diff --git a/src/main/java/io/security/corespringsecurity/aopsecurity/AopSecurityController.java b/src/main/java/io/security/corespringsecurity/aopsecurity/AopSecurityController.java deleted file mode 100644 index 7342dbb1..00000000 --- a/src/main/java/io/security/corespringsecurity/aopsecurity/AopSecurityController.java +++ /dev/null @@ -1,91 +0,0 @@ -package io.security.corespringsecurity.aopsecurity; - -import io.security.corespringsecurity.aopsecurity.method.AopMethodService; -import io.security.corespringsecurity.security.aop.CustomMethodSecurityInterceptor; -import io.security.corespringsecurity.security.processor.ProtectPointcutPostProcessor; -import io.security.corespringsecurity.aopsecurity.pointcut.AopPointcutService; -import io.security.corespringsecurity.aopsecurity.liveaop.AopLiveMethodService; -import lombok.extern.slf4j.Slf4j; -import org.springframework.aop.framework.ProxyFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext; -import org.springframework.security.access.ConfigAttribute; -import org.springframework.security.access.SecurityConfig; -import org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource; -import org.springframework.stereotype.Controller; -import org.springframework.util.ClassUtils; -import org.springframework.web.bind.annotation.GetMapping; - -import java.util.Arrays; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; -import java.util.concurrent.atomic.AtomicInteger; - -@Controller -@Slf4j -public class AopSecurityController { - - @Autowired - private ProtectPointcutPostProcessor protectPoitcutPostProcessor; - - @Autowired - MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource; - - @Autowired - private AopMethodService aopMethodService; - - @Autowired - private AopPointcutService aopPointcutService; - - @Autowired - private AopLiveMethodService aopLiveMethodService; - - @Autowired - AnnotationConfigServletWebServerApplicationContext applicationContext; - - @Autowired - CustomMethodSecurityInterceptor methodSecurityInterceptor; - - @GetMapping("/method") - public String methodTest(){ - aopMethodService.methodTest(); - return "method"; - } - - @GetMapping("/method2") - public String methodTest2(){ - log.debug(aopMethodService.getClass().getSimpleName()); - aopMethodService.methodTest2(aopMethodService); - return "method2"; - } - - @GetMapping("/method3") - public String methodTest3(){ - aopMethodService.methodTest3(); - return "method3"; - } - - @GetMapping("/aop1") - public String aopFirstService(){ - aopPointcutService.aopService(); - return "aop1"; - } - - @GetMapping("/liveaop") - public String liveAopService(){ - aopLiveMethodService.liveAopService(); - return "aop/liveaop"; - } - - @GetMapping("/addAop") - public void addPointcut(String fullName, String roleName) throws Exception { - - String expression = "execution(* io.security.corespringsecurity.aopsecurity.liveaop.*Service.*(..))"; - List attr = Arrays.asList(new SecurityConfig("ROLE_MANAGER")); - Map> pointcutMap = new LinkedHashMap<>(); - pointcutMap.put(expression,attr); - protectPoitcutPostProcessor.setPointcutMap(pointcutMap); - - } -} diff --git a/src/main/java/io/security/corespringsecurity/aopsecurity/liveaop/AopLiveMethodService.java b/src/main/java/io/security/corespringsecurity/aopsecurity/liveaop/AopLiveMethodService.java deleted file mode 100644 index 50300cba..00000000 --- a/src/main/java/io/security/corespringsecurity/aopsecurity/liveaop/AopLiveMethodService.java +++ /dev/null @@ -1,13 +0,0 @@ -package io.security.corespringsecurity.aopsecurity.liveaop; - -import lombok.extern.slf4j.Slf4j; -import org.springframework.stereotype.Service; - -@Service -@Slf4j -public class AopLiveMethodService { - - public void liveAopService(){ - log.debug("LiveAopFirstService"); - } -} diff --git a/src/main/java/io/security/corespringsecurity/aopsecurity/method/AopMethodService.java b/src/main/java/io/security/corespringsecurity/aopsecurity/method/AopMethodService.java deleted file mode 100644 index 5a03685f..00000000 --- a/src/main/java/io/security/corespringsecurity/aopsecurity/method/AopMethodService.java +++ /dev/null @@ -1,29 +0,0 @@ -package io.security.corespringsecurity.aopsecurity.method; - -import lombok.extern.slf4j.Slf4j; -import org.springframework.stereotype.Service; - -@Service -@Slf4j -public class AopMethodService { - - public void methodTest() { - log.debug("methodTest"); - } - - public void methodTest2(AopMethodService methodService) { - methodService.innerCallMethodTest(); - log.debug("methodTest2"); - } - - public void methodTest3() { - log.debug(this.getClass().getSimpleName()); - this.innerCallMethodTest(); - log.debug("methodTest2"); - } - - public void innerCallMethodTest() { - log.debug("innerCallMethodTest"); - } - -} diff --git a/src/main/java/io/security/corespringsecurity/aopsecurity/pointcut/AopPointcutService.java b/src/main/java/io/security/corespringsecurity/aopsecurity/pointcut/AopPointcutService.java deleted file mode 100644 index 6ce8cd09..00000000 --- a/src/main/java/io/security/corespringsecurity/aopsecurity/pointcut/AopPointcutService.java +++ /dev/null @@ -1,13 +0,0 @@ -package io.security.corespringsecurity.aopsecurity.pointcut; - -import lombok.extern.slf4j.Slf4j; -import org.springframework.stereotype.Service; - -@Service -@Slf4j -public class AopPointcutService { - - public void aopService(){ - log.debug("AopFirstService"); - } -} diff --git a/src/main/java/io/security/corespringsecurity/common/GlobalWebControllerAdvice.java b/src/main/java/io/security/corespringsecurity/common/GlobalWebControllerAdvice.java deleted file mode 100644 index d80bf615..00000000 --- a/src/main/java/io/security/corespringsecurity/common/GlobalWebControllerAdvice.java +++ /dev/null @@ -1,43 +0,0 @@ -package io.security.corespringsecurity.common; - -import lombok.extern.slf4j.Slf4j; -import org.springframework.http.HttpHeaders; -import org.springframework.http.HttpStatus; -import org.springframework.http.ResponseEntity; -import org.springframework.security.access.AccessDeniedException; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.ControllerAdvice; -import org.springframework.web.bind.annotation.ExceptionHandler; -import org.springframework.web.bind.annotation.ResponseStatus; -import org.springframework.web.multipart.MaxUploadSizeExceededException; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.sql.SQLException; - -@ControllerAdvice(annotations = Controller.class) -@Slf4j -public class GlobalWebControllerAdvice { - - @ExceptionHandler(MaxUploadSizeExceededException.class) - public ResponseEntity fileException(MaxUploadSizeExceededException e) { - return new ResponseEntity(e.getMessage(), new HttpHeaders(), HttpStatus.INTERNAL_SERVER_ERROR); - } - - @ExceptionHandler(SQLException.class) - public String sqlException(HttpServletRequest request, HttpServletResponse response, SQLException e) { - return e.toString(); - } - - @ExceptionHandler(AccessDeniedException.class) - @ResponseStatus(value = HttpStatus.INTERNAL_SERVER_ERROR) - public Exception accessDeniedException(HttpServletRequest request, Exception e) throws Exception{ - throw e; - } - - @ExceptionHandler(Throwable.class) - @ResponseStatus(value = HttpStatus.INTERNAL_SERVER_ERROR) - public String handleException(HttpServletRequest request, Exception e) { - return e.toString(); - } -} diff --git a/src/main/java/io/security/corespringsecurity/config/AppConfig.java b/src/main/java/io/security/corespringsecurity/config/AppConfig.java deleted file mode 100644 index 593b1d03..00000000 --- a/src/main/java/io/security/corespringsecurity/config/AppConfig.java +++ /dev/null @@ -1,29 +0,0 @@ -package io.security.corespringsecurity.config; - -import io.security.corespringsecurity.repository.AccessIpRepository; -import io.security.corespringsecurity.repository.ResourcesRepository; -import io.security.corespringsecurity.security.configs.MethodSecurityConfig; -import io.security.corespringsecurity.service.SecurityResourceService; -import io.security.corespringsecurity.service.impl.RoleHierarchyServiceImpl; -import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator; -import org.springframework.boot.autoconfigure.AutoConfigureBefore; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl; - -@Configuration -@AutoConfigureBefore({MethodSecurityConfig.class}) -public class AppConfig { - - @Bean - public SecurityResourceService securityResourceService(ResourcesRepository resourcesRepository, RoleHierarchyImpl roleHierarchy,RoleHierarchyServiceImpl roleHierarchyService, AccessIpRepository accessIpRepository/*, MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource, AnnotationConfigServletWebServerApplicationContext applicationContext, CustomMethodSecurityInterceptor methodSecurityInterceptor*/) { - SecurityResourceService SecurityResourceService = new SecurityResourceService(resourcesRepository, roleHierarchy, roleHierarchyService, accessIpRepository/*, mapBasedMethodSecurityMetadataSource, applicationContext, methodSecurityInterceptor*/); - return SecurityResourceService; - } - -// @Bean -// public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() { -// DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator(); -// return defaultAdvisorAutoProxyCreator; -// } -} diff --git a/src/main/java/io/security/corespringsecurity/controller/HomeController.java b/src/main/java/io/security/corespringsecurity/controller/HomeController.java index fbfc58d9..6a9933c2 100644 --- a/src/main/java/io/security/corespringsecurity/controller/HomeController.java +++ b/src/main/java/io/security/corespringsecurity/controller/HomeController.java @@ -1,25 +1,15 @@ package io.security.corespringsecurity.controller; -import io.security.corespringsecurity.security.authentication.services.UserDetailsServiceImpl; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; @Controller public class HomeController { - @Autowired - private UserDetailsServiceImpl userDetailsService; - @GetMapping(value="/") public String home() throws Exception { return "home"; } - @GetMapping(value="/login") - public String login() throws Exception { - return "login"; - } - } diff --git a/src/main/java/io/security/corespringsecurity/controller/admin/AdminController.java b/src/main/java/io/security/corespringsecurity/controller/admin/ConfigController.java similarity index 57% rename from src/main/java/io/security/corespringsecurity/controller/admin/AdminController.java rename to src/main/java/io/security/corespringsecurity/controller/admin/ConfigController.java index fe6cc88c..26d76b23 100644 --- a/src/main/java/io/security/corespringsecurity/controller/admin/AdminController.java +++ b/src/main/java/io/security/corespringsecurity/controller/admin/ConfigController.java @@ -1,15 +1,13 @@ package io.security.corespringsecurity.controller.admin; - import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; @Controller -public class AdminController { +public class ConfigController { - @GetMapping(value="/admin") - public String home() throws Exception { - return "admin/home"; + @GetMapping("/config") + public String config(){ + return "admin/config"; } - } diff --git a/src/main/java/io/security/corespringsecurity/controller/admin/ResourcesController.java b/src/main/java/io/security/corespringsecurity/controller/admin/ResourcesController.java deleted file mode 100644 index c33afb6d..00000000 --- a/src/main/java/io/security/corespringsecurity/controller/admin/ResourcesController.java +++ /dev/null @@ -1,95 +0,0 @@ -package io.security.corespringsecurity.controller.admin; - - -import io.security.corespringsecurity.domain.dto.ResourcesDto; -import io.security.corespringsecurity.domain.entity.Resources; -import io.security.corespringsecurity.domain.entity.Role; -import io.security.corespringsecurity.repository.RoleRepository; -import io.security.corespringsecurity.service.MethodSecurityService; -import io.security.corespringsecurity.service.ResourcesService; -import io.security.corespringsecurity.service.RoleService; -import io.security.corespringsecurity.service.SecurityResourceService; -import org.modelmapper.ModelMapper; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.PostMapping; - -import java.util.HashSet; -import java.util.List; -import java.util.Set; - -@Controller -public class ResourcesController { - - @Autowired - private ResourcesService resourcesService; - - @Autowired - private RoleRepository roleRepository; - - @Autowired - MethodSecurityService methodSecurityService; - - @Autowired - private RoleService roleService; - - @GetMapping(value="/admin/resources") - public String getResources(Model model) throws Exception { - - List resources = resourcesService.selectResources(); - model.addAttribute("resources", resources); - - return "admin/resource/list"; - } - - @PostMapping(value="/admin/resources") - public String createResources(ResourcesDto resourcesDto) throws Exception { - - ModelMapper modelMapper = new ModelMapper(); - Role role = roleRepository.findByRoleName(resourcesDto.getRoleName()); - Set roles = new HashSet<>(); - roles.add(role); - Resources resources = modelMapper.map(resourcesDto, Resources.class); - resources.setRoleSet(roles); - - resourcesService.insertResources(resources); - methodSecurityService.addMethodSecured(resourcesDto.getResourceName(),resourcesDto.getRoleName()); - - return "redirect:/admin/resources"; - } - - @GetMapping(value="/admin/resources/register") - public String viewRoles(Model model) throws Exception { - - List roleList = roleService.getRoles(); - model.addAttribute("roleList", roleList); - Resources resources = new Resources(); - model.addAttribute("resources", resources); - - return "admin/resource/detail"; - } - - @GetMapping(value="/admin/resources/{id}") - public String getResources(@PathVariable String id, Model model) throws Exception { - - List roleList = roleService.getRoles(); - model.addAttribute("roleList", roleList); - Resources resources = resourcesService.selectResources(Long.valueOf(id)); - model.addAttribute("resources", resources); - - return "admin/resource/detail"; - } - - @GetMapping(value="/admin/resources/delete/{id}") - public String removeResources(@PathVariable String id, Model model) throws Exception { - - Resources resources = resourcesService.selectResources(Long.valueOf(id)); - resourcesService.deleteResources(Long.valueOf(id)); - methodSecurityService.removeMethodSecured(resources.getResourceName()); - - return "redirect:/admin/resources"; - } -} diff --git a/src/main/java/io/security/corespringsecurity/controller/admin/RoleController.java b/src/main/java/io/security/corespringsecurity/controller/admin/RoleController.java deleted file mode 100644 index be02923b..00000000 --- a/src/main/java/io/security/corespringsecurity/controller/admin/RoleController.java +++ /dev/null @@ -1,52 +0,0 @@ -package io.security.corespringsecurity.controller.admin; - -import io.security.corespringsecurity.domain.dto.RoleDto; -import io.security.corespringsecurity.domain.entity.Role; -import io.security.corespringsecurity.service.RoleService; -import org.modelmapper.ModelMapper; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.PostMapping; - -import java.util.List; - -@Controller -public class RoleController { - - @Autowired - private RoleService roleService; - - @GetMapping(value="/admin/roles") - public String getRoles(Model model) throws Exception { - List roles = roleService.getRoles(); - model.addAttribute("roles", roles); - return "admin/role/list"; - } - - @GetMapping(value="/admin/roles/register") - public String viewRoles(Model model) throws Exception { - Role role = new Role(); - model.addAttribute("role", role); - return "admin/role/detail"; - } - - @PostMapping(value="/admin/roles") - public String createRole(RoleDto roleDto) throws Exception { - - ModelMapper modelMapper = new ModelMapper(); - Role role = modelMapper.map(roleDto, Role.class); - roleService.createRole(role); - - return "redirect:/admin/roles"; - } - - @GetMapping(value="/admin/roles/{id}") - public String getRole(@PathVariable String id, Model model) throws Exception { - Role role = roleService.getRole(Long.valueOf(id)); - model.addAttribute("role", role); - return "admin/role/detail"; - } -} diff --git a/src/main/java/io/security/corespringsecurity/controller/admin/UserManagerController.java b/src/main/java/io/security/corespringsecurity/controller/admin/UserManagerController.java deleted file mode 100644 index 78b84c59..00000000 --- a/src/main/java/io/security/corespringsecurity/controller/admin/UserManagerController.java +++ /dev/null @@ -1,62 +0,0 @@ -package io.security.corespringsecurity.controller.admin; - - -import io.security.corespringsecurity.domain.dto.UserDto; -import io.security.corespringsecurity.domain.entity.Role; -import io.security.corespringsecurity.domain.entity.User; -import io.security.corespringsecurity.service.RoleService; -import io.security.corespringsecurity.service.UserService; -import org.modelmapper.ModelMapper; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.PostMapping; - -import java.util.List; - -@Controller -public class UserManagerController { - - @Autowired - private UserService userService; - - @Autowired - private RoleService roleService; - - @GetMapping(value="/admin/users") - public String getUsers(Model model) throws Exception { - List users = userService.getUsers(); - model.addAttribute("users", users); - return "admin/user/list"; - } - - @PostMapping(value="/admin/users") - public String createUser(UserDto userDto) throws Exception { - - ModelMapper modelMapper = new ModelMapper(); - User user = modelMapper.map(userDto, User.class); - userService.createUser(user); - - return "redirect:/admin/users"; - } - - @GetMapping(value = "/admin/users/{id}") - public String getUser(@PathVariable(value = "id") Long id, Model model) { - UserDto userDto = userService.getUser(id); - List roleList = roleService.getRoles(); - - model.addAttribute("act", (id > 0)? "modify":"add"); - model.addAttribute("user", userDto); - model.addAttribute("roleList", roleList); - - return "admin/user/detail"; - } - - @GetMapping(value = "/admin/users/delete/{id}") - public String removeUser(@PathVariable(value = "id") Long id, Model model) { - userService.deleteUser(id); - return "redirect:/admin/users"; - } -} diff --git a/src/main/java/io/security/corespringsecurity/controller/login/LoginController.java b/src/main/java/io/security/corespringsecurity/controller/login/LoginController.java deleted file mode 100644 index aafd8e8e..00000000 --- a/src/main/java/io/security/corespringsecurity/controller/login/LoginController.java +++ /dev/null @@ -1,28 +0,0 @@ -package io.security.corespringsecurity.controller.login; - - -import io.security.corespringsecurity.domain.dto.UserDto; -import io.security.corespringsecurity.domain.entity.User; -import io.security.corespringsecurity.service.RoleService; -import io.security.corespringsecurity.service.UserService; -import org.modelmapper.ModelMapper; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PostMapping; - -@Controller -public class LoginController { - - @Autowired - private UserService userService; - - @Autowired - private RoleService roleService; - - @GetMapping(value="/denied") - public String accessDenied() throws Exception { - - return "user/login/denied"; - } -} diff --git a/src/main/java/io/security/corespringsecurity/controller/user/MessageController.java b/src/main/java/io/security/corespringsecurity/controller/user/MessageController.java new file mode 100644 index 00000000..989f4626 --- /dev/null +++ b/src/main/java/io/security/corespringsecurity/controller/user/MessageController.java @@ -0,0 +1,15 @@ +package io.security.corespringsecurity.controller.user; + + +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.GetMapping; + +@Controller +public class MessageController { + + @GetMapping(value="/messages") + public String mypage() throws Exception { + + return "user/messages"; + } +} diff --git a/src/main/java/io/security/corespringsecurity/controller/user/UserController.java b/src/main/java/io/security/corespringsecurity/controller/user/UserController.java index 1d4d33a1..9b90c7be 100644 --- a/src/main/java/io/security/corespringsecurity/controller/user/UserController.java +++ b/src/main/java/io/security/corespringsecurity/controller/user/UserController.java @@ -1,12 +1,6 @@ package io.security.corespringsecurity.controller.user; -import io.security.corespringsecurity.domain.dto.UserDto; -import io.security.corespringsecurity.domain.entity.User; -import io.security.corespringsecurity.service.RoleService; -import io.security.corespringsecurity.service.UserService; -import org.modelmapper.ModelMapper; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; @@ -14,25 +8,9 @@ @Controller public class UserController { - @Autowired - private UserService userService; + @GetMapping(value="/mypage") + public String myPage() throws Exception { - @Autowired - private RoleService roleService; - - @GetMapping(value="/users") - public String createUser() throws Exception { - - return "user/login/register"; - } - - @PostMapping(value="/users") - public String createUser(UserDto userDto) throws Exception { - - ModelMapper modelMapper = new ModelMapper(); - User user = modelMapper.map(userDto, User.class); - userService.createUser(user); - - return "redirect:/"; + return "user/mypage"; } } diff --git a/src/main/java/io/security/corespringsecurity/domain/dto/AccessIpDto.java b/src/main/java/io/security/corespringsecurity/domain/dto/AccessIpDto.java deleted file mode 100644 index 610e0eb5..00000000 --- a/src/main/java/io/security/corespringsecurity/domain/dto/AccessIpDto.java +++ /dev/null @@ -1,18 +0,0 @@ -package io.security.corespringsecurity.domain.dto; - -import lombok.*; -import org.springframework.data.jpa.domain.support.AuditingEntityListener; - -import javax.persistence.*; -import java.io.Serializable; - -@Data -@Builder -@NoArgsConstructor -@AllArgsConstructor -public class AccessIpDto{ - - private Long id; - private String ipAddress; - -} diff --git a/src/main/java/io/security/corespringsecurity/domain/dto/ResourcesDto.java b/src/main/java/io/security/corespringsecurity/domain/dto/ResourcesDto.java deleted file mode 100644 index 4f15ae8e..00000000 --- a/src/main/java/io/security/corespringsecurity/domain/dto/ResourcesDto.java +++ /dev/null @@ -1,20 +0,0 @@ -package io.security.corespringsecurity.domain.dto; - -import lombok.AllArgsConstructor; -import lombok.Builder; -import lombok.Data; -import lombok.NoArgsConstructor; - -@Data -@Builder -@NoArgsConstructor -@AllArgsConstructor -public class ResourcesDto{ - - private String resourceName; - private String httpMethod; - private int orderNum; - private String resourceType; - private String roleName; - -} diff --git a/src/main/java/io/security/corespringsecurity/domain/dto/RoleDto.java b/src/main/java/io/security/corespringsecurity/domain/dto/RoleDto.java deleted file mode 100644 index 70a5523b..00000000 --- a/src/main/java/io/security/corespringsecurity/domain/dto/RoleDto.java +++ /dev/null @@ -1,22 +0,0 @@ - -package io.security.corespringsecurity.domain.dto; - -import lombok.AllArgsConstructor; -import lombok.Builder; -import lombok.Data; -import lombok.NoArgsConstructor; - -import java.io.Serializable; - -@Data -@Builder -@NoArgsConstructor -@AllArgsConstructor -public class RoleDto{ - - private String roleName; - private String roleDesc; - -} - - diff --git a/src/main/java/io/security/corespringsecurity/domain/dto/UserDto.java b/src/main/java/io/security/corespringsecurity/domain/dto/UserDto.java deleted file mode 100644 index 8ecb8e12..00000000 --- a/src/main/java/io/security/corespringsecurity/domain/dto/UserDto.java +++ /dev/null @@ -1,25 +0,0 @@ -package io.security.corespringsecurity.domain.dto; - -import io.security.corespringsecurity.domain.entity.Role; -import lombok.AllArgsConstructor; -import lombok.Builder; -import lombok.Data; -import lombok.NoArgsConstructor; - -import java.util.List; -import java.util.Set; - -@Data -@Builder -@NoArgsConstructor -@AllArgsConstructor -public class UserDto { - - private String username; - private String email; - private int age; - private String password; - private List roles; -} - - diff --git a/src/main/java/io/security/corespringsecurity/domain/entity/AccessIp.java b/src/main/java/io/security/corespringsecurity/domain/entity/AccessIp.java deleted file mode 100644 index ee4f87c8..00000000 --- a/src/main/java/io/security/corespringsecurity/domain/entity/AccessIp.java +++ /dev/null @@ -1,27 +0,0 @@ -package io.security.corespringsecurity.domain.entity; - -import lombok.*; -import org.springframework.data.jpa.domain.support.AuditingEntityListener; - -import javax.persistence.*; -import java.io.Serializable; - -@Entity -@Table(name = "ACCESS_IP") -@Data -@EntityListeners(value = { AuditingEntityListener.class}) -@EqualsAndHashCode(of = "id") -@Builder -@NoArgsConstructor -@AllArgsConstructor -public class AccessIp implements Serializable { - - @Id - @GeneratedValue - @Column(name = "IP_ID", unique = true, nullable = false) - private Long id; - - @Column(name = "IP_ADDRESS", nullable = false) - private String ipAddress; - -} diff --git a/src/main/java/io/security/corespringsecurity/domain/entity/PersistentLogin.java b/src/main/java/io/security/corespringsecurity/domain/entity/PersistentLogin.java deleted file mode 100644 index 9d74d24a..00000000 --- a/src/main/java/io/security/corespringsecurity/domain/entity/PersistentLogin.java +++ /dev/null @@ -1,41 +0,0 @@ -package io.security.corespringsecurity.domain.entity; - -import lombok.Getter; -import lombok.NoArgsConstructor; -import lombok.Setter; -import lombok.ToString; -import org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken; - -import javax.persistence.Entity; -import javax.persistence.Id; -import javax.persistence.Table; -import java.io.Serializable; -import java.util.Date; - -@Entity -@Table(name = "PERSISTENT_LOGINS") -@Getter -@Setter -@ToString -@NoArgsConstructor -public class PersistentLogin implements Serializable { - - - @Id - private String series; - - private String username; - private String token; - private Date lastUsed; - - public PersistentLogin(PersistentRememberMeToken token){ - this.series = token.getSeries(); - this.username = token.getUsername(); - this.token = token.getTokenValue(); - this.lastUsed = token.getDate(); - } - - private static final long serialVersionUID = 8433999509932007961L; - - -} diff --git a/src/main/java/io/security/corespringsecurity/domain/entity/Resources.java b/src/main/java/io/security/corespringsecurity/domain/entity/Resources.java deleted file mode 100644 index 4692646d..00000000 --- a/src/main/java/io/security/corespringsecurity/domain/entity/Resources.java +++ /dev/null @@ -1,44 +0,0 @@ -package io.security.corespringsecurity.domain.entity; - -import lombok.*; -import org.springframework.data.jpa.domain.support.AuditingEntityListener; - -import javax.persistence.*; -import java.io.Serializable; -import java.util.HashSet; -import java.util.Set; - -@Entity -@Table(name = "RESOURCES") -@Data -@ToString(exclude = {"roleSet"}) -@EntityListeners(value = { AuditingEntityListener.class }) -@EqualsAndHashCode(of = "id") -@Builder -@NoArgsConstructor -@AllArgsConstructor -public class Resources implements Serializable { - - @Id - @GeneratedValue - @Column - private Long id; - - @Column(name = "resource_name") - private String resourceName; - - @Column(name = "http_method") - private String httpMethod; - - @Column(name = "order_num") - private int orderNum; - - @Column(name = "resource_type") - private String resourceType; - - @ManyToMany(fetch = FetchType.LAZY) - @JoinTable(name = "role_resources", joinColumns = { - @JoinColumn(name = "resource_id") }, inverseJoinColumns = { @JoinColumn(name = "role_id") }) - private Set roleSet = new HashSet<>(); - -} diff --git a/src/main/java/io/security/corespringsecurity/domain/entity/Role.java b/src/main/java/io/security/corespringsecurity/domain/entity/Role.java deleted file mode 100644 index 336f51d1..00000000 --- a/src/main/java/io/security/corespringsecurity/domain/entity/Role.java +++ /dev/null @@ -1,43 +0,0 @@ - -package io.security.corespringsecurity.domain.entity; - -import lombok.*; - -import javax.persistence.*; -import java.io.Serializable; -import java.util.HashSet; -import java.util.LinkedHashSet; -import java.util.Set; - -@Entity -@Table(name = "ROLE") -@Getter -@Setter -@ToString(exclude = {"users","resourcesSet"}) -@Builder -@NoArgsConstructor -@AllArgsConstructor -@EqualsAndHashCode(of = "id") -public class Role implements Serializable { - - @Id - @GeneratedValue - @Column(name = "role_id") - private Long id; - - @Column(name = "role_name") - private String roleName; - - @Column(name = "role_desc") - private String roleDesc; - - @ManyToMany(fetch = FetchType.LAZY, mappedBy = "roleSet") - @OrderBy("ordernum desc") - private Set resourcesSet = new LinkedHashSet<>(); - - @ManyToMany(fetch = FetchType.LAZY, mappedBy = "userRoles") - private Set users = new HashSet<>(); - -} - - diff --git a/src/main/java/io/security/corespringsecurity/domain/entity/RoleHierarchy.java b/src/main/java/io/security/corespringsecurity/domain/entity/RoleHierarchy.java deleted file mode 100644 index 3fa62b8c..00000000 --- a/src/main/java/io/security/corespringsecurity/domain/entity/RoleHierarchy.java +++ /dev/null @@ -1,36 +0,0 @@ -package io.security.corespringsecurity.domain.entity; - -import com.fasterxml.jackson.annotation.JsonIdentityInfo; -import com.fasterxml.jackson.annotation.ObjectIdGenerators; -import lombok.*; - -import javax.persistence.*; -import java.io.Serializable; -import java.util.HashSet; -import java.util.Set; - -@Entity -@Table(name="ROLE_HIERARCHY") -@Getter -@Setter -@AllArgsConstructor -@NoArgsConstructor -@Builder -@ToString(exclude = {"parentName", "roleHierarchy"}) -@JsonIdentityInfo(generator = ObjectIdGenerators.IntSequenceGenerator.class) -public class RoleHierarchy implements Serializable { - - @Id - @GeneratedValue - private Long id; - - @Column(name = "child_name") - private String childName; - - @ManyToOne(cascade = {CascadeType.ALL},fetch = FetchType.LAZY) - @JoinColumn(name = "parent_name", referencedColumnName = "child_name") - private RoleHierarchy parentName; - - @OneToMany(mappedBy = "parentName", cascade={CascadeType.ALL}) - private Set roleHierarchy = new HashSet(); -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/domain/entity/User.java b/src/main/java/io/security/corespringsecurity/domain/entity/User.java deleted file mode 100644 index 989fcc70..00000000 --- a/src/main/java/io/security/corespringsecurity/domain/entity/User.java +++ /dev/null @@ -1,42 +0,0 @@ -package io.security.corespringsecurity.domain.entity; - -import lombok.*; - -import javax.persistence.*; -import java.io.Serializable; -import java.util.HashSet; -import java.util.Set; - -@Entity -@Table(name = "users") -@Data -@ToString(exclude = {"userRoles"}) -@Builder -@EqualsAndHashCode(of = "id") -@NoArgsConstructor -@AllArgsConstructor -public class User implements Serializable { - - @Id - @GeneratedValue - private Long id; - - @Column - private String username; - - @Column - private String email; - - @Column - private int age; - - @Column - private String password; - - @ManyToMany(fetch = FetchType.LAZY, cascade={CascadeType.ALL}) - @JoinTable(name = "user_roles", joinColumns = { @JoinColumn(name = "user_id") }, inverseJoinColumns = { - @JoinColumn(name = "role_id") }) - private Set userRoles = new HashSet<>(); -} - - diff --git a/src/main/java/io/security/corespringsecurity/repository/AccessIpRepository.java b/src/main/java/io/security/corespringsecurity/repository/AccessIpRepository.java deleted file mode 100644 index 85312901..00000000 --- a/src/main/java/io/security/corespringsecurity/repository/AccessIpRepository.java +++ /dev/null @@ -1,11 +0,0 @@ -package io.security.corespringsecurity.repository; - - -import io.security.corespringsecurity.domain.entity.AccessIp; -import org.springframework.data.jpa.repository.JpaRepository; - -public interface AccessIpRepository extends JpaRepository { - - AccessIp findByIpAddress(String IpAddress); - -} diff --git a/src/main/java/io/security/corespringsecurity/repository/JpaPersistentTokenRepository.java b/src/main/java/io/security/corespringsecurity/repository/JpaPersistentTokenRepository.java deleted file mode 100644 index 24b0d6ec..00000000 --- a/src/main/java/io/security/corespringsecurity/repository/JpaPersistentTokenRepository.java +++ /dev/null @@ -1,49 +0,0 @@ -package io.security.corespringsecurity.repository; - -import io.security.corespringsecurity.domain.entity.PersistentLogin; -import org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken; -import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository; - -import java.util.Date; -import java.util.List; - -public class JpaPersistentTokenRepository implements PersistentTokenRepository { - - private final RememberMeTokenRepository rememberMeTokenRepository; - - public JpaPersistentTokenRepository(RememberMeTokenRepository rememberMeTokenRepository) { - this.rememberMeTokenRepository = rememberMeTokenRepository; - } - - @Override - public void createNewToken(PersistentRememberMeToken token) { - PersistentLogin newToken = new PersistentLogin(token); - this.rememberMeTokenRepository.save(newToken); - } - - @Override - public void updateToken(String series, String tokenValue, Date lastUsed) { - PersistentLogin token = this.rememberMeTokenRepository.findBySeries(series); - if (token != null) { - token.setToken(tokenValue); - token.setLastUsed(lastUsed); - this.rememberMeTokenRepository.save(token); - } - } - - @Override - public PersistentRememberMeToken getTokenForSeries(String seriesId) { - PersistentLogin token = this.rememberMeTokenRepository.findBySeries(seriesId); - return new PersistentRememberMeToken(token.getUsername(), - token.getSeries(), - token.getToken(), - token.getLastUsed()); - } - - @Override - public void removeUserTokens(String username) { - List tokens = this.rememberMeTokenRepository.findByUsername(username); - this.rememberMeTokenRepository.deleteAll(tokens); - } - -} diff --git a/src/main/java/io/security/corespringsecurity/repository/JpaTokenRepositoryCleaner.java b/src/main/java/io/security/corespringsecurity/repository/JpaTokenRepositoryCleaner.java deleted file mode 100644 index b4365e2f..00000000 --- a/src/main/java/io/security/corespringsecurity/repository/JpaTokenRepositoryCleaner.java +++ /dev/null @@ -1,42 +0,0 @@ -package io.security.corespringsecurity.repository; - -import io.security.corespringsecurity.domain.entity.PersistentLogin; -import lombok.extern.slf4j.Slf4j; - -import java.util.Date; - -@Slf4j -public class JpaTokenRepositoryCleaner implements Runnable { - - private final RememberMeTokenRepository rememberMeTokenRepository; - - private final long tokenValidityInMs; - - - public JpaTokenRepositoryCleaner(RememberMeTokenRepository rememberMeTokenRepository, long tokenValidityInMs) { - if (rememberMeTokenRepository == null) { - throw new IllegalArgumentException("jdbcOperations cannot be null"); - } - if (tokenValidityInMs < 1) { - throw new IllegalArgumentException("tokenValidityInMs must be greater than 0. Got " + tokenValidityInMs); - } - this.rememberMeTokenRepository = rememberMeTokenRepository; - this.tokenValidityInMs = tokenValidityInMs; - } - - public void run() { - long expiredInMs = System.currentTimeMillis() - tokenValidityInMs; - - log.info("Searching for persistent logins older than {}ms", tokenValidityInMs); - - try { - Iterable expired = rememberMeTokenRepository.findByLastUsedAfter(new Date(expiredInMs)); - for(PersistentLogin pl: expired){ - log.info("*** Removing persistent login for {} ***", pl.getUsername()); - rememberMeTokenRepository.delete(pl); - } - } catch(Throwable t) { - log.error("**** Could not clean up expired persistent remember me tokens. ***", t); - } - } -} diff --git a/src/main/java/io/security/corespringsecurity/repository/RememberMeTokenRepository.java b/src/main/java/io/security/corespringsecurity/repository/RememberMeTokenRepository.java deleted file mode 100644 index 3ab5592b..00000000 --- a/src/main/java/io/security/corespringsecurity/repository/RememberMeTokenRepository.java +++ /dev/null @@ -1,16 +0,0 @@ -package io.security.corespringsecurity.repository; - - -import io.security.corespringsecurity.domain.entity.PersistentLogin; -import org.springframework.data.jpa.repository.JpaRepository; - -import java.util.Date; -import java.util.List; - -public interface RememberMeTokenRepository extends JpaRepository { - - PersistentLogin findBySeries(String series); - List findByUsername(String username); - Iterable findByLastUsedAfter(Date expiration); - -} diff --git a/src/main/java/io/security/corespringsecurity/repository/ResourcesRepository.java b/src/main/java/io/security/corespringsecurity/repository/ResourcesRepository.java deleted file mode 100644 index c18ea51d..00000000 --- a/src/main/java/io/security/corespringsecurity/repository/ResourcesRepository.java +++ /dev/null @@ -1,21 +0,0 @@ -package io.security.corespringsecurity.repository; - -import io.security.corespringsecurity.domain.entity.Resources; -import org.springframework.data.jpa.repository.JpaRepository; -import org.springframework.data.jpa.repository.Query; - -import java.util.List; - -public interface ResourcesRepository extends JpaRepository { - - Resources findByResourceNameAndHttpMethod(String resourceName, String httpMethod); - - @Query("select r from Resources r join fetch r.roleSet where r.resourceType = 'url' order by r.orderNum desc") - List findAllResources(); - - @Query("select r from Resources r join fetch r.roleSet where r.resourceType = 'method' order by r.orderNum desc") - List findAllMethodResources(); - - @Query("select r from Resources r join fetch r.roleSet where r.resourceType = 'pointcut' order by r.orderNum desc") - List findAllPointcutResources(); -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/repository/RoleHierarchyRepository.java b/src/main/java/io/security/corespringsecurity/repository/RoleHierarchyRepository.java deleted file mode 100644 index 2a286f48..00000000 --- a/src/main/java/io/security/corespringsecurity/repository/RoleHierarchyRepository.java +++ /dev/null @@ -1,10 +0,0 @@ -package io.security.corespringsecurity.repository; - - -import io.security.corespringsecurity.domain.entity.RoleHierarchy; -import org.springframework.data.jpa.repository.JpaRepository; - -public interface RoleHierarchyRepository extends JpaRepository { - - RoleHierarchy findByChildName(String roleName); -} diff --git a/src/main/java/io/security/corespringsecurity/repository/RoleRepository.java b/src/main/java/io/security/corespringsecurity/repository/RoleRepository.java deleted file mode 100644 index f78e6519..00000000 --- a/src/main/java/io/security/corespringsecurity/repository/RoleRepository.java +++ /dev/null @@ -1,14 +0,0 @@ -package io.security.corespringsecurity.repository; - - -import io.security.corespringsecurity.domain.entity.Role; -import org.springframework.data.jpa.repository.JpaRepository; - -public interface RoleRepository extends JpaRepository { - - Role findByRoleName(String name); - - @Override - void delete(Role role); - -} diff --git a/src/main/java/io/security/corespringsecurity/repository/UserRepository.java b/src/main/java/io/security/corespringsecurity/repository/UserRepository.java deleted file mode 100644 index f62ba41e..00000000 --- a/src/main/java/io/security/corespringsecurity/repository/UserRepository.java +++ /dev/null @@ -1,15 +0,0 @@ -package io.security.corespringsecurity.repository; - -import io.security.corespringsecurity.domain.entity.User; -import org.springframework.data.jpa.repository.JpaRepository; - -public interface UserRepository extends JpaRepository { - - User findByUsername(String username); - - int countByUsername(String username); - - @Override - void delete(User user); - -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/security/aop/CustomMethodSecurityInterceptor.java b/src/main/java/io/security/corespringsecurity/security/aop/CustomMethodSecurityInterceptor.java deleted file mode 100644 index 4e38842f..00000000 --- a/src/main/java/io/security/corespringsecurity/security/aop/CustomMethodSecurityInterceptor.java +++ /dev/null @@ -1,43 +0,0 @@ -package io.security.corespringsecurity.security.aop; - -import org.springframework.security.access.SecurityMetadataSource; -import org.springframework.security.access.intercept.AbstractSecurityInterceptor; -import org.springframework.security.access.intercept.InterceptorStatusToken; -import org.springframework.security.access.method.MethodSecurityMetadataSource; - -import org.aopalliance.intercept.MethodInterceptor; -import org.aopalliance.intercept.MethodInvocation; - -public class CustomMethodSecurityInterceptor extends AbstractSecurityInterceptor implements - MethodInterceptor { - private MethodSecurityMetadataSource securityMetadataSource; - - public Class getSecureObjectClass() { - return MethodInvocation.class; - } - - public Object invoke(MethodInvocation mi) throws Throwable { - InterceptorStatusToken token = super.beforeInvocation(mi); - - Object result; - try { - result = mi.proceed(); - } - finally { - super.finallyInvocation(token); - } - return super.afterInvocation(token, result); - } - - public MethodSecurityMetadataSource getSecurityMetadataSource() { - return this.securityMetadataSource; - } - - public SecurityMetadataSource obtainSecurityMetadataSource() { - return this.securityMetadataSource; - } - - public void setSecurityMetadataSource(MethodSecurityMetadataSource newSource) { - this.securityMetadataSource = newSource; - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/authentication/handler/AjaxAuthenticationFailureHandler.java b/src/main/java/io/security/corespringsecurity/security/authentication/handler/AjaxAuthenticationFailureHandler.java deleted file mode 100644 index c90f9310..00000000 --- a/src/main/java/io/security/corespringsecurity/security/authentication/handler/AjaxAuthenticationFailureHandler.java +++ /dev/null @@ -1,42 +0,0 @@ -package io.security.corespringsecurity.security.authentication.handler; - -import com.fasterxml.jackson.databind.ObjectMapper; -import io.security.corespringsecurity.security.exception.AuthMethodNotSupportedException; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.HttpStatus; -import org.springframework.http.MediaType; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.web.authentication.AuthenticationFailureHandler; -import org.springframework.stereotype.Component; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -@Component("ajaxAuthenticationFailureHandler") -public class AjaxAuthenticationFailureHandler implements AuthenticationFailureHandler { - private final ObjectMapper mapper; - - @Autowired - public AjaxAuthenticationFailureHandler(ObjectMapper mapper) { - this.mapper = mapper; - } - - @Override - public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, - AuthenticationException e) throws IOException, ServletException { - - response.setStatus(HttpStatus.UNAUTHORIZED.value()); - response.setContentType(MediaType.APPLICATION_JSON_VALUE); - - if (e instanceof BadCredentialsException) { - mapper.writeValue(response.getWriter(), "Invalid username or password"); - } else if (e instanceof AuthMethodNotSupportedException) { - mapper.writeValue(response.getWriter(), e.getMessage()); - } - - mapper.writeValue(response.getWriter(), "Authentication failed"); - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/authentication/handler/AjaxAuthenticationSuccessHandler.java b/src/main/java/io/security/corespringsecurity/security/authentication/handler/AjaxAuthenticationSuccessHandler.java deleted file mode 100644 index ae308854..00000000 --- a/src/main/java/io/security/corespringsecurity/security/authentication/handler/AjaxAuthenticationSuccessHandler.java +++ /dev/null @@ -1,49 +0,0 @@ -package io.security.corespringsecurity.security.authentication.handler; - -import com.fasterxml.jackson.databind.ObjectMapper; -import io.security.corespringsecurity.security.domain.UserDto; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.HttpStatus; -import org.springframework.http.MediaType; -import org.springframework.security.core.Authentication; -import org.springframework.security.web.WebAttributes; -import org.springframework.security.web.authentication.AuthenticationSuccessHandler; -import org.springframework.stereotype.Component; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import java.io.IOException; - -@Component("ajaxAuthenticationSuccessHandler") -public class AjaxAuthenticationSuccessHandler implements AuthenticationSuccessHandler { - - private final ObjectMapper mapper; - - @Autowired - public AjaxAuthenticationSuccessHandler(final ObjectMapper mapper) { - this.mapper = mapper; - } - - @Override - public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, - Authentication authentication) throws IOException, ServletException { - UserDto userDto = (UserDto) authentication.getPrincipal(); - response.setStatus(HttpStatus.OK.value()); - response.setContentType(MediaType.APPLICATION_JSON_VALUE); - mapper.writeValue(response.getWriter(), userDto); - - clearAuthenticationAttributes(request); - } - - protected final void clearAuthenticationAttributes(HttpServletRequest request) { - HttpSession session = request.getSession(false); - - if (session == null) { - return; - } - - session.removeAttribute(WebAttributes.AUTHENTICATION_EXCEPTION); - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/authentication/handler/CommonAccessDeniedHandler.java b/src/main/java/io/security/corespringsecurity/security/authentication/handler/CommonAccessDeniedHandler.java deleted file mode 100644 index a81e5e1f..00000000 --- a/src/main/java/io/security/corespringsecurity/security/authentication/handler/CommonAccessDeniedHandler.java +++ /dev/null @@ -1,61 +0,0 @@ -package io.security.corespringsecurity.security.authentication.handler; - -import org.springframework.security.access.AccessDeniedException; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.web.DefaultRedirectStrategy; -import org.springframework.security.web.RedirectStrategy; -import org.springframework.security.web.access.AccessDeniedHandler; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -public class CommonAccessDeniedHandler implements AccessDeniedHandler { - - private String errorPage; - - private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); - - @Override - public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { - - // Ajax를 통해 들어온것인지 파악한다 - String ajaxHeader = request.getHeader("X-Ajax-call"); - String result = ""; - - response.setStatus(HttpServletResponse.SC_FORBIDDEN); - response.setCharacterEncoding("UTF-8"); - - if(ajaxHeader == null){ // null로 받은 경우는 X-Ajax-call 헤더 변수가 없다는 의미이기 때문에 ajax가 아닌 일반적인 방법으로 접근했음을 의미한다 - Authentication auth = SecurityContextHolder.getContext().getAuthentication(); - Object principal = auth.getPrincipal(); - if (principal instanceof UserDetails) { - String username = ((UserDetails) principal).getUsername(); - request.setAttribute("username", username); - } - request.setAttribute("errormsg", accessDeniedException); - redirectStrategy.sendRedirect(request, response, errorPage); - - }else{ - if("true".equals(ajaxHeader)){ // true로 값을 받았다는 것은 ajax로 접근했음을 의미한다 - result = "{\"result\" : \"fail\", \"message\" : \"" + accessDeniedException.getMessage() + "\"}"; - }else{ // 헤더 변수는 있으나 값이 틀린 경우이므로 헤더값이 틀렸다는 의미로 돌려준다 - result = "{\"result\" : \"fail\", \"message\" : \"Access Denied(Header Value Mismatch)\"}"; - } - response.getWriter().print(result); - response.getWriter().flush(); - } - } - - public void setErrorPage(String errorPage) { - if ((errorPage != null) && !errorPage.startsWith("/")) { - throw new IllegalArgumentException("errorPage must begin with '/'"); - } - - this.errorPage = errorPage; - } - -} diff --git a/src/main/java/io/security/corespringsecurity/security/authentication/handler/CommonLogoutSuccessHandler.java b/src/main/java/io/security/corespringsecurity/security/authentication/handler/CommonLogoutSuccessHandler.java deleted file mode 100644 index 101ffc35..00000000 --- a/src/main/java/io/security/corespringsecurity/security/authentication/handler/CommonLogoutSuccessHandler.java +++ /dev/null @@ -1,26 +0,0 @@ -package io.security.corespringsecurity.security.authentication.handler; - -import org.springframework.security.core.Authentication; -import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; -import org.springframework.stereotype.Component; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import java.io.IOException; - -@Component("logoutSuccessHandler") -public class CommonLogoutSuccessHandler implements LogoutSuccessHandler { - - @Override - public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { - final HttpSession session = request.getSession(); - if (session != null) { - session.removeAttribute("user"); - session.invalidate(); - } - - response.sendRedirect("/"); - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/authentication/handler/FormAuthenticationFailureHandler.java b/src/main/java/io/security/corespringsecurity/security/authentication/handler/FormAuthenticationFailureHandler.java deleted file mode 100644 index ab81946a..00000000 --- a/src/main/java/io/security/corespringsecurity/security/authentication/handler/FormAuthenticationFailureHandler.java +++ /dev/null @@ -1,35 +0,0 @@ -package io.security.corespringsecurity.security.authentication.handler; - -import io.security.corespringsecurity.security.exception.AuthMethodNotSupportedException; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.web.WebAttributes; -import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; -import org.springframework.stereotype.Component; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -@Component("formAuthenticationFailureHandler") -public class FormAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler { - - @Override - public void onAuthenticationFailure(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException exception) throws IOException, ServletException { - - setDefaultFailureUrl("/login?error=true"); - - super.onAuthenticationFailure(request, response, exception); - - String errorMessage = "Authentication failed"; - - if (exception instanceof BadCredentialsException) { - errorMessage = "Invalid username or password"; - } else if (exception instanceof AuthMethodNotSupportedException) { - errorMessage = exception.getMessage(); - } - - request.getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, ""); - } -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/security/authentication/handler/FormAuthenticationSuccessHandler.java b/src/main/java/io/security/corespringsecurity/security/authentication/handler/FormAuthenticationSuccessHandler.java deleted file mode 100644 index 944b2818..00000000 --- a/src/main/java/io/security/corespringsecurity/security/authentication/handler/FormAuthenticationSuccessHandler.java +++ /dev/null @@ -1,41 +0,0 @@ -package io.security.corespringsecurity.security.authentication.handler; - -import lombok.extern.slf4j.Slf4j; -import org.springframework.security.core.Authentication; -import org.springframework.security.web.DefaultRedirectStrategy; -import org.springframework.security.web.RedirectStrategy; -import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler; -import org.springframework.security.web.savedrequest.HttpSessionRequestCache; -import org.springframework.security.web.savedrequest.RequestCache; -import org.springframework.security.web.savedrequest.SavedRequest; -import org.springframework.stereotype.Component; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -@Component("formAuthenticationSuccessHandler") -@Slf4j -public class FormAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler { - - private RequestCache requestCache = new HttpSessionRequestCache(); - - private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); - - @Override - public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException { - - setDefaultTargetUrl("/"); - - SavedRequest savedRequest = requestCache.getRequest(request, response); - - if(savedRequest!=null) { - String targetUrl = savedRequest.getRedirectUrl(); - redirectStrategy.sendRedirect(request, response, targetUrl); - } else { - redirectStrategy.sendRedirect(request, response, getDefaultTargetUrl()); - } - - } - -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/security/authentication/provider/AjaxAuthenticationProvider.java b/src/main/java/io/security/corespringsecurity/security/authentication/provider/AjaxAuthenticationProvider.java deleted file mode 100644 index 16e08121..00000000 --- a/src/main/java/io/security/corespringsecurity/security/authentication/provider/AjaxAuthenticationProvider.java +++ /dev/null @@ -1,82 +0,0 @@ -package io.security.corespringsecurity.security.authentication.provider; - -import io.security.corespringsecurity.security.domain.UserDto; -import io.security.corespringsecurity.security.token.AjaxAuthenticationToken; -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.authentication.AuthenticationProvider; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.stereotype.Component; - -import javax.transaction.Transactional; -import java.util.Arrays; - - -@Component -@Slf4j -public class AjaxAuthenticationProvider implements AuthenticationProvider { - - @Autowired - private UserDetailsService uerDetailsService; - - @Autowired - PasswordEncoder passwordEncoder; - - @Override - @Transactional - public Authentication authenticate(Authentication auth) throws AuthenticationException { - - String loginId = auth.getName(); - String passwd = (String) auth.getCredentials(); - - UserDetails userDetails = null; - try { - - // 사용자 조회 - userDetails = uerDetailsService.loadUserByUsername(loginId); - - if (userDetails == null || !passwordEncoder.matches(passwd, userDetails.getPassword())) { - throw new BadCredentialsException("Invalid password"); - } - - if (!userDetails.isEnabled()) { - throw new BadCredentialsException("not user confirm"); - } - - } catch(UsernameNotFoundException e) { - log.info(e.toString()); - throw new UsernameNotFoundException(e.getMessage()); - } catch(BadCredentialsException e) { - log.info(e.toString()); - throw new BadCredentialsException(e.getMessage()); - } catch(Exception e) { - log.info(e.toString()); - throw new RuntimeException(e.getMessage()); - } - - UserDto userDto = UserDto.builder().username(userDetails.getUsername()).password(userDetails.getPassword()).build(); - userDto.setRoles(Arrays.asList("ROLE_USER")); - - return AjaxAuthenticationToken.getTokenFromAccountContext(userDto); - } - - private boolean isValidLong(String code) { - try { - Long.parseLong(code); - } catch (final NumberFormatException e) { - return false; - } - return true; - } - - @Override - public boolean supports(Class authentication) { - return authentication.equals(AjaxAuthenticationToken.class); - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/authentication/provider/FormAuthenticationProvider.java b/src/main/java/io/security/corespringsecurity/security/authentication/provider/FormAuthenticationProvider.java deleted file mode 100644 index 5818f0c6..00000000 --- a/src/main/java/io/security/corespringsecurity/security/authentication/provider/FormAuthenticationProvider.java +++ /dev/null @@ -1,68 +0,0 @@ -package io.security.corespringsecurity.security.authentication.provider; - -import io.security.corespringsecurity.security.authentication.services.UserDetail; -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.authentication.AuthenticationProvider; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.stereotype.Component; - -import javax.transaction.Transactional; - -@Component -@Slf4j -public class FormAuthenticationProvider implements AuthenticationProvider { - - @Autowired - private UserDetailsService userDetailsService; - - @Autowired - PasswordEncoder passwordEncoder; - - @Override - @Transactional - public Authentication authenticate(Authentication auth) throws AuthenticationException { - - String loginId = auth.getName(); - String passwd = (String) auth.getCredentials(); - - UserDetails userDetails = null; - try { - - // 사용자 조회 - userDetails = userDetailsService.loadUserByUsername(loginId); - - if (userDetails == null || !passwordEncoder.matches(passwd, userDetails.getPassword())) { - throw new BadCredentialsException("Invalid password"); - } - - if (!userDetails.isEnabled()) { - throw new BadCredentialsException("not user confirm"); - } - - } catch(UsernameNotFoundException e) { - log.info(e.toString()); - throw new UsernameNotFoundException(e.getMessage()); - } catch(BadCredentialsException e) { - log.info(e.toString()); - throw new BadCredentialsException(e.getMessage()); - } catch(Exception e) { - log.info(e.toString()); - throw new RuntimeException(e.getMessage()); - } - - return new UsernamePasswordAuthenticationToken(((UserDetail)userDetails).getUser(), null, userDetails.getAuthorities()); - } - - @Override - public boolean supports(Class authentication) { - return authentication.equals(UsernamePasswordAuthenticationToken.class); - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/authentication/services/FormRememberMeServices.java b/src/main/java/io/security/corespringsecurity/security/authentication/services/FormRememberMeServices.java deleted file mode 100644 index c51854e7..00000000 --- a/src/main/java/io/security/corespringsecurity/security/authentication/services/FormRememberMeServices.java +++ /dev/null @@ -1,70 +0,0 @@ -package io.security.corespringsecurity.security.authentication.services; - -import io.security.corespringsecurity.domain.entity.User; -import io.security.corespringsecurity.repository.UserRepository; -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.authentication.AuthenticationDetailsSource; -import org.springframework.security.authentication.RememberMeAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper; -import org.springframework.security.core.authority.mapping.NullAuthoritiesMapper; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; -import org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken; -import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices; -import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.util.Date; - -@Slf4j -public class FormRememberMeServices extends PersistentTokenBasedRememberMeServices { - - @Autowired - private UserRepository userRepository; - - private GrantedAuthoritiesMapper authoritiesMapper = new NullAuthoritiesMapper(); - private AuthenticationDetailsSource authenticationDetailsSource = new WebAuthenticationDetailsSource(); - private PersistentTokenRepository tokenRepository; - private String key; - - public FormRememberMeServices(String key, UserDetailsService userDetailsService, PersistentTokenRepository tokenRepository) { - super(key, userDetailsService, tokenRepository); - this.tokenRepository = tokenRepository; - this.key = key; - } - - @Override - public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) { - super.logout(request, response, authentication); - } - - @Override - protected void onLoginSuccess(HttpServletRequest request, HttpServletResponse response, Authentication successfulAuthentication) { - String username = ((User) successfulAuthentication.getPrincipal()).getUsername(); - log.debug("Creating new persistent login for user " + username); - PersistentRememberMeToken persistentToken = new PersistentRememberMeToken(username, generateSeriesData(), generateTokenData(), new Date()); - try { - tokenRepository.createNewToken(persistentToken); - addCookie(persistentToken, request, response); - } catch (Exception e) { - log.error("Failed to save persistent token ", e); - } - } - - @Override - protected Authentication createSuccessfulAuthentication(HttpServletRequest request, UserDetails user) { - User auser = userRepository.findByUsername(user.getUsername()); - RememberMeAuthenticationToken auth = new RememberMeAuthenticationToken(key, auser, authoritiesMapper.mapAuthorities(user.getAuthorities())); - auth.setDetails(authenticationDetailsSource.buildDetails(request)); - return auth; - } - - private void addCookie(PersistentRememberMeToken token, HttpServletRequest request, HttpServletResponse response) { - //setTokenValiditySeconds(60); - setCookie(new String[] { token.getSeries(), token.getTokenValue() }, getTokenValiditySeconds(), request, response); - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/authentication/services/FormWebAuthenticationDetails.java b/src/main/java/io/security/corespringsecurity/security/authentication/services/FormWebAuthenticationDetails.java deleted file mode 100644 index 95879208..00000000 --- a/src/main/java/io/security/corespringsecurity/security/authentication/services/FormWebAuthenticationDetails.java +++ /dev/null @@ -1,22 +0,0 @@ -package io.security.corespringsecurity.security.authentication.services; - -import org.springframework.security.web.authentication.WebAuthenticationDetails; - -import javax.servlet.http.HttpServletRequest; - -public class FormWebAuthenticationDetails extends WebAuthenticationDetails { - - private static final long serialVersionUID = 1L; - - private final String verificationCode; - - public FormWebAuthenticationDetails(HttpServletRequest request) { - super(request); - verificationCode = request.getParameter("code"); - } - - public String getVerificationCode() { - - return verificationCode; - } -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/security/authentication/services/FormWebAuthenticationDetailsSource.java b/src/main/java/io/security/corespringsecurity/security/authentication/services/FormWebAuthenticationDetailsSource.java deleted file mode 100644 index 44090be5..00000000 --- a/src/main/java/io/security/corespringsecurity/security/authentication/services/FormWebAuthenticationDetailsSource.java +++ /dev/null @@ -1,15 +0,0 @@ -package io.security.corespringsecurity.security.authentication.services; - -import org.springframework.security.authentication.AuthenticationDetailsSource; -import org.springframework.security.web.authentication.WebAuthenticationDetails; -import org.springframework.stereotype.Component; - -import javax.servlet.http.HttpServletRequest; - -@Component -public class FormWebAuthenticationDetailsSource implements AuthenticationDetailsSource { - @Override - public WebAuthenticationDetails buildDetails(HttpServletRequest request) { - return new FormWebAuthenticationDetails(request); - } -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/security/authentication/services/UserDetail.java b/src/main/java/io/security/corespringsecurity/security/authentication/services/UserDetail.java deleted file mode 100644 index fa0725db..00000000 --- a/src/main/java/io/security/corespringsecurity/security/authentication/services/UserDetail.java +++ /dev/null @@ -1,20 +0,0 @@ -package io.security.corespringsecurity.security.authentication.services; - -import io.security.corespringsecurity.domain.entity.User; -import lombok.Data; -import org.springframework.security.core.authority.SimpleGrantedAuthority; - -import java.util.List; -import java.util.stream.Collectors; - -@Data -public class UserDetail extends org.springframework.security.core.userdetails.User { - private User user; - private List roles; - - public UserDetail(User user, List roles) { - super(user.getUsername(), user.getPassword(), roles.stream().map(SimpleGrantedAuthority::new).collect(Collectors.toList())); - this.user = user; - this.roles = roles; - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/authentication/services/UserDetailsServiceImpl.java b/src/main/java/io/security/corespringsecurity/security/authentication/services/UserDetailsServiceImpl.java deleted file mode 100644 index 16d52ae3..00000000 --- a/src/main/java/io/security/corespringsecurity/security/authentication/services/UserDetailsServiceImpl.java +++ /dev/null @@ -1,85 +0,0 @@ -package io.security.corespringsecurity.security.authentication.services; - -import io.security.corespringsecurity.domain.entity.Role; -import io.security.corespringsecurity.domain.entity.User; -import io.security.corespringsecurity.repository.RoleRepository; -import io.security.corespringsecurity.repository.UserRepository; -import io.security.corespringsecurity.service.impl.LoginAttemptServiceImpl; -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.stereotype.Service; -import org.springframework.transaction.annotation.Transactional; - -import javax.servlet.http.HttpServletRequest; -import java.util.HashSet; -import java.util.List; -import java.util.Set; -import java.util.stream.Collectors; - -@Slf4j -@Service("userDetailsService") -public class UserDetailsServiceImpl implements UserDetailsService { - - @Autowired - private UserRepository userRepository; - - @Autowired - private RoleRepository roleRepository; - - @Autowired - private LoginAttemptServiceImpl loginAttemptService; - - @Autowired - private HttpServletRequest request; - - @Autowired - private PasswordEncoder passwordEncoder; - - - - public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { - - final String ip = request.getRemoteAddr(); - if (loginAttemptService.isBlocked(ip)) { - throw new RuntimeException("blocked"); - } - - User user = userRepository.findByUsername(username); - if (user == null) { - if (userRepository.countByUsername(username) == 0) { - throw new UsernameNotFoundException("No user found with username: " + username); - } - } - Set userRoles = user.getUserRoles() - .stream() - .map(userRole -> userRole.getRoleName()) - .collect(Collectors.toSet()); - - return new UserDetail(user, userRoles.stream().collect(Collectors.toList())); - } - - @Transactional - public User selectUser(long id) { - return userRepository.findById(id).orElse(new User()); - } - - @Transactional - public List selectUsers() { - return userRepository.findAll(); - } - - @Transactional - public void insertUser(User user){ - - Role role = roleRepository.findByRoleName("ROLE_USER"); - Set roles = new HashSet<>(); - roles.add(role); - user.setUserRoles(roles); - user.setPassword(passwordEncoder.encode(user.getPassword())); - userRepository.save(user); - } -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/security/configs/AjaxLoginConfigurer.java b/src/main/java/io/security/corespringsecurity/security/configs/AjaxLoginConfigurer.java deleted file mode 100644 index de34a3e3..00000000 --- a/src/main/java/io/security/corespringsecurity/security/configs/AjaxLoginConfigurer.java +++ /dev/null @@ -1,81 +0,0 @@ -package io.security.corespringsecurity.security.configs; - -import com.fasterxml.jackson.databind.ObjectMapper; -import io.security.corespringsecurity.security.filter.AjaxLoginProcessingFilter; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.config.annotation.web.HttpSecurityBuilder; -import org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer; -import org.springframework.security.web.authentication.AuthenticationFailureHandler; -import org.springframework.security.web.authentication.AuthenticationSuccessHandler; -import org.springframework.security.web.authentication.RememberMeServices; -import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; -import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy; -import org.springframework.security.web.util.matcher.AntPathRequestMatcher; -import org.springframework.security.web.util.matcher.RequestMatcher; - -public final class AjaxLoginConfigurer> extends - AbstractAuthenticationFilterConfigurer, AjaxLoginProcessingFilter> { - - private AuthenticationSuccessHandler successHandler; - private AuthenticationFailureHandler failureHandler; - private AuthenticationManager authenticationManager; - - public AjaxLoginConfigurer() { - super(new AjaxLoginProcessingFilter(), null); - } - - @Override - public void init(H http) throws Exception { - super.init(http); - } - - @Override - public void configure(H http) { - - if(authenticationManager == null){ - authenticationManager = http.getSharedObject(AuthenticationManager.class); - } - getAuthenticationFilter().setAuthenticationManager(authenticationManager); - getAuthenticationFilter().setAuthenticationSuccessHandler(successHandler); - getAuthenticationFilter().setAuthenticationFailureHandler(failureHandler); - - SessionAuthenticationStrategy sessionAuthenticationStrategy = http - .getSharedObject(SessionAuthenticationStrategy.class); - if (sessionAuthenticationStrategy != null) { - getAuthenticationFilter().setSessionAuthenticationStrategy(sessionAuthenticationStrategy); - } - RememberMeServices rememberMeServices = http - .getSharedObject(RememberMeServices.class); - if (rememberMeServices != null) { - getAuthenticationFilter().setRememberMeServices(rememberMeServices); - } - http.setSharedObject(AjaxLoginProcessingFilter.class,getAuthenticationFilter()); - http.addFilterBefore(getAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class); - } - - public AjaxLoginConfigurer successHandlerAjax(AuthenticationSuccessHandler successHandler) { - this.successHandler = successHandler; - return this; - } - - public AjaxLoginConfigurer failureHandlerAjax(AuthenticationFailureHandler authenticationFailureHandler) { - this.failureHandler = authenticationFailureHandler; - return this; - } - - public AjaxLoginConfigurer setAuthenticationManager(AuthenticationManager authenticationManager) { - this.authenticationManager = authenticationManager; - return this; - } - - @Override - protected RequestMatcher createLoginProcessingUrlMatcher(String loginProcessingUrl) { - return new AntPathRequestMatcher(loginProcessingUrl, "POST"); - } - - public AjaxLoginConfigurer readAndWriteMapper(ObjectMapper objectMapper) { - getAuthenticationFilter().setObjectMapper(objectMapper); - return this; - } - -} diff --git a/src/main/java/io/security/corespringsecurity/security/configs/MethodSecurityConfig.java b/src/main/java/io/security/corespringsecurity/security/configs/MethodSecurityConfig.java deleted file mode 100644 index c925f3b9..00000000 --- a/src/main/java/io/security/corespringsecurity/security/configs/MethodSecurityConfig.java +++ /dev/null @@ -1,188 +0,0 @@ -package io.security.corespringsecurity.security.configs; - -import io.security.corespringsecurity.repository.AccessIpRepository; -import io.security.corespringsecurity.repository.ResourcesRepository; -import io.security.corespringsecurity.security.aop.CustomMethodSecurityInterceptor; -import io.security.corespringsecurity.security.enums.SecurtiyMethodType; -import io.security.corespringsecurity.security.factory.MethodResourcesMapFactoryBean; -import io.security.corespringsecurity.security.factory.UrlResourcesMapFactoryBean; -import io.security.corespringsecurity.security.metaDataSource.UrlSecurityMetadataSource; -import io.security.corespringsecurity.security.processor.ProtectPointcutPostProcessor; -import io.security.corespringsecurity.security.voter.IpAddressVoter; -import io.security.corespringsecurity.service.SecurityResourceService; -import io.security.corespringsecurity.service.impl.RoleHierarchyServiceImpl; -import lombok.extern.slf4j.Slf4j; -import org.aopalliance.intercept.MethodInterceptor; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.config.BeanPostProcessor; -import org.springframework.beans.factory.support.DefaultListableBeanFactory; -import org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext; -import org.springframework.context.ApplicationContext; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.core.Ordered; -import org.springframework.core.annotation.Order; -import org.springframework.security.access.AccessDecisionManager; -import org.springframework.security.access.AccessDecisionVoter; -import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl; -import org.springframework.security.access.intercept.RunAsManager; -import org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource; -import org.springframework.security.access.method.MethodSecurityMetadataSource; -import org.springframework.security.access.vote.AffirmativeBased; -import org.springframework.security.access.vote.AuthenticatedVoter; -import org.springframework.security.access.vote.RoleHierarchyVoter; -import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; -import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration; -import org.springframework.security.web.access.expression.WebExpressionVoter; -import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; - -import java.lang.reflect.Constructor; -import java.lang.reflect.Method; -import java.util.Arrays; -import java.util.List; -import java.util.Map; - -@Configuration -@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true) -@Slf4j -public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration{ - - @Autowired - private SecurityResourceService securityResourceService; - @Autowired - private ResourcesRepository resourcesRepository; - @Autowired - private RoleHierarchyServiceImpl roleHierarchyService; - @Autowired - private AccessIpRepository accessIpRepository; - @Autowired - private RoleHierarchyImpl roleHierarchy; - @Autowired - private MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource; - @Autowired - private AnnotationConfigServletWebServerApplicationContext applicationContext; - @Autowired - private CustomMethodSecurityInterceptor methodSecurityInterceptor; - - protected MethodSecurityMetadataSource customMethodSecurityMetadataSource() { - return mapBasedMethodSecurityMetadataSource(); - } - - @Bean - public MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource() { - return new MapBasedMethodSecurityMetadataSource(methodResourcesMapFactoryBean().getObject()); - } - - @Bean - public MethodResourcesMapFactoryBean methodResourcesMapFactoryBean(){ - MethodResourcesMapFactoryBean methodResourcesMapFactoryBean = new MethodResourcesMapFactoryBean(); - methodResourcesMapFactoryBean.setSecurityResourceService(securityResourceService); - methodResourcesMapFactoryBean.setResourceType(SecurtiyMethodType.METHOD.getValue()); - return methodResourcesMapFactoryBean; - } - -// @Bean - //@Profile("pointcut") - /*BeanPostProcessor protectPointcutPostProcessor() throws Exception { - - DefaultListableBeanFactory beanFactory = (DefaultListableBeanFactory)applicationContext.getAutowireCapableBeanFactory(); - - Class clazz = Class.forName("org.springframework.security.config.method.ProtectPointcutPostProcessor"); - Constructor declaredConstructor = clazz.getDeclaredConstructor(MapBasedMethodSecurityMetadataSource.class); - declaredConstructor.setAccessible(true); - Object instance = declaredConstructor.newInstance(mapBasedMethodSecurityMetadataSource()); - Method setPointcutMap = instance.getClass().getMethod("setPointcutMap", Map.class); - setPointcutMap.setAccessible(true); - setPointcutMap.invoke(instance, pointcutResourcesMapFactoryBean().getObject()); - - return (BeanPostProcessor)instance; - }*/ - - /** - * - * 설정클래스에서 람다 형식으로 선언된 빈이 존재할 경우 오류가 발생하여 스프링 빈과 동일한 클래스를 생성하여 처리 - * 아직 AspectJ 라이브러리에서 Fix 하지 못한 것으로 판단되지만 다른 오류 원인이 존재하는지 계속 살펴보도록 함 - */ - @Bean -// @Profile("pointcut") - public ProtectPointcutPostProcessor protectPointcutPostProcessor() { - - ProtectPointcutPostProcessor protectPointcutPostProcessor = new ProtectPointcutPostProcessor(mapBasedMethodSecurityMetadataSource()); - protectPointcutPostProcessor.setPointcutMap(pointcutResourcesMapFactoryBean().getObject()); - - return protectPointcutPostProcessor; - } - - @Bean - //@Profile("pointcut") - public MethodResourcesMapFactoryBean pointcutResourcesMapFactoryBean(){ - - MethodResourcesMapFactoryBean pointcutResourcesMapFactoryBean = new MethodResourcesMapFactoryBean(); - pointcutResourcesMapFactoryBean.setSecurityResourceService(securityResourceService); - pointcutResourcesMapFactoryBean.setResourceType(SecurtiyMethodType.POINTCUT.getValue()); - return pointcutResourcesMapFactoryBean; - } - - @Bean - public FilterInvocationSecurityMetadataSource urlSecurityMetadataSource() { - return new UrlSecurityMetadataSource(urlResourcesMapFactoryBean().getObject(),securityResourceService); - } - - @Bean - public UrlResourcesMapFactoryBean urlResourcesMapFactoryBean(){ - UrlResourcesMapFactoryBean urlResourcesMapFactoryBean = new UrlResourcesMapFactoryBean(); - urlResourcesMapFactoryBean.setSecurityResourceService(securityResourceService); - return urlResourcesMapFactoryBean; - } - - @Bean - public AccessDecisionManager affirmativeBased() { - AffirmativeBased accessDecisionManager = new AffirmativeBased(getAccessDecisionVoters()); - accessDecisionManager.setAllowIfAllAbstainDecisions(false); // 접근 승인 거부 보류시 접근 허용은 true 접근 거부는 false - return accessDecisionManager; - } - - private List> getAccessDecisionVoters() { - - AuthenticatedVoter authenticatedVoter = new AuthenticatedVoter(); - WebExpressionVoter webExpressionVoter = new WebExpressionVoter(); - IpAddressVoter ipAddressVoter = new IpAddressVoter(securityResourceService); - - List> accessDecisionVoterList = Arrays.asList(/*ipAddressVoter, */authenticatedVoter, webExpressionVoter, roleVoter()); - return accessDecisionVoterList; - } - - @Bean - public RoleHierarchyVoter roleVoter() { - RoleHierarchyVoter roleHierarchyVoter = new RoleHierarchyVoter(roleHierarchy()); - roleHierarchyVoter.setRolePrefix("ROLE_"); - return roleHierarchyVoter; - } - - @Bean - public RoleHierarchyImpl roleHierarchy() { - RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); - return roleHierarchy; - } - - @Bean - public CustomMethodSecurityInterceptor customMethodSecurityInterceptor(MapBasedMethodSecurityMetadataSource methodSecurityMetadataSource) { - CustomMethodSecurityInterceptor customMethodSecurityInterceptor = new CustomMethodSecurityInterceptor(); - customMethodSecurityInterceptor.setAccessDecisionManager(accessDecisionManager()); - customMethodSecurityInterceptor.setAfterInvocationManager(afterInvocationManager()); - customMethodSecurityInterceptor.setSecurityMetadataSource(methodSecurityMetadataSource); - RunAsManager runAsManager = runAsManager(); - if (runAsManager != null) { - customMethodSecurityInterceptor.setRunAsManager(runAsManager); - } - - return customMethodSecurityInterceptor; - } - - /*@Bean - public SecurityResourceService securityResourceService(ResourcesRepository resourcesRepository, RoleHierarchyImpl roleHierarchy,RoleHierarchyServiceImpl roleHierarchyService, AccessIpRepository accessIpRepository, MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource, AnnotationConfigServletWebServerApplicationContext applicationContext, CustomMethodSecurityInterceptor methodSecurityInterceptor) { - SecurityResourceService securityResourceService = new SecurityResourceService(resourcesRepository, roleHierarchy, roleHierarchyService, accessIpRepository, mapBasedMethodSecurityMetadataSource, applicationContext, methodSecurityInterceptor); - return securityResourceService; - }*/ -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/security/configs/SecurityConfig.java b/src/main/java/io/security/corespringsecurity/security/configs/SecurityConfig.java index 79615277..48c0ef72 100644 --- a/src/main/java/io/security/corespringsecurity/security/configs/SecurityConfig.java +++ b/src/main/java/io/security/corespringsecurity/security/configs/SecurityConfig.java @@ -1,295 +1,44 @@ package io.security.corespringsecurity.security.configs; -import com.fasterxml.jackson.databind.ObjectMapper; -import io.security.corespringsecurity.repository.JpaPersistentTokenRepository; -import io.security.corespringsecurity.repository.RememberMeTokenRepository; -import io.security.corespringsecurity.security.authentication.handler.*; -import io.security.corespringsecurity.security.authentication.provider.AjaxAuthenticationProvider; -import io.security.corespringsecurity.security.authentication.provider.FormAuthenticationProvider; -import io.security.corespringsecurity.security.authentication.services.FormRememberMeServices; -import io.security.corespringsecurity.security.authentication.services.FormWebAuthenticationDetailsSource; -import io.security.corespringsecurity.security.filter.AjaxLoginProcessingFilter; -import io.security.corespringsecurity.security.filter.PermitAllFilter; -import io.security.corespringsecurity.service.SecurityResourceService; import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.security.access.AccessDecisionManager; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.authentication.AuthenticationProvider; -import org.springframework.security.authentication.ProviderManager; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; -import org.springframework.security.core.session.SessionRegistry; -import org.springframework.security.core.session.SessionRegistryImpl; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.crypto.factory.PasswordEncoderFactories; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.security.web.access.AccessDeniedHandler; -import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; -import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; -import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint; -import org.springframework.security.web.authentication.RememberMeServices; -import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; -import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; -import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository; -import org.springframework.security.web.csrf.CsrfFilter; -import org.springframework.security.web.session.HttpSessionEventPublisher; -import org.springframework.web.filter.CharacterEncodingFilter; - -import java.util.ArrayList; -import java.util.List; @Configuration @EnableWebSecurity @Slf4j public class SecurityConfig extends WebSecurityConfigurerAdapter { - private String[] ignoredMatcherPattern = {"/static/**", "/css/**", "/js/**", "/static/css/images/**", "/webjars/**", "/**/favicon.ico"}; - private String[] permitAllPattern = {"/", "/home", "/users", "/login", "/errorpage/**"}; - - public static final String AUTHENTICATION_HEADER_NAME = "Authorization"; - public static final String AUTHENTICATION_URL = "/api/auth/login"; - public static final String REFRESH_TOKEN_URL = "/api/auth/token"; - public static final String API_ROOT_URL = "/api/**"; - - @Autowired - private UserDetailsService userDetailsService; - @Autowired - private FormAuthenticationProvider commonAuthenticationProvider; - @Autowired - private AjaxAuthenticationProvider ajaxAuthenticationProvider; - @Autowired - private FormAuthenticationSuccessHandler formAuthenticationSuccessHandler; - @Autowired - private FormAuthenticationFailureHandler formAuthenticationFailureHandler; - @Autowired - private AjaxAuthenticationSuccessHandler ajaxAuthenticationSuccessHandler; - @Autowired - private AjaxAuthenticationFailureHandler ajaxAuthenticationFailureHandler; - @Autowired - private LogoutSuccessHandler logoutSuccessHandler; - @Autowired - private AccessDeniedHandler accessDeniedHandler; - @Autowired - private AccessDecisionManager accessDecisionManager; - @Autowired - private FormWebAuthenticationDetailsSource authenticationDetailsSource; - @Autowired - private FilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource; - @Autowired - private RememberMeServices rememberMeServices; - @Autowired - private ObjectMapper objectMapper; - @Autowired - private AuthenticationManagerBuilder authenticationManagerBuilder; - @Autowired - private SecurityResourceService securityResourceService; - - @Bean @Override - public AuthenticationManager authenticationManagerBean() throws Exception { - return super.authenticationManagerBean(); - } - -// @Override -// protected void configure(AuthenticationManagerBuilder auth) { -// auth.authenticationProvider(commonAuthenticationProvider); -// auth.authenticationProvider(ajaxAuthenticationProvider); -// } - - public AuthenticationManager ajaxAuthenticationManager() { - List authProviderList = new ArrayList<>(); - authProviderList.add(ajaxAuthenticationProvider); - ProviderManager providerManager = new ProviderManager(authProviderList); - return providerManager; - } - - public AuthenticationManager authenticationManager() { - List authProviderList = new ArrayList<>(); - authProviderList.add(commonAuthenticationProvider); - authProviderList.add(ajaxAuthenticationProvider); - ProviderManager providerManager = new ProviderManager(authProviderList); - return providerManager; + protected void configure(AuthenticationManagerBuilder auth) throws Exception { + String password = passwordEncoder().encode("1111"); + auth.inMemoryAuthentication().withUser("user").password(password).roles("USER"); + auth.inMemoryAuthentication().withUser("manager").password(password).roles("USER","MANAGER"); + auth.inMemoryAuthentication().withUser("admin").password(password).roles("USER","MANAGER","ADMIN"); } - @Override - public void configure(WebSecurity web) throws Exception { - web.ignoring().antMatchers(ignoredMatcherPattern); + @Bean + public PasswordEncoder passwordEncoder() { + return new BCryptPasswordEncoder(); } @Override protected void configure(final HttpSecurity http) throws Exception { - CharacterEncodingFilter filter = new CharacterEncodingFilter(); http .authorizeRequests() + .antMatchers("/").permitAll() + .antMatchers("/mypage").hasRole("USER") + .antMatchers("/messages").hasRole("MANAGER") + .antMatchers("/config").hasRole("ADMIN") .anyRequest().authenticated() - .and() - .exceptionHandling() - .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login")) - .accessDeniedPage("/denied") - .accessDeniedHandler(accessDeniedHandler) - - .and() - .formLogin() - .loginPage("/login") - .loginProcessingUrl("/login_proc") - .defaultSuccessUrl("/index") - .failureUrl("/login?error=true") - .usernameParameter("username") - .passwordParameter("password") - .successHandler(formAuthenticationSuccessHandler) - .failureHandler(formAuthenticationFailureHandler) - .authenticationDetailsSource(authenticationDetailsSource) -// .permitAll() - - .and() - .sessionManagement() -// .invalidSessionUrl("/users/invalidSession.html") - .maximumSessions(1) // -1 : 무제한 로그인 세션 허용 - .maxSessionsPreventsLogin(true) // false : 동시 로그인을 하지 못하도록 차단함 - //.expiredUrl("/login?expired=true") - .sessionRegistry(sessionRegistry()).and() - .sessionFixation().migrateSession() .and() - .logout() - .logoutSuccessHandler(logoutSuccessHandler) - //.logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/index") - .clearAuthentication(true) - .invalidateHttpSession(true) - .deleteCookies("SESSION", "JSESSIONID", "remember-me") -// .permitAll() - - .and() - .rememberMe() - .alwaysRemember(true) - .rememberMeServices(rememberMeServices) - .tokenValiditySeconds(3600) - .key("anymobi") - - .and() - .addFilterBefore(buildAjaxLoginProcessingFilter(AUTHENTICATION_URL), UsernamePasswordAuthenticationFilter.class) - .addFilterBefore(filter, CsrfFilter.class) - .addFilterBefore(permitAllFilter(), FilterSecurityInterceptor.class) - .csrf().disable(); - - customConfigurer(http); - } - - private void customConfigurer(HttpSecurity http) throws Exception { - http - .apply(new AjaxLoginConfigurer<>()) - .successHandlerAjax(ajaxAuthenticationSuccessHandler) - .failureHandlerAjax(ajaxAuthenticationFailureHandler) - .loginProcessingUrl(AUTHENTICATION_URL) - .setAuthenticationManager(ajaxAuthenticationManager()) - .readAndWriteMapper(objectMapper); - - - } - - protected AjaxLoginProcessingFilter buildAjaxLoginProcessingFilter(String loginEntryPoint){ - AjaxLoginProcessingFilter filter = new AjaxLoginProcessingFilter(); - filter.setAuthenticationManager(ajaxAuthenticationManager()); - return filter; - } - - @Bean - public PermitAllFilter permitAllFilter() { - PermitAllFilter permitAllFilter = new PermitAllFilter(permitAllPattern); - //commonFilterSecurityInterceptor.setAuthenticationManager(authenticationManager()); - permitAllFilter.setAccessDecisionManager(accessDecisionManager); - permitAllFilter.setSecurityMetadataSource(filterInvocationSecurityMetadataSource); - permitAllFilter.setRejectPublicInvocations(false); - return permitAllFilter; - } - - @Bean - public FilterRegistrationBean filterRegistrationBean() { - FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(); - filterRegistrationBean.setFilter(permitAllFilter()); - filterRegistrationBean.setEnabled(false); - return filterRegistrationBean; + .formLogin(); } - - @Bean - public AccessDeniedHandler accessDeniedHandler() { - CommonAccessDeniedHandler commonAccessDeniedHandler = new CommonAccessDeniedHandler(); - commonAccessDeniedHandler.setErrorPage("/denied"); - return commonAccessDeniedHandler; - } - - @Bean - public RememberMeServices rememberMeServices(PersistentTokenRepository ptr) { - FormRememberMeServices rememberMeServices = new FormRememberMeServices("anymobi", userDetailsService, ptr); - return rememberMeServices; - } - - @Bean - public PersistentTokenRepository persistentTokenRepository(RememberMeTokenRepository rmtr) { - return new JpaPersistentTokenRepository(rmtr); - } - - @Bean - public HttpSessionEventPublisher httpSessionEventPublisher() { - return new HttpSessionEventPublisher(); - } - - @Bean - public PasswordEncoder passwordEncoder() { - return PasswordEncoderFactories.createDelegatingPasswordEncoder(); - } - - @Bean - public SessionRegistry sessionRegistry() { - return new SessionRegistryImpl(); - } - - /*@Bean - public FilterInvocationSecurityMetadataSource urlSecurityMetadataSource() { - return new UrlSecurityMetadataSource(urlResourcesMapFactoryBean().getObject(),securityResourceService); - } - - @Bean - public UrlResourcesMapFactoryBean urlResourcesMapFactoryBean(){ - UrlResourcesMapFactoryBean urlResourcesMapFactoryBean = new UrlResourcesMapFactoryBean(); - urlResourcesMapFactoryBean.setSecurityResourceService(securityResourceService); - return urlResourcesMapFactoryBean; - } - - @Bean - public AccessDecisionManager affirmativeBased() { - AffirmativeBased accessDecisionManager = new AffirmativeBased(getAccessDecisionVoters()); - accessDecisionManager.setAllowIfAllAbstainDecisions(false); // 접근 승인 거부 보류시 접근 허용은 true 접근 거부는 false - return accessDecisionManager; - } - - private List> getAccessDecisionVoters() { - - AuthenticatedVoter authenticatedVoter = new AuthenticatedVoter(); - WebExpressionVoter webExpressionVoter = new WebExpressionVoter(); - IpAddressVoter ipAddressVoter = new IpAddressVoter(securityResourceService); - - List> accessDecisionVoterList = Arrays.asList(ipAddressVoter, authenticatedVoter, webExpressionVoter, roleVoter()); - return accessDecisionVoterList; - } - - @Bean - public RoleHierarchyVoter roleVoter() { - RoleHierarchyVoter roleHierarchyVoter = new RoleHierarchyVoter(roleHierarchy()); - roleHierarchyVoter.setRolePrefix("ROLE_"); - return roleHierarchyVoter; - } - - @Bean - public RoleHierarchyImpl roleHierarchy() { - RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); - return roleHierarchy; - }*/ } diff --git a/src/main/java/io/security/corespringsecurity/security/domain/AuthoritiesDto.java b/src/main/java/io/security/corespringsecurity/security/domain/AuthoritiesDto.java deleted file mode 100644 index 8e9a074a..00000000 --- a/src/main/java/io/security/corespringsecurity/security/domain/AuthoritiesDto.java +++ /dev/null @@ -1,17 +0,0 @@ -package io.security.corespringsecurity.security.domain; - -import lombok.AllArgsConstructor; -import lombok.Builder; -import lombok.Data; -import lombok.NoArgsConstructor; -import org.springframework.security.web.util.matcher.AntPathRequestMatcher; - -@Data -@AllArgsConstructor -@NoArgsConstructor -@Builder -public class AuthoritiesDto { - - private String roleName; - private AntPathRequestMatcher antPathRequestMatcher; -} diff --git a/src/main/java/io/security/corespringsecurity/security/domain/RoleHierarchyDto.java b/src/main/java/io/security/corespringsecurity/security/domain/RoleHierarchyDto.java deleted file mode 100644 index f7abbb2f..00000000 --- a/src/main/java/io/security/corespringsecurity/security/domain/RoleHierarchyDto.java +++ /dev/null @@ -1,15 +0,0 @@ -package io.security.corespringsecurity.security.domain; - -import lombok.AllArgsConstructor; -import lombok.Data; -import lombok.NoArgsConstructor; - -@Data -@AllArgsConstructor -@NoArgsConstructor -public class RoleHierarchyDto { - - private String roldId; - private String roleName; - private String parentRoleId; -} diff --git a/src/main/java/io/security/corespringsecurity/security/domain/UserDto.java b/src/main/java/io/security/corespringsecurity/security/domain/UserDto.java deleted file mode 100644 index 1d1e79ae..00000000 --- a/src/main/java/io/security/corespringsecurity/security/domain/UserDto.java +++ /dev/null @@ -1,72 +0,0 @@ -package io.security.corespringsecurity.security.domain; - -import io.security.corespringsecurity.domain.entity.User; -import lombok.*; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.core.userdetails.UserDetails; - -import javax.validation.constraints.NotNull; -import java.io.Serializable; -import java.util.Collection; -import java.util.List; -import java.util.stream.Collectors; - -@Builder -@AllArgsConstructor -@NoArgsConstructor -@Getter -@Setter -public class UserDto implements Serializable, UserDetails { - - private User user; - private List roles; - - public UserDto(User user, List roles) { - this.user = user; - this.roles = roles; - } - - @NotNull - private String username; - - private String password; - - private Integer role; - - @Override - public Collection getAuthorities() { - return roles.stream().map(SimpleGrantedAuthority::new).collect(Collectors.toList()); - } - - @Override - public String getPassword() { - return password; - } - - @Override - public String getUsername() { - return username; - } - - @Override - public boolean isAccountNonExpired() { - return true; - } - - @Override - public boolean isAccountNonLocked() { - return true; - } - - @Override - public boolean isCredentialsNonExpired() { - return true; - } - - @Override - public boolean isEnabled() { - return true; - } - -} diff --git a/src/main/java/io/security/corespringsecurity/security/enums/SecurtiyMethodType.java b/src/main/java/io/security/corespringsecurity/security/enums/SecurtiyMethodType.java deleted file mode 100644 index d9c05ba0..00000000 --- a/src/main/java/io/security/corespringsecurity/security/enums/SecurtiyMethodType.java +++ /dev/null @@ -1,17 +0,0 @@ -package io.security.corespringsecurity.security.enums; - -public enum SecurtiyMethodType { - - METHOD("method"), - POINTCUT("pointcut"); - - private String name; - - SecurtiyMethodType(String name) { - this.name = name; - } - - public String getValue() { - return name; - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/exception/AuthMethodNotSupportedException.java b/src/main/java/io/security/corespringsecurity/security/exception/AuthMethodNotSupportedException.java deleted file mode 100644 index 943ac3e3..00000000 --- a/src/main/java/io/security/corespringsecurity/security/exception/AuthMethodNotSupportedException.java +++ /dev/null @@ -1,11 +0,0 @@ -package io.security.corespringsecurity.security.exception; - -import org.springframework.security.authentication.AuthenticationServiceException; - -public class AuthMethodNotSupportedException extends AuthenticationServiceException { - private static final long serialVersionUID = 3705043083010304496L; - - public AuthMethodNotSupportedException(String msg) { - super(msg); - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/exception/UserNotFoundException.java b/src/main/java/io/security/corespringsecurity/security/exception/UserNotFoundException.java deleted file mode 100644 index d4b44071..00000000 --- a/src/main/java/io/security/corespringsecurity/security/exception/UserNotFoundException.java +++ /dev/null @@ -1,23 +0,0 @@ -package io.security.corespringsecurity.security.exception; - -public final class UserNotFoundException extends RuntimeException { - - private static final long serialVersionUID = 5861310537366287163L; - - public UserNotFoundException() { - super(); - } - - public UserNotFoundException(final String message, final Throwable cause) { - super(message, cause); - } - - public UserNotFoundException(final String message) { - super(message); - } - - public UserNotFoundException(final Throwable cause) { - super(cause); - } - -} diff --git a/src/main/java/io/security/corespringsecurity/security/factory/MethodResourcesMapFactoryBean.java b/src/main/java/io/security/corespringsecurity/security/factory/MethodResourcesMapFactoryBean.java deleted file mode 100644 index 6bb186ec..00000000 --- a/src/main/java/io/security/corespringsecurity/security/factory/MethodResourcesMapFactoryBean.java +++ /dev/null @@ -1,54 +0,0 @@ -package io.security.corespringsecurity.security.factory; - -import io.security.corespringsecurity.service.SecurityResourceService; -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.FactoryBean; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.ConfigAttribute; -import org.springframework.stereotype.Component; - -import java.util.LinkedHashMap; -import java.util.List; - -@Slf4j -public class MethodResourcesMapFactoryBean implements FactoryBean>> { - - private SecurityResourceService securityResourceService; - private String resourceType; - - public void setResourceType(String resourceType) { - this.resourceType = resourceType; - } - - public void setSecurityResourceService(SecurityResourceService securityResourceService) { - this.securityResourceService = securityResourceService; - } - - private LinkedHashMap> resourcesMap; - - public void init() { - if ("method".equals(resourceType)) { - resourcesMap = securityResourceService.getMethodResourceList(); - } else if ("pointcut".equals(resourceType)) { - resourcesMap = securityResourceService.getPointcutResourceList(); - } else { - log.error("resourceType must be 'method' or 'pointcut'"); - } - } - - public LinkedHashMap> getObject() { - if (resourcesMap == null) { - init(); - } - return resourcesMap; - } - - @SuppressWarnings("rawtypes") - public Class getObjectType() { - return LinkedHashMap.class; - } - - public boolean isSingleton() { - return true; - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/factory/UrlResourcesMapFactoryBean.java b/src/main/java/io/security/corespringsecurity/security/factory/UrlResourcesMapFactoryBean.java deleted file mode 100644 index 6c7247af..00000000 --- a/src/main/java/io/security/corespringsecurity/security/factory/UrlResourcesMapFactoryBean.java +++ /dev/null @@ -1,39 +0,0 @@ -package io.security.corespringsecurity.security.factory; - -import io.security.corespringsecurity.service.SecurityResourceService; -import org.springframework.beans.factory.FactoryBean; -import org.springframework.security.access.ConfigAttribute; -import org.springframework.security.web.util.matcher.RequestMatcher; - -import java.util.LinkedHashMap; -import java.util.List; - -public class UrlResourcesMapFactoryBean implements FactoryBean>> { - - private SecurityResourceService securityResourceService; - - public void setSecurityResourceService(SecurityResourceService securityResourceService) { - this.securityResourceService = securityResourceService; - } - - private LinkedHashMap> resourcesMap; - - public void init() { - resourcesMap = securityResourceService.getResourceList(); - } - - public LinkedHashMap> getObject() { - if (resourcesMap == null) { - init(); - } - return resourcesMap; - } - - public Class getObjectType() { - return LinkedHashMap.class; - } - - public boolean isSingleton() { - return true; - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/filter/AjaxLoginProcessingFilter.java b/src/main/java/io/security/corespringsecurity/security/filter/AjaxLoginProcessingFilter.java deleted file mode 100644 index d16a7c7a..00000000 --- a/src/main/java/io/security/corespringsecurity/security/filter/AjaxLoginProcessingFilter.java +++ /dev/null @@ -1,54 +0,0 @@ -package io.security.corespringsecurity.security.filter; - -import com.fasterxml.jackson.databind.ObjectMapper; -import io.security.corespringsecurity.security.domain.UserDto; -import io.security.corespringsecurity.security.exception.AuthMethodNotSupportedException; -import io.security.corespringsecurity.security.token.AjaxAuthenticationToken; -import io.security.corespringsecurity.util.WebUtil; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.http.HttpMethod; -import org.springframework.security.authentication.AuthenticationServiceException; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; -import org.springframework.security.web.util.matcher.AntPathRequestMatcher; -import org.springframework.util.StringUtils; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.util.Arrays; - -public class AjaxLoginProcessingFilter extends AbstractAuthenticationProcessingFilter { - private static Logger logger = LoggerFactory.getLogger(AjaxLoginProcessingFilter.class); - - private ObjectMapper objectMapper; - - public AjaxLoginProcessingFilter() { - super(new AntPathRequestMatcher("/login", "POST")); - } - - @Override - public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) - throws AuthenticationException, IOException { - - if (!HttpMethod.POST.name().equals(request.getMethod()) || !WebUtil.isAjax(request)) { - throw new AuthMethodNotSupportedException("Authentication method not supported"); - } - - UserDto userDto = objectMapper.readValue(request.getReader(), UserDto.class); - userDto.setRoles(Arrays.asList("ROLE_USER")); - - if (StringUtils.isEmpty(userDto.getUsername()) || StringUtils.isEmpty(userDto.getPassword())) { - throw new AuthenticationServiceException("Username or Password not provided"); - } - AjaxAuthenticationToken token = AjaxAuthenticationToken.getTokenFromAccountContext(userDto); - - return this.getAuthenticationManager().authenticate(token); - } - - public void setObjectMapper(ObjectMapper objectMapper) { - this.objectMapper = objectMapper; - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/filter/PermitAllFilter.java b/src/main/java/io/security/corespringsecurity/security/filter/PermitAllFilter.java deleted file mode 100644 index bf1c6e48..00000000 --- a/src/main/java/io/security/corespringsecurity/security/filter/PermitAllFilter.java +++ /dev/null @@ -1,77 +0,0 @@ -package io.security.corespringsecurity.security.filter; - -import org.springframework.security.access.intercept.InterceptorStatusToken; -import org.springframework.security.web.FilterInvocation; -import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; -import org.springframework.security.web.util.matcher.AntPathRequestMatcher; -import org.springframework.security.web.util.matcher.RequestMatcher; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; - -public class PermitAllFilter extends FilterSecurityInterceptor { - - - - private static final String FILTER_APPLIED = "__spring_security_filterSecurityInterceptor_filterApplied"; - - private List permitAllRequestMatcher = new ArrayList<>(); - - public PermitAllFilter(String... permitAllPattern) { - createPermitAllPattern(permitAllPattern); - } - - @Override - protected InterceptorStatusToken beforeInvocation(Object object) { - boolean permitAll = false; - HttpServletRequest request = ((FilterInvocation) object).getRequest(); - for (RequestMatcher requestMatcher : permitAllRequestMatcher) { - if (requestMatcher.matches(request)) { - permitAll = true; - break; - } - } - - if (permitAll) { - return null; - } - - return super.beforeInvocation(object); - } - - @Override - public void invoke(FilterInvocation fi) throws IOException, ServletException { - - if ((fi.getRequest() != null) && (fi.getRequest().getAttribute(FILTER_APPLIED) != null) - && super.isObserveOncePerRequest()) { - // filter already applied to this request and user wants us to observe - // once-per-request handling, so don't re-do security checking - fi.getChain().doFilter(fi.getRequest(), fi.getResponse()); - } else { - // first time this request being called, so perform security checking - if (fi.getRequest() != null) { - fi.getRequest().setAttribute(FILTER_APPLIED, Boolean.TRUE); - } - - InterceptorStatusToken token = beforeInvocation(fi); - - try { - fi.getChain().doFilter(fi.getRequest(), fi.getResponse()); - } finally { - super.finallyInvocation(token); - } - - super.afterInvocation(token, null); - } - } - - private void createPermitAllPattern(String... permitAllPattern) { - for (String pattern : permitAllPattern) { - permitAllRequestMatcher.add(new AntPathRequestMatcher(pattern)); - } - - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/init/SecurityInitializer.java b/src/main/java/io/security/corespringsecurity/security/init/SecurityInitializer.java deleted file mode 100644 index 0e7aa272..00000000 --- a/src/main/java/io/security/corespringsecurity/security/init/SecurityInitializer.java +++ /dev/null @@ -1,24 +0,0 @@ -package io.security.corespringsecurity.security.init; - -import io.security.corespringsecurity.service.SecurityResourceService; -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.ApplicationArguments; -import org.springframework.boot.ApplicationRunner; -import org.springframework.stereotype.Component; -import org.springframework.transaction.annotation.Transactional; - -@Component -@Slf4j -public class SecurityInitializer implements ApplicationRunner { - - @Autowired - private SecurityResourceService securityResourceService; - - @Override - @Transactional - public void run(ApplicationArguments args) { - - securityResourceService.setRoleHierarchy(); - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/listener/AuthenticationFailureListener.java b/src/main/java/io/security/corespringsecurity/security/listener/AuthenticationFailureListener.java deleted file mode 100644 index 0e7f88a4..00000000 --- a/src/main/java/io/security/corespringsecurity/security/listener/AuthenticationFailureListener.java +++ /dev/null @@ -1,24 +0,0 @@ -package io.security.corespringsecurity.security.listener; - -import io.security.corespringsecurity.service.impl.LoginAttemptServiceImpl; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationListener; -import org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent; -import org.springframework.stereotype.Component; - -import javax.servlet.http.HttpServletRequest; - -@Component -public class AuthenticationFailureListener implements ApplicationListener { - @Autowired - private HttpServletRequest request; - - @Autowired - private LoginAttemptServiceImpl loginAttemptService; - - @Override - public void onApplicationEvent(final AuthenticationFailureBadCredentialsEvent e) { - loginAttemptService.loginFailed(request.getRemoteAddr()); - } - -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/security/listener/AuthenticationSuccessEventListener.java b/src/main/java/io/security/corespringsecurity/security/listener/AuthenticationSuccessEventListener.java deleted file mode 100644 index ac232afc..00000000 --- a/src/main/java/io/security/corespringsecurity/security/listener/AuthenticationSuccessEventListener.java +++ /dev/null @@ -1,24 +0,0 @@ -package io.security.corespringsecurity.security.listener; - -import io.security.corespringsecurity.service.impl.LoginAttemptServiceImpl; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationListener; -import org.springframework.security.authentication.event.AuthenticationSuccessEvent; -import org.springframework.stereotype.Component; - -import javax.servlet.http.HttpServletRequest; - -@Component -public class AuthenticationSuccessEventListener implements ApplicationListener { - @Autowired - private HttpServletRequest request; - - @Autowired - private LoginAttemptServiceImpl loginAttemptService; - - @Override - public void onApplicationEvent(final AuthenticationSuccessEvent e) { - loginAttemptService.loginSucceeded(request.getRemoteAddr()); - } - -} diff --git a/src/main/java/io/security/corespringsecurity/security/listener/SetupDataLoader.java b/src/main/java/io/security/corespringsecurity/security/listener/SetupDataLoader.java deleted file mode 100644 index 3c7f8367..00000000 --- a/src/main/java/io/security/corespringsecurity/security/listener/SetupDataLoader.java +++ /dev/null @@ -1,163 +0,0 @@ -package io.security.corespringsecurity.security.listener; - -import io.security.corespringsecurity.domain.entity.*; -import io.security.corespringsecurity.repository.*; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationListener; -import org.springframework.context.event.ContextRefreshedEvent; -import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.stereotype.Component; -import org.springframework.transaction.annotation.Transactional; - -import java.util.HashSet; -import java.util.Set; -import java.util.concurrent.atomic.AtomicInteger; - -@Component -public class SetupDataLoader implements ApplicationListener { - - private boolean alreadySetup = false; - - @Autowired - private UserRepository userRepository; - - @Autowired - private RoleRepository roleRepository; - - @Autowired - private ResourcesRepository resourcesRepository; - - @Autowired - private RoleHierarchyRepository roleHierarchyRepository; - - @Autowired - private PasswordEncoder passwordEncoder; - - @Autowired - private AccessIpRepository accessIpRepository; - - private static AtomicInteger count = new AtomicInteger(0); - - @Override - @Transactional - public void onApplicationEvent(final ContextRefreshedEvent event) { - - if (alreadySetup) { - return; - } - - setupSecurityResources(); - setupAccessIpData(); - - alreadySetup = true; - } - - - - private void setupSecurityResources() { - Set roles = new HashSet<>(); - Role adminRole = createRoleIfNotFound("ROLE_ADMIN", "관리자"); - roles.add(adminRole); - createResourceIfNotFound("/admin/**", "", roles, "url"); - User user = createUserIfNotFound("admin", "pass", "admin@gmail.com", 10, roles); - - Set roles1 = new HashSet<>(); - - Role managerRole = createRoleIfNotFound("ROLE_MANAGER", "매니저"); - roles1.add(managerRole); - createResourceIfNotFound("io.security.corespringsecurity.aopsecurity.method.AopMethodService.methodTest", "", roles1, "method"); - createResourceIfNotFound("io.security.corespringsecurity.aopsecurity.method.AopMethodService.innerCallMethodTest", "", roles1, "method"); - createResourceIfNotFound("execution(* io.security.corespringsecurity.aopsecurity.pointcut.*Service.*(..))", "", roles1, "pointcut"); - createUserIfNotFound("manager", "pass", "manager@gmail.com", 20, roles1); - createRoleHierarchyIfNotFound(managerRole, adminRole); - - Set roles3 = new HashSet<>(); - - Role childRole1 = createRoleIfNotFound("ROLE_USER", "회원"); - roles3.add(childRole1); - createResourceIfNotFound("/users/**", "", roles3, "url"); - createUserIfNotFound("user", "pass", "user@gmail.com", 30, roles3); - createRoleHierarchyIfNotFound(childRole1, managerRole); - - } - - @Transactional - public Role createRoleIfNotFound(String roleName, String roleDesc) { - - Role role = roleRepository.findByRoleName(roleName); - - if (role == null) { - role = Role.builder() - .roleName(roleName) - .roleDesc(roleDesc) - .build(); - } - return roleRepository.save(role); - } - - @Transactional - public User createUserIfNotFound(String userName, String password, String email, int age, Set roleSet) { - - User user = userRepository.findByUsername(userName); - - if (user == null) { - user = User.builder() - .username(userName) - .email(email) - .age(age) - .password(passwordEncoder.encode(password)) - .userRoles(roleSet) - .build(); - } - return userRepository.save(user); - } - - @Transactional - public Resources createResourceIfNotFound(String resourceName, String httpMethod, Set roleSet, String resourceType) { - Resources resources = resourcesRepository.findByResourceNameAndHttpMethod(resourceName, httpMethod); - - if (resources == null) { - resources = Resources.builder() - .resourceName(resourceName) - .roleSet(roleSet) - .httpMethod(httpMethod) - .resourceType(resourceType) - .orderNum(count.incrementAndGet()) - .build(); - } - return resourcesRepository.save(resources); - } - - @Transactional - public void createRoleHierarchyIfNotFound(Role childRole, Role parentRole) { - - RoleHierarchy roleHierarchy = roleHierarchyRepository.findByChildName(parentRole.getRoleName()); - if (roleHierarchy == null) { - roleHierarchy = RoleHierarchy.builder() - .childName(parentRole.getRoleName()) - .build(); - } - RoleHierarchy parentRoleHierarchy = roleHierarchyRepository.save(roleHierarchy); - - roleHierarchy = roleHierarchyRepository.findByChildName(childRole.getRoleName()); - if (roleHierarchy == null) { - roleHierarchy = RoleHierarchy.builder() - .childName(childRole.getRoleName()) - .build(); - } - - RoleHierarchy childRoleHierarchy = roleHierarchyRepository.save(roleHierarchy); - childRoleHierarchy.setParentName(parentRoleHierarchy); - } - - private void setupAccessIpData() { - AccessIp byIpAddress = accessIpRepository.findByIpAddress("127.0.0.1"); - if (byIpAddress == null) { - AccessIp accessIp = AccessIp.builder() - .ipAddress("127.0.0.1") - .build(); - accessIpRepository.save(accessIp); - } - - } -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/security/metaDataSource/UrlSecurityMetadataSource.java b/src/main/java/io/security/corespringsecurity/security/metaDataSource/UrlSecurityMetadataSource.java deleted file mode 100644 index 5fa15c9b..00000000 --- a/src/main/java/io/security/corespringsecurity/security/metaDataSource/UrlSecurityMetadataSource.java +++ /dev/null @@ -1,80 +0,0 @@ -package io.security.corespringsecurity.security.metaDataSource; - - -import io.security.corespringsecurity.service.SecurityResourceService; -import lombok.extern.slf4j.Slf4j; -import org.springframework.security.access.ConfigAttribute; -import org.springframework.security.web.FilterInvocation; -import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; -import org.springframework.security.web.util.matcher.RequestMatcher; - -import javax.servlet.http.HttpServletRequest; -import java.util.*; - -@Slf4j -public class UrlSecurityMetadataSource implements FilterInvocationSecurityMetadataSource { - - private LinkedHashMap> requestMap; - private SecurityResourceService securityResourceService; - - public UrlSecurityMetadataSource(LinkedHashMap> requestMap, SecurityResourceService securityResourceService) { - this.requestMap = requestMap; - this.securityResourceService = securityResourceService; - } - - @Override - public Collection getAttributes(Object object) throws IllegalArgumentException { - - Collection result = null; - FilterInvocation fi = (FilterInvocation) object; - HttpServletRequest httpServletRequest = fi.getHttpRequest(); - - if (requestMap != null) { - for (Map.Entry> entry : requestMap.entrySet()) { - RequestMatcher matcher = entry.getKey(); - if (matcher.matches(httpServletRequest)) { - result = entry.getValue(); - break; - } - } - } - return result; - } - - @Override - public Collection getAllConfigAttributes() { - - Set result = new HashSet<>(); - for (Map.Entry> entry : requestMap.entrySet()) { - List list = entry.getValue(); - if (list != null) { - result.addAll(list); - } - } - return null; - } - - @Override - public boolean supports(Class clazz) { - return FilterInvocation.class.isAssignableFrom(clazz); - } - - public void reload() throws Exception { - - LinkedHashMap> reloadedMap = securityResourceService.getResourceList(); - - Iterator>> iterator = reloadedMap.entrySet().iterator(); - - // 이전 데이터 삭제 - requestMap.clear(); - - while (iterator.hasNext()) { - Map.Entry> entry = iterator.next(); - - requestMap.put(entry.getKey(), entry.getValue()); - } - - log.info("Secured Url Resources - Role Mappings reloaded at Runtime!"); - } - -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/security/processor/ProtectPointcutPostProcessor.java b/src/main/java/io/security/corespringsecurity/security/processor/ProtectPointcutPostProcessor.java deleted file mode 100644 index 20361877..00000000 --- a/src/main/java/io/security/corespringsecurity/security/processor/ProtectPointcutPostProcessor.java +++ /dev/null @@ -1,133 +0,0 @@ -package io.security.corespringsecurity.security.processor; - -import lombok.extern.slf4j.Slf4j; -import org.aspectj.weaver.tools.PointcutExpression; -import org.aspectj.weaver.tools.PointcutParser; -import org.aspectj.weaver.tools.PointcutPrimitive; -import org.springframework.beans.BeansException; -import org.springframework.beans.factory.config.BeanPostProcessor; -import org.springframework.security.access.ConfigAttribute; -import org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource; -import org.springframework.util.Assert; -import org.springframework.util.StringUtils; - -import java.lang.reflect.Method; -import java.util.*; - -@Slf4j -public class ProtectPointcutPostProcessor implements BeanPostProcessor { - - private final Map> pointcutMap = new LinkedHashMap>(); - private final MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource; - private final Set pointCutExpressions = new LinkedHashSet<>(); - private final PointcutParser parser; - private final Set processedBeans = new HashSet<>(); - - public ProtectPointcutPostProcessor(MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource) { - Assert.notNull(mapBasedMethodSecurityMetadataSource, "MapBasedMethodSecurityMetadataSource to populate is required"); - this.mapBasedMethodSecurityMetadataSource = mapBasedMethodSecurityMetadataSource; - - Set supportedPrimitives = new HashSet<>(3); - supportedPrimitives.add(PointcutPrimitive.EXECUTION); - supportedPrimitives.add(PointcutPrimitive.ARGS); - supportedPrimitives.add(PointcutPrimitive.REFERENCE); - parser = PointcutParser.getPointcutParserSupportingSpecifiedPrimitivesAndUsingContextClassloaderForResolution(supportedPrimitives); - } - - public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException { - return bean; - } - - public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException { - - if (processedBeans.contains(beanName)) { - return bean; - } - - synchronized (processedBeans) { - if (processedBeans.contains(beanName)) { - return bean; - } - - Method[] methods; - try { - methods = bean.getClass().getMethods(); - } catch (Exception e) { - throw new IllegalStateException(e.getMessage()); - } - - for (Method method : methods) { - for (PointcutExpression expression : pointCutExpressions) { - if (attemptMatch(bean.getClass(), method, expression, beanName)) { - break; - } - } - } - - processedBeans.add(beanName); - } - - return bean; - } - - /** - * 설정클래스에서 람다 형식으로 선언된 빈이 존재할 경우 에러가 발생하여 스프링 빈과 동일한 클래스를 생성하여 약간 수정함 - * 아직 AspectJ 라이브러리에서 Fix 하지 못한 것으로 판단되지만 다른 원인이 존재하는지 계속 살펴보도록 함 - */ - private boolean attemptMatch(Class targetClass, Method method, PointcutExpression expression, String beanName) { - - boolean matches; - try { - matches = expression.matchesMethodExecution(method).alwaysMatches(); - if (matches) { - List attr = pointcutMap.get(expression.getPointcutExpression()); - - if (log.isDebugEnabled()) { - log.debug("AspectJ pointcut expression '" - + expression.getPointcutExpression() + "' matches target class '" - + targetClass.getName() + "' (bean ID '" + beanName - + "') for method '" + method - + "'; registering security configuration attribute '" + attr - + "'"); - } - - mapBasedMethodSecurityMetadataSource.addSecureMethod(targetClass, method, attr); - } - return matches; - - } catch (Exception e) { - matches = false; - } - return matches; - } - - public void setPointcutMap(Map> map) { - Assert.notEmpty(map, "configAttributes cannot be empty"); - for (String expression : map.keySet()) { - List value = map.get(expression); - addPointcut(expression, value); - } - } - - private void addPointcut(String pointcutExpression, List definition) { - Assert.hasText(pointcutExpression, "An AspectJ pointcut expression is required"); - Assert.notNull(definition, "A List of ConfigAttributes is required"); - pointcutExpression = replaceBooleanOperators(pointcutExpression); - pointcutMap.put(pointcutExpression, definition); - pointCutExpressions.add(parser.parsePointcutExpression(pointcutExpression)); - - if (log.isDebugEnabled()) { - log.debug("AspectJ pointcut expression '" + pointcutExpression - + "' registered for security configuration attribute '" + definition - + "'"); - } - } - - private String replaceBooleanOperators(String pcExpr) { - pcExpr = StringUtils.replace(pcExpr, " and ", " && "); - pcExpr = StringUtils.replace(pcExpr, " or ", " || "); - pcExpr = StringUtils.replace(pcExpr, " not ", " ! "); - return pcExpr; - } - -} diff --git a/src/main/java/io/security/corespringsecurity/security/token/AjaxAuthenticationToken.java b/src/main/java/io/security/corespringsecurity/security/token/AjaxAuthenticationToken.java deleted file mode 100644 index 4cb2b73d..00000000 --- a/src/main/java/io/security/corespringsecurity/security/token/AjaxAuthenticationToken.java +++ /dev/null @@ -1,18 +0,0 @@ -package io.security.corespringsecurity.security.token; - -import io.security.corespringsecurity.security.domain.UserDto; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.GrantedAuthority; - -import java.util.Collection; - -public class AjaxAuthenticationToken extends UsernamePasswordAuthenticationToken { - - private AjaxAuthenticationToken(Object principal, Object credentials, Collection authorities) { - super(principal, credentials, authorities); - } - - public static AjaxAuthenticationToken getTokenFromAccountContext(UserDto userDto) { - return new AjaxAuthenticationToken(userDto, userDto.getPassword(), userDto.getAuthorities()); - } -} diff --git a/src/main/java/io/security/corespringsecurity/security/voter/IpAddressVoter.java b/src/main/java/io/security/corespringsecurity/security/voter/IpAddressVoter.java deleted file mode 100644 index c2891dad..00000000 --- a/src/main/java/io/security/corespringsecurity/security/voter/IpAddressVoter.java +++ /dev/null @@ -1,59 +0,0 @@ -package io.security.corespringsecurity.security.voter; - -import io.security.corespringsecurity.service.SecurityResourceService; -import org.springframework.security.access.AccessDecisionVoter; -import org.springframework.security.access.AccessDeniedException; -import org.springframework.security.access.ConfigAttribute; -import org.springframework.security.core.Authentication; -import org.springframework.security.web.authentication.WebAuthenticationDetails; - -import java.util.Collection; -import java.util.List; - -public class IpAddressVoter implements AccessDecisionVoter { - - private SecurityResourceService securityResourceService; - -// private static final String REQUEST_URI = "/admin/"; - - public IpAddressVoter(SecurityResourceService securityResourceService) { - this.securityResourceService = securityResourceService; - } - - @Override - public boolean supports(ConfigAttribute attribute) { - return (attribute.getAttribute() != null); - } - - @Override - public boolean supports(Class clazz) { - return true; - } - - @Override - public int vote(Authentication authentication, Object object, Collection configList) { - - if (!(authentication.getDetails() instanceof WebAuthenticationDetails)) { - return ACCESS_DENIED; - } - - WebAuthenticationDetails details = (WebAuthenticationDetails) authentication.getDetails(); - String address = details.getRemoteAddress(); - List accessIpList = securityResourceService.getAccessIpList(); - - int result = ACCESS_DENIED; - - for (String ipAddress : accessIpList) { - - if (address.equals(ipAddress)) { - return ACCESS_ABSTAIN; - } - } - - if(result == ACCESS_DENIED){ - throw new AccessDeniedException("Invalid ipAddress can not accessed"); - } - - return result; - } -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/service/LoginAttemptService.java b/src/main/java/io/security/corespringsecurity/service/LoginAttemptService.java deleted file mode 100644 index 49582249..00000000 --- a/src/main/java/io/security/corespringsecurity/service/LoginAttemptService.java +++ /dev/null @@ -1,8 +0,0 @@ -package io.security.corespringsecurity.service; - -public interface LoginAttemptService { - - void loginSucceeded(final String key); - void loginFailed(final String key); - boolean isBlocked(final String key); -} diff --git a/src/main/java/io/security/corespringsecurity/service/MethodSecurityService.java b/src/main/java/io/security/corespringsecurity/service/MethodSecurityService.java deleted file mode 100644 index e6fc9ddd..00000000 --- a/src/main/java/io/security/corespringsecurity/service/MethodSecurityService.java +++ /dev/null @@ -1,68 +0,0 @@ -package io.security.corespringsecurity.service; - -import io.security.corespringsecurity.security.aop.CustomMethodSecurityInterceptor; -import lombok.extern.slf4j.Slf4j; -import org.springframework.aop.framework.ProxyFactory; -import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator; -import org.springframework.beans.factory.support.DefaultSingletonBeanRegistry; -import org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext; -import org.springframework.security.access.ConfigAttribute; -import org.springframework.security.access.SecurityConfig; -import org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource; -import org.springframework.stereotype.Component; -import org.springframework.util.ClassUtils; - -import java.util.Arrays; -import java.util.List; - -@Slf4j -@Component -public class MethodSecurityService { - - private MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource; - private AnnotationConfigServletWebServerApplicationContext applicationContext; - private CustomMethodSecurityInterceptor methodSecurityInterceptor; - - public MethodSecurityService(MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource, AnnotationConfigServletWebServerApplicationContext applicationContext, CustomMethodSecurityInterceptor methodSecurityInterceptor) { - this.mapBasedMethodSecurityMetadataSource = mapBasedMethodSecurityMetadataSource; - this.applicationContext = applicationContext; - this.methodSecurityInterceptor = methodSecurityInterceptor; - } - - public void addMethodSecured(String className, String roleName) throws Exception{ - - int lastDotIndex = className.lastIndexOf("."); - String methodName = className.substring(lastDotIndex + 1); - String typeName = className.substring(0, lastDotIndex); - Class type = ClassUtils.resolveClassName(typeName, ClassUtils.getDefaultClassLoader()); - String beanName = type.getSimpleName().substring(0, 1).toLowerCase() + type.getSimpleName().substring(1); - - ProxyFactory proxyFactory = new ProxyFactory(); - proxyFactory.setTarget(type.getDeclaredConstructor().newInstance()); - proxyFactory.addAdvice(methodSecurityInterceptor); - Object proxy = proxyFactory.getProxy(); - - List attr = Arrays.asList(new SecurityConfig(roleName)); - mapBasedMethodSecurityMetadataSource.addSecureMethod(type,methodName, attr); - - DefaultSingletonBeanRegistry registry = (DefaultSingletonBeanRegistry)applicationContext.getBeanFactory(); - registry.destroySingleton(beanName); - registry.registerSingleton(beanName, proxy); - - } - - public void removeMethodSecured(String className) throws Exception{ - - int lastDotIndex = className.lastIndexOf("."); - String typeName = className.substring(0, lastDotIndex); - Class type = ClassUtils.resolveClassName(typeName, ClassUtils.getDefaultClassLoader()); - String beanName = type.getSimpleName().substring(0, 1).toLowerCase() + type.getSimpleName().substring(1); - Object newInstance = type.getDeclaredConstructor().newInstance(); - - DefaultSingletonBeanRegistry registry = (DefaultSingletonBeanRegistry)applicationContext.getBeanFactory(); - Object singleton = registry.getSingleton(beanName); - registry.destroySingleton(beanName); - registry.registerSingleton(beanName, newInstance); - - } -} diff --git a/src/main/java/io/security/corespringsecurity/service/ResourcesService.java b/src/main/java/io/security/corespringsecurity/service/ResourcesService.java deleted file mode 100644 index c46197e5..00000000 --- a/src/main/java/io/security/corespringsecurity/service/ResourcesService.java +++ /dev/null @@ -1,17 +0,0 @@ -package io.security.corespringsecurity.service; - -import io.security.corespringsecurity.domain.entity.Resources; -import io.security.corespringsecurity.domain.entity.Role; - -import java.util.List; - -public interface ResourcesService { - - Resources selectResources(long id); - - List selectResources(); - - void insertResources(Resources Resources); - - void deleteResources(long id); -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/service/RoleHierarchyService.java b/src/main/java/io/security/corespringsecurity/service/RoleHierarchyService.java deleted file mode 100644 index b63a7f7b..00000000 --- a/src/main/java/io/security/corespringsecurity/service/RoleHierarchyService.java +++ /dev/null @@ -1,6 +0,0 @@ -package io.security.corespringsecurity.service; - -public interface RoleHierarchyService { - - String findAllHierarchy(); -} diff --git a/src/main/java/io/security/corespringsecurity/service/RoleService.java b/src/main/java/io/security/corespringsecurity/service/RoleService.java deleted file mode 100644 index 55cc8449..00000000 --- a/src/main/java/io/security/corespringsecurity/service/RoleService.java +++ /dev/null @@ -1,15 +0,0 @@ -package io.security.corespringsecurity.service; - -import io.security.corespringsecurity.domain.dto.RoleDto; -import io.security.corespringsecurity.domain.entity.Role; - -import java.util.List; - -public interface RoleService { - - Role getRole(long id); - - List getRoles(); - - void createRole(Role role); -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/service/SecurityResourceService.java b/src/main/java/io/security/corespringsecurity/service/SecurityResourceService.java deleted file mode 100644 index ff21ce76..00000000 --- a/src/main/java/io/security/corespringsecurity/service/SecurityResourceService.java +++ /dev/null @@ -1,134 +0,0 @@ -package io.security.corespringsecurity.service; - -import io.security.corespringsecurity.domain.entity.Resources; -import io.security.corespringsecurity.repository.AccessIpRepository; -import io.security.corespringsecurity.repository.ResourcesRepository; -import io.security.corespringsecurity.security.aop.CustomMethodSecurityInterceptor; -import io.security.corespringsecurity.service.impl.RoleHierarchyServiceImpl; -import lombok.extern.slf4j.Slf4j; -import org.springframework.aop.framework.ProxyFactory; -import org.springframework.beans.factory.support.DefaultSingletonBeanRegistry; -import org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext; -import org.springframework.cache.annotation.CacheEvict; -import org.springframework.cache.annotation.Cacheable; -import org.springframework.security.access.ConfigAttribute; -import org.springframework.security.access.SecurityConfig; -import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl; -import org.springframework.security.access.method.MapBasedMethodSecurityMetadataSource; -import org.springframework.security.web.util.matcher.AntPathRequestMatcher; -import org.springframework.security.web.util.matcher.RequestMatcher; -import org.springframework.stereotype.Service; -import org.springframework.util.ClassUtils; -import org.springframework.web.bind.annotation.GetMapping; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.stream.Collectors; - -@Slf4j -public class SecurityResourceService { - - private ResourcesRepository resourcesRepository; - private RoleHierarchyServiceImpl roleHierarchyService; - private RoleHierarchyImpl roleHierarchy; - private AccessIpRepository accessIpRepository; - - public SecurityResourceService(ResourcesRepository resourcesRepository, RoleHierarchyImpl roleHierarchy, RoleHierarchyServiceImpl roleHierarchyService, AccessIpRepository accessIpRepository/*, MapBasedMethodSecurityMetadataSource mapBasedMethodSecurityMetadataSource, AnnotationConfigServletWebServerApplicationContext applicationContext, CustomMethodSecurityInterceptor methodSecurityInterceptor*/) { - this.resourcesRepository = resourcesRepository; - this.roleHierarchy = roleHierarchy; - this.roleHierarchyService = roleHierarchyService; - this.accessIpRepository = accessIpRepository; - } - - @Cacheable(value = "resourceList") - public LinkedHashMap> getResourceList() { - - LinkedHashMap> result = new LinkedHashMap<>(); - List resourcesList = resourcesRepository.findAllResources(); - - resourcesList.forEach(re -> - { - List configAttributeList = new ArrayList<>(); - re.getRoleSet().forEach(ro -> { - configAttributeList.add(new SecurityConfig(ro.getRoleName())); - result.put(new AntPathRequestMatcher(re.getResourceName()), configAttributeList); - }); - } - ); - log.debug("cache test"); - return result; - } - - @Cacheable(value = "methodResourceList") - public LinkedHashMap> getMethodResourceList() { - - LinkedHashMap> result = new LinkedHashMap<>(); - List resourcesList = resourcesRepository.findAllMethodResources(); - - getResourceMap(result, resourcesList); - return result; - } - - @Cacheable(value = "pointcutResourceList") - public LinkedHashMap> getPointcutResourceList() { - - LinkedHashMap> result = new LinkedHashMap<>(); - List resourcesList = resourcesRepository.findAllPointcutResources(); - - getResourceMap(result, resourcesList); - return result; - } - - @Cacheable(value = "accessIpList") - public List getAccessIpList() { - - List accessIpList = accessIpRepository.findAll().stream().map(accessIp -> accessIp.getIpAddress()).collect(Collectors.toList()); - - return accessIpList; - } - - private void getResourceMap(LinkedHashMap> result, List resourcesList) { - resourcesList.forEach(re -> - { - List configAttributeList = new ArrayList<>(); - re.getRoleSet().forEach(ro -> { - configAttributeList.add(new SecurityConfig(ro.getRoleName())); - result.put(re.getResourceName(), configAttributeList); - }); - } - ); - log.debug("cache test"); - } - - @CacheEvict(value = "resourceList") - public void clearCacheResourceList() { - - } - - @CacheEvict(value = "methodResourceList") - public void clearCacheMethodResourceList() { - - } - - @CacheEvict(value = "pointcutResourceList") - public void clearCachePointcutResourceList() { - - } - - @CacheEvict(value = "accessIpList") - public void clearAccessIpList() { - - } - - public void setRoleHierarchy() { - String allHierarchy = roleHierarchyService.findAllHierarchy(); - roleHierarchy.setHierarchy(allHierarchy); - } - - private void init() { - getResourceList(); - } - -} diff --git a/src/main/java/io/security/corespringsecurity/service/UserService.java b/src/main/java/io/security/corespringsecurity/service/UserService.java deleted file mode 100644 index 255f5e79..00000000 --- a/src/main/java/io/security/corespringsecurity/service/UserService.java +++ /dev/null @@ -1,14 +0,0 @@ -package io.security.corespringsecurity.service; - -import io.security.corespringsecurity.domain.dto.UserDto; -import io.security.corespringsecurity.domain.entity.User; - -import java.util.List; - -public interface UserService { - - List getUsers(); - UserDto getUser(Long id); - void createUser(User user); - void deleteUser(Long idx); -} diff --git a/src/main/java/io/security/corespringsecurity/service/impl/LoginAttemptServiceImpl.java b/src/main/java/io/security/corespringsecurity/service/impl/LoginAttemptServiceImpl.java deleted file mode 100644 index 0886b070..00000000 --- a/src/main/java/io/security/corespringsecurity/service/impl/LoginAttemptServiceImpl.java +++ /dev/null @@ -1,49 +0,0 @@ -package io.security.corespringsecurity.service.impl; - -import io.security.corespringsecurity.service.LoginAttemptService; -import org.springframework.cglib.core.internal.LoadingCache; -import org.springframework.stereotype.Service; - -import java.util.HashMap; -import java.util.Map; -import java.util.concurrent.ExecutionException; -import java.util.concurrent.TimeUnit; - -@Service -public class LoginAttemptServiceImpl implements LoginAttemptService { - - private final int MAX_ATTEMPT = 5; - private Map attemptsCache; - - public LoginAttemptServiceImpl() { - super(); - attemptsCache = new HashMap(); - } - - @Override - public void loginSucceeded(final String key) { - - attemptsCache.put(key, 0); - } - - @Override - public void loginFailed(final String key) { - int attempts; - try { - attempts = attemptsCache.get(key); - } catch (Exception e) { - attempts = 0; - } - attempts++; - attemptsCache.put(key, attempts); - } - - @Override - public boolean isBlocked(final String key) { - try { - return attemptsCache.get(key) >= MAX_ATTEMPT; - } catch (Exception e) { - return false; - } - } -} diff --git a/src/main/java/io/security/corespringsecurity/service/impl/ResourcesServiceImpl.java b/src/main/java/io/security/corespringsecurity/service/impl/ResourcesServiceImpl.java deleted file mode 100644 index d7ec7e01..00000000 --- a/src/main/java/io/security/corespringsecurity/service/impl/ResourcesServiceImpl.java +++ /dev/null @@ -1,42 +0,0 @@ -package io.security.corespringsecurity.service.impl; - -import io.security.corespringsecurity.domain.entity.Resources; -import io.security.corespringsecurity.domain.entity.Role; -import io.security.corespringsecurity.repository.ResourcesRepository; -import io.security.corespringsecurity.service.ResourcesService; -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; -import org.springframework.transaction.annotation.Transactional; - -import java.util.HashSet; -import java.util.List; -import java.util.Set; - -@Slf4j -@Service -public class ResourcesServiceImpl implements ResourcesService { - - @Autowired - private ResourcesRepository ResourcesRepository; - - @Transactional - public Resources selectResources(long id) { - return ResourcesRepository.findById(id).orElse(new Resources()); - } - - @Transactional - public List selectResources() { - return ResourcesRepository.findAll(); - } - - @Transactional - public void insertResources(Resources resources){ - ResourcesRepository.save(resources); - } - - @Transactional - public void deleteResources(long id) { - ResourcesRepository.deleteById(id); - } -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/service/impl/RoleHierarchyServiceImpl.java b/src/main/java/io/security/corespringsecurity/service/impl/RoleHierarchyServiceImpl.java deleted file mode 100644 index 90af3135..00000000 --- a/src/main/java/io/security/corespringsecurity/service/impl/RoleHierarchyServiceImpl.java +++ /dev/null @@ -1,39 +0,0 @@ -package io.security.corespringsecurity.service.impl; - -import io.security.corespringsecurity.domain.entity.RoleHierarchy; -import io.security.corespringsecurity.repository.RoleHierarchyRepository; -import io.security.corespringsecurity.service.RoleHierarchyService; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; -import org.springframework.transaction.annotation.Transactional; - -import java.util.Iterator; -import java.util.List; - -@Service -public class RoleHierarchyServiceImpl implements RoleHierarchyService { - - @Autowired - private RoleHierarchyRepository roleHierarchyRepository; - - @Transactional - @Override - public String findAllHierarchy() { - - List rolesHierarchy = roleHierarchyRepository.findAll(); - - Iterator itr = rolesHierarchy.iterator(); - StringBuffer concatedRoles = new StringBuffer(); - while (itr.hasNext()) { - RoleHierarchy model = itr.next(); - if (model.getParentName() != null) { - concatedRoles.append(model.getParentName().getChildName()); - concatedRoles.append(" > "); - concatedRoles.append(model.getChildName()); - concatedRoles.append("\n"); - } - } - return concatedRoles.toString(); - - } -} diff --git a/src/main/java/io/security/corespringsecurity/service/impl/RoleServiceImpl.java b/src/main/java/io/security/corespringsecurity/service/impl/RoleServiceImpl.java deleted file mode 100644 index 533b3ebb..00000000 --- a/src/main/java/io/security/corespringsecurity/service/impl/RoleServiceImpl.java +++ /dev/null @@ -1,37 +0,0 @@ -package io.security.corespringsecurity.service.impl; - -import io.security.corespringsecurity.domain.dto.RoleDto; -import io.security.corespringsecurity.domain.entity.Role; -import io.security.corespringsecurity.repository.RoleRepository; -import io.security.corespringsecurity.service.RoleService; -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; -import org.springframework.transaction.annotation.Transactional; - -import java.util.List; - -@Slf4j -@Service -public class RoleServiceImpl implements RoleService { - - @Autowired - private RoleRepository roleRepository; - - @Transactional - public Role getRole(long id) { - return roleRepository.findById(id).orElse(new Role()); - } - - @Transactional - public List getRoles() { - - return roleRepository.findAll(); - } - - @Transactional - public void createRole(Role role){ - - roleRepository.save(role); - } -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/service/impl/UserServiceImpl.java b/src/main/java/io/security/corespringsecurity/service/impl/UserServiceImpl.java deleted file mode 100644 index 98c408d1..00000000 --- a/src/main/java/io/security/corespringsecurity/service/impl/UserServiceImpl.java +++ /dev/null @@ -1,76 +0,0 @@ -package io.security.corespringsecurity.service.impl; - -import io.security.corespringsecurity.domain.dto.UserDto; -import io.security.corespringsecurity.domain.entity.Role; -import io.security.corespringsecurity.domain.entity.User; -import io.security.corespringsecurity.repository.RoleRepository; -import io.security.corespringsecurity.repository.UserRepository; -import io.security.corespringsecurity.security.authentication.services.UserDetail; -import io.security.corespringsecurity.service.UserService; -import lombok.extern.slf4j.Slf4j; -import org.modelmapper.ModelMapper; -import org.modelmapper.convention.MatchingStrategies; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.stereotype.Service; -import org.springframework.transaction.annotation.Transactional; - -import javax.servlet.http.HttpServletRequest; -import java.util.HashSet; -import java.util.List; -import java.util.Set; -import java.util.stream.Collectors; - -@Slf4j -@Service("userService") -public class UserServiceImpl implements UserService { - - @Autowired - private UserRepository userRepository; - - @Autowired - private RoleRepository roleRepository; - - @Autowired - private PasswordEncoder passwordEncoder; - - @Transactional - public void createUser(User user){ - - Role role = roleRepository.findByRoleName("ROLE_USER"); - Set roles = new HashSet<>(); - roles.add(role); - user.setUserRoles(roles); - user.setPassword(passwordEncoder.encode(user.getPassword())); - userRepository.save(user); - } - - @Transactional - public UserDto getUser(Long id) { - - User user = userRepository.findById(id).orElse(new User()); - ModelMapper modelMapper = new ModelMapper(); - UserDto userDto = modelMapper.map(user, UserDto.class); - - List roles = user.getUserRoles() - .stream() - .map(role -> role.getRoleName()) - .collect(Collectors.toList()); - - userDto.setRoles(roles); - return userDto; - } - - @Transactional - public List getUsers() { - return userRepository.findAll(); - } - - @Override - public void deleteUser(Long id) { - userRepository.deleteById(id); - } -} \ No newline at end of file diff --git a/src/main/java/io/security/corespringsecurity/util/WebUtil.java b/src/main/java/io/security/corespringsecurity/util/WebUtil.java deleted file mode 100644 index f9e32cbe..00000000 --- a/src/main/java/io/security/corespringsecurity/util/WebUtil.java +++ /dev/null @@ -1,25 +0,0 @@ -package io.security.corespringsecurity.util; - -import org.springframework.security.web.savedrequest.SavedRequest; - -import javax.servlet.http.HttpServletRequest; - -public class WebUtil { - private static final String XML_HTTP_REQUEST = "XMLHttpRequest"; - private static final String X_REQUESTED_WITH = "X-Requested-With"; - - private static final String CONTENT_TYPE = "Content-type"; - private static final String CONTENT_TYPE_JSON = "application/json"; - - public static boolean isAjax(HttpServletRequest request) { - return XML_HTTP_REQUEST.equals(request.getHeader(X_REQUESTED_WITH)); - } - - public static boolean isAjax(SavedRequest request) { - return request.getHeaderValues(X_REQUESTED_WITH).contains(XML_HTTP_REQUEST); - } - - public static boolean isContentTypeJson(SavedRequest request) { - return request.getHeaderValues(CONTENT_TYPE).contains(CONTENT_TYPE_JSON); - } -} diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 37b71f0d..3b00ef1f 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -2,7 +2,7 @@ spring.datasource.url=jdbc:postgresql://localhost:5432/springboot spring.datasource.username=postgres spring.datasource.password=pass -spring.jpa.hibernate.ddl-auto=update +spring.jpa.hibernate.ddl-auto=create-drop spring.jpa.properties.hibernate.format_sql=true spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation=true diff --git a/src/main/resources/static/css/base.css b/src/main/resources/static/css/base.css index 2792593c..e57afa3d 100644 --- a/src/main/resources/static/css/base.css +++ b/src/main/resources/static/css/base.css @@ -5,6 +5,12 @@ .cc-tab-item:first-child { margin-left: 0; } .cc-tab-item:hover { color: #ed3e64; } .cc-tab-item.on { cursor: default; line-height: 45px; color: #ed3e64; border-color: #ed3e64; border-bottom: 0 none; border-top-width: 5px; z-index: 8; } +.security { + height:200px; + background-image: url("../images/springsecurity.jpg"); + background-repeat: no-repeat; + background-position: center; +} .sidebar { position: fixed; top: 0; @@ -19,7 +25,7 @@ position: -webkit-sticky; position: sticky; top: 48px; /* Height of navbar */ - height: calc(100vh - 48px); + height: calc(50vh); padding-top: .5rem; overflow-x: hidden; overflow-y: auto; /* Scrollable contents if viewport is shorter than content. */ diff --git a/src/main/resources/static/images/glyphicons-halflings-white.png b/src/main/resources/static/images/glyphicons-halflings-white.png deleted file mode 100644 index 3bf6484a..00000000 Binary files a/src/main/resources/static/images/glyphicons-halflings-white.png and /dev/null differ diff --git a/src/main/resources/static/images/glyphicons-halflings.png b/src/main/resources/static/images/glyphicons-halflings.png deleted file mode 100644 index a9969993..00000000 Binary files a/src/main/resources/static/images/glyphicons-halflings.png and /dev/null differ diff --git a/src/main/resources/static/images/spring_boot.png b/src/main/resources/static/images/spring_boot.png deleted file mode 100644 index d56f8e78..00000000 Binary files a/src/main/resources/static/images/spring_boot.png and /dev/null differ diff --git a/src/main/resources/static/images/spring_boot_gray.png b/src/main/resources/static/images/spring_boot_gray.png deleted file mode 100644 index bedfa745..00000000 Binary files a/src/main/resources/static/images/spring_boot_gray.png and /dev/null differ diff --git a/src/main/resources/static/images/spring_boot_green.png b/src/main/resources/static/images/spring_boot_green.png deleted file mode 100644 index 375f324f..00000000 Binary files a/src/main/resources/static/images/spring_boot_green.png and /dev/null differ diff --git a/src/main/resources/static/images/springsecurity.jpg b/src/main/resources/static/images/springsecurity.jpg new file mode 100644 index 00000000..b7df495a Binary files /dev/null and b/src/main/resources/static/images/springsecurity.jpg differ diff --git a/src/main/resources/templates/admin/common/head.html b/src/main/resources/templates/admin/common/head.html deleted file mode 100644 index cf02a549..00000000 --- a/src/main/resources/templates/admin/common/head.html +++ /dev/null @@ -1,26 +0,0 @@ - - - - - - - - - - - - - - \ No newline at end of file diff --git a/src/main/resources/templates/admin/common/top.html b/src/main/resources/templates/admin/common/top.html deleted file mode 100644 index 7284ad94..00000000 --- a/src/main/resources/templates/admin/common/top.html +++ /dev/null @@ -1,13 +0,0 @@ - - - - \ No newline at end of file diff --git a/src/main/resources/templates/admin/config.html b/src/main/resources/templates/admin/config.html new file mode 100644 index 00000000..1081bb26 --- /dev/null +++ b/src/main/resources/templates/admin/config.html @@ -0,0 +1,31 @@ + + + + +
+
+
+ +
+
+

여기는 환경설정 입니다.

+
+
+
+
+
+ + \ No newline at end of file diff --git a/src/main/resources/templates/admin/home.html b/src/main/resources/templates/admin/home.html deleted file mode 100644 index cb71b13c..00000000 --- a/src/main/resources/templates/admin/home.html +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - - - - \ No newline at end of file diff --git a/src/main/resources/templates/admin/resource/detail.html b/src/main/resources/templates/admin/resource/detail.html deleted file mode 100644 index b9b60ad5..00000000 --- a/src/main/resources/templates/admin/resource/detail.html +++ /dev/null @@ -1,64 +0,0 @@ - - - - -
-
-
- 사용자관리 - 권한관리 - 리소스관리 -
-
-
-
- -
- -
-
- -
- -
- -
-
-
- -
- -
-
-
- -
- -
-
-
- -
- -
-
-
-
- - - 목록 - 삭제 -
-
-
-
-
- - \ No newline at end of file diff --git a/src/main/resources/templates/admin/resource/list.html b/src/main/resources/templates/admin/resource/list.html deleted file mode 100644 index 54e38de6..00000000 --- a/src/main/resources/templates/admin/resource/list.html +++ /dev/null @@ -1,44 +0,0 @@ - - - - -
-
-
- 사용자관리 - 권한관리 - 리소스관리 -
-
- - - - - - - - - - - - - - - - - - -
리소스명리소스타입HttpMethod순서
- 회원 -
- -
-
- - \ No newline at end of file diff --git a/src/main/resources/templates/admin/role/detail.html b/src/main/resources/templates/admin/role/detail.html deleted file mode 100644 index 01568ad7..00000000 --- a/src/main/resources/templates/admin/role/detail.html +++ /dev/null @@ -1,40 +0,0 @@ - - - - -
-
-
- 사용자관리 - 권한관리 - 리소스관리 -
-
-
-
- -
- -
-
- -
- -
- -
-
-
-
- - 목록 -
-
-
-
-
- - \ No newline at end of file diff --git a/src/main/resources/templates/admin/role/list.html b/src/main/resources/templates/admin/role/list.html deleted file mode 100644 index 442b81a6..00000000 --- a/src/main/resources/templates/admin/role/list.html +++ /dev/null @@ -1,39 +0,0 @@ - - - - -
-
-
- 사용자관리 - 권한관리 - 리소스관리 -
-
- - - - - - - - - - - - - - -
권한명권한설명
- 회원 -
- -
-
- - \ No newline at end of file diff --git a/src/main/resources/templates/admin/user/detail.html b/src/main/resources/templates/admin/user/detail.html deleted file mode 100644 index dcb60158..00000000 --- a/src/main/resources/templates/admin/user/detail.html +++ /dev/null @@ -1,62 +0,0 @@ - - - - -
-
-
- 사용자관리 - 권한관리 - 리소스관리 -
-
-
-
- -
- -
-
- -
- -
- -
-
-
- -
- -
-
-
- -
- -
-
-
- -
- -
-
-
-
- - 목록 -
-
-
-
-
- - \ No newline at end of file diff --git a/src/main/resources/templates/admin/user/list.html b/src/main/resources/templates/admin/user/list.html deleted file mode 100644 index 558c8151..00000000 --- a/src/main/resources/templates/admin/user/list.html +++ /dev/null @@ -1,42 +0,0 @@ - - - - -
-
-
- 사용자관리 - 권한관리 - 리소스관리 -
-
- - - - - - - - - - - - - - - - - - -
이름이메일나이권한
- 회원 -
-
-
- - - \ No newline at end of file diff --git a/src/main/resources/templates/aop/liveaop.html b/src/main/resources/templates/aop/liveaop.html deleted file mode 100644 index 6944d580..00000000 --- a/src/main/resources/templates/aop/liveaop.html +++ /dev/null @@ -1,16 +0,0 @@ - - - - -
- -
-

-
-

Welcome To Live AOP !!

-
-
-
- - \ No newline at end of file diff --git a/src/main/resources/templates/home.html b/src/main/resources/templates/home.html index 1679845d..2b53a4dc 100644 --- a/src/main/resources/templates/home.html +++ b/src/main/resources/templates/home.html @@ -1,62 +1,33 @@ - +
-
+
+
+
+

DASHBOARD

+
+

Core Spring Security 에 오신 것을 환영합니다.

+
+
- - - - - - - - - -
- - \ No newline at end of file diff --git a/src/main/resources/templates/layout/footer.html b/src/main/resources/templates/layout/footer.html index ce6b8df5..5b741335 100644 --- a/src/main/resources/templates/layout/footer.html +++ b/src/main/resources/templates/layout/footer.html @@ -1,12 +1,10 @@ - -
-
-
-

Copyright 2019 Core Spring Security. All Right Reserved

-
-
-
- +
+
+
+

Copyright 2020 Core Spring Security. All Right Reserved

+
+
+
\ No newline at end of file diff --git a/src/main/resources/templates/layout/header.html b/src/main/resources/templates/layout/header.html index 36d8f377..a3e33fc2 100644 --- a/src/main/resources/templates/layout/header.html +++ b/src/main/resources/templates/layout/header.html @@ -1,9 +1,9 @@ - + Home + diff --git a/src/main/resources/templates/layout/left.html b/src/main/resources/templates/layout/left.html new file mode 100644 index 00000000..bdb01bad --- /dev/null +++ b/src/main/resources/templates/layout/left.html @@ -0,0 +1,15 @@ + + + + \ No newline at end of file diff --git a/src/main/resources/templates/layout/top.html b/src/main/resources/templates/layout/top.html index 250738e6..2b8dcaff 100644 --- a/src/main/resources/templates/layout/top.html +++ b/src/main/resources/templates/layout/top.html @@ -1,15 +1,10 @@ - +