meu token nao esta printando | Spring Boot API Rest: Segurança da API, Cache e Monitoramento

Solucionado (ver solução)

Solucionado
(ver solução)

3
respostas

por Mario Augusto Braga Costa

| 71.1k xp | 27 posts

ao printar o token ele apenas faz um select mas nao me mostra o token, nao sei se está funcionando, ele procura o usuario mas nao printa o token

Hibernate: select usuario0_.id as id1_4_, usuario0_.email as email2_4_, usuario0_.nome as nome3_4_, usuario0_.senha as senha4_4_ from usuario usuario0_ where usuario0_.email=? Hibernate: select perfis0_.usuario_id as usuario_1_5_0_, perfis0_.perfis_id as perfis_i2_5_0_, perfil1_.id as id1_1_1_, perfil1_.nome as nome2_1_1_ from usuario_perfis perfis0_ inner join perfil perfil1_ on perfis0_.perfis_id=perfil1_.id where perfis0_.usuario_id=?

@Autowired
private AuthenticationManager authenticationManager;


@Autowired
private TokenService tokenService;

@PostMapping
public ResponseEntity<?> autenticar(@RequestBody @Valid LoginForm form) {
    UsernamePasswordAuthenticationToken dadosLogin = form.converter();
    try{
        Authentication authentication = authenticationManager.authenticate(dadosLogin); //ve as autentificação
        String token = tokenService.gerarToken(authentication);
        System.out.println(token);
        return ResponseEntity.ok().build();

    } catch (AuthenticationException e) {
        ResponseEntity.badRequest().build();
    }
    return ResponseEntity.ok().build();
}

}

@Service public class TokenService {

@Value("${forum.jwt.expiration}") //recebe valores do aplicaction properties e injeta
private String expiration;

@Value("${forum.jwt.secret}")
private String secret;

public String gerarToken(Authentication authentication) {

   Usuario logado = (Usuario) authentication.getPrincipal();//recupera o usuario logado
    Date hoje = new Date();
    Date dataExpiracao = new Date(hoje.getTime() + Long.parseLong(expiration));// apartir da dataExpiracao gera o tempo da geracao do token
    return Jwts.builder()
            .setIssuer("FOrum alura") //qual aplicação está gerando o token
            .setSubject(logado.getId().toString())  //dono de quem pertence a sessao
            .setIssuedAt(hoje) //data quando foi gerado
            .setExpiration(dataExpiracao) //tempo de expiração
            .signWith(SignatureAlgorithm.HS256,secret) // HS256,gera o algoritmo de cripografia   cripocrafia do token obs "buscar um programa que faça uma senha aleatoria grande de numeros"
            .compact(); //compacta tudo,


}

3 respostas

por Rodrigo da Silva Ferreira Caneppele

| 4881k xp | 8503 posts

Instrutor Instrutor

30/06/2022

Oi Mario,

Coloca um system.out no catch, para ver se acontece alguma exception:

} catch (AuthenticationException e) {
    e.printStackTrace();
    ResponseEntity.badRequest().build();
}

por Mario Augusto Braga Costa

| 71.1k xp | 27 posts

01/07/2022

acho que, nao estava salva no modo Bcrypt vou ver denovo

org.springframework.security.authentication.BadCredentialsException: Usu�rio inexistente ou senha inv�lida at org.springframework.security.authentication.dao.DaoAuthenticationProvider.additionalAuthenticationChecks(DaoAuthenticationProvider.java:79) at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:147) at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) at br.com.alura.forum.controller.AutenticacaoController.autenticar(AutenticacaoController.java:30) at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104) at java.base/java.lang.reflect.Method.invoke(Method.java:577) at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205) at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150) at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808) at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1067) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:963) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909) at javax.servlet.http.HttpServlet.service(HttpServlet.java:681) at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) at javax.servlet.http.HttpServlet.service(HttpServlet.java:764) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:327) at org.springframework.security.web.access.intercept.AuthorizationFilter.doFilterInternal(AuthorizationFilter.java:73) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)

solução!

por Mario Augusto Braga Costa

| 71.1k xp | 27 posts

01/07/2022

funcionou agora, era a senha que estava salva em BCrypt mesmo, salvei e agora foi! resolvido!

Chegou a hora de transformar