Spring Security Basic

Author: Davr bank

Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/controller/StudentController.java

@@ -18,7 +18,6 @@
 @RequestMapping("/api/v1/student/")
 public class StudentController {
     //
-
     private static final List<Student> students = Arrays.asList(
             new Student(1, "James Bond"),
             new Student(2, "Lary Gaga"),
@@ -27,12 +26,12 @@ public class StudentController {
     );
 
     @GetMapping(path = "{studentId}")
-    public Student getStudent(@PathVariable("studentId") Integer studentId){
+    public Student getStudent(@PathVariable("studentId") Integer studentId) {
 
         return students
                 .stream()
                 .filter(student -> studentId.equals(student.getStudentId()))
                 .findFirst()
                 .orElseThrow(() -> new IllegalStateException("Student" + studentId));
     }
-}
+}

Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/ApplicationSecurityConfig.java

@@ -57,27 +57,39 @@ protected UserDetailsService userDetailsService() {
                 User.builder()
                         .username("urunov")
                         .password(passwordEncoder.encode("urunov1987"))
-                        .authorities(STUDENT.getGrantedAuthorities())
+                        .authorities("STUDENT")
+ //                       .authorities(STUDENT.getGrantedAuthorities())
 //                        .roles(STUDENT.name()) // ROLE_STUDENT
                         .build();
 
         UserDetails lindaUser = User.builder()
                 .username("linda")
                 .password(passwordEncoder.encode("linda333"))
-                .authorities(ADMIN.getGrantedAuthorities())
+                .authorities("ADMIN")
+ //               .authorities(ADMIN.getGrantedAuthorities())
 //                .roles(ADMIN.name()) // ROLE_ADMIN
                 .build();
 
         UserDetails tomUser = User.builder()
                 .username("tom")
                 .password(passwordEncoder.encode("tom555"))
-                .authorities(ADMINTRAINEE.getGrantedAuthorities())
+                .authorities("ADMINTRAINEE")
+//                .authorities(ADMINTRAINEE.getGrantedAuthorities())
 //                .roles(ADMINTRAINEE.name()) // ROLE ADMINTRAINEE
                 .build();
-        return new InMemoryUserDetailsManager(
+
+        UserDetails hotamboyUser = User.builder()
+                .username("hotam")
+                .password(passwordEncoder.encode("hotamboy"))
+                .build();
+
+        return new InMemoryUserDetailsManager( // manage user(s)
                 lindaUser,
                 urunovUser,
-                tomUser
+                tomUser,
+                hotamboyUser
         );
+
+
     }
 }

Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/ApplicationUserPermission.java

@@ -11,9 +11,7 @@ public enum ApplicationUserPermission {
     STUDENT_WRITE("student: write"),
     COURSE_READ("course:read"),
     COURSE_WRITE("course: write");
-
     private final String permission;
-
     ApplicationUserPermission(String permission) {
         this.permission = permission;
     }

Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/ApplicationUserRole.java

@@ -1,7 +1,6 @@
 package com.secure.sytem.securestart.security;
 
 import com.google.common.collect.Sets;
-import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import java.util.Set;
@@ -18,6 +17,7 @@ public enum ApplicationUserRole {
     ADMIN(Sets.newHashSet(COURSE_READ, COURSE_WRITE, STUDENT_READ, STUDENT_WRITE)),
     STUDENT(Sets.newHashSet()),
     ADMINTRAINEE(Sets.newHashSet()),
+
     MANAGER(Sets.newHashSet(COURSE_READ, STUDENT_READ));
 
     private final Set<ApplicationUserPermission>  permissions;
@@ -26,14 +26,14 @@ public enum ApplicationUserRole {
         this.permissions = permissions;
     }
 
-    public Set<ApplicationUserPermission> getPermissions(){
-        return permissions;
-    }
-    public Set<SimpleGrantedAuthority> getGrantedAuthorities(){
-        Set<SimpleGrantedAuthority> permissions = getPermissions().stream()
-                .map(permission -> new SimpleGrantedAuthority(permission.getPermission()))
-                .collect(Collectors.toSet());
-        permissions.add(new SimpleGrantedAuthority("ROLE_" +this.name()));
-        return permissions;
-    }
+//    public Set<ApplicationUserPermission> getPermissions(){
+//        return permissions;
+//    }
+//    public Set<SimpleGrantedAuthority> getGrantedAuthorities(){
+//        Set<SimpleGrantedAuthority> permissions = getPermissions().stream()
+//                .map(permission -> new SimpleGrantedAuthority(permission.getPermission()))
+//                .collect(Collectors.toSet());
+//        permissions.add(new SimpleGrantedAuthority("ROLE_" +this.name()));
+//        return permissions;
+//    }
 }

Advanced-SpringSecure/1. simple-secure/secure-start/src/main/java/com/secure/sytem/securestart/security/PasswordConfig.java

@@ -15,6 +15,6 @@ public class PasswordConfig {
     //
     @Bean
     public PasswordEncoder passwordEncoder(){
-        return new BCryptPasswordEncoder(10);
+        return new BCryptPasswordEncoder(10); // how to encode password. (10 -> choose )
     }
 }