8ece21a13d8f568e27dd47e94f9e0faafd6868c5
[eliot.git] / blueprints / common / eliot-ui / be / src / eliotk8sclient / src / main / java / com / eliot / eliotbe / eliotk8sclient / controller / AuthenticationController.java
1 /*
2  * Copyright 2020 Huawei Technologies Co., Ltd.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 package com.eliot.eliotbe.eliotk8sclient.controller;
17
18 import java.util.Objects;
19
20 import org.springframework.beans.factory.annotation.Autowired;
21 import org.springframework.http.ResponseEntity;
22 import org.springframework.security.authentication.AuthenticationManager;
23 import org.springframework.security.authentication.BadCredentialsException;
24 import org.springframework.security.authentication.DisabledException;
25 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
26 import org.springframework.security.core.userdetails.UserDetails;
27 import org.springframework.web.bind.annotation.CrossOrigin;
28 import org.springframework.web.bind.annotation.RequestBody;
29 import org.springframework.web.bind.annotation.RequestMapping;
30 import org.springframework.web.bind.annotation.RequestMethod;
31 import org.springframework.web.bind.annotation.RestController;
32 import com.eliot.eliotbe.eliotk8sclient.service.JwtUserDetailsService;
33
34
35 import com.eliot.eliotbe.eliotk8sclient.util.JwtTokenUtil;
36 import com.eliot.eliotbe.eliotk8sclient.model.jwt.JwtRequest;
37 import com.eliot.eliotbe.eliotk8sclient.model.jwt.JwtResponse;
38
39 @RestController
40 @CrossOrigin
41 public class AuthenticationController {
42
43     @Autowired
44     private AuthenticationManager authenticationManager;
45
46     @Autowired
47     private JwtTokenUtil jwtTokenUtil;
48
49     @Autowired
50     private JwtUserDetailsService userDetailsService;
51
52     @RequestMapping(value = "/authenticate", method = RequestMethod.POST)
53     public ResponseEntity<JwtResponse> createAuthenticationToken(@RequestBody JwtRequest authenticationRequest) throws Exception {
54
55         authenticate(authenticationRequest.getUsername(), authenticationRequest.getPassword());
56
57         final UserDetails userDetails = userDetailsService
58                 .loadUserByUsername(authenticationRequest.getUsername());
59
60         final String token = jwtTokenUtil.generateToken(userDetails);
61
62         return ResponseEntity.ok(new JwtResponse(token));
63     }
64
65     private void authenticate(String username, String password) throws Exception {
66         try {
67             authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, password));
68         } catch (DisabledException e) {
69             throw new Exception("USER_DISABLED", e);
70         } catch (BadCredentialsException e) {
71             throw new Exception("INVALID_CREDENTIALS", e);
72         }
73     }
74 }