iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #8125 from eugenp/revert-8119-BAEL-3275-2

Browse Source 
Revert "BAEL-3275: Using blocking queue for pub-sub"
This commit is contained in:
Eric Martin
2019-10-31 20:43:47 -05:00
committed by GitHub
parent db85c8f275
commit 3225470df5
20543 changed files with 1642750 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
libraries-security/src/main/java/com/baeldung/bouncycastle/BouncyCastleCrypto.java
+105
View File
@@ -0,0 +1,105 @@
package com.baeldung.bouncycastle;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cms.CMSAlgorithm;
import org.bouncycastle.cms.CMSEnvelopedData;
import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.CMSTypedData;
import org.bouncycastle.cms.KeyTransRecipientInformation;
import org.bouncycastle.cms.RecipientInformation;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.SignerInformationStore;
import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipient;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.OutputEncryptor;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.bouncycastle.util.Store;
public class BouncyCastleCrypto {
public static byte[] signData(byte[] data, final X509Certificate signingCertificate, final PrivateKey signingKey) throws CertificateEncodingException, OperatorCreationException, CMSException, IOException {
byte[] signedMessage = null;
List<X509Certificate> certList = new ArrayList<X509Certificate>();
CMSTypedData cmsData = new CMSProcessableByteArray(data);
certList.add(signingCertificate);
Store certs = new JcaCertStore(certList);
CMSSignedDataGenerator cmsGenerator = new CMSSignedDataGenerator();
ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256withRSA").build(signingKey);
cmsGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()).build(contentSigner, signingCertificate));
cmsGenerator.addCertificates(certs);
CMSSignedData cms = cmsGenerator.generate(cmsData, true);
signedMessage = cms.getEncoded();
return signedMessage;
}
public static boolean verifSignData(final byte[] signedData) throws CMSException, IOException, OperatorCreationException, CertificateException {
ByteArrayInputStream bIn = new ByteArrayInputStream(signedData);
ASN1InputStream aIn = new ASN1InputStream(bIn);
CMSSignedData s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
aIn.close();
bIn.close();
Store certs = s.getCertificates();
SignerInformationStore signers = s.getSignerInfos();
Collection<SignerInformation> c = signers.getSigners();
SignerInformation signer = c.iterator().next();
Collection<X509CertificateHolder> certCollection = certs.getMatches(signer.getSID());
Iterator<X509CertificateHolder> certIt = certCollection.iterator();
X509CertificateHolder certHolder = certIt.next();
boolean verifResult = signer.verify(new JcaSimpleSignerInfoVerifierBuilder().build(certHolder));
if (!verifResult) {
return false;
}
return true;
}
public static byte[] encryptData(final byte[] data, X509Certificate encryptionCertificate) throws CertificateEncodingException, CMSException, IOException {
byte[] encryptedData = null;
if (null != data && null != encryptionCertificate) {
CMSEnvelopedDataGenerator cmsEnvelopedDataGenerator = new CMSEnvelopedDataGenerator();
JceKeyTransRecipientInfoGenerator jceKey = new JceKeyTransRecipientInfoGenerator(encryptionCertificate);
cmsEnvelopedDataGenerator.addRecipientInfoGenerator(jceKey);
CMSTypedData msg = new CMSProcessableByteArray(data);
OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider("BC").build();
CMSEnvelopedData cmsEnvelopedData = cmsEnvelopedDataGenerator.generate(msg, encryptor);
encryptedData = cmsEnvelopedData.getEncoded();
}
return encryptedData;
}
public static byte[] decryptData(final byte[] encryptedData, final PrivateKey decryptionKey) throws CMSException {
byte[] decryptedData = null;
if (null != encryptedData && null != decryptionKey) {
CMSEnvelopedData envelopedData = new CMSEnvelopedData(encryptedData);
Collection<RecipientInformation> recip = envelopedData.getRecipientInfos().getRecipients();
KeyTransRecipientInformation recipientInfo = (KeyTransRecipientInformation) recip.iterator().next();
JceKeyTransRecipient recipient = new JceKeyTransEnvelopedRecipient(decryptionKey);
decryptedData = recipientInfo.getContent(recipient);
}
return decryptedData;
}
}
libraries-security/src/main/java/com/baeldung/scribejava/ScribejavaApplication.java
+15
View File
@@ -0,0 +1,15 @@
package com.baeldung.scribejava;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class ScribejavaApplication {
public static void main(String[] args) {
SpringApplication.run(ScribejavaApplication.class, args);
}
}
libraries-security/src/main/java/com/baeldung/scribejava/api/MyApi.java
+27
View File
@@ -0,0 +1,27 @@
package com.baeldung.scribejava.api;
import com.github.scribejava.core.builder.api.DefaultApi20;
public class MyApi extends DefaultApi20 {
private MyApi() {
}
private static class InstanceHolder {
private static final MyApi INSTANCE = new MyApi();
}
public static MyApi instance() {
return InstanceHolder.INSTANCE;
}
@Override
public String getAccessTokenEndpoint() {
return "http://localhost:8080/oauth/token";
}
@Override
protected String getAuthorizationBaseUrl() {
return null;
}
}
libraries-security/src/main/java/com/baeldung/scribejava/controller/GoogleController.java
+49
View File
@@ -0,0 +1,49 @@
package com.baeldung.scribejava.controller;
import com.baeldung.scribejava.service.GoogleService;
import com.github.scribejava.core.model.OAuth2AccessToken;
import com.github.scribejava.core.model.OAuthRequest;
import com.github.scribejava.core.model.Response;
import com.github.scribejava.core.model.Verb;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletResponse;
@RestController
public class GoogleController {
@Autowired
private GoogleService service;
@GetMapping(value ="/me/google")
public void me(HttpServletResponse response){
String auth = service.getService().getAuthorizationUrl();
response.setHeader("Location", auth);
response.setStatus(302);
}
@GetMapping(value = "/auth/google")
public String google(@RequestParam String code, HttpServletResponse servletResponse){
try {
OAuth2AccessToken token = service.getService().getAccessToken(code);
OAuthRequest request = new OAuthRequest(Verb.GET, "https://www.googleapis.com/oauth2/v1/userinfo?alt=json");
service.getService().signRequest(token, request);
Response response = service.getService().execute(request);
return response.getBody();
}catch (Exception e){
servletResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST);
}
return null;
}
}
libraries-security/src/main/java/com/baeldung/scribejava/controller/TwitterController.java
+57
View File
@@ -0,0 +1,57 @@
package com.baeldung.scribejava.controller;
import com.baeldung.scribejava.service.TwitterService;
import com.github.scribejava.core.model.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Scanner;
import java.util.concurrent.ExecutionException;
@RestController
public class TwitterController {
@Autowired
private TwitterService service;
@GetMapping(value ="/me/twitter")
public String me(HttpServletResponse servletResponse){
try {
OAuth1RequestToken requestToken = service.getService().getRequestToken();
String auth = service.getService().getAuthorizationUrl(requestToken);
Runtime runtime = Runtime.getRuntime();
try {
runtime.exec("rundll32 url.dll,FileProtocolHandler " + auth);
} catch (IOException e) {
servletResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST);
return null;
}
System.out.println("Insert twitter code:");
Scanner in = new Scanner(System.in);
String oauthverifier = in.nextLine();
final OAuth1AccessToken accessToken = service.getService().getAccessToken(requestToken,oauthverifier);
OAuthRequest request = new OAuthRequest(Verb.GET, "https://api.twitter.com/1.1/account/verify_credentials.json");
service.getService().signRequest(accessToken, request);
Response response = service.getService().execute(request);
return response.getBody();
} catch (IOException | InterruptedException | ExecutionException e) {
servletResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST);
}
return null;
}
}
libraries-security/src/main/java/com/baeldung/scribejava/controller/UserController.java
+46
View File
@@ -0,0 +1,46 @@
package com.baeldung.scribejava.controller;
import com.baeldung.scribejava.service.MyService;
import com.github.scribejava.core.model.OAuth2AccessToken;
import com.github.scribejava.core.model.OAuthRequest;
import com.github.scribejava.core.model.Response;
import com.github.scribejava.core.model.Verb;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletResponse;
import java.security.Principal;
@RestController(value = "/user")
public class UserController {
@Autowired
private MyService service;
@GetMapping("/me/myapi")
public String me(@RequestParam String username, @RequestParam String password, HttpServletResponse responsehttp) {
try {
OAuth2AccessToken token = service.getService().getAccessTokenPasswordGrant(username, password);
OAuthRequest request = new OAuthRequest(Verb.GET, "http://localhost:8080/me");
service.getService().signRequest(token, request);
Response response = service.getService().execute(request);
return response.getBody();
} catch (Exception e) {
responsehttp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
}
return null;
}
@GetMapping("/me")
public Principal user(Principal principal) {
return principal;
}
}
libraries-security/src/main/java/com/baeldung/scribejava/oauth/AuthServiceConfig.java
+45
View File
@@ -0,0 +1,45 @@
package com.baeldung.scribejava.oauth;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
@Configuration
@EnableAuthorizationServer
public class AuthServiceConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
oauthServer.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()");
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("baeldung_api_key")
.secret("baeldung_api_secret")
.authorizedGrantTypes("password","refresh_token")
.scopes("read","write").autoApprove(true);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints
.authenticationManager(authenticationManager)
.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST);
}
}
libraries-security/src/main/java/com/baeldung/scribejava/oauth/WebSecurityConfig.java
+53
View File
@@ -0,0 +1,53 @@
package com.baeldung.scribejava.oauth;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
@Configuration
@EnableResourceServer
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.headers().frameOptions().disable()
.and()
.csrf().disable();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("baeldung")
.password("scribejava")
.roles("USER");
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@EnableResourceServer
@Configuration
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/user/me").authenticated()
.and()
.csrf().disable();
}
}
}
libraries-security/src/main/java/com/baeldung/scribejava/service/GoogleService.java
+31
View File
@@ -0,0 +1,31 @@
package com.baeldung.scribejava.service;
import com.github.scribejava.apis.GoogleApi20;
import com.github.scribejava.core.builder.ServiceBuilder;
import com.github.scribejava.core.oauth.OAuth20Service;
import org.springframework.stereotype.Component;
import javax.annotation.PostConstruct;
@Component
public class GoogleService {
private OAuth20Service service;
private final String API_KEY = "api_key";
private final String API_SECRET = "api_secret";
private final String SCOPE = "https://www.googleapis.com/auth/userinfo.email";
private final String CALLBACK = "http://localhost:8080/auth/google";
@PostConstruct
private void init(){
this.service = new ServiceBuilder(API_KEY)
.apiSecret(API_SECRET)
.scope(SCOPE)
.callback(CALLBACK)
.build(GoogleApi20.instance());
}
public OAuth20Service getService() {
return service;
}
}
libraries-security/src/main/java/com/baeldung/scribejava/service/MyService.java
+29
View File
@@ -0,0 +1,29 @@
package com.baeldung.scribejava.service;
import com.baeldung.scribejava.api.MyApi;
import com.github.scribejava.core.builder.ServiceBuilder;
import com.github.scribejava.core.oauth.OAuth20Service;
import org.springframework.stereotype.Component;
import javax.annotation.PostConstruct;
@Component
public class MyService {
private OAuth20Service service;
private final String API_KEY = "baeldung_api_key";
private final String API_SECRET = "baeldung_api_secret";
@PostConstruct
private void init(){
this.service = new ServiceBuilder(API_KEY)
.apiSecret(API_SECRET)
.scope("read write")
.build(MyApi.instance());
}
public OAuth20Service getService() {
return service;
}
}
libraries-security/src/main/java/com/baeldung/scribejava/service/TwitterService.java
+29
View File
@@ -0,0 +1,29 @@
package com.baeldung.scribejava.service;
import com.github.scribejava.apis.TwitterApi;
import com.github.scribejava.core.builder.ServiceBuilder;
import com.github.scribejava.core.oauth.OAuth10aService;
import org.springframework.stereotype.Component;
import javax.annotation.PostConstruct;
@Component
public class TwitterService {
private final String API_KEY = "api_key";
private final String API_SECRET = "api_secret";
private OAuth10aService service;
@PostConstruct
private void init(){
this.service = new ServiceBuilder(API_KEY)
.apiSecret(API_SECRET)
.build(TwitterApi.instance());
}
public OAuth10aService getService(){
return service;
}
}