Spring security

Author: Davr bank

Advanced-SpringSecure/1. simple-secure/secure-start/.gitignore renamed to Advanced-SpringSecure/Spring-BaseAuth/.gitignore

@@ -0,0 +1,178 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.springframework.boot</groupId>
+		<artifactId>spring-boot-starter-parent</artifactId>
+		<version>2.7.2</version>
+		<relativePath/> <!-- lookup parent from repository -->
+	</parent>
+	<groupId>uz.bepro</groupId>
+	<artifactId>Spring-BaseAuth</artifactId>
+	<version>0.0.1-SNAPSHOT</version>
+	<name>Spring-BaseAuth</name>
+	<description>Spring-BaseAuth</description>
+	<properties>
+		<java.version>11</java.version>
+		<repackage.classifier/>
+		<spring-native.version>0.12.1</spring-native.version>
+	</properties>
+	<dependencies>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.experimental</groupId>
+			<artifactId>spring-native</artifactId>
+			<version>${spring-native.version}</version>
+		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-devtools</artifactId>
+			<scope>runtime</scope>
+			<optional>true</optional>
+		</dependency>
+		<dependency>
+			<groupId>org.projectlombok</groupId>
+			<artifactId>lombok</artifactId>
+			<optional>true</optional>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+
+		<!--security-->
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>com.google.guava</groupId>
+			<artifactId>guava</artifactId>
+			<version>31.1-jre</version>
+		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-web</artifactId>
+		</dependency>
+		<!---->
+	</dependencies>
+
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.springframework.boot</groupId>
+				<artifactId>spring-boot-maven-plugin</artifactId>
+				<configuration>
+					<excludes>
+						<exclude>
+							<groupId>org.projectlombok</groupId>
+							<artifactId>lombok</artifactId>
+						</exclude>
+					</excludes>
+					<classifier>${repackage.classifier}</classifier>
+					<image>
+						<builder>paketobuildpacks/builder:tiny</builder>
+						<env>
+							<BP_NATIVE_IMAGE>true</BP_NATIVE_IMAGE>
+						</env>
+					</image>
+				</configuration>
+			</plugin>
+			<plugin>
+				<groupId>org.springframework.experimental</groupId>
+				<artifactId>spring-aot-maven-plugin</artifactId>
+				<version>${spring-native.version}</version>
+				<executions>
+					<execution>
+						<id>test-generate</id>
+						<goals>
+							<goal>test-generate</goal>
+						</goals>
+					</execution>
+					<execution>
+						<id>generate</id>
+						<goals>
+							<goal>generate</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
+		</plugins>
+	</build>
+	<repositories>
+		<repository>
+			<id>spring-releases</id>
+			<name>Spring Releases</name>
+			<url>https://repo.spring.io/release</url>
+			<snapshots>
+				<enabled>false</enabled>
+			</snapshots>
+		</repository>
+	</repositories>
+	<pluginRepositories>
+		<pluginRepository>
+			<id>spring-releases</id>
+			<name>Spring Releases</name>
+			<url>https://repo.spring.io/release</url>
+			<snapshots>
+				<enabled>false</enabled>
+			</snapshots>
+		</pluginRepository>
+	</pluginRepositories>
+
+	<profiles>
+		<profile>
+			<id>native</id>
+			<properties>
+				<repackage.classifier>exec</repackage.classifier>
+				<native-buildtools.version>0.9.13</native-buildtools.version>
+			</properties>
+			<dependencies>
+				<dependency>
+					<groupId>org.junit.platform</groupId>
+					<artifactId>junit-platform-launcher</artifactId>
+					<scope>test</scope>
+				</dependency>
+			</dependencies>
+			<build>
+				<plugins>
+					<plugin>
+						<groupId>org.graalvm.buildtools</groupId>
+						<artifactId>native-maven-plugin</artifactId>
+						<version>${native-buildtools.version}</version>
+						<extensions>true</extensions>
+						<executions>
+							<execution>
+								<id>test-native</id>
+								<phase>test</phase>
+								<goals>
+									<goal>test</goal>
+								</goals>
+							</execution>
+							<execution>
+								<id>build-native</id>
+								<phase>package</phase>
+								<goals>
+									<goal>build</goal>
+								</goals>
+							</execution>
+						</executions>
+					</plugin>
+				</plugins>
+			</build>
+		</profile>
+	</profiles>
+
+</project>

Advanced-SpringSecure/1. simple-secure/secure-start/.mvn/wrapper/maven-wrapper.jar renamed to Advanced-SpringSecure/Spring-BaseAuth/.mvn/wrapper/maven-wrapper.jar

@@ -0,0 +1,16 @@
+package uz.bepro.springbaseauth;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+import java.io.Serializable;
+
+@SpringBootApplication
+public class SpringBaseAuthApplication {
+
+	public static void main(String[] args) {
+		SpringApplication.run(SpringBaseAuthApplication.class, args);
+	}
+
+}
+

Advanced-SpringSecure/1. simple-secure/secure-start/.mvn/wrapper/maven-wrapper.properties renamed to Advanced-SpringSecure/Spring-BaseAuth/.mvn/wrapper/maven-wrapper.properties

@@ -0,0 +1,37 @@
+package uz.be.springrolebaseauth.controller;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+import uz.be.springrolebaseauth.model.Student;
+
+import java.util.Arrays;
+import java.util.List;
+
+/**
+ * @project: secure-start
+ * @Date: 12.08.2022
+ * @author: H_Urunov
+ **/
+@RestController
+@RequestMapping("/api/v1/student/")
+public class StudentController {
+    //
+    private static final List<Student> students = Arrays.asList(
+            new Student(1, "James Bond"),
+            new Student(2, "Lary Gaga"),
+            new Student(3, "Faktor2"),
+            new Student(4, "Anna ")
+    );
+
+    @GetMapping(path = "{studentId}")
+    public Student getStudent(@PathVariable("studentId") Integer studentId) {
+
+        return students
+                .stream()
+                .filter(student -> studentId.equals(student.getStudentId()))
+                .findFirst()
+                .orElseThrow(() -> new IllegalStateException("Student" + studentId));
+    }
+}

Advanced-SpringSecure/1. simple-secure/secure-start/mvnw renamed to Advanced-SpringSecure/Spring-BaseAuth/mvnw

@@ -0,0 +1,20 @@
+package uz.be.springrolebaseauth.model;
+
+import lombok.*;
+
+/**
+ * @project: secure-start
+ * @Date: 12.08.2022
+ * @author: H_Urunov
+ **/
+@Getter
+@Setter
+@AllArgsConstructor
+@NoArgsConstructor
+@ToString
+public class Student {
+    //
+    private Integer studentId;
+    private String name;
+
+}

Advanced-SpringSecure/1. simple-secure/secure-start/mvnw.cmd renamed to Advanced-SpringSecure/Spring-BaseAuth/mvnw.cmd

@@ -0,0 +1,90 @@
+package uz.bepro.springbaseauth.security;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+
+import static uz.bepro.springbaseauth.security.ApplicationUserRole.*;
+
+
+/**
+ * @project: secure-start
+ * @Date: 12.08.2022
+ * @author: H_Urunov
+ **/
+@Configuration
+@EnableWebSecurity
+@EnableGlobalMethodSecurity(securedEnabled = true)
+public class ApplicationSecurityConfig extends WebSecurityConfigurerAdapter {
+    private final PasswordEncoder passwordEncoder;
+
+    @Autowired
+    public ApplicationSecurityConfig(PasswordEncoder passwordEncoder) {
+        this.passwordEncoder = passwordEncoder;
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                .csrf().disable()
+                .authorizeRequests()
+                .antMatchers("/", "index", "/css/*", "/js/*").permitAll()
+                .antMatchers("/api/**").hasRole(ADMIN.name()) // managing role here based on enum categories.
+                .anyRequest()
+                .authenticated()
+                .and()
+                .httpBasic();
+    }
+
+    @Override
+    @Bean
+    protected UserDetailsService userDetailsService() {
+            // Permission User(s)
+            UserDetails urunovUser = User.builder()
+                        .username("urunov")
+                        .password(passwordEncoder.encode("urunov1987"))
+                        .roles(ADMIN.name()) // ROLE_STUDENT
+                        .build();
+
+            UserDetails lindaUser = User.builder()
+                    .username("linda")
+                    .password(passwordEncoder.encode("linda333"))
+                    .authorities(STUDENT.name())
+                    .roles(STUDENT.name()) // ROLE_ADMIN
+                    .build();
+
+            UserDetails tomUser = User.builder()
+                    .username("tom")
+                    .password(passwordEncoder.encode("tom555"))
+                    .authorities(ADMINTRAINEE.name())
+              //      .authorities(ADMINTRAINEE.getGrantedAuthorities())
+                    .roles(ADMINTRAINEE.name()) // ROLE ADMINTRAINEE
+                    .build();
+//
+            UserDetails hotamboyUser = User.builder()
+                    .username("hotam")
+                    .password(passwordEncoder.encode("hotamboy"))
+                    .authorities(ADMIN.name())
+                 //   .authorities(ADMIN.getGrantedAuthorities())
+                    .roles(ADMIN.name()) // ROLE ADMIN
+                    .build();
+
+            return new InMemoryUserDetailsManager(
+                    urunovUser,
+                    lindaUser,
+                    tomUser,
+                    hotamboyUser
+
+        );
+
+    }
+}

Advanced-SpringSecure/Spring-BaseAuth/pom.xml

@@ -1,4 +1,4 @@
-package com.secure.sytem.securestart.security;
+package uz.bepro.springbaseauth.security;
 
 /**
  * @project: secure-start

Advanced-SpringSecure/Spring-BaseAuth/src/main/java/uz/bepro/springbaseauth/SpringBaseAuthApplication.java

@@ -1,12 +1,11 @@
-package com.secure.sytem.securestart.security;
-
+package uz.bepro.springbaseauth.security;
 import com.google.common.collect.Sets;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
-
 import java.util.Set;
 import java.util.stream.Collectors;
 
-import static com.secure.sytem.securestart.security.ApplicationUserPermission.*;
+import static uz.bepro.springbaseauth.security.ApplicationUserPermission.*;
+
 
 /**
  * @project: secure-start
@@ -20,12 +19,12 @@ public enum ApplicationUserRole {
 
     MANAGER(Sets.newHashSet(COURSE_READ, STUDENT_READ));
 
-    private final Set<ApplicationUserPermission>  permissions;
+    private final Set<ApplicationUserPermission> permissions;
 
     ApplicationUserRole(Set<ApplicationUserPermission> permissions) {
         this.permissions = permissions;
     }
-
+//
 //    public Set<ApplicationUserPermission> getPermissions(){
 //        return permissions;
 //    }

Advanced-SpringSecure/Spring-BaseAuth/src/main/java/uz/bepro/springbaseauth/controller/StudentController.java

@@ -1,4 +1,4 @@
-package com.secure.sytem.securestart.security;
+package uz.bepro.springbaseauth.security;
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;