Configurado o Jwt

Author: jonatassantoszup

testeSantanderWay/pom.xml

@@ -53,6 +53,11 @@
 			<artifactId>spring-boot-starter-security</artifactId>
 		</dependency>
 
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt</artifactId>
+			<version>0.9.1</version>
+		</dependency>
 
 		<dependency>
 			<groupId>org.springframework.boot</groupId>

testeSantanderWay/src/main/java/br/com/testesantanderway/config/security/ConfigSeguranca.java

@@ -1,13 +1,16 @@
 package br.com.testesantanderway.config.security;
 
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
 @EnableWebSecurity
@@ -16,6 +19,12 @@ public class ConfigSeguranca extends WebSecurityConfigurerAdapter {
     @Autowired
     private AutenticacaoService autenticacaoService;
 
+    @Override
+    @Bean
+    protected AuthenticationManager authenticationManager() throws Exception{
+        return super.authenticationManager();
+    }
+
     //Autenticação
     @Override
     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
@@ -28,8 +37,14 @@ protected void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests()
                 .antMatchers(HttpMethod.GET,"/clientes").permitAll()
                 .antMatchers(HttpMethod.GET,"/clientes/*").permitAll()
+                .antMatchers(HttpMethod.POST,"/auth").permitAll()
+                .antMatchers(
+                        "/v2/api-docs", "/swagger-resources/**", "/swagger-ui.html", "/webjars/**",
+                        "/swagger.json")
+                .permitAll()
                 .anyRequest().authenticated()
-                .and().formLogin();
+                .and().csrf().disable()
+                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
     }
 
     //Recursos estáticos(js, css, img, etc.)

testeSantanderWay/src/main/java/br/com/testesantanderway/config/security/ServicoDeToken.java

@@ -0,0 +1,31 @@
+package br.com.testesantanderway.config.security;
+
+import br.com.testesantanderway.modelo.Cliente;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.core.Authentication;
+import org.springframework.stereotype.Service;
+
+import java.util.Date;
+
+@Service
+public class ServicoDeToken {
+    @Value("${testeSantanderWay.jwt.expiration}")
+    private String expiracao;
+    @Value("${testeSantanderWay.jwt.secret}")
+    private String secret;
+
+    public String gerarToken(Authentication authentication) {
+        Cliente clienteLogado = (Cliente) authentication.getPrincipal();
+        Date hoje = new Date();
+        Date dataExpiracao = new Date(hoje.getTime() + Long.parseLong(expiracao));
+
+        return Jwts.builder()
+                .setIssuer("Api teste way")
+                .setSubject(clienteLogado.getCodigoUsuario())
+                .setIssuedAt(hoje)
+                .setExpiration(dataExpiracao)
+                .signWith(SignatureAlgorithm.HS256, secret).compact();
+    }
+}

testeSantanderWay/src/main/java/br/com/testesantanderway/controller/AuthController.java

@@ -0,0 +1,40 @@
+package br.com.testesantanderway.controller;
+
+import br.com.testesantanderway.config.security.ServicoDeToken;
+import br.com.testesantanderway.controller.form.AuthForm;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.token.TokenService;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.validation.Valid;
+
+@RestController
+@RequestMapping("/auth")
+public class AuthController {
+    @Autowired
+    private AuthenticationManager authManager;
+    @Autowired
+    private ServicoDeToken servicoDeToken;
+
+    @PostMapping
+    public ResponseEntity<?> login(@RequestBody AuthForm form){
+        UsernamePasswordAuthenticationToken dadosLogin = form.converter();
+        try {
+            Authentication authentication = authManager.authenticate(dadosLogin);
+            String token = servicoDeToken.gerarToken(authentication);
+            System.out.println(token);
+            return ResponseEntity.ok().build();
+        } catch (AuthenticationException e){
+            return ResponseEntity.badRequest().build();
+        }
+
+    }
+}

testeSantanderWay/src/main/java/br/com/testesantanderway/controller/form/AuthForm.java

@@ -0,0 +1,32 @@
+package br.com.testesantanderway.controller.form;
+
+import org.hibernate.validator.constraints.Length;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+
+public class AuthForm {
+    private String email;
+    private String senha;
+
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    public String getSenha() {
+        return senha;
+    }
+
+    public void setSenha(String senha) {
+        this.senha = senha;
+    }
+
+    public UsernamePasswordAuthenticationToken converter() {
+        return new UsernamePasswordAuthenticationToken(email, senha);
+    }
+}

testeSantanderWay/src/main/resources/application.properties

@@ -1,2 +1,6 @@
 #Solr
-spring.data.solr.host=http://localhost:8983/solr
+spring.data.solr.host=http://localhost:8983/solr
+
+#JWT
+testeSantanderWay.jwt.secret=A+X;fTJP&Pd,TD9dwVq(hsHX,ya^<wsD_UK7L+@=S;{'CydP]{v@}G'b>et;yz$*yL5S8EJN:%P:X%H9>#nYLrX}@s?CQcpspH,2emzBc!Q[V'AYa~uzF8WR~AUrMzxp/V$9([S9X#zj/CH('#]B_Hc+%fGhe27YB;^j4Xk=Ju"Ap~_&<L;=!Z;!,2UP;!hF3P]j85#*`&T]/kB/W^6$v~u6qpejL>kY^f)sy4:qTq_Ec!-z!@aAp~sLKGU>$
+testeSantanderWay.jwt.expiration=1800000