hlaeja-old/hlaeja-registry-api
6
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Authorization

Browse Source 
- add SecurityConfiguration
- add JwtAuthenticationManager
- add JwtAuthenticationConverter
- add JwtAuthenticationToken
- add JwtUserDetails
This commit is contained in:
Mr. Swordsteel
2025-01-01 20:33:09 +01:00
parent 7f87c00dd9
commit 1aee67d51c
5 changed files with 178 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
src/main/kotlin/ltd/hlaeja/security/JwtAuthenticationConverter.kt Normal file
View File

@@ -0,0 +1,55 @@
package ltd.hlaeja.security
import io.github.oshai.kotlinlogging.KotlinLogging
import io.jsonwebtoken.JwtException
import java.util.UUID
import ltd.hlaeja.jwt.service.PublicJwtService
import org.springframework.http.HttpStatus.UNAUTHORIZED
import org.springframework.security.core.Authentication
import org.springframework.security.core.authority.SimpleGrantedAuthority
import org.springframework.security.web.server.authentication.ServerAuthenticationConverter
import org.springframework.stereotype.Component
import org.springframework.web.server.ResponseStatusException
import org.springframework.web.server.ServerWebExchange
import reactor.core.publisher.Mono
private val log = KotlinLogging.logger {}
@Component
class JwtAuthenticationConverter(
private val publicJwtService: PublicJwtService,
) : ServerAuthenticationConverter {
companion object {
private const val BEARER = "Bearer "
private const val AUTHORIZATION = "Authorization"
}
override fun convert(
exchange: ServerWebExchange,
): Mono<Authentication> = Mono.justOrEmpty(exchange.request.headers.getFirst(AUTHORIZATION))
.filter { it.startsWith(BEARER) }
.map { it.removePrefix(BEARER) }
.flatMap { token ->
try {
Mono.just(jwtAuthenticationToken(token))
} catch (e: JwtException) {
log.error(e) { "${e.message}" }
Mono.error(ResponseStatusException(UNAUTHORIZED))
}
}
private fun jwtAuthenticationToken(token: String) = publicJwtService.verify(token) { claims ->
JwtAuthenticationToken(
JwtUserDetails(
UUID.fromString(claims.payload["id"] as String),
claims.payload["username"] as String,
),
token,
(claims.payload["role"] as String).split(",")
.map { SimpleGrantedAuthority(it) }
.toMutableList(),
true,
)
}
}