-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
25 changed files
with
521 additions
and
36 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
43 changes: 43 additions & 0 deletions
43
...end/src/main/java/io/mixeway/mixewayflowapi/api/auth/service/CustomOAuth2UserService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
package io.mixeway.mixewayflowapi.api.auth.service; | ||
|
||
import lombok.extern.log4j.Log4j2; | ||
import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService; | ||
import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest; | ||
import org.springframework.security.oauth2.client.userinfo.OAuth2UserService; | ||
import org.springframework.security.oauth2.core.OAuth2AuthenticationException; | ||
import org.springframework.security.oauth2.core.oidc.OidcIdToken; | ||
import org.springframework.security.oauth2.core.oidc.OidcUserInfo; | ||
import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser; | ||
import org.springframework.security.oauth2.core.oidc.user.OidcUser; | ||
import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority; | ||
import org.springframework.security.oauth2.core.user.OAuth2User; | ||
import org.springframework.stereotype.Service; | ||
|
||
import java.util.Collections; | ||
import java.util.Map; | ||
|
||
@Service | ||
@Log4j2 | ||
public class CustomOAuth2UserService implements OAuth2UserService<OAuth2UserRequest, OAuth2User> { | ||
|
||
@Override | ||
public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException { | ||
log.error("XAXAXAXAXAXAXAXAXAXA"); | ||
OAuth2UserService<OAuth2UserRequest, OAuth2User> delegate = new DefaultOAuth2UserService(); | ||
OAuth2User oAuth2User = delegate.loadUser(userRequest); | ||
|
||
// Extracting ID Token and User Info attributes | ||
Map<String, Object> attributes = oAuth2User.getAttributes(); | ||
OidcIdToken idToken = new OidcIdToken( | ||
userRequest.getAccessToken().getTokenValue(), | ||
userRequest.getAccessToken().getIssuedAt(), | ||
userRequest.getAccessToken().getExpiresAt(), | ||
attributes | ||
); | ||
OidcUserInfo userInfo = new OidcUserInfo(attributes); | ||
|
||
// Creating OidcUser using OidcUserAuthority | ||
OidcUserAuthority authority = new OidcUserAuthority(idToken, userInfo); | ||
return new DefaultOidcUser(Collections.singleton(authority), idToken, userInfo); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
22 changes: 22 additions & 0 deletions
22
backend/src/main/java/io/mixeway/mixewayflowapi/auth/CustomAuthenticationEntryPoint.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
package io.mixeway.mixewayflowapi.auth; | ||
|
||
import jakarta.servlet.http.HttpServletRequest; | ||
import jakarta.servlet.http.HttpServletResponse; | ||
import org.springframework.security.core.AuthenticationException; | ||
import org.springframework.security.web.AuthenticationEntryPoint; | ||
import org.springframework.stereotype.Component; | ||
|
||
import java.io.IOException; | ||
|
||
@Component | ||
public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint { | ||
|
||
@Override | ||
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException { | ||
if (request.getServletPath().startsWith("/api/")) { | ||
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Access Denied"); | ||
} else { | ||
response.sendRedirect("/oauth2/authorization/sso"); | ||
} | ||
} | ||
} |
61 changes: 61 additions & 0 deletions
61
backend/src/main/java/io/mixeway/mixewayflowapi/auth/OAuth2LoginSuccessHandler.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
package io.mixeway.mixewayflowapi.auth; | ||
|
||
import io.mixeway.mixewayflowapi.api.user.dto.CreateUserRequestDto; | ||
import io.mixeway.mixewayflowapi.auth.jwt.JwtService; | ||
import io.mixeway.mixewayflowapi.db.entity.UserInfo; | ||
import io.mixeway.mixewayflowapi.domain.user.CreateUserService; | ||
import io.mixeway.mixewayflowapi.domain.user.FindUserService; | ||
import io.mixeway.mixewayflowapi.utils.Role; | ||
import jakarta.servlet.ServletException; | ||
import jakarta.servlet.http.Cookie; | ||
import jakarta.servlet.http.HttpServletRequest; | ||
import jakarta.servlet.http.HttpServletResponse; | ||
import lombok.RequiredArgsConstructor; | ||
import lombok.extern.log4j.Log4j2; | ||
import org.springframework.beans.factory.annotation.Value; | ||
import org.springframework.security.core.Authentication; | ||
import org.springframework.security.core.context.SecurityContextHolder; | ||
import org.springframework.security.oauth2.core.oidc.user.OidcUser; | ||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler; | ||
import org.springframework.stereotype.Component; | ||
|
||
import java.io.IOException; | ||
import java.util.ArrayList; | ||
|
||
@Component | ||
@RequiredArgsConstructor | ||
@Log4j2 | ||
public class OAuth2LoginSuccessHandler implements AuthenticationSuccessHandler { | ||
|
||
private final JwtService jwtService; | ||
private final CreateUserService createUserService; | ||
private final FindUserService findUserService; | ||
@Value("${frontend.url}") | ||
String frontendUrl; | ||
|
||
@Override | ||
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { | ||
OidcUser oidcUser = (OidcUser) authentication.getPrincipal(); | ||
String username = oidcUser.getPreferredUsername(); // Adjust based on your Keycloak config | ||
|
||
UserInfo userInfo = findUserService.findUser(username); | ||
if (userInfo == null){ | ||
userInfo = createUserService.createUser(CreateUserRequestDto.of(username, Role.USER, "xxxxxxxxxxxx", new ArrayList<>())); | ||
} | ||
String jwtToken = jwtService.GenerateToken(userInfo.getUsername(), userInfo.getHighestRole()); // Replace "USER_ROLE" with actual role logic | ||
SecurityContextHolder.getContext().setAuthentication(authentication); | ||
// Set the JWT token in an HTTP-only and secure cookie | ||
Cookie cookie = new Cookie("flow-token", jwtToken); | ||
cookie.setHttpOnly(true); | ||
cookie.setSecure(request.isSecure()); | ||
cookie.setPath("/"); | ||
cookie.setMaxAge(7 * 24 * 60 * 60); | ||
|
||
response.addCookie(cookie); | ||
|
||
if (frontendUrl == null) { | ||
throw new IllegalStateException("FRONTEND_URL environment variable must be set when SSO is enabled"); | ||
} | ||
response.sendRedirect(frontendUrl); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
13 changes: 13 additions & 0 deletions
13
backend/src/main/java/io/mixeway/mixewayflowapi/config/BCryptEncoderConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
package io.mixeway.mixewayflowapi.config; | ||
|
||
import org.springframework.context.annotation.Bean; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; | ||
|
||
@Configuration | ||
public class BCryptEncoderConfig { | ||
@Bean | ||
public BCryptPasswordEncoder passwordEncoder() { | ||
return new BCryptPasswordEncoder(); | ||
} | ||
} |
Oops, something went wrong.