diff --git a/pom.xml b/pom.xml index 7b966e570ab03b853d23c4a85d4c47e1e57dbfa0..d6e13ffc03dbbe2e706ba7488bd02c0581d2baf9 100644 --- a/pom.xml +++ b/pom.xml @@ -138,6 +138,7 @@ + kr.motd.maven @@ -146,6 +147,18 @@ + + org.springframework.boot + spring-boot-maven-plugin + 2.0.5.RELEASE + + + + repackage + + + + org.xolstice.maven.plugins protobuf-maven-plugin @@ -196,18 +209,6 @@ 8 - - org.springframework.boot - spring-boot-maven-plugin - 2.0.5.RELEASE - - - - repackage - - - - - + \ No newline at end of file diff --git a/src/main/java/biz/nynja/airdrop/Config.java b/src/main/java/biz/nynja/airdrop/Config.java index d6bdd662c6bb1fe0442d119a132f1a58c7679fed..31ca8f52b5501fc788a3331ecd56df4b15b53dee 100644 --- a/src/main/java/biz/nynja/airdrop/Config.java +++ b/src/main/java/biz/nynja/airdrop/Config.java @@ -11,7 +11,6 @@ import org.apache.kafka.common.serialization.StringDeserializer; import org.apache.kafka.common.serialization.StringSerializer; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.actuate.autoconfigure.metrics.MeterRegistryCustomizer; import org.springframework.context.annotation.Bean; diff --git a/src/main/java/biz/nynja/airdrop/controller/AirdropController.java b/src/main/java/biz/nynja/airdrop/controller/AirdropController.java index 5f479cd88c75c309bf49a9200ff4408312b2d380..5c03e6a2087de896ccba3f4e5d08b475ee614d12 100644 --- a/src/main/java/biz/nynja/airdrop/controller/AirdropController.java +++ b/src/main/java/biz/nynja/airdrop/controller/AirdropController.java @@ -1,5 +1,6 @@ package biz.nynja.airdrop.controller; +import biz.nynja.account.grpc.SearchResponse; import biz.nynja.airdrop.constants.Constants; import biz.nynja.airdrop.entity.ActionsFailed; import biz.nynja.airdrop.entity.AirdropActions; @@ -14,6 +15,8 @@ import biz.nynja.airdrop.util.AirdropUtil; import biz.nynja.airdrop.util.HttpConstants; import biz.nynja.airdrop.util.HttpResponse; import biz.nynja.airdrop.util.RestTemplateUtil; +import biz.nynja.authentication.grpc.GenerateTokenResponse; +import com.fasterxml.jackson.databind.ObjectMapper; import io.micrometer.core.annotation.Timed; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -93,59 +96,135 @@ public class AirdropController { } - @GetMapping("/test11") - public String test11() { + @GetMapping("/test/1") + public String testEndpoint1() { return "Test Endpoint WITH Token"; } - @GetMapping("/test12") - public String test12() { + @GetMapping("/test/2") + public String testEndpoint2() { return "Test Endpoint WITH-OUT Token"; } + @GetMapping("/tokenDetails") + public String getTokenDetails() throws IOException { + + + ObjectMapper objectMapper = new ObjectMapper(); + Map response = objectMapper.readValue(AirdropController.class.getClassLoader().getResourceAsStream("token/token.json"), Map.class); + + System.out.println(""); + System.out.println("--------------"); + System.out.println(""); + System.out.println("Response :"); + System.out.println(response); + System.out.println(""); + System.out.println("--------------"); + System.out.println(""); + + return response.toString(); + } + + @GetMapping("/test/verifyAccount/{username}") - public String test1(@PathVariable("username") String username) { + public String test1(@PathVariable("username") String username, + @RequestHeader(value = "Authorization", required = false) String token) { System.out.println(""); System.out.println("--------------"); System.out.println(""); System.out.println("Testing verifyAccount Endpoint"); System.out.println(""); + System.out.println("Token : " + token); + System.out.println(""); System.out.println("username : " + username); System.out.println("AccessToken : " + authServiceClient.tokens.get("accessToken")); System.out.println(""); System.out.println("--------------"); System.out.println(""); + SearchResponse searchResponse; - UUID accountId = accountServiceClient.verifyAccount(username, authServiceClient.tokens.get("accessToken")); + if (token == null) { + + System.out.println(""); + System.out.println("Using File Token"); + System.out.println(""); + + searchResponse = accountServiceClient.accountEndpointTest(username, authServiceClient.tokens.get("accessToken")); + } else { + + + System.out.println(""); + System.out.println("Using Provided Token"); + System.out.println(""); + + searchResponse = accountServiceClient.accountEndpointTest(username, token); + } - return "VerifyAccount-Response : " + accountId; + System.out.println(""); + System.out.println("Search Respponse : "); + System.out.println(searchResponse); + System.out.println(""); + System.out.println("Search Ressponse String : "); + System.out.println(searchResponse.toString()); + System.out.println(""); + + + return searchResponse.toString(); } @GetMapping("/test/exchangeToken") - public String test2() throws IOException { + public String test2(@RequestHeader(value = "Authorization", required = false) String refreshToken) throws IOException { System.out.println(""); System.out.println("--------------"); System.out.println(""); - System.out.println("Testing Exchange-Token Endpoint"); + System.out.println("Exchange-Token Endpoint"); + System.out.println(""); + System.out.println("RefreshToken : " + refreshToken); + System.out.println("RefreshToken(From-File) : " + authServiceClient.tokens.get("refreshToken")); System.out.println(""); System.out.println("--------------"); System.out.println(""); - boolean response = authServiceClient.exchangeRefreshToken(); + GenerateTokenResponse tokenResponse; - return "ExchangeToken-Response : " + response; - } + if (refreshToken == null) { + + System.out.println(""); + System.out.println("Using File Token"); + System.out.println(""); + + tokenResponse = authServiceClient.exchangeRefreshTokenManual(authServiceClient.tokens.get("refreshToken")); + + } else { + System.out.println(""); + System.out.println("Using Provided Token"); + System.out.println(""); + + tokenResponse = authServiceClient.exchangeRefreshTokenManual(refreshToken); + } - @GetMapping("/test/exchangeToken/refreshToken/{refreshToken}") + System.out.println(""); + System.out.println("TokenResponse :"); + System.out.println(tokenResponse); + System.out.println(""); + System.out.println("TokenResponse :"); + System.out.println(tokenResponse.toString()); + System.out.println(""); + + return tokenResponse.toString(); + } + + + @GetMapping("/test/exchangeTokenRefreshToken/{refreshToken}") public String test3(@PathVariable("refreshToken") String refreshToken) throws IOException { System.out.println(""); @@ -153,14 +232,12 @@ public class AirdropController { System.out.println(""); System.out.println("Testing Exchange-Token Endpoint By Manual Refresh-Token"); System.out.println(""); - System.out.println("GivenRefreshToken : " + refreshToken); + System.out.println("GivenRefreshToken : " + refreshToken); System.out.println(""); System.out.println("--------------"); System.out.println(""); - boolean response = authServiceClient.exchangeRefreshTokenManual(refreshToken); - - return "ExchangeTokenManual-Response : " + response; + return authServiceClient.exchangeRefreshTokenManual(refreshToken).toString(); } @@ -238,7 +315,7 @@ public class AirdropController { System.out.println(""); System.out.println("AccessToken : " + authServiceClient.tokens.get("accessToken")); System.out.println(""); - UUID accountId = accountServiceClient.verifyAccount(username, authServiceClient.tokens.get("accessToken") ); + UUID accountId = accountServiceClient.verifyAccount(username, authServiceClient.tokens.get("accessToken")); logger.info("accountId:"); logger.debug("{}", accountId); diff --git a/src/main/java/biz/nynja/airdrop/grpc/AccountServiceClient.java b/src/main/java/biz/nynja/airdrop/grpc/AccountServiceClient.java index 27c63c272c7e0275959800e85fae098e0aa2e2de..73e9756d6ac5e8888fe2cc7c0cb8041eb8019405 100644 --- a/src/main/java/biz/nynja/airdrop/grpc/AccountServiceClient.java +++ b/src/main/java/biz/nynja/airdrop/grpc/AccountServiceClient.java @@ -7,6 +7,7 @@ import io.grpc.stub.MetadataUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Component; + import javax.annotation.PostConstruct; import java.util.UUID; @@ -42,6 +43,41 @@ public class AccountServiceClient { */ + public SearchResponse accountEndpointTest(String username, String token) { + + System.out.println(""); + System.out.println("---------------"); + System.out.println(""); + System.out.println("Account-Endpoint-Test Params :"); + System.out.println(""); + System.out.println("username : " + username); + System.out.println("token : " + token); + System.out.println(""); + System.out.println("---------------"); + System.out.println(""); + + + GetByUsernameRequest request = GetByUsernameRequest.newBuilder().setUsername(username).build(); + + Metadata header = new Metadata(); + Metadata.Key key = + Metadata.Key.of("Authorization", Metadata.ASCII_STRING_MARSHALLER); + header.put(key, "Bearer " + token); + + + accountServiceStub = MetadataUtils.attachHeaders(accountServiceStub, header); + + SearchResponse searchByUserNameResponse = accountServiceStub.searchByUsername(request); + + System.out.println(""); + System.out.println("Account-Endpoint-Test Response :"); + System.out.println(""); + + return searchByUserNameResponse; + + } + + public UUID verifyAccount(String username, String token) { System.out.println(""); diff --git a/src/main/java/biz/nynja/airdrop/grpc/AuthServiceClient.java b/src/main/java/biz/nynja/airdrop/grpc/AuthServiceClient.java index bdd8113d3d655c6ac1886addd827f9b12f9063ce..ac8015f323f61e41959db978bdf9e2c4eea77f84 100644 --- a/src/main/java/biz/nynja/airdrop/grpc/AuthServiceClient.java +++ b/src/main/java/biz/nynja/airdrop/grpc/AuthServiceClient.java @@ -52,8 +52,7 @@ public class AuthServiceClient extends AuthenticationServiceGrpc.AuthenticationS } - - public boolean exchangeRefreshTokenManual(String refreshToken) throws IOException { + public GenerateTokenResponse exchangeRefreshTokenManual(String refreshToken) throws IOException { System.out.println(""); System.out.println("---------------"); @@ -66,8 +65,8 @@ public class AuthServiceClient extends AuthenticationServiceGrpc.AuthenticationS System.out.println(""); ExchangeRefreshTokenRequest request = ExchangeRefreshTokenRequest.newBuilder().setRefreshToken(refreshToken).build(); - GenerateTokenResponse generateTokenResponse = authenticationServiceStub.exchangeRefreshToken(request); + TokenResponseDetails tokenResponseDetails = generateTokenResponse.getTokenResponseDetails(); ErrorResponse errorResponse = generateTokenResponse.getError(); @@ -86,19 +85,9 @@ public class AuthServiceClient extends AuthenticationServiceGrpc.AuthenticationS System.out.println(""); System.out.println("Exchange Refresh Token Failed"); System.out.println(""); - - return false; } - String accessToken = tokenResponseDetails.getToken(); - String newRefreshToken = tokenResponseDetails.getRefreshToken(); - - System.out.println(""); - System.out.println("New Access Token : " + accessToken); - System.out.println("New Refresh Token : " + newRefreshToken); - System.out.println(""); - - return true; + return generateTokenResponse; } public boolean exchangeRefreshToken() throws IOException { diff --git a/src/main/java/biz/nynja/airdrop/security/AuthorizationServerConfiguration.java b/src/main/java/biz/nynja/airdrop/security/AuthorizationServerConfiguration.java index 2c4e065e1f0c324d521aa1b251438bdaf8d87fe8..f7e7d738f6c1c652e65bdd90cf47df6c10b75cc1 100644 --- a/src/main/java/biz/nynja/airdrop/security/AuthorizationServerConfiguration.java +++ b/src/main/java/biz/nynja/airdrop/security/AuthorizationServerConfiguration.java @@ -42,15 +42,16 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu @Qualifier("authenticationManagerBean") private AuthenticationManager authenticationManager; + @Autowired + private CustomTokenEnhancer customTokenEnhancer; @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints .authenticationManager(authenticationManager) - .tokenStore(tokenStore); + .tokenStore(tokenStore).tokenEnhancer(customTokenEnhancer); } - @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() @@ -62,6 +63,7 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu // .secret(passwordEncoder.encode("password")) .accessTokenValiditySeconds(-1) .secret(secret); + } diff --git a/src/main/java/biz/nynja/airdrop/security/CustomTokenEnhancer.java b/src/main/java/biz/nynja/airdrop/security/CustomTokenEnhancer.java new file mode 100644 index 0000000000000000000000000000000000000000..ec13ed7d9203c227508ac798c73b8898c5b8ba23 --- /dev/null +++ b/src/main/java/biz/nynja/airdrop/security/CustomTokenEnhancer.java @@ -0,0 +1,22 @@ +package biz.nynja.airdrop.security; + +import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken; +import org.springframework.security.oauth2.common.OAuth2AccessToken; +import org.springframework.security.oauth2.provider.OAuth2Authentication; +import org.springframework.stereotype.Component; + +@Component +public class CustomTokenEnhancer implements org.springframework.security.oauth2.provider.token.TokenEnhancer { + + @Override + public OAuth2AccessToken enhance(OAuth2AccessToken oAuth2AccessToken, OAuth2Authentication oAuth2Authentication) { + + // Map additionalInfo = new HashMap<>(); + // additionalInfo.put("customInfo", "some_stuff_here"); + // ((DefaultOAuth2AccessToken) oAuth2AccessToken).setAdditionalInformation(additionalInfo); + + ((DefaultOAuth2AccessToken) oAuth2AccessToken).setRefreshToken(null); + + return oAuth2AccessToken; + } +} diff --git a/src/main/java/biz/nynja/airdrop/security/ResourceServerConfiguration.java b/src/main/java/biz/nynja/airdrop/security/ResourceServerConfiguration.java index 348134fea48a201955c6f9b1b88ac0aa62147bee..afe5852806cd702d1a641b03ab27bd29b06c0411 100644 --- a/src/main/java/biz/nynja/airdrop/security/ResourceServerConfiguration.java +++ b/src/main/java/biz/nynja/airdrop/security/ResourceServerConfiguration.java @@ -21,6 +21,7 @@ public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter .authorizeRequests().antMatchers(qoinProEndPoints).hasRole("USER") .and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler()); - } + + }