update security module
This commit is contained in:
@@ -0,0 +1,12 @@
|
||||
package sydney.cheng.microservice.commons.exceptions.feign;
|
||||
|
||||
import lombok.Builder;
|
||||
import lombok.Getter;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
@Builder
|
||||
@Getter
|
||||
public class FeignBadRequestException extends RuntimeException {
|
||||
private Map<String, String> errors;
|
||||
}
|
||||
@@ -0,0 +1,18 @@
|
||||
package sydney.cheng.microservice.commons.exceptions.feign;
|
||||
|
||||
import lombok.Builder;
|
||||
import lombok.Getter;
|
||||
import org.springframework.http.HttpStatus;
|
||||
|
||||
@Builder
|
||||
@Getter
|
||||
public class FeignErrorException extends RuntimeException {
|
||||
private final String message;
|
||||
private final HttpStatus httpStatus;
|
||||
|
||||
public FeignErrorException(String message, HttpStatus httpStatus) {
|
||||
super(message);
|
||||
this.message = message;
|
||||
this.httpStatus = httpStatus;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,22 @@
|
||||
package sydney.cheng.microservice.commons.exceptions.handlers;
|
||||
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.ExceptionHandler;
|
||||
import org.springframework.web.bind.annotation.RestControllerAdvice;
|
||||
import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
|
||||
import sydney.cheng.microservice.commons.exceptions.auth.WrongCredentialsException;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
@RestControllerAdvice
|
||||
public class AuthExceptionHandler extends ResponseEntityExceptionHandler {
|
||||
|
||||
@ExceptionHandler(WrongCredentialsException.class)
|
||||
public ResponseEntity<?> usernameOrPasswordInvalidException(WrongCredentialsException exception) {
|
||||
Map<String, String> errors = new HashMap<>();
|
||||
errors.put("error", exception.getMessage());
|
||||
return new ResponseEntity<>(errors, HttpStatus.UNAUTHORIZED);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,26 @@
|
||||
package sydney.cheng.microservice.commons.exceptions.handlers;
|
||||
|
||||
import sydney.cheng.microservice.commons.exceptions.feign.*;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.ExceptionHandler;
|
||||
import org.springframework.web.bind.annotation.RestControllerAdvice;
|
||||
import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
@RestControllerAdvice
|
||||
public class FeignExceptionHandler extends ResponseEntityExceptionHandler {
|
||||
|
||||
@ExceptionHandler(FeignErrorException.class)
|
||||
public ResponseEntity<?> genericError(FeignErrorException exception) {
|
||||
Map<String, String> errors = new HashMap<>();
|
||||
errors.put("error", exception.getMessage());
|
||||
return new ResponseEntity<>(errors, exception.getHttpStatus());
|
||||
}
|
||||
|
||||
@ExceptionHandler(FeignBadRequestException.class)
|
||||
public ResponseEntity<?> validationException(FeignBadRequestException exception) {
|
||||
return ResponseEntity.badRequest().body(exception.getErrors());
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,21 @@
|
||||
package sydney.cheng.microservice.commons.exceptions.handlers;
|
||||
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.ExceptionHandler;
|
||||
import org.springframework.web.bind.annotation.RestControllerAdvice;
|
||||
import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
@RestControllerAdvice
|
||||
public class GenericExceptionHandler extends ResponseEntityExceptionHandler {
|
||||
|
||||
@ExceptionHandler(Exception.class)
|
||||
public final ResponseEntity<?> handleAllException(Exception ex) {
|
||||
Map<String, String> errors = new HashMap<>();
|
||||
errors.put("error", ex.getMessage());
|
||||
return new ResponseEntity<>(errors, HttpStatus.BAD_REQUEST);
|
||||
}
|
||||
}
|
||||
3
pom.xml
3
pom.xml
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>sydney.cheng</groupId>
|
||||
<artifactId>ec-super-pom</artifactId>
|
||||
<version>1.0.4</version>
|
||||
<version>1.0.5</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>ec-microservice-commons</artifactId>
|
||||
@@ -44,6 +44,7 @@
|
||||
<module>configuration</module>
|
||||
<module>database</module>
|
||||
<module>exception</module>
|
||||
<module>security</module>
|
||||
</modules>
|
||||
|
||||
<properties>
|
||||
|
||||
44
security/pom.xml
Normal file
44
security/pom.xml
Normal file
@@ -0,0 +1,44 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<parent>
|
||||
<groupId>sydney.cheng</groupId>
|
||||
<artifactId>ec-microservice-commons</artifactId>
|
||||
<version>1.0.1-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>ec-microservice-commons-security</artifactId>
|
||||
|
||||
<properties>
|
||||
<maven.compiler.source>17</maven.compiler.source>
|
||||
<maven.compiler.target>17</maven.compiler.target>
|
||||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>sydney.cheng</groupId>
|
||||
<artifactId>ec-microservice-commons-configuration</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>sydney.cheng</groupId>
|
||||
<artifactId>ec-microservice-commons-exceptions</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-security</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.cloud</groupId>
|
||||
<artifactId>spring-cloud-starter-openfeign</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
<artifactId>jackson-databind</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
@@ -0,0 +1,14 @@
|
||||
package sydney.cheng.microservice.commons.security.config;
|
||||
|
||||
import feign.codec.ErrorDecoder;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import sydney.cheng.microservice.commons.security.utils.FeignErrorDecoder;
|
||||
|
||||
@Configuration
|
||||
public class FeignConfig {
|
||||
@Bean
|
||||
public ErrorDecoder errorDecoder() {
|
||||
return new FeignErrorDecoder();
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,60 @@
|
||||
package sydney.cheng.microservice.commons.security.config;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.config.Customizer;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.web.access.AccessDeniedHandlerImpl;
|
||||
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
|
||||
import org.springframework.web.cors.CorsConfiguration;
|
||||
import org.springframework.web.cors.CorsConfigurationSource;
|
||||
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
||||
import sydney.cheng.microservice.commons.configuration.properties.auth.CorsProperties;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
@AllArgsConstructor
|
||||
public class SecurityConfig {
|
||||
private final CorsProperties corsProperties;
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
return http
|
||||
.formLogin(AbstractHttpConfigurer::disable)
|
||||
.cors(cors -> cors.configurationSource(corsConfigurationSource()))
|
||||
.csrf(csrf -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()))
|
||||
.authorizeHttpRequests(authorize ->
|
||||
authorize
|
||||
.requestMatchers(HttpMethod.OPTIONS, "*").permitAll()
|
||||
.requestMatchers("/actuator/**",
|
||||
"/swagger-ui/**", "/swagger-resources/**", "/api-docs/**",
|
||||
"/config/**"
|
||||
).permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.exceptionHandling(exceptionHandling -> exceptionHandling.accessDeniedHandler(new AccessDeniedHandlerImpl()))
|
||||
.sessionManagement(sess -> sess.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
||||
.httpBasic(Customizer.withDefaults())
|
||||
|
||||
.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public CorsConfigurationSource corsConfigurationSource() {
|
||||
CorsConfiguration corsConfiguration = new CorsConfiguration();
|
||||
corsConfiguration.setAllowCredentials(corsProperties.isAllowCredentials());
|
||||
corsConfiguration.setAllowedOrigins(corsProperties.getAllowedUrlList());
|
||||
corsConfiguration.setAllowedHeaders(corsProperties.getAllowedHeaders());
|
||||
corsConfiguration.setAllowedMethods(corsProperties.getAllowedMethods());
|
||||
corsConfiguration.setMaxAge(corsProperties.getAllowedMaxAge());
|
||||
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
|
||||
source.registerCorsConfiguration("/**", corsConfiguration);
|
||||
return source;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,41 @@
|
||||
package sydney.cheng.microservice.commons.security.utils;
|
||||
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import feign.Response;
|
||||
import feign.codec.ErrorDecoder;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import sydney.cheng.microservice.commons.exceptions.feign.FeignBadRequestException;
|
||||
import sydney.cheng.microservice.commons.exceptions.feign.FeignErrorException;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.Map;
|
||||
|
||||
public class FeignErrorDecoder implements ErrorDecoder {
|
||||
private final ObjectMapper mapper = new ObjectMapper();
|
||||
|
||||
@Override
|
||||
public Exception decode(String methodKey, Response response) {
|
||||
try (InputStream body = response.body().asInputStream()) {
|
||||
Map<String, String> errors =
|
||||
mapper.readValue(IOUtils.toString(body, StandardCharsets.UTF_8), Map.class);
|
||||
if (response.status() == 400) {
|
||||
return FeignBadRequestException.builder()
|
||||
.errors(errors).build();
|
||||
} else
|
||||
return FeignErrorException
|
||||
.builder()
|
||||
.httpStatus(HttpStatus.valueOf(response.status()))
|
||||
.message(errors.get("error"))
|
||||
.build();
|
||||
|
||||
} catch (IOException exception) {
|
||||
throw FeignErrorException.builder()
|
||||
.httpStatus(HttpStatus.valueOf(response.status()))
|
||||
.message(exception.getMessage())
|
||||
.build();
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user