Minor expoint fixes.

main
Paulo Gustavo Veiga 2024-02-05 21:21:34 -08:00
parent 96b6ff3841
commit d798358fec
4 changed files with 16 additions and 11 deletions

View File

@ -34,9 +34,9 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
@Override @Override
protected void doFilterInternal(@NotNull HttpServletRequest request, @NotNull HttpServletResponse response, @NotNull FilterChain filterChain) protected void doFilterInternal(@NotNull HttpServletRequest request, @NotNull HttpServletResponse response, @NotNull FilterChain filterChain)
throws ServletException, IOException { throws ServletException, IOException {
final Optional<String> token = getJwtTokenFromRequest(request); final Optional<String> token = getJwtTokenFromRequest(request);
if (token.isPresent() && SecurityContextHolder.getContext().getAuthentication() == null) { if (token.isPresent() && SecurityContextHolder.getContext().getAuthentication() == null) {
// Extract email from token ... // Extract email from token ...
final Optional<String> email = extractEmailFromToken(token.get()); final Optional<String> email = extractEmailFromToken(token.get());
@ -65,6 +65,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
// Handle token extraction/validation errors // Handle token extraction/validation errors
logger.debug("Error extracting email from token: " + e.getMessage()); logger.debug("Error extracting email from token: " + e.getMessage());
} }
logger.trace("JWT token email:" + result);
return result; return result;
} }
@ -74,7 +75,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
final String authorizationHeader = request.getHeader("Authorization"); final String authorizationHeader = request.getHeader("Authorization");
if (authorizationHeader != null) { if (authorizationHeader != null) {
if (authorizationHeader.startsWith(BEARER_TOKEN_PREFIX)) { if (authorizationHeader.startsWith(BEARER_TOKEN_PREFIX)) {
logger.trace("JWT Bearer token found"); logger.trace("JWT Bearer token found.");
final String token = authorizationHeader.substring(BEARER_TOKEN_PREFIX.length()); final String token = authorizationHeader.substring(BEARER_TOKEN_PREFIX.length());
result = Optional.of(token); result = Optional.of(token);
} }

View File

@ -39,7 +39,7 @@ import org.springframework.web.bind.annotation.*;
import java.util.List; import java.util.List;
@RestController @RestController
@RequestMapping("/api/restful/account/") @RequestMapping("/api/restful/account")
@PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')") @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
public class AccountController extends BaseController { public class AccountController extends BaseController {
@Qualifier("userService") @Qualifier("userService")
@ -54,7 +54,7 @@ public class AccountController extends BaseController {
@Autowired @Autowired
private LabelService labelService; private LabelService labelService;
@RequestMapping(method = RequestMethod.PUT, value = "password", consumes = {"text/plain"}) @RequestMapping(method = RequestMethod.PUT, value = "/password", consumes = {"text/plain"})
@ResponseStatus(value = HttpStatus.NO_CONTENT) @ResponseStatus(value = HttpStatus.NO_CONTENT)
public void changePassword(@RequestBody String password) throws PasswordTooLongException { public void changePassword(@RequestBody String password) throws PasswordTooLongException {
if (password == null) { if (password == null) {
@ -76,7 +76,7 @@ public class AccountController extends BaseController {
return new RestUser(user); return new RestUser(user);
} }
@RequestMapping(method = RequestMethod.PUT, value = "firstname", consumes = {"text/plain"}) @RequestMapping(method = RequestMethod.PUT, value = "/firstname", consumes = {"text/plain"})
@ResponseStatus(value = HttpStatus.NO_CONTENT) @ResponseStatus(value = HttpStatus.NO_CONTENT)
public void changeFirstname(@RequestBody String firstname) { public void changeFirstname(@RequestBody String firstname) {
if (firstname == null) { if (firstname == null) {
@ -88,7 +88,7 @@ public class AccountController extends BaseController {
userService.updateUser(user); userService.updateUser(user);
} }
@RequestMapping(method = RequestMethod.PUT, value = "lastname", consumes = {"text/plain"}) @RequestMapping(method = RequestMethod.PUT, value = "/lastname", consumes = {"text/plain"})
@ResponseStatus(value = HttpStatus.NO_CONTENT) @ResponseStatus(value = HttpStatus.NO_CONTENT)
public void changeLastName(@RequestBody String lastname) { public void changeLastName(@RequestBody String lastname) {
if (lastname == null) { if (lastname == null) {
@ -100,7 +100,7 @@ public class AccountController extends BaseController {
userService.updateUser(user); userService.updateUser(user);
} }
@RequestMapping(method = RequestMethod.PUT, value = "locale", consumes = {"text/plain"}) @RequestMapping(method = RequestMethod.PUT, value = "/locale", consumes = {"text/plain"})
@ResponseStatus(value = HttpStatus.NO_CONTENT) @ResponseStatus(value = HttpStatus.NO_CONTENT)
public void changeLanguage(@RequestBody String language) { public void changeLanguage(@RequestBody String language) {
if (language == null) { if (language == null) {

View File

@ -49,7 +49,6 @@ import java.util.List;
@RestController @RestController
@RequestMapping("/api/restful/users") @RequestMapping("/api/restful/users")
@CrossOrigin
public class UserController extends BaseController { public class UserController extends BaseController {
@Qualifier("userService") @Qualifier("userService")

View File

@ -6,6 +6,7 @@ import io.jsonwebtoken.security.Keys;
import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger; import org.apache.logging.log4j.Logger;
import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
@ -37,15 +38,18 @@ public class JwtTokenUtil implements Serializable {
return Keys.hmacShaKeyFor(Decoders.BASE64.decode(jwtSecret)); return Keys.hmacShaKeyFor(Decoders.BASE64.decode(jwtSecret));
} }
@Nullable
public String extractFromJwtToken(String token) { public String extractFromJwtToken(String token) {
return Jwts.parserBuilder().setSigningKey(key()).build() return Jwts.parserBuilder().setSigningKey(key()).build()
.parseClaimsJws(token).getBody().getSubject(); .parseClaimsJws(token).getBody().getSubject();
} }
public boolean validateJwtToken(@NotNull String authToken) { public boolean validateJwtToken(@NotNull String authToken) {
boolean result = false;
try { try {
Jwts.parserBuilder().setSigningKey(key()).build().parse(authToken); Jwts.parserBuilder().setSigningKey(key()).build().parse(authToken);
return true; result = true;
} catch (MalformedJwtException e) { } catch (MalformedJwtException e) {
logger.error("Invalid JWT token: {}", e.getMessage()); logger.error("Invalid JWT token: {}", e.getMessage());
} catch (ExpiredJwtException e) { } catch (ExpiredJwtException e) {
@ -56,6 +60,7 @@ public class JwtTokenUtil implements Serializable {
logger.error("JWT claims string is empty: {}", e.getMessage()); logger.error("JWT claims string is empty: {}", e.getMessage());
} }
return false; logger.trace("Is JWT token valid:" + result);
return result;
} }
} }