Entrar Ainda não tem acesso?
1
resposta

Ao fazer teste via Postman retorna erro 400 Apos implementacao do Token.

Referente ao curso Spring Boot API Rest: Segurança da API, Cache e Monitoramento

por Fabio Junior Rodrigues Moreira
| 183.5k xp | 6 posts

Bom dia Revisei o codigo mais estou tomando erro 404 apos implementar o codigo. Vi um problema parecido no forum mais no meu caso as classes estao completas conforme abaixo package br.com.fabio.forum.controller;

import org.springframework.security.core.AuthenticationException; import javax.validation.Valid;

import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.Authentication; import org.springframework.http.ResponseEntity; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController;

import br.com.fabio.forum.config.security.TokenServices; import br.com.fabio.forum.form.LoginForm;

@RestController @RequestMapping("/auth") public class AutenticacaoController {

@Autowired
private AuthenticationManager authManager;

@Autowired
private TokenServices tokenService;

@PostMapping
public ResponseEntity<?> autenticar(@RequestBody @Valid LoginForm form) {

    UsernamePasswordAuthenticationToken dadosLogin = form.coverter();
    try {
        Authentication authentication = authManager.authenticate(dadosLogin);
        String token = tokenService.gerarToken(authentication);
        System.out.println(token);
        return ResponseEntity.ok().build();
    } catch (AuthenticationException e) {
        return ResponseEntity.badRequest().build();
    }

}

} package br.com.fabio.forum.config.security;

import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

@EnableWebSecurity @Configuration public class SecurityConfigurations extends WebSecurityConfigurerAdapter{

@Autowired
private AutenticacaoServices autenticacaoServices;
@Override
//configuracao de autenticacao parte de login etc
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(autenticacaoServices).passwordEncoder(new BCryptPasswordEncoder());
}

@Override
// configuracoes de autorizacao quem pode ver o que 
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeHttpRequests()
    .antMatchers(HttpMethod.GET,"/topicos").permitAll()
    .antMatchers(HttpMethod.GET,"/topicos/*").permitAll()
    .antMatchers(HttpMethod.POST,"/auth").permitAll()
    .anyRequest().authenticated()
    .and().csrf().disable()
    .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);

}

@Override
// configuracao de recursos estaticos(js,css, imagens etc)
public void configure(WebSecurity web) throws Exception {

}

@Override
@Bean
protected AuthenticationManager authenticationManager() throws Exception {
    // TODO Auto-generated method stub
    return super.authenticationManager();
}

} package br.com.fabio.forum.config.security;

import org.springframework.beans.factory.annotation.Value; import org.springframework.security.core.Authentication;

import java.util.Date;

import org.springframework.stereotype.Service;

import br.com.fabio.forum.modelo.Usuario; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm;

@Service public class TokenServices {

//INJSAO DE DEPENDENCIA DO ARQUIVO APLICATIO.PROPERTIES 

@Value("${forum.jwt.expiration}")
private String expiration;
@Value("${forum.jwt.secret}")
private String secret;

public String gerarToken(Authentication authentication) {
    Usuario logado = (Usuario) authentication.getPrincipal();
    Date hoje  = new Date();
    Date dataExpiracao = new Date(hoje.getTime()+ Long.parseLong(expiration));
    return Jwts.builder()
            .setIssuer("API Forum da Alura")
            .setSubject(logado.getId().toString())
            .setIssuedAt(hoje)
            .setExpiration(dataExpiracao)
            .signWith(SignatureAlgorithm.HS256, secret).compact();
}

}

1 resposta
por Rodrigo da Silva Ferreira Caneppele
| 4863.8k xp | 8467 posts
Instrutor Instrutor

Oi Fabio,

Conseguiu resolver?

Se não resolveu, coloca um printstacktrace para vermos qual exceção está acontecendo:

} catch (AuthenticationException e) {
    e.printStacktrace();
    return ResponseEntity.badRequest().build();
}