Skip to content

Commit ebb4dc2

Browse files
FabioFSFabioFS
committed
Refactory by the functions Bearer JWT
1 parent e61ea47 commit ebb4dc2

File tree

2 files changed

+43
-5
lines changed

2 files changed

+43
-5
lines changed

src/main/java/com/sippulse/pet/system/config/SecurityConfig.java

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,8 @@
1212
import org.springframework.security.config.http.SessionCreationPolicy;
1313
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
1414

15-
import com.sippulse.pet.security.Roles;
15+
import com.sippulse.pet.security.PermissionEnum;
16+
import com.sippulse.pet.security.RoleEnum;
1617
import com.sippulse.pet.security.jwt.JwtConfigurer;
1718
import com.sippulse.pet.security.jwt.JwtTokenProvider;
1819

@@ -52,10 +53,15 @@ protected void configure(HttpSecurity http) throws Exception {
5253
//public endpoints
5354
.antMatchers("/auth/signin").permitAll()
5455
.antMatchers("/swagger-ui.html**").permitAll()
55-
.antMatchers(Roles.ROLE_FIND_VISIT_BY_OWNER.getUrl()).permitAll()
56+
.antMatchers(RoleEnum.ROLE_FIND_VISIT_BY_OWNER.getUrl()).permitAll()
5657

5758
//private endpoints
58-
// .antMatchers(Roles.ROLE_OWNER_CRUD.getUrl()).hasRole(Roles.ROLE_OWNER_CRUD.getDescription())
59+
.antMatchers(RoleEnum.ROLE_OWNER_CRUD.getUrl()).hasAnyAuthority(PermissionEnum.EMPLOYEE.getPermission())
60+
.antMatchers(RoleEnum.ROLE_PET_CRUD.getUrl()).hasAnyAuthority(PermissionEnum.EMPLOYEE.getPermission())
61+
.antMatchers(RoleEnum.ROLE_PET_TYPE_CRUD.getUrl()).hasAnyAuthority(PermissionEnum.EMPLOYEE.getPermission())
62+
.antMatchers(RoleEnum.ROLE_USER_CRUD.getUrl()).hasAnyAuthority(PermissionEnum.EMPLOYEE.getPermission())
63+
.antMatchers(RoleEnum.ROLE_VISIT_CRUD.getUrl()).hasAnyAuthority(PermissionEnum.EMPLOYEE.getPermission(),PermissionEnum.VET.getPermission())
64+
.antMatchers(RoleEnum.ROLE_VET_CRUD.getUrl()).hasAnyAuthority(PermissionEnum.EMPLOYEE.getPermission(),PermissionEnum.VET.getPermission())
5965
.anyRequest().permitAll()
6066
.and()
6167
.apply(new JwtConfigurer(tokenProvider));

src/main/java/com/sippulse/pet/system/config/SwaggerConfig.java

Lines changed: 34 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,15 +4,22 @@
44
package com.sippulse.pet.system.config;
55

66
import java.util.Collections;
7+
import java.util.List;
78

89
import org.springframework.context.annotation.Bean;
910
import org.springframework.context.annotation.Configuration;
1011

12+
import com.google.common.collect.Lists;
13+
1114
import springfox.documentation.builders.PathSelectors;
1215
import springfox.documentation.builders.RequestHandlerSelectors;
1316
import springfox.documentation.service.ApiInfo;
17+
import springfox.documentation.service.ApiKey;
18+
import springfox.documentation.service.AuthorizationScope;
1419
import springfox.documentation.service.Contact;
20+
import springfox.documentation.service.SecurityReference;
1521
import springfox.documentation.spi.DocumentationType;
22+
import springfox.documentation.spi.service.contexts.SecurityContext;
1623
import springfox.documentation.spring.web.plugins.Docket;
1724
import springfox.documentation.swagger2.annotations.EnableSwagger2;
1825

@@ -24,6 +31,9 @@
2431
@Configuration
2532
@EnableSwagger2
2633
public class SwaggerConfig {
34+
35+
public static final String AUTHORIZATION_HEADER = "Authorization";
36+
public static final String DEFAULT_INCLUDE_PATTERN = "/api/.*";
2737

2838
@Bean
2939
public Docket api() {
@@ -32,7 +42,9 @@ public Docket api() {
3242
.apis(RequestHandlerSelectors.basePackage("com.sippulse.pet"))
3343
.paths(PathSelectors.any())
3444
.build()
35-
.apiInfo(apiInfo());
45+
.apiInfo(apiInfo())
46+
.securityContexts(Lists.newArrayList(securityContext()))
47+
.securitySchemes(Lists.newArrayList(apiKey()));
3648
}
3749

3850
private ApiInfo apiInfo() {
@@ -41,8 +53,28 @@ private ApiInfo apiInfo() {
4153
"Pet-Schedule - Interview SIPPULSE",
4254
"v1",
4355
"Terms Of Service Url",
44-
new Contact("Fabio Figueiredo da Silva", "pet-schedule.xyz", "[email protected]"),
56+
new Contact("Fabio Figueiredo da Silva", "https://pet-schedule-br.herokuapp.com/swagger", "[email protected]"),
4557
"License of API", "License of URL", Collections.emptyList());
4658
}
59+
60+
private ApiKey apiKey() {
61+
return new ApiKey("JWT - Antes de inserir o token colocar a palavra \"Baerer\" seguida de um espaço e pronto.", AUTHORIZATION_HEADER, "header");
62+
}
63+
64+
private SecurityContext securityContext() {
65+
return SecurityContext.builder()
66+
.securityReferences(defaultAuth())
67+
.forPaths(PathSelectors.regex(DEFAULT_INCLUDE_PATTERN))
68+
.build();
69+
}
70+
71+
List<SecurityReference> defaultAuth() {
72+
AuthorizationScope authorizationScope
73+
= new AuthorizationScope("global", "accessEverything");
74+
AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
75+
authorizationScopes[0] = authorizationScope;
76+
return Lists.newArrayList(
77+
new SecurityReference("JWT", authorizationScopes));
78+
}
4779

4880
}

0 commit comments

Comments
 (0)