X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=blueprints%2Fcommon%2Feliot-ui%2Fbe%2Fsrc%2Feliotk8sclient%2Fsrc%2Fmain%2Fjava%2Fcom%2Feliot%2Feliotbe%2Feliotk8sclient%2Fconfig%2FJwtRequestFilter.java;fp=blueprints%2Fcommon%2Feliot-ui%2Fbe%2Fsrc%2Feliotk8sclient%2Fsrc%2Fmain%2Fjava%2Fcom%2Feliot%2Feliotbe%2Feliotk8sclient%2Fconfig%2FJwtRequestFilter.java;h=0000000000000000000000000000000000000000;hb=434326c60fb0434bda587102b4746173fe425dea;hp=6244072326eada0d39ed9e28a53efc3ad4f505b5;hpb=37827e492060182b32df67c2a538a29808fa5e17;p=eliot.git diff --git a/blueprints/common/eliot-ui/be/src/eliotk8sclient/src/main/java/com/eliot/eliotbe/eliotk8sclient/config/JwtRequestFilter.java b/blueprints/common/eliot-ui/be/src/eliotk8sclient/src/main/java/com/eliot/eliotbe/eliotk8sclient/config/JwtRequestFilter.java deleted file mode 100644 index 6244072..0000000 --- a/blueprints/common/eliot-ui/be/src/eliotk8sclient/src/main/java/com/eliot/eliotbe/eliotk8sclient/config/JwtRequestFilter.java +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright 2020 Huawei Technologies Co., Ltd. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.eliot.eliotbe.eliotk8sclient.config; - -import java.io.IOException; - -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; -import org.springframework.stereotype.Component; -import org.springframework.web.filter.OncePerRequestFilter; - -import com.eliot.eliotbe.eliotk8sclient.service.JwtUserDetailsService; -import com.eliot.eliotbe.eliotk8sclient.util.*; -import io.jsonwebtoken.ExpiredJwtException; - -@Component -public class JwtRequestFilter extends OncePerRequestFilter { - - @Autowired - private JwtUserDetailsService jwtUserDetailsService; - - @Autowired - private JwtTokenUtil jwtTokenUtil; - - @Override - protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) - throws ServletException, IOException { - - final String requestTokenHeader = request.getHeader("Authorization"); - - String username = null; - String jwtToken = null; - // JWT Token is in the form "Bearer token". Remove Bearer word and get - // only the Token - if (requestTokenHeader != null && requestTokenHeader.startsWith("Bearer ")) { - jwtToken = requestTokenHeader.substring(7); - try { - username = jwtTokenUtil.getUsernameFromToken(jwtToken); - } catch (IllegalArgumentException e) { - System.out.println("Unable to get JWT Token"); - } catch (ExpiredJwtException e) { - System.out.println("JWT Token has expired"); - } - } else { - logger.warn("JWT Token does not begin with Bearer String"); - } - - // Once we get the token validate it. - if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) { - - UserDetails userDetails = this.jwtUserDetailsService.loadUserByUsername(username); - - // if token is valid configure Spring Security to manually set - // authentication - if (jwtTokenUtil.validateToken(jwtToken, userDetails)) { - - UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken( - userDetails, null, userDetails.getAuthorities()); - usernamePasswordAuthenticationToken - .setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); - // After setting the Authentication in the context, we specify - // that the current user is authenticated. So it passes the - // Spring Security Configurations successfully. - SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken); - } - } - chain.doFilter(request, response); - } - -}