Basic Auth

Author: Davr bank

Advanced-SpringSecure/1. simple-secure/secure-start/pom.xml

@@ -61,10 +61,17 @@
 			<artifactId>spring-boot-starter-test</artifactId>
 			<scope>test</scope>
 		</dependency>
+		<!-- Security configuration .-->
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-security</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>com.google.guava</groupId>
+			<artifactId>guava</artifactId>
+			<version>31.1-jre</version>
+		</dependency>
+		<!--    Secure end.     -->
 	</dependencies>
 
 	<build>

Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/controller/StudentManagementController.java

@@ -0,0 +1,47 @@
+package com.secure.sytem.securestart.controller;
+
+import com.secure.sytem.securestart.entity.Student;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.Arrays;
+import java.util.List;
+
+/**
+ * @project: secure-start
+ * @Date: 12.08.2022
+ * @author: H_Urunov
+ **/
+@RestController
+@RequestMapping("/management/api/v1/students")
+public class StudentManagementController {
+    //
+    private static final List<Student> STUDENTS = Arrays.asList(
+            new Student(1, "James Bond"),
+            new Student(2, "Lary Gaga"),
+            new Student(3, "Faktor2"),
+            new Student(4, "Anna "),
+            new Student(5, "Anna German ")
+    );
+
+    @GetMapping
+    public List<Student> getAllStudents(){
+        return STUDENTS;
+    }
+
+    @PostMapping
+    public void registerNewStudent(@RequestBody Student student){
+        System.out.println("registerNewStudent");
+        System.out.println(student);
+    }
+
+    @DeleteMapping(path = "{studentId}")
+    public void deleteStudent(@PathVariable() Integer studentId){
+        System.out.println("deleteStudent");
+        System.out.println(studentId);
+    }
+    @PutMapping(path = "{studentId}")
+    public void updateStudent(@PathVariable("studentId") Integer studentId, @RequestBody Student student){
+        System.out.println("Update student INFO.");
+        System.out.println(String.format("%s %s", studentId, student));
+    }
+}

Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/ApplicationSecurityConfig.java

@@ -0,0 +1,83 @@
+package com.secure.sytem.securestart.security;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+
+import static com.secure.sytem.securestart.security.ApplicationUserPermission.COURSE_WRITE;
+import static com.secure.sytem.securestart.security.ApplicationUserRole.*;
+
+/**
+ * @project: secure-start
+ * @Date: 12.08.2022
+ * @author: H_Urunov
+ **/
+@Configuration
+@EnableWebSecurity
+public class ApplicationSecurityConfig extends WebSecurityConfigurerAdapter {
+    //
+    private final PasswordEncoder passwordEncoder;
+
+    @Autowired
+    public ApplicationSecurityConfig(PasswordEncoder passwordEncoder) {
+        this.passwordEncoder = passwordEncoder;
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                .csrf().disable()
+                .authorizeRequests()
+                .antMatchers("/", "index", "/css/*", "/js/*").permitAll()
+                .antMatchers("/api/**").hasRole(STUDENT.name())
+                .antMatchers(HttpMethod.DELETE,"/management/api/**").hasAuthority(COURSE_WRITE.name())
+                .antMatchers(HttpMethod.POST, "/management/api/**").hasAuthority(COURSE_WRITE.name())
+                .antMatchers(HttpMethod.PUT, "/management/api/**").hasAuthority(COURSE_WRITE.name())
+                .antMatchers(HttpMethod.GET, "/management/api/**").hasAnyRole(ADMIN.name(), ADMINTRAINEE.name())
+                .anyRequest()
+                .authenticated()
+                .and()
+                .httpBasic();
+    }
+
+    @Override
+    @Bean
+    protected UserDetailsService userDetailsService() {
+        // Permission User(s)
+        UserDetails urunovUser =
+                User.builder()
+                        .username("urunov")
+                        .password(passwordEncoder.encode("urunov1987"))
+                        .authorities(STUDENT.getGrantedAuthorities())
+//                        .roles(STUDENT.name()) // ROLE_STUDENT
+                        .build();
+
+        UserDetails lindaUser = User.builder()
+                .username("linda")
+                .password(passwordEncoder.encode("linda333"))
+                .authorities(ADMIN.getGrantedAuthorities())
+//                .roles(ADMIN.name()) // ROLE_ADMIN
+                .build();
+
+        UserDetails tomUser = User.builder()
+                .username("tom")
+                .password(passwordEncoder.encode("tom555"))
+                .authorities(ADMINTRAINEE.getGrantedAuthorities())
+//                .roles(ADMINTRAINEE.name()) // ROLE ADMINTRAINEE
+                .build();
+        return new InMemoryUserDetailsManager(
+                lindaUser,
+                urunovUser,
+                tomUser
+        );
+    }
+}

Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/ApplicationUserPermission.java

@@ -0,0 +1,24 @@
+package com.secure.sytem.securestart.security;
+
+/**
+ * @project: secure-start
+ * @Date: 12.08.2022
+ * @author: H_Urunov
+ **/
+
+public enum ApplicationUserPermission {
+    STUDENT_READ("student: read"),
+    STUDENT_WRITE("student: write"),
+    COURSE_READ("course:read"),
+    COURSE_WRITE("course: write");
+
+    private final String permission;
+
+    ApplicationUserPermission(String permission) {
+        this.permission = permission;
+    }
+
+    public String getPermission(){
+        return permission;
+    }
+}

Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/ApplicationUserRole.java

@@ -0,0 +1,39 @@
+package com.secure.sytem.securestart.security;
+
+import com.google.common.collect.Sets;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+
+import java.util.Set;
+import java.util.stream.Collectors;
+
+import static com.secure.sytem.securestart.security.ApplicationUserPermission.*;
+
+/**
+ * @project: secure-start
+ * @Date: 12.08.2022
+ * @author: H_Urunov
+ **/
+public enum ApplicationUserRole {
+    ADMIN(Sets.newHashSet(COURSE_READ, COURSE_WRITE, STUDENT_READ, STUDENT_WRITE)),
+    STUDENT(Sets.newHashSet()),
+    ADMINTRAINEE(Sets.newHashSet()),
+    MANAGER(Sets.newHashSet(COURSE_READ, STUDENT_READ));
+
+    private final Set<ApplicationUserPermission>  permissions;
+
+    ApplicationUserRole(Set<ApplicationUserPermission> permissions) {
+        this.permissions = permissions;
+    }
+
+    public Set<ApplicationUserPermission> getPermissions(){
+        return permissions;
+    }
+    public Set<SimpleGrantedAuthority> getGrantedAuthorities(){
+        Set<SimpleGrantedAuthority> permissions = getPermissions().stream()
+                .map(permission -> new SimpleGrantedAuthority(permission.getPermission()))
+                .collect(Collectors.toSet());
+        permissions.add(new SimpleGrantedAuthority("ROLE_" +this.name()));
+        return permissions;
+    }
+}

Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/PasswordConfig.java

@@ -0,0 +1,20 @@
+package com.secure.sytem.securestart.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+/**
+ * @project: secure-start
+ * @Date: 12.08.2022
+ * @author: H_Urunov
+ **/
+@Configuration
+public class PasswordConfig {
+    //
+    @Bean
+    public PasswordEncoder passwordEncoder(){
+        return new BCryptPasswordEncoder(10);
+    }
+}

Advanced-SpringSecure/1. simple-secure/secure-start/src/main/resources/static/index.html

@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Title</title>
+</head>
+<body>
+    <h1>Hello Spring Boot Security</h1>
+</body>
+</html>