Skip to content

Pass encoder #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
skrzeminski wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Pass encoder #10

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
2296ff4
implementation of Spring security Config
skrzeminski Jan 7, 2021
3f9676a
adding UserDetailsService
skrzeminski Jan 7, 2021
9d2f3e0
comment out property of defoult user of spring security
skrzeminski Jan 7, 2021
b5fcb49
added new user with customer role
skrzeminski Jan 7, 2021
be1257d
added new user with customer role
skrzeminski Jan 7, 2021
3b22bc2
PasswordEncodingTests
skrzeminski Jan 7, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,10 @@
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
Expand Down
77 changes: 77 additions & 0 deletions src/main/java/guru/sfg/brewery/config/SecurityConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
package guru.sfg.brewery.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests(authorize -> {
authorize.antMatchers("/", "/webjars/**", "/login", "/resources/**").permitAll()
.antMatchers("/beers/find", "/beers*").permitAll()
.antMatchers(HttpMethod.GET, "/api/v1/beer/**", "/api/v1/beerUpc/**").permitAll();
})
.authorizeRequests()
.anyRequest()
.authenticated().and()
.formLogin().and()
.httpBasic();
}

// @Override
// @Bean
// protected UserDetailsService userDetailsService() {
// UserDetails admin = User.withDefaultPasswordEncoder()
// .username("spring")
// .password("password")
// .roles("ADMIN")
// .build();
//
// UserDetails user = User.withDefaultPasswordEncoder()
// .username("user")
// .password("password")
// .roles("USER")
// .build();
//
// UserDetails customer = User.withDefaultPasswordEncoder()
// .username("scott")
// .password("tiger")
// .roles("CUSTOMER")
// .build();
//
// return new InMemoryUserDetailsManager(admin, user, customer);
// }

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("spring")
.password("password")
.roles("ADMIN")
.and()
.withUser("user")
.password("password")
.roles("USER");

auth.inMemoryAuthentication().withUser("scott").password("tiger").roles("CUSTOMER");
}

@Bean
PasswordEncoder passwordEncoder() {
return NoOpPasswordEncoder.getInstance();
}
}
5 changes: 4 additions & 1 deletion src/main/resources/application.properties
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,4 +23,7 @@ spring.messages.basename=messages/messages
logging.level.guru=debug

# Spring Data hangs when not set under Spring Boot 2.3.0
spring.data.jpa.repositories.bootstrap-mode=default
spring.data.jpa.repositories.bootstrap-mode=default

#spring.security.user.name=spring
#spring.security.user.password=password
48 changes: 48 additions & 0 deletions src/test/java/guru/sfg/brewery/web/controllers/BaseIT.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
package guru.sfg.brewery.web.controllers;

import guru.sfg.brewery.repositories.BeerInventoryRepository;
import guru.sfg.brewery.repositories.BeerRepository;
import guru.sfg.brewery.repositories.CustomerRepository;
import guru.sfg.brewery.services.BeerService;
import guru.sfg.brewery.services.BreweryService;
import org.junit.jupiter.api.BeforeEach;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext;

import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;

/**
* Created by jt on 6/13/20.
*/
public abstract class BaseIT {
@Autowired
WebApplicationContext wac;

protected MockMvc mockMvc;

@MockBean
BeerRepository beerRepository;

@MockBean
BeerInventoryRepository beerInventoryRepository;

@MockBean
BreweryService breweryService;

@MockBean
CustomerRepository customerRepository;

@MockBean
BeerService beerService;

@BeforeEach
public void setup() {
mockMvc = MockMvcBuilders
.webAppContextSetup(wac)
.apply(springSecurity())
.build();
}
}
44 changes: 44 additions & 0 deletions src/test/java/guru/sfg/brewery/web/controllers/BeerControllerIT.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
package guru.sfg.brewery.web.controllers;

import org.junit.jupiter.api.Test;
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;

import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.anonymous;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;

/**
* Created by jt on 6/12/20.
*/
@WebMvcTest
public class BeerControllerIT extends BaseIT{

@Test
void initCreationForm() throws Exception {
mockMvc.perform(get("/beers/new").with(httpBasic("spring", "password")))
.andExpect(status().isOk())
.andExpect(view().name("beers/createBeer"))
.andExpect(model().attributeExists("beer"));
}

@Test
void findBeers() throws Exception{
mockMvc.perform(get("/beers/find"))
.andExpect(status().isOk())
.andExpect(view().name("beers/findBeers"))
.andExpect(model().attributeExists("beer"));
}

@Test
void findBeersWithAnonymous() throws Exception{
mockMvc.perform(get("/beers/find").with(anonymous()))
.andExpect(status().isOk())
.andExpect(view().name("beers/findBeers"))
.andExpect(model().attributeExists("beer"));
}




}
20 changes: 20 additions & 0 deletions src/test/java/guru/sfg/brewery/web/controllers/IndexControllerIT.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
package guru.sfg.brewery.web.controllers;

import org.junit.jupiter.api.Test;
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;

import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;

/**
* Created by jt on 6/13/20.
*/
@WebMvcTest
public class IndexControllerIT extends BaseIT {

@Test
void testGetIndexSlash() throws Exception{
mockMvc.perform(get("/" ))
.andExpect(status().isOk());
}
}
30 changes: 30 additions & 0 deletions src/test/java/guru/sfg/brewery/web/controllers/PasswordEncodingTests.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
package guru.sfg.brewery.web.controllers;

import org.junit.jupiter.api.Test;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.util.DigestUtils;

/**
* Created by jt on 6/16/20.
*/
public class PasswordEncodingTests {

static final String PASSWORD = "password";

@Test
void testNoOp() {
PasswordEncoder noOp = NoOpPasswordEncoder.getInstance();

System.out.println(noOp.encode(PASSWORD));
}

@Test
void hashingExample() {
System.out.println(DigestUtils.md5DigestAsHex(PASSWORD.getBytes()));
System.out.println(DigestUtils.md5DigestAsHex(PASSWORD.getBytes()));

String salted = PASSWORD + "ThisIsMySALTVALUE";
System.out.println(DigestUtils.md5DigestAsHex(salted.getBytes()));
}
}
34 changes: 34 additions & 0 deletions src/test/java/guru/sfg/brewery/web/controllers/api/BeerRestControllerIT.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
package guru.sfg.brewery.web.controllers.api;

import guru.sfg.brewery.web.controllers.BaseIT;
import org.junit.jupiter.api.Test;
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;

import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;

/**
* Created by jt on 6/13/20.
*/
@WebMvcTest
public class BeerRestControllerIT extends BaseIT {

@Test
void findBeers() throws Exception{
mockMvc.perform(get("/api/v1/beer/"))
.andExpect(status().isOk());

}

@Test
void findBeerById() throws Exception{
mockMvc.perform(get("/api/v1/beer/97df0c39-90c4-4ae0-b663-453e8e19c311"))
.andExpect(status().isOk());
}

@Test
void findBeerByUPC() throws Exception{
mockMvc.perform(get("/api/v1/beerUpc/0631234200036"))
.andExpect(status().isOk());
}
}