K3S-Cluster/ec-microservice-commons
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update security module

Browse Source
This commit is contained in:
Edward Cheng
2024-09-10 17:21:09 +10:00
parent 41102b7453
commit cefddb61e1
10 changed files with 260 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
exception/src/main/java/sydney/cheng/microservice/commons/exceptions/feign/FeignBadRequestException.java Normal file
View File

@@ -0,0 +1,12 @@
package sydney.cheng.microservice.commons.exceptions.feign;
import lombok.Builder;
import lombok.Getter;
import java.util.Map;
@Builder
@Getter
public class FeignBadRequestException extends RuntimeException {
private Map<String, String> errors;
}

18
exception/src/main/java/sydney/cheng/microservice/commons/exceptions/feign/FeignErrorException.java Normal file
View File

@@ -0,0 +1,18 @@
package sydney.cheng.microservice.commons.exceptions.feign;
import lombok.Builder;
import lombok.Getter;
import org.springframework.http.HttpStatus;
@Builder
@Getter
public class FeignErrorException extends RuntimeException {
private final String message;
private final HttpStatus httpStatus;
public FeignErrorException(String message, HttpStatus httpStatus) {
super(message);
this.message = message;
this.httpStatus = httpStatus;
}
}

22
exception/src/main/java/sydney/cheng/microservice/commons/exceptions/handlers/AuthExceptionHandler.java Normal file
View File

@@ -0,0 +1,22 @@
package sydney.cheng.microservice.commons.exceptions.handlers;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
import sydney.cheng.microservice.commons.exceptions.auth.WrongCredentialsException;
import java.util.HashMap;
import java.util.Map;
@RestControllerAdvice
public class AuthExceptionHandler extends ResponseEntityExceptionHandler {
@ExceptionHandler(WrongCredentialsException.class)
public ResponseEntity<?> usernameOrPasswordInvalidException(WrongCredentialsException exception) {
Map<String, String> errors = new HashMap<>();
errors.put("error", exception.getMessage());
return new ResponseEntity<>(errors, HttpStatus.UNAUTHORIZED);
}
}

26
exception/src/main/java/sydney/cheng/microservice/commons/exceptions/handlers/FeignExceptionHandler.java Normal file
View File

@@ -0,0 +1,26 @@
package sydney.cheng.microservice.commons.exceptions.handlers;
import sydney.cheng.microservice.commons.exceptions.feign.*;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
import java.util.HashMap;
import java.util.Map;
@RestControllerAdvice
public class FeignExceptionHandler extends ResponseEntityExceptionHandler {
@ExceptionHandler(FeignErrorException.class)
public ResponseEntity<?> genericError(FeignErrorException exception) {
Map<String, String> errors = new HashMap<>();
errors.put("error", exception.getMessage());
return new ResponseEntity<>(errors, exception.getHttpStatus());
}
@ExceptionHandler(FeignBadRequestException.class)
public ResponseEntity<?> validationException(FeignBadRequestException exception) {
return ResponseEntity.badRequest().body(exception.getErrors());
}
}

21
exception/src/main/java/sydney/cheng/microservice/commons/exceptions/handlers/GenericExceptionHandler.java Normal file
View File

@@ -0,0 +1,21 @@
package sydney.cheng.microservice.commons.exceptions.handlers;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
import java.util.HashMap;
import java.util.Map;
@RestControllerAdvice
public class GenericExceptionHandler extends ResponseEntityExceptionHandler {
@ExceptionHandler(Exception.class)
public final ResponseEntity<?> handleAllException(Exception ex) {
Map<String, String> errors = new HashMap<>();
errors.put("error", ex.getMessage());
return new ResponseEntity<>(errors, HttpStatus.BAD_REQUEST);
}
}

3
pom.xml
View File

@@ -7,7 +7,7 @@
<parent> <parent>
<groupId>sydney.cheng</groupId> <groupId>sydney.cheng</groupId>
<artifactId>ec-super-pom</artifactId> <artifactId>ec-super-pom</artifactId>
<version>1.0.4</version> <version>1.0.5</version>
</parent> </parent>
<artifactId>ec-microservice-commons</artifactId> <artifactId>ec-microservice-commons</artifactId>
@@ -44,6 +44,7 @@
<module>configuration</module> <module>configuration</module>
<module>database</module> <module>database</module>
<module>exception</module> <module>exception</module>
<module>security</module>
</modules> </modules>
<properties> <properties>

44
security/pom.xml Normal file
View File

@@ -0,0 +1,44 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>sydney.cheng</groupId>
<artifactId>ec-microservice-commons</artifactId>
<version>1.0.1-SNAPSHOT</version>
</parent>
<artifactId>ec-microservice-commons-security</artifactId>
<properties>
<maven.compiler.source>17</maven.compiler.source>
<maven.compiler.target>17</maven.compiler.target>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<dependencies>
<dependency>
<groupId>sydney.cheng</groupId>
<artifactId>ec-microservice-commons-configuration</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>sydney.cheng</groupId>
<artifactId>ec-microservice-commons-exceptions</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-openfeign</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</dependency>
</dependencies>
</project>

14
security/src/main/java/sydney/cheng/microservice/commons/security/config/FeignConfig.java Normal file
View File

@@ -0,0 +1,14 @@
package sydney.cheng.microservice.commons.security.config;
import feign.codec.ErrorDecoder;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import sydney.cheng.microservice.commons.security.utils.FeignErrorDecoder;
@Configuration
public class FeignConfig {
@Bean
public ErrorDecoder errorDecoder() {
return new FeignErrorDecoder();
}
}

60
security/src/main/java/sydney/cheng/microservice/commons/security/config/SecurityConfig.java Normal file
View File

@@ -0,0 +1,60 @@
package sydney.cheng.microservice.commons.security.config;
import lombok.AllArgsConstructor;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.access.AccessDeniedHandlerImpl;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import sydney.cheng.microservice.commons.configuration.properties.auth.CorsProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.web.SecurityFilterChain;
@Configuration
@EnableWebSecurity
@AllArgsConstructor
public class SecurityConfig {
private final CorsProperties corsProperties;
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
return http
.formLogin(AbstractHttpConfigurer::disable)
.cors(cors -> cors.configurationSource(corsConfigurationSource()))
.csrf(csrf -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()))
.authorizeHttpRequests(authorize ->
authorize
.requestMatchers(HttpMethod.OPTIONS, "*").permitAll()
.requestMatchers("/actuator/**",
"/swagger-ui/**", "/swagger-resources/**", "/api-docs/**",
"/config/**"
).permitAll()
.anyRequest().authenticated()
)
.exceptionHandling(exceptionHandling -> exceptionHandling.accessDeniedHandler(new AccessDeniedHandlerImpl()))
.sessionManagement(sess -> sess.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.httpBasic(Customizer.withDefaults())
.build();
}
@Bean
public CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration corsConfiguration = new CorsConfiguration();
corsConfiguration.setAllowCredentials(corsProperties.isAllowCredentials());
corsConfiguration.setAllowedOrigins(corsProperties.getAllowedUrlList());
corsConfiguration.setAllowedHeaders(corsProperties.getAllowedHeaders());
corsConfiguration.setAllowedMethods(corsProperties.getAllowedMethods());
corsConfiguration.setMaxAge(corsProperties.getAllowedMaxAge());
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", corsConfiguration);
return source;
}
}

41
security/src/main/java/sydney/cheng/microservice/commons/security/utils/FeignErrorDecoder.java Normal file
View File

@@ -0,0 +1,41 @@
package sydney.cheng.microservice.commons.security.utils;
import com.fasterxml.jackson.databind.ObjectMapper;
import feign.Response;
import feign.codec.ErrorDecoder;
import org.apache.commons.io.IOUtils;
import org.springframework.http.HttpStatus;
import sydney.cheng.microservice.commons.exceptions.feign.FeignBadRequestException;
import sydney.cheng.microservice.commons.exceptions.feign.FeignErrorException;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.util.Map;
public class FeignErrorDecoder implements ErrorDecoder {
private final ObjectMapper mapper = new ObjectMapper();
@Override
public Exception decode(String methodKey, Response response) {
try (InputStream body = response.body().asInputStream()) {
Map<String, String> errors =
mapper.readValue(IOUtils.toString(body, StandardCharsets.UTF_8), Map.class);
if (response.status() == 400) {
return FeignBadRequestException.builder()
.errors(errors).build();
} else
return FeignErrorException
.builder()
.httpStatus(HttpStatus.valueOf(response.status()))
.message(errors.get("error"))
.build();
} catch (IOException exception) {
throw FeignErrorException.builder()
.httpStatus(HttpStatus.valueOf(response.status()))
.message(exception.getMessage())
.build();
}
}
}