diff --git a/pom.xml b/pom.xml index d02f1e9..9e013bf 100644 --- a/pom.xml +++ b/pom.xml @@ -1,29 +1,28 @@ - - - 4.0.0 - org.alexmond - 0.0.1-SNAPSHOT - boot-sample-root - pom - Spring boot samples root - - org.springframework.boot - spring-boot-starter-parent - 3.5.3 - - - - 3.2.3 - - - spring-boot-rest-sample - spring-boot-config-sample - spring-boot-data-jpa-flyway - spring-boot-cloud - spring-boot-openapi-root - spring-boot-thymeleaf - spring-boot-config-dependency - spring-boot-security-root - + + 4.0.0 + org.alexmond + 0.0.1-SNAPSHOT + boot-sample-root + pom + Spring boot samples root + + org.springframework.boot + spring-boot-starter-parent + 3.5.3 + + + + + 3.2.3 + + + spring-boot-rest-sample + spring-boot-config-sample + spring-boot-data-jpa-flyway + spring-boot-cloud + spring-boot-openapi-root + spring-boot-thymeleaf + spring-boot-config-dependency + spring-boot-security-root + diff --git a/spring-boot-security-root/pom.xml b/spring-boot-security-root/pom.xml index 820bb96..6322c30 100644 --- a/spring-boot-security-root/pom.xml +++ b/spring-boot-security-root/pom.xml @@ -17,6 +17,7 @@ spring-boot-custom-auth-server simple-boot-auth-client + spring-boot-auth-roles diff --git a/spring-boot-security-root/spring-boot-auth-roles/pom.xml b/spring-boot-security-root/spring-boot-auth-roles/pom.xml new file mode 100644 index 0000000..09fa195 --- /dev/null +++ b/spring-boot-security-root/spring-boot-auth-roles/pom.xml @@ -0,0 +1,46 @@ + + + 4.0.0 + + org.alexmond + spring-boot-security-root + 0.0.1-SNAPSHOT + ../pom.xml + + org.alexmond.sample.auth + spring-boot-auth-roles + 0.0.1-SNAPSHOT + spring-boot-auth-roles + + 21 + + + + org.springframework.boot + spring-boot-starter-web + + + org.springframework.boot + spring-boot-starter-thymeleaf + + + org.springframework.boot + spring-boot-starter-security + + + org.webjars + bootstrap + 5.3.3 + + + org.webjars + font-awesome + 6.5.1 + + + org.webjars + webjars-locator-core + + + diff --git a/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/App.java b/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/App.java new file mode 100644 index 0000000..e582b5c --- /dev/null +++ b/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/App.java @@ -0,0 +1,13 @@ +package org; + +/** + * Hello world! + * + */ +public class App +{ + public static void main( String[] args ) + { + System.out.println( "Hello World!" ); + } +} diff --git a/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/AppUser.java b/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/AppUser.java new file mode 100644 index 0000000..ab98c8a --- /dev/null +++ b/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/AppUser.java @@ -0,0 +1,18 @@ +package org.alexmond.sample.auth; + +import java.util.List; + +public class AppUser { + private String username; + private String password; + private List roles; + + public String getUsername() { return username; } + public void setUsername(String username) { this.username = username; } + + public String getPassword() { return password; } + public void setPassword(String password) { this.password = password; } + + public List getRoles() { return roles; } + public void setRoles(List roles) { this.roles = roles; } +} \ No newline at end of file diff --git a/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/Application.java b/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/Application.java new file mode 100644 index 0000000..16d4ecc --- /dev/null +++ b/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/Application.java @@ -0,0 +1,11 @@ +package org.alexmond.sample.auth; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; + +@SpringBootApplication +public class Application { + public static void main(String[] args) { + SpringApplication.run(Application.class, args); + } +} \ No newline at end of file diff --git a/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/SecurityConfig.java b/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/SecurityConfig.java new file mode 100644 index 0000000..c5c26fc --- /dev/null +++ b/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/SecurityConfig.java @@ -0,0 +1,55 @@ +package org.alexmond.sample.auth; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.Customizer; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.provisioning.InMemoryUserDetailsManager; +import org.springframework.security.web.SecurityFilterChain; + +@Configuration +public class SecurityConfig { + private final Users users; + + public SecurityConfig(Users users) { + this.users = users; + } + + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + http + .csrf(AbstractHttpConfigurer::disable) + .authorizeHttpRequests(auth -> auth + .requestMatchers("/", "/login", "/webjars/**", "/css/**", "/js/**").permitAll() + .requestMatchers("/user").hasAnyRole("USER", "ADMIN") + .requestMatchers("/admin").hasRole("ADMIN") + .anyRequest().authenticated() + ) + .formLogin(form -> form + .loginPage("/login") + .defaultSuccessUrl("/", true) + .permitAll() + ) + .logout(logout -> logout + .logoutUrl("/logout") + .logoutSuccessUrl("/") + .permitAll() + ) + .httpBasic(Customizer.withDefaults()); + return http.build(); + } + + @Bean + public UserDetailsService userDetailsService() { + return new InMemoryUserDetailsManager(users.getUserDetails()); + } + + @Bean + public PasswordEncoder passwordEncoder() { + return new BCryptPasswordEncoder(); + } +} \ No newline at end of file diff --git a/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/Users.java b/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/Users.java new file mode 100644 index 0000000..ddd1b4d --- /dev/null +++ b/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/Users.java @@ -0,0 +1,32 @@ +package org.alexmond.sample.auth; + +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.User; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.stereotype.Component; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +@Component +@ConfigurationProperties("users") +public class Users { + public List appUsers; + + public Collection getUserDetails() { + PasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); + Collection userDetails = new ArrayList<>(); + if (appUsers != null) { + for (AppUser appUser : appUsers) { + userDetails.add(User.withUsername(appUser.getUsername()) + .password(appUser.getPassword()) + .roles(appUser.getRoles().toArray(new String[0])) + .build()); + } + } + return userDetails; + } +} \ No newline at end of file diff --git a/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/WebController.java b/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/WebController.java new file mode 100644 index 0000000..a11507e --- /dev/null +++ b/spring-boot-security-root/spring-boot-auth-roles/src/main/java/org/alexmond/sample/auth/WebController.java @@ -0,0 +1,27 @@ +package org.alexmond.sample.auth; + +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.GetMapping; + +@Controller +public class WebController { + @GetMapping("/") + public String index() { + return "index"; + } + + @GetMapping("/user") + public String user() { + return "user"; + } + + @GetMapping("/admin") + public String admin() { + return "admin"; + } + + @GetMapping("/login") + public String login() { + return "login"; + } +} \ No newline at end of file diff --git a/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/application.yaml b/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/application.yaml new file mode 100644 index 0000000..a349994 --- /dev/null +++ b/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/application.yaml @@ -0,0 +1,8 @@ +users: + appUsers: + - username: user + password: "{noop}password" + roles: ["USER"] + - username: admin + password: "{noop}password" + roles: ["ADMIN", "USER"] \ No newline at end of file diff --git a/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/templates/admin.html b/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/templates/admin.html new file mode 100644 index 0000000..f3a1234 --- /dev/null +++ b/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/templates/admin.html @@ -0,0 +1,28 @@ + + + + + + Admin Page + + + + + +
+

Admin Page

+

This page is accessible to users with the ADMIN role only.

+ Back to Home +
+ + + \ No newline at end of file diff --git a/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/templates/index.html b/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/templates/index.html new file mode 100644 index 0000000..3159951 --- /dev/null +++ b/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/templates/index.html @@ -0,0 +1,36 @@ + + + + + + Index + + + + + +
+

Welcome to the Auth Roles Demo

+

This is the public index page. Anyone can access this page.

+ +
+ + + \ No newline at end of file diff --git a/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/templates/login.html b/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/templates/login.html new file mode 100644 index 0000000..64020cb --- /dev/null +++ b/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/templates/login.html @@ -0,0 +1,40 @@ + + + + + + Login + + + + +
+
+
+
+
+

Login

+
+
+
+
+ + +
+
+ + +
+ + +
+
+
+
+
+
+ + + \ No newline at end of file diff --git a/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/templates/user.html b/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/templates/user.html new file mode 100644 index 0000000..9425ee4 --- /dev/null +++ b/spring-boot-security-root/spring-boot-auth-roles/src/main/resources/templates/user.html @@ -0,0 +1,28 @@ + + + + + + User Page + + + + + +
+

User Page

+

This page is accessible to users with the USER or ADMIN role.

+ Back to Home +
+ + + \ No newline at end of file diff --git a/spring-boot-security-root/spring-boot-auth-roles/src/test/java/org/AppTest.java b/spring-boot-security-root/spring-boot-auth-roles/src/test/java/org/AppTest.java new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/spring-boot-security-root/spring-boot-auth-roles/src/test/java/org/AppTest.java @@ -0,0 +1 @@ +