Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package team.hub.project.config;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.core.annotation.Order;
- import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
- import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
- import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
- import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
- import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
- import org.springframework.security.crypto.password.PasswordEncoder;
- import org.springframework.security.data.repository.query.SecurityEvaluationContextExtension;
- import org.springframework.security.web.AuthenticationEntryPoint;
- import org.springframework.security.web.access.AccessDeniedHandler;
- import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
- import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
- import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
- import team.hub.project.security.CustomAdminDetailsService;
- import team.hub.project.security.CustomUserDetailsService;
- import team.hub.project.security.oauth2.CustomOauth2UserService;
- @Configuration
- @EnableWebSecurity
- @EnableGlobalMethodSecurity(
- prePostEnabled = true,
- securedEnabled = true,
- jsr250Enabled = true)
- public class SecurityConfig {
- @Bean
- public static PasswordEncoder passwordEncoder() {
- return new BCryptPasswordEncoder();
- }
- @Bean
- public SecurityEvaluationContextExtension securityEvaluationContextExtension() {
- return new SecurityEvaluationContextExtension();
- }
- @Configuration
- @Order(1)
- public static class AdminConfigurationAdapter extends WebSecurityConfigurerAdapter {
- @Autowired
- private AccessDeniedHandler customAccessDenied;
- @Autowired
- private AuthenticationEntryPoint customAuthEntryPoint;
- @Autowired
- private SimpleUrlAuthenticationSuccessHandler customAuthSuccess;
- @Autowired
- private SimpleUrlAuthenticationFailureHandler failureHandler;
- @Autowired
- private CustomAdminDetailsService adminDetailsService;
- @Autowired
- private SimpleUrlLogoutSuccessHandler customLogoutSuccess;
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .csrf()
- .disable()
- .antMatcher("/api/admin/**")
- .authorizeRequests()
- .antMatchers("/api/admin/**").hasRole("ADMIN")
- .and()
- .exceptionHandling()
- .authenticationEntryPoint(customAuthEntryPoint)
- .accessDeniedHandler(customAccessDenied)
- .and()
- .formLogin()
- .loginProcessingUrl("/api/admin/login")
- .successHandler(customAuthSuccess)
- .failureHandler(failureHandler)
- .usernameParameter("email")
- .and()
- .logout()
- .deleteCookies("JSESSIONID")
- .logoutUrl("/api/admin/logout")
- .logoutSuccessHandler(customLogoutSuccess)
- .and()
- .rememberMe()
- .userDetailsService(adminDetailsService)
- .and();
- }
- @Override
- protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- auth.authenticationProvider(authenticationProvider());
- }
- protected DaoAuthenticationProvider authenticationProvider() {
- DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
- authProvider.setUserDetailsService(adminDetailsService);
- authProvider.setPasswordEncoder(passwordEncoder());
- return authProvider;
- }
- }
- @Configuration
- @Order(2)
- public static class UserConfigurationAdapter extends WebSecurityConfigurerAdapter {
- @Autowired
- private AccessDeniedHandler customAccessDenied;
- @Autowired
- private AuthenticationEntryPoint customAuthEntryPoint;
- @Autowired
- private SimpleUrlAuthenticationSuccessHandler customAuthSuccess;
- @Autowired
- private SimpleUrlAuthenticationFailureHandler failureHandler;
- @Autowired
- private CustomUserDetailsService userService;
- @Autowired
- private SimpleUrlLogoutSuccessHandler customLogoutSuccess;
- @Autowired
- private CustomOauth2UserService customOauth2UserService;
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .csrf()
- .disable()
- .antMatcher("/api/**")
- .authorizeRequests()
- .antMatchers("/",
- "/api/user/oauth2/**",
- "/api/user/registration",
- "/api/user/emailConfirm",
- "/api/user/resetPassword",
- "/api/user/profile/password/update")
- .permitAll()
- .antMatchers("/api", "/api/**")
- .authenticated()
- .and()
- .exceptionHandling()
- .accessDeniedHandler(customAccessDenied)
- .authenticationEntryPoint(customAuthEntryPoint)
- .and()
- .formLogin()
- .loginProcessingUrl("/api/user/login").permitAll()
- .successHandler(customAuthSuccess)
- .failureHandler(failureHandler)
- .usernameParameter("email")
- .and()
- .logout()
- .deleteCookies("JSESSIONID")
- .logoutUrl("/api/user/logout")
- .logoutSuccessHandler(customLogoutSuccess)
- .and()
- .rememberMe()
- .userDetailsService(userService)
- .and()
- .oauth2Login()
- .authorizationEndpoint()
- .baseUri("/api/user/oauth2/authorize")
- .and()
- .redirectionEndpoint()
- .baseUri("/api/user/oauth2/callback/*")
- .and()
- .userInfoEndpoint()
- .userService(customOauth2UserService)
- .and();
- }
- @Override
- protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- auth.authenticationProvider(authenticationProvider());
- }
- protected DaoAuthenticationProvider authenticationProvider() {
- DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
- authProvider.setUserDetailsService(userService);
- authProvider.setPasswordEncoder(passwordEncoder());
- return authProvider;
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement