# +# This will of course break if any of these variables contains a newline or +# an unmatched quote. +# + +eval "set -- $( + printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" | + xargs -n1 | + sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' | + tr '\n' ' ' + )" '"$@"' + +exec "$JAVACMD" "$@" diff --git a/spring-security/c3-spring-security-custom-login-form/gradlew.bat b/spring-security/c3-spring-security-custom-login-form/gradlew.bat new file mode 100644 index 0000000..9d21a21 --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/gradlew.bat @@ -0,0 +1,94 @@ +@rem +@rem Copyright 2015 the original author or authors. +@rem +@rem Licensed under the Apache License, Version 2.0 (the "License"); +@rem you may not use this file except in compliance with the License. +@rem You may obtain a copy of the License at +@rem +@rem https://www.apache.org/licenses/LICENSE-2.0 +@rem +@rem Unless required by applicable law or agreed to in writing, software +@rem distributed under the License is distributed on an "AS IS" BASIS, +@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +@rem See the License for the specific language governing permissions and +@rem limitations under the License. +@rem +@rem SPDX-License-Identifier: Apache-2.0 +@rem + +@if "%DEBUG%"=="" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%"=="" set DIRNAME=. +@rem This is normally unused +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Resolve any "." and ".." in APP_HOME to make it shorter. +for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if %ERRORLEVEL% equ 0 goto execute + +echo. 1>&2 +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2 +echo. 1>&2 +echo Please set the JAVA_HOME variable in your environment to match the 1>&2 +echo location of your Java installation. 1>&2 + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto execute + +echo. 1>&2 +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2 +echo. 1>&2 +echo Please set the JAVA_HOME variable in your environment to match the 1>&2 +echo location of your Java installation. 1>&2 + +goto fail + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %* + +:end +@rem End local scope for the variables with windows NT shell +if %ERRORLEVEL% equ 0 goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +set EXIT_CODE=%ERRORLEVEL% +if %EXIT_CODE% equ 0 set EXIT_CODE=1 +if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE% +exit /b %EXIT_CODE% + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/spring-security/c3-spring-security-custom-login-form/readme.md b/spring-security/c3-spring-security-custom-login-form/readme.md new file mode 100644 index 0000000..58ae77f --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/readme.md @@ -0,0 +1,7 @@ +# Spring Security Demo + +- Custom login form +- Custom registration form +- Logout +- Using JdbcUserDetailsManager +- Using Argon2PasswordEncoder \ No newline at end of file diff --git a/spring-security/c3-spring-security-custom-login-form/settings.gradle b/spring-security/c3-spring-security-custom-login-form/settings.gradle new file mode 100644 index 0000000..26e4420 --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/settings.gradle @@ -0,0 +1 @@ +rootProject.name = 'spring-security-custom-login-form' diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/SpringSecurityApplication.java b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/SpringSecurityApplication.java new file mode 100644 index 0000000..b9b7672 --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/SpringSecurityApplication.java @@ -0,0 +1,12 @@ +package com.stacktips.security; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; + +@SpringBootApplication +public class SpringSecurityApplication { + + public static void main(String[] args) { + SpringApplication.run(SpringSecurityApplication.class, args); + } +} diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/config/CookieClearingLogoutHandler.java b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/config/CookieClearingLogoutHandler.java new file mode 100644 index 0000000..3664a76 --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/config/CookieClearingLogoutHandler.java @@ -0,0 +1,17 @@ +package com.stacktips.security.config; + +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.core.Authentication; +import org.springframework.security.web.authentication.logout.LogoutHandler; + +@Slf4j +public class CookieClearingLogoutHandler implements LogoutHandler { + + @Override + public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) { + log.debug("User logged out: {}", (authentication != null ? authentication.getName() : "anonymous")); + + } +} diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/config/SecurityConfig.java b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/config/SecurityConfig.java new file mode 100644 index 0000000..ff8901e --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/config/SecurityConfig.java @@ -0,0 +1,52 @@ +package com.stacktips.security.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.crypto.argon2.Argon2PasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.provisioning.JdbcUserDetailsManager; +import org.springframework.security.provisioning.UserDetailsManager; +import org.springframework.security.web.SecurityFilterChain; + +import javax.sql.DataSource; + +@Configuration +@EnableWebSecurity +public class SecurityConfig { + + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + http.authorizeHttpRequests(auth -> auth + // Allow access to login page and static resources + .requestMatchers("/login", "/signup", "/css/**", "/js/**").permitAll() + + // public endpoints + .requestMatchers("/").permitAll() + + // Require authentication for all requests + .anyRequest().authenticated() + ).formLogin(formLogin -> + formLogin.defaultSuccessUrl("/dashboard", true) + .loginPage("/login") + + ).logout(logout -> logout.logoutSuccessUrl("/") + .permitAll() + .addLogoutHandler(new CookieClearingLogoutHandler()) + ); + + return http.build(); + } + + @Bean + public PasswordEncoder passwordEncoder() { + return Argon2PasswordEncoder.defaultsForSpringSecurity_v5_8(); + } + + @Bean + public UserDetailsManager users(DataSource dataSource) { + return new JdbcUserDetailsManager(dataSource); + } + +} \ No newline at end of file diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/controller/AuthController.java b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/controller/AuthController.java new file mode 100644 index 0000000..23d299e --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/controller/AuthController.java @@ -0,0 +1,41 @@ +package com.stacktips.security.controller; + +import com.stacktips.security.dto.UserDto; +import com.stacktips.security.service.UserService; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.context.request.WebRequest; + +@Controller +@RequiredArgsConstructor +public class AuthController { + + private final UserService userService; + + @GetMapping("/login") + public String login() { + return "login"; + } + + @GetMapping("/signup") + public String showRegistrationForm(WebRequest request, Model model) { + UserDto userDto = new UserDto(); + model.addAttribute("user", userDto); + return "signup"; + } + + @PostMapping("/signup") + public String registerUserAccount(UserDto userDto, Model model) { + try { + userService.save(userDto); + } catch (IllegalArgumentException e) { + model.addAttribute("errorMessage", e.getMessage()); + model.addAttribute("user", userDto); + return "signup"; + } + return "redirect:/login"; + } +} \ No newline at end of file diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/controller/HomeController.java b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/controller/HomeController.java new file mode 100644 index 0000000..615b198 --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/controller/HomeController.java @@ -0,0 +1,30 @@ +package com.stacktips.security.controller; + +import com.stacktips.security.model.User; +import com.stacktips.security.service.UserService; +import lombok.RequiredArgsConstructor; +import org.springframework.security.core.Authentication; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.GetMapping; + +@Controller +@RequiredArgsConstructor +public class HomeController { + + private final UserService userService; + + @GetMapping("/") + public String publicEndpoint() { + return "home"; + } + + @GetMapping("/dashboard") + public String dashboard(Model model, Authentication authentication) { + String username = authentication.getName(); + User user = userService.findByUsername(username); + model.addAttribute("firstName", user.getFirstName()); + model.addAttribute("lastName", user.getLastName()); + return "dashboard"; + } +} \ No newline at end of file diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/dto/UserDto.java b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/dto/UserDto.java new file mode 100644 index 0000000..0bc81bb --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/dto/UserDto.java @@ -0,0 +1,31 @@ +package com.stacktips.security.dto; + +import jakarta.validation.constraints.NotEmpty; +import jakarta.validation.constraints.NotNull; +import lombok.AllArgsConstructor; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; + +@Getter +@Setter +@NoArgsConstructor +@AllArgsConstructor +public class UserDto { + @NotNull + @NotEmpty + private String firstName; + + @NotNull + @NotEmpty + private String lastName; + + @NotNull + @NotEmpty + private String password; + private String confirmPassword; + + @NotNull + @NotEmpty + private String username; +} diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/model/Authority.java b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/model/Authority.java new file mode 100644 index 0000000..df87f7b --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/model/Authority.java @@ -0,0 +1,20 @@ +package com.stacktips.security.model; + +import jakarta.persistence.Entity; +import jakarta.persistence.Id; +import lombok.AllArgsConstructor; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; + +@Getter +@Setter +@AllArgsConstructor +@NoArgsConstructor +@Entity(name = "authorities") +public class Authority { + + @Id + private String username; + private String authority; +} \ No newline at end of file diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/model/User.java b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/model/User.java new file mode 100644 index 0000000..5fc69d2 --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/model/User.java @@ -0,0 +1,28 @@ +package com.stacktips.security.model; + + +import jakarta.persistence.Entity; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import lombok.AllArgsConstructor; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; + +@Getter +@Setter +@AllArgsConstructor +@NoArgsConstructor +@Entity(name = "users") +public class User { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private Long id; + private String username; + private String password; + private String firstName; + private String lastName; + private boolean enabled; +} \ No newline at end of file diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/repository/AuthorityRepository.java b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/repository/AuthorityRepository.java new file mode 100644 index 0000000..c7b7957 --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/repository/AuthorityRepository.java @@ -0,0 +1,7 @@ +package com.stacktips.security.repository; + +import com.stacktips.security.model.Authority; +import org.springframework.data.jpa.repository.JpaRepository; + +public interface AuthorityRepository extends JpaRepository { +} \ No newline at end of file diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/repository/UserRepository.java b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/repository/UserRepository.java new file mode 100644 index 0000000..b535a43 --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/repository/UserRepository.java @@ -0,0 +1,13 @@ +package com.stacktips.security.repository; + +import com.stacktips.security.model.User; +import jakarta.validation.constraints.NotEmpty; +import jakarta.validation.constraints.NotNull; +import org.springframework.data.jpa.repository.JpaRepository; + +import java.util.Optional; + +public interface UserRepository extends JpaRepository { + + Optional findByUsername(@NotNull @NotEmpty String username); +} \ No newline at end of file diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/service/UserService.java b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/service/UserService.java new file mode 100644 index 0000000..b5b4ca8 --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/java/com/stacktips/security/service/UserService.java @@ -0,0 +1,43 @@ +package com.stacktips.security.service; + +import com.stacktips.security.dto.UserDto; +import com.stacktips.security.model.Authority; +import com.stacktips.security.model.User; +import com.stacktips.security.repository.AuthorityRepository; +import com.stacktips.security.repository.UserRepository; +import lombok.RequiredArgsConstructor; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.stereotype.Service; + +@Service +@RequiredArgsConstructor +public class UserService { + + private final UserRepository userRepository; + private final AuthorityRepository authorityRepository; + private final PasswordEncoder passwordEncoder; + + public void save(UserDto userDto) { + if (userRepository.findByUsername(userDto.getUsername()).isPresent()) { + throw new IllegalArgumentException("Username already exists"); + } + User user = new User(); + user.setUsername(userDto.getUsername()); + user.setPassword(passwordEncoder.encode(userDto.getPassword())); + user.setFirstName(userDto.getFirstName()); + user.setLastName(userDto.getLastName()); + user.setEnabled(true); + userRepository.save(user); + + Authority authority = new Authority(); + authority.setUsername(user.getUsername()); + authority.setAuthority("ROLE_USER"); + authorityRepository.save(authority); + + } + + public User findByUsername(String username) { + return userRepository.findByUsername(username) + .orElseThrow(() -> new IllegalArgumentException("User not found")); + } +} \ No newline at end of file diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/resources/application.properties b/spring-security/c3-spring-security-custom-login-form/src/main/resources/application.properties new file mode 100644 index 0000000..b9a8c4a --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/resources/application.properties @@ -0,0 +1,13 @@ +spring.application.name=spring-sercurity-login + + +spring.datasource.url=jdbc:mysql://localhost:3306/spring_security_login +spring.datasource.username=root +spring.datasource.password=Passw0rd +spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver + +spring.jpa.show-sql=true +spring.flyway.enabled=true + + +logging.level.org.springframework.security=DEBUG diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/resources/db/migration/V1__create_user_tables.sql b/spring-security/c3-spring-security-custom-login-form/src/main/resources/db/migration/V1__create_user_tables.sql new file mode 100644 index 0000000..af47d3f --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/resources/db/migration/V1__create_user_tables.sql @@ -0,0 +1,15 @@ +CREATE TABLE users +( + id BIGINT AUTO_INCREMENT PRIMARY KEY, + first_name VARCHAR(100) NOT NULL, + last_name VARCHAR(100) NOT NULL, + username VARCHAR(50) NOT NULL UNIQUE, + password VARCHAR(100) NOT NULL, + enabled BOOLEAN NOT NULL +); +CREATE TABLE authorities +( + username VARCHAR(50) NOT NULL, + authority VARCHAR(50) NOT NULL, + FOREIGN KEY (username) REFERENCES USERS (username) +); \ No newline at end of file diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/resources/static/css/style.css b/spring-security/c3-spring-security-custom-login-form/src/main/resources/static/css/style.css new file mode 100644 index 0000000..e69de29 diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/resources/templates/dashboard.html b/spring-security/c3-spring-security-custom-login-form/src/main/resources/templates/dashboard.html new file mode 100644 index 0000000..4ad8b42 --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/resources/templates/dashboard.html @@ -0,0 +1,15 @@ + + + + Login + + + +

Welcome, !

+ +
+ + +
+ + \ No newline at end of file diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/resources/templates/home.html b/spring-security/c3-spring-security-custom-login-form/src/main/resources/templates/home.html new file mode 100644 index 0000000..42b5170 --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/resources/templates/home.html @@ -0,0 +1,12 @@ + + + + Login + + + +

Hello,

+

Welcome to Spring security demo!

+Dashboard + + \ No newline at end of file diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/resources/templates/login.html b/spring-security/c3-spring-security-custom-login-form/src/main/resources/templates/login.html new file mode 100644 index 0000000..ccec2ec --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/resources/templates/login.html @@ -0,0 +1,55 @@ + + + + Login + + + + + + +
+
+ Your Company +

Sign in to your account

+
+
+
+
+ +
+ +
+
+ +
+
+ +
+
+ +
+
+ +
+

Invalid username or password.

+
+ +
+ +
+
+ +
+ New user? Register +
+
+
+ + \ No newline at end of file diff --git a/spring-security/c3-spring-security-custom-login-form/src/main/resources/templates/signup.html b/spring-security/c3-spring-security-custom-login-form/src/main/resources/templates/signup.html new file mode 100644 index 0000000..ed60a2e --- /dev/null +++ b/spring-security/c3-spring-security-custom-login-form/src/main/resources/templates/signup.html @@ -0,0 +1,88 @@ + + + + Login + + + + + +
+
+ Your Company +

Register

+
+ +
+
+
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+
+ +
+
+ +
+
+ +
+
+ +
+
+ +
+
+
+

+
+ +
+ +
+
+ +
+ Already have an account? Login +
+ +
+ +
+ + \ No newline at end of file diff --git a/spring-security/spring-security-jwt/.gitignore b/spring-security/spring-security-jwt/.gitignore new file mode 100644 index 0000000..c2065bc --- /dev/null +++ b/spring-security/spring-security-jwt/.gitignore @@ -0,0 +1,37 @@ +HELP.md +.gradle +build/ +!gradle/wrapper/gradle-wrapper.jar +!**/src/main/**/build/ +!**/src/test/**/build/ + +### STS ### +.apt_generated +.classpath +.factorypath +.project +.settings +.springBeans +.sts4-cache +bin/ +!**/src/main/**/bin/ +!**/src/test/**/bin/ + +### IntelliJ IDEA ### +.idea +*.iws +*.iml +*.ipr +out/ +!**/src/main/**/out/ +!**/src/test/**/out/ + +### NetBeans ### +/nbproject/private/ +/nbbuild/ +/dist/ +/nbdist/ +/.nb-gradle/ + +### VS Code ### +.vscode/ diff --git a/spring-security-jwt/build.gradle b/spring-security/spring-security-jwt/build.gradle similarity index 100% rename from spring-security-jwt/build.gradle rename to spring-security/spring-security-jwt/build.gradle diff --git a/spring-security-jwt/gradle/wrapper/gradle-wrapper.jar b/spring-security/spring-security-jwt/gradle/wrapper/gradle-wrapper.jar similarity index 100% rename from spring-security-jwt/gradle/wrapper/gradle-wrapper.jar rename to spring-security/spring-security-jwt/gradle/wrapper/gradle-wrapper.jar diff --git a/spring-security-jwt/gradle/wrapper/gradle-wrapper.properties b/spring-security/spring-security-jwt/gradle/wrapper/gradle-wrapper.properties similarity index 100% rename from spring-security-jwt/gradle/wrapper/gradle-wrapper.properties rename to spring-security/spring-security-jwt/gradle/wrapper/gradle-wrapper.properties diff --git a/spring-security-jwt/gradlew b/spring-security/spring-security-jwt/gradlew similarity index 100% rename from spring-security-jwt/gradlew rename to spring-security/spring-security-jwt/gradlew diff --git a/spring-security-jwt/gradlew.bat b/spring-security/spring-security-jwt/gradlew.bat similarity index 100% rename from spring-security-jwt/gradlew.bat rename to spring-security/spring-security-jwt/gradlew.bat diff --git a/spring-security-jwt/settings.gradle b/spring-security/spring-security-jwt/settings.gradle similarity index 100% rename from spring-security-jwt/settings.gradle rename to spring-security/spring-security-jwt/settings.gradle diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/SpringSecurityApplication.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/SpringSecurityApplication.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/SpringSecurityApplication.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/SpringSecurityApplication.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/controller/GlobalExceptionHandler.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/controller/GlobalExceptionHandler.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/controller/GlobalExceptionHandler.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/controller/GlobalExceptionHandler.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/controller/LoginController.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/controller/LoginController.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/controller/LoginController.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/controller/LoginController.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/controller/RegisterUserController.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/controller/RegisterUserController.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/controller/RegisterUserController.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/controller/RegisterUserController.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/controller/UserController.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/controller/UserController.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/controller/UserController.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/controller/UserController.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/dto/ApiError.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/dto/ApiError.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/dto/ApiError.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/dto/ApiError.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/dto/LoginRequest.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/dto/LoginRequest.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/dto/LoginRequest.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/dto/LoginRequest.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/dto/RegisterRequest.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/dto/RegisterRequest.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/dto/RegisterRequest.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/dto/RegisterRequest.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/dto/RegisterResponse.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/dto/RegisterResponse.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/dto/RegisterResponse.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/dto/RegisterResponse.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/dto/TokenResponse.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/dto/TokenResponse.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/dto/TokenResponse.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/dto/TokenResponse.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/dto/UserResponse.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/dto/UserResponse.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/dto/UserResponse.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/dto/UserResponse.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/entities/User.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/entities/User.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/entities/User.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/entities/User.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/entities/UserPrivilege.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/entities/UserPrivilege.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/entities/UserPrivilege.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/entities/UserPrivilege.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/exception/AuthException.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/exception/AuthException.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/exception/AuthException.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/exception/AuthException.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/exception/DuplicateUserException.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/exception/DuplicateUserException.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/exception/DuplicateUserException.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/exception/DuplicateUserException.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/exception/UserNotFoundException.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/exception/UserNotFoundException.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/exception/UserNotFoundException.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/exception/UserNotFoundException.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/repositories/UserRepository.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/repositories/UserRepository.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/repositories/UserRepository.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/repositories/UserRepository.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/security/JwtRequestFilter.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/security/JwtRequestFilter.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/security/JwtRequestFilter.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/security/JwtRequestFilter.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/security/SecurityConfig.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/security/SecurityConfig.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/security/SecurityConfig.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/security/SecurityConfig.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/security/UserDetails.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/security/UserDetails.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/security/UserDetails.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/security/UserDetails.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/services/JwtTokenProvider.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/services/JwtTokenProvider.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/services/JwtTokenProvider.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/services/JwtTokenProvider.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/services/LoginService.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/services/LoginService.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/services/LoginService.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/services/LoginService.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/services/RegistrationService.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/services/RegistrationService.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/services/RegistrationService.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/services/RegistrationService.java diff --git a/spring-security-jwt/src/main/java/com/stacktips/app/services/UserDetailsServiceImpl.java b/spring-security/spring-security-jwt/src/main/java/com/stacktips/app/services/UserDetailsServiceImpl.java similarity index 100% rename from spring-security-jwt/src/main/java/com/stacktips/app/services/UserDetailsServiceImpl.java rename to spring-security/spring-security-jwt/src/main/java/com/stacktips/app/services/UserDetailsServiceImpl.java diff --git a/spring-security-jwt/src/main/resources/application.properties b/spring-security/spring-security-jwt/src/main/resources/application.properties similarity index 100% rename from spring-security-jwt/src/main/resources/application.properties rename to spring-security/spring-security-jwt/src/main/resources/application.properties diff --git a/spring-security-jwt/src/test/java/com/stacktips/app/SpringSecurityApplicationTests.java b/spring-security/spring-security-jwt/src/test/java/com/stacktips/app/SpringSecurityApplicationTests.java similarity index 100% rename from spring-security-jwt/src/test/java/com/stacktips/app/SpringSecurityApplicationTests.java rename to spring-security/spring-security-jwt/src/test/java/com/stacktips/app/SpringSecurityApplicationTests.java