Prezados, tranquilo?
Estou na aula 3.8 deste a semana passada tentando solucionar esse problema. Depois que tirou a autenticação basica, não consigo chamar a url "/login".
Este é meu problema, sem acesso a esta url "/login". Deixei full o para todos os metodos http, mesmo assim deu 403.
Coloquei no git neste commit aqui
=== HELP ===
@Configuration
@EnableWebSecurity
class SecurityConfiguration(
private val userDetailsService: UserDetailsService,
private val jwtUtil: JWTUtil
) : WebSecurityConfigurerAdapter() {
override fun configure(http: HttpSecurity?) {
http?.cors()?.disable()?.
authorizeRequests()?.
// antMatchers("/topico")?.hasAnyAuthority("ADMIN", "GERENTE")?.
// antMatchers("/topico")?.hasAnyRole("ADMIN", "GERENTE")?.
antMatchers(HttpMethod.POST,"/login")?.permitAll()?.
antMatchers("/h2-console/**", "/")?.permitAll()?.
and()?.
authorizeRequests()?.anyRequest()?.authenticated()
http?.addFilterBefore(JWTLoginFilter(authManager = authenticationManager(), jwtUtil = jwtUtil), UsernamePasswordAuthenticationFilter().javaClass)
http?.addFilterBefore(JWTAuthenticationFilter(jwtUtil), UsernamePasswordAuthenticationFilter().javaClass)
http?.sessionManagement()?.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
}
@Bean
fun bCrypetPasswordEncoder(): BCryptPasswordEncoder{
return BCryptPasswordEncoder()
}
override fun configure(auth: AuthenticationManagerBuilder?) {
auth?.userDetailsService(userDetailsService)?.passwordEncoder(bCrypetPasswordEncoder())
}
}
class JWTAuthenticationFilter(
private val jwtUtil: JWTUtil
) : OncePerRequestFilter() {
override fun doFilterInternal(
request: HttpServletRequest,
response: HttpServletResponse,
filterChain: FilterChain
) {
val tokerBearer = request.getHeader("Authorization")
val jwt = getTokenDetail(tokerBearer)
if (jwtUtil.isValid(jwt)) {
val authentication = jwtUtil.getAuthentication(jwt)
SecurityContextHolder.getContext().authentication = authentication
}
filterChain.doFilter(request, response)
}
private fun getTokenDetail(tokerBearer: String?): String? {
return tokerBearer?.let { t ->
t.startsWith("Bearer ")
t.substring(7, t.length)
}
}
}
class JWTLoginFilter(
private val authManager: AuthenticationManager,
private val jwtUtil: JWTUtil
) : UsernamePasswordAuthenticationFilter(authManager) {
override fun attemptAuthentication(
request: HttpServletRequest?,
response: HttpServletResponse?
): Authentication {
val (username, password) = ObjectMapper().readValue(request?.inputStream, Credencials::class.java)
val authenticationToken = UsernamePasswordAuthenticationToken(username, password)
return authManager.authenticate(authenticationToken)
}
override fun successfulAuthentication(
request: HttpServletRequest?,
response: HttpServletResponse?,
chain: FilterChain?,
authResult: Authentication?
) {
val userName = (authResult?.principal as UserDetails).username
val token = jwtUtil.generateToken(userName)
response?.addHeader("Authorization", "Bearer $token")
chain?.doFilter(request, response)
}
}
@Component
class JWTUtil(
private val usuarioService: UsuarioService
) {
@Value("\${jwt.secret}")
private lateinit var secketKey: String
private val expiration = 3600000
fun generateToken(username: String): String? {
return Jwts.builder()
.setSubject(username)
.setExpiration(Date(System.currentTimeMillis() + expiration))
.signWith(SignatureAlgorithm.HS512, secketKey.toByteArray())
.compact()
}
fun isValid(jwt: String?): Boolean {
return try {
Jwts.parser().setSigningKey(secketKey.toByteArray()).parseClaimsJws(jwt)
true
} catch (e: IllegalArgumentException) {
false
}
}
fun getAuthentication(jwt: String?): Authentication {
val username = Jwts.parser().setSigningKey(secketKey.toByteArray()).parseClaimsJws(jwt).body.subject
val user = usuarioService.loadUserByUsername(username)
return UsernamePasswordAuthenticationToken(username, null, user.authorities)
}
}