gerrit.akraino Code Review - eliot.git/blob

   1 /*
   2  * Copyright 2020 Huawei Technologies Co., Ltd.
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16 package com.eliot.eliotbe.eliotk8sclient.controller;
  17
  18 import java.util.Objects;
  19
  20 import org.springframework.beans.factory.annotation.Autowired;
  21 import org.springframework.http.ResponseEntity;
  22 import org.springframework.security.authentication.AuthenticationManager;
  23 import org.springframework.security.authentication.BadCredentialsException;
  24 import org.springframework.security.authentication.DisabledException;
  25 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
  26 import org.springframework.security.core.userdetails.UserDetails;
  27 import org.springframework.web.bind.annotation.CrossOrigin;
  28 import org.springframework.web.bind.annotation.RequestBody;
  29 import org.springframework.web.bind.annotation.RequestMapping;
  30 import org.springframework.web.bind.annotation.RequestMethod;
  31 import org.springframework.web.bind.annotation.RestController;
  32 import com.eliot.eliotbe.eliotk8sclient.service.JwtUserDetailsService;
  33
  34
  35 import com.eliot.eliotbe.eliotk8sclient.util.JwtTokenUtil;
  36 import com.eliot.eliotbe.eliotk8sclient.model.jwt.JwtRequest;
  37 import com.eliot.eliotbe.eliotk8sclient.model.jwt.JwtResponse;
  38
  39 @RestController
  40 @CrossOrigin
  41 public class AuthenticationController {
  42
  43     @Autowired
  44     private AuthenticationManager authenticationManager;
  45
  46     @Autowired
  47     private JwtTokenUtil jwtTokenUtil;
  48
  49     @Autowired
  50     private JwtUserDetailsService userDetailsService;
  51
  52     @RequestMapping(value = "/authenticate", method = RequestMethod.POST)
  53     public ResponseEntity<JwtResponse> createAuthenticationToken(@RequestBody JwtRequest authenticationRequest) throws Exception {
  54
  55         authenticate(authenticationRequest.getUsername(), authenticationRequest.getPassword());
  56
  57         final UserDetails userDetails = userDetailsService
  58                 .loadUserByUsername(authenticationRequest.getUsername());
  59
  60         final String token = jwtTokenUtil.generateToken(userDetails);
  61
  62         return ResponseEntity.ok(new JwtResponse(token));
  63     }
  64
  65     private void authenticate(String username, String password) throws Exception {
  66         try {
  67             authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, password));
  68         } catch (DisabledException e) {
  69             throw new Exception("USER_DISABLED", e);
  70         } catch (BadCredentialsException e) {
  71             throw new Exception("INVALID_CREDENTIALS", e);
  72         }
  73     }
  74 }