• Search by APIs
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• angular-rest-springsecurity-master
  • src
    • main
      • resources
        • log4j2.xml
        • context.xml
        • META-INF
          • persistence.xml
        • application.properties
      • java
        • net
          • dontdrinkandroot
            • example
              • angularrestspringsecurity
                • dao
                  • blogpost
                    • JpaBlogPostDao.java
                    • BlogPostDao.java
                  • user
                    • UserDao.java
                    • JpaUserDao.java
                  • JpaDao.java
                  • accesstoken
                    • AccessTokenDao.java
                    • JpaAccessTokenDao.java
                  • Dao.java
                  • DataBaseInitializer.java
                • entity
                  • AccessToken.java
                  • BlogPost.java
                  • Entity.java
                  • Role.java
                  • User.java
                • transfer
                  • TokenTransfer.java
                  • UserTransfer.java
                • service
                  • UserService.java
                  • DaoUserService.java
                • JsonViews.java
                • rest
                  • resources
                    • UserResource.java
                    • BlogPostResource.java
                  • UnauthorizedEntryPoint.java
                  • AuthenticationTokenProcessingFilter.java
      • webapp
        • fonts
          • glyphicons-halflings-regular.woff
          • glyphicons-halflings-regular.eot
          • glyphicons-halflings-regular.ttf
          • glyphicons-halflings-regular.svg
        • WEB-INF
          • web.xml
        • js
          • app.js
          • config.js
        • index.html
        • partials
          • edit.html
          • create.html
          • index.html
          • login.html
        • css
          • custom.css
  • pom.xml
  • LICENSE
  • .travis.yml
  • README.md
  • .gitignore

package net.dontdrinkandroot.example.angularrestspringsecurity.rest.resources;

import net.dontdrinkandroot.example.angularrestspringsecurity.entity.AccessToken;
import net.dontdrinkandroot.example.angularrestspringsecurity.entity.User;
import net.dontdrinkandroot.example.angularrestspringsecurity.service.UserService;
import net.dontdrinkandroot.example.angularrestspringsecurity.transfer.UserTransfer;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;

import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.util.HashMap;
import java.util.Map;

/**
 * @author Philip Washington Sorst <[email protected]>
 */
@Component
@Path("/user")
public class UserResource
{
    @Autowired
    private UserService userService;

    @Autowired
    @Qualifier("authenticationManager")
    private AuthenticationManager authManager;

    /**
     * Retrieves the currently logged in user.
     *
     * @return A transfer containing the username and the roles.
     */
    @GET
    @Produces(MediaType.APPLICATION_JSON)
    public UserTransfer getUser()
    {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        Object principal = authentication.getPrincipal();
        if (!(principal instanceof UserDetails)) {
            throw new WebApplicationException(Response.Status.UNAUTHORIZED);
        }
        UserDetails userDetails = (UserDetails) principal;

        return new UserTransfer(userDetails.getUsername(), this.createRoleMap(userDetails));
    }

    /**
     * Authenticates a user and creates an access token.
     *
     * @param username The name of the user.
     * @param password The password of the user.
     * @return The generated access token.
     */
    @Path("authenticate")
    @POST
    @Produces(MediaType.APPLICATION_JSON)
    public AccessToken authenticate(@FormParam("username") String username, @FormParam("password") String password)
    {
        UsernamePasswordAuthenticationToken authenticationToken =
                new UsernamePasswordAuthenticationToken(username, password);
        Authentication authentication = this.authManager.authenticate(authenticationToken);
        SecurityContextHolder.getContext().setAuthentication(authentication);

        Object principal = authentication.getPrincipal();
        if (!(principal instanceof User)) {
            throw new WebApplicationException(Response.Status.UNAUTHORIZED);
        }

        return this.userService.createAccessToken((User) principal);
    }

    private Map<String, Boolean> createRoleMap(UserDetails userDetails)
    {
        Map<String, Boolean> roles = new HashMap<>();
        for (GrantedAuthority authority : userDetails.getAuthorities()) {
            roles.put(authority.getAuthority(), Boolean.TRUE);
        }

        return roles;
    }
}