moved spring-security-web-jsonview module to spring-security-core (#10015)
* moved spring-security-web-jsonview module to spring-security-core * removed deleted module from project build
This commit is contained in:
+13
@@ -0,0 +1,13 @@
|
||||
package com.baeldung.filterresponse;
|
||||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
|
||||
@SpringBootApplication
|
||||
public class App {
|
||||
|
||||
public static void main(String[] args) {
|
||||
SpringApplication.run(App.class, args);
|
||||
}
|
||||
|
||||
}
|
||||
+49
@@ -0,0 +1,49 @@
|
||||
package com.baeldung.filterresponse.config;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
|
||||
@Configuration
|
||||
@EnableWebMvc
|
||||
@EnableWebSecurity
|
||||
@ComponentScan("com.baeldung.filterresponse")
|
||||
public class AppConfig extends WebSecurityConfigurerAdapter implements WebMvcConfigurer {
|
||||
|
||||
@Override
|
||||
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.inMemoryAuthentication()
|
||||
.withUser("user").password(passwordEncoder().encode("userPass")).roles("USER")
|
||||
.and()
|
||||
.withUser("admin").password(passwordEncoder().encode("adminPass")).roles("ADMIN");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(final HttpSecurity http) throws Exception {
|
||||
http
|
||||
.csrf().disable()
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.and().httpBasic();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public PasswordEncoder passwordEncoder() {
|
||||
return new BCryptPasswordEncoder();
|
||||
}
|
||||
|
||||
|
||||
|
||||
public enum Role {
|
||||
ROLE_USER,
|
||||
ROLE_ADMIN
|
||||
}
|
||||
}
|
||||
+40
@@ -0,0 +1,40 @@
|
||||
package com.baeldung.filterresponse.config;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import org.springframework.core.MethodParameter;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.converter.json.MappingJacksonValue;
|
||||
import org.springframework.http.server.ServerHttpRequest;
|
||||
import org.springframework.http.server.ServerHttpResponse;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.bind.annotation.RestControllerAdvice;
|
||||
import org.springframework.web.servlet.mvc.method.annotation.AbstractMappingJacksonResponseBodyAdvice;
|
||||
|
||||
import com.baeldung.filterresponse.controller.View;
|
||||
|
||||
@RestControllerAdvice
|
||||
public class SecurityJsonViewControllerAdvice extends AbstractMappingJacksonResponseBodyAdvice {
|
||||
|
||||
@Override
|
||||
protected void beforeBodyWriteInternal(MappingJacksonValue bodyContainer, MediaType contentType,
|
||||
MethodParameter returnType, ServerHttpRequest request, ServerHttpResponse response) {
|
||||
if (SecurityContextHolder.getContext().getAuthentication() != null
|
||||
&& SecurityContextHolder.getContext().getAuthentication().getAuthorities() != null) {
|
||||
Collection<? extends GrantedAuthority> authorities = SecurityContextHolder.getContext().getAuthentication().getAuthorities();
|
||||
List<Class> jsonViews = authorities.stream()
|
||||
.map(GrantedAuthority::getAuthority)
|
||||
.map(AppConfig.Role::valueOf)
|
||||
.map(View.MAPPING::get)
|
||||
.collect(Collectors.toList());
|
||||
if (jsonViews.size() == 1) {
|
||||
bodyContainer.setSerializationView(jsonViews.get(0));
|
||||
return;
|
||||
}
|
||||
throw new IllegalArgumentException("Ambiguous @JsonView declaration for roles "+ authorities.stream().map(GrantedAuthority::getAuthority).collect(Collectors.joining(",")));
|
||||
}
|
||||
}
|
||||
}
|
||||
+19
@@ -0,0 +1,19 @@
|
||||
package com.baeldung.filterresponse.controller;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import com.baeldung.filterresponse.model.Item;
|
||||
|
||||
@RestController
|
||||
public class ItemsController {
|
||||
|
||||
@RequestMapping("/items")
|
||||
public Collection<Item> getItems() {
|
||||
return Arrays.asList(new Item(1, "Item 1", "Frank"), new Item(2, "Item 2", "Bob"));
|
||||
}
|
||||
|
||||
}
|
||||
+25
@@ -0,0 +1,25 @@
|
||||
package com.baeldung.filterresponse.controller;
|
||||
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import com.baeldung.filterresponse.config.AppConfig.Role;
|
||||
|
||||
public class View {
|
||||
|
||||
public static final Map<Role, Class> MAPPING = new HashMap<>();
|
||||
|
||||
static {
|
||||
MAPPING.put(Role.ROLE_ADMIN, Admin.class);
|
||||
MAPPING.put(Role.ROLE_USER, User.class);
|
||||
}
|
||||
|
||||
public static class User {
|
||||
|
||||
}
|
||||
|
||||
public static class Admin extends User {
|
||||
|
||||
}
|
||||
}
|
||||
+32
@@ -0,0 +1,32 @@
|
||||
package com.baeldung.filterresponse.model;
|
||||
|
||||
import com.baeldung.filterresponse.controller.View;
|
||||
import com.fasterxml.jackson.annotation.JsonView;
|
||||
|
||||
public class Item {
|
||||
|
||||
@JsonView(View.User.class)
|
||||
private int id;
|
||||
@JsonView(View.User.class)
|
||||
private String name;
|
||||
@JsonView(View.Admin.class)
|
||||
private String ownerName;
|
||||
|
||||
public Item(int id, String name, String ownerName) {
|
||||
this.id = id;
|
||||
this.name = name;
|
||||
this.ownerName = ownerName;
|
||||
}
|
||||
|
||||
public int getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public String getName() {
|
||||
return name;
|
||||
}
|
||||
|
||||
public String getOwnerName() {
|
||||
return ownerName;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user