Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Configuration
- @EnableWebSecurity
- @EnableGlobalMethodSecurity(prePostEnabled = true)
- public class SecurityConfig extends WebSecurityConfigurerAdapter {
- private final TokenAuthenticationService tokenAuthenticationService;
- private final ObjectMapper mapper;
- @Autowired
- protected SecurityConfig(final TokenAuthenticationService tokenAuthenticationService, ObjectMapper mapper) {
- super();
- this.tokenAuthenticationService = tokenAuthenticationService;
- this.mapper = mapper;
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.headers()
- .frameOptions().disable()
- .and()
- .authorizeRequests()
- .antMatchers("/api/v3/auth").permitAll()
- .antMatchers("/api/v3/signup").permitAll()
- .antMatchers("/api/v3/websocket/**").permitAll()
- .anyRequest().authenticated()
- .and()
- .exceptionHandling().authenticationEntryPoint(new RestAuthenticationEntryPoint(mapper))
- .and()
- .addFilterBefore(new AuthenticationTokenFilter(tokenAuthenticationService), UsernamePasswordAuthenticationFilter.class)
- .cors()
- .and()
- .csrf().disable();
- }
- @Bean
- public CorsFilter corsFilter() {
- UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
- CorsConfiguration config = new CorsConfiguration();
- config.setAllowCredentials(true);
- config.addAllowedOrigin("*");
- config.addAllowedHeader("*");
- config.addAllowedMethod("OPTIONS");
- config.addAllowedMethod("GET");
- config.addAllowedMethod("POST");
- config.addAllowedMethod("PUT");
- config.addAllowedMethod("DELETE");
- source.registerCorsConfiguration("/**", config);
- return new CorsFilter(source);
- }
- }
- @Configuration
- @EnableWebSocketMessageBroker
- @Order(Ordered.HIGHEST_PRECEDENCE + 50)
- public class SocketBrokerConfig implements WebSocketMessageBrokerConfigurer {
- private static final Logger log = LoggerFactory.getLogger(SocketBrokerConfig.class);
- private final TokenAuthenticationService authenticationService;
- @Autowired
- public SocketBrokerConfig(TokenAuthenticationService authenticationService) {
- this.authenticationService = authenticationService;
- }
- @Override
- public void configureMessageBroker(MessageBrokerRegistry config) {
- config.enableSimpleBroker("/topic", "/queue");
- config.setApplicationDestinationPrefixes("/app");
- }
- @Override
- public void registerStompEndpoints(StompEndpointRegistry registry) {
- log.info("registering websockets");
- registry
- .addEndpoint("/api/v3/websocket")
- .setAllowedOrigins("*")
- .withSockJS()
- .setClientLibraryUrl("https://cdnjs.cloudflare.com/ajax/libs/sockjs-client/1.1.4/sockjs.min.js")
- .setWebSocketEnabled(false)
- .setSessionCookieNeeded(false);
- }
- @Override
- public void configureClientInboundChannel(ChannelRegistration registration) {
- registration.interceptors(new ChannelInterceptorAdapter() {
- @Override
- public Message<?> preSend(Message<?> message, MessageChannel channel) {
- StompHeaderAccessor accessor = MessageHeaderAccessor.getAccessor(message, StompHeaderAccessor.class);
- log.info("in override " + accessor.getCommand());
- if (StompCommand.CONNECT.equals(accessor.getCommand())) {
- // Authentication auth = SecurityContextHolder.getContext().getAuthentication();
- // String name = auth.getName(); //get logged in username
- // System.out.println("Authenticated User : " + name);
- String authToken = accessor.getFirstNativeHeader("x-auth-token");
- log.info("Header auth token: " + authToken);
- Principal principal = authenticationService.getUserFromToken(authToken);
- if (Objects.isNull(principal))
- return null;
- accessor.setUser(principal);
- } else if (StompCommand.DISCONNECT.equals(accessor.getCommand())) {
- Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
- if (Objects.nonNull(authentication))
- log.info("Disconnected Auth : " + authentication.getName());
- else
- log.info("Disconnected Sess : " + accessor.getSessionId());
- }
- return message;
- }
- @Override
- public void postSend(Message<?> message, MessageChannel channel, boolean sent) {
- StompHeaderAccessor sha = StompHeaderAccessor.wrap(message);
- // ignore non-STOMP messages like heartbeat messages
- if (sha.getCommand() == null) {
- log.warn("postSend null command");
- return;
- }
- String sessionId = sha.getSessionId();
- switch (sha.getCommand()) {
- case CONNECT:
- log.info("STOMP Connect [sessionId: " + sessionId + "]");
- break;
- case CONNECTED:
- log.info("STOMP Connected [sessionId: " + sessionId + "]");
- break;
- case DISCONNECT:
- log.info("STOMP Disconnect [sessionId: " + sessionId + "]");
- break;
- default:
- break;
- }
- }
- });
- }
- }
- @Configuration
- public class SocketSecurityConfig extends AbstractSecurityWebSocketMessageBrokerConfigurer {
- @Override
- protected boolean sameOriginDisabled() {
- // We need to access this directly from apps, so can't do cross-site checks
- return true;
- }
- }
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="utf-8"/>
- <title>Test</title>
- <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css"/>
- </head>
- <body>
- <nav class="navbar navbar-default">
- <div class="container-fluid">
- <div class="navbar-header">
- <a class="navbar-brand" href="/test/ws">Test Client</a>
- </div>
- </div>
- </nav>
- <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
- <script type="text/javascript" src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js"></script>
- <script src="https://cdnjs.cloudflare.com/ajax/libs/stomp.js/2.3.3/stomp.min.js"></script>
- <script src="https://cdnjs.cloudflare.com/ajax/libs/sockjs-client/1.1.4/sockjs.min.js"></script>
- <script type="application/javascript">
- var endpoint = "http://192.168.0.58:8080/api/v3/auth";
- var login = {username: "admin", password: "password"};
- $.ajax({
- type: "POST",
- url: endpoint,
- data: JSON.stringify(login),
- headers: {
- 'Accept': 'application/json',
- 'Content-Type': 'application/json'
- },
- success: function (data) {
- var socket = new SockJS("http://192.168.0.58:8080/api/v3/websocket/");
- var stompClient = Stomp.over(socket);
- var headers = {
- 'client-id': 'my-client-id',
- 'x-auth-token': data.data.token
- };
- stompClient.connect(headers, function (frame) {
- console.log("Connected ?!");
- console.log(frame);
- stompClient.subscribe(
- "/user/queue/admin",
- function (message) {
- console.log("Message arrived");
- console.log(message);
- }
- );
- });
- }
- });
- </script>
- </body>
- </html>
Add Comment
Please, Sign In to add comment