feature : KnifeUserInfo, fix : DefaultResourceServerTokenIntrospector

Author: patternhelloworld

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/guard/AccessTokenUserInfo.java

@@ -1,5 +1,6 @@
 package com.patternknife.securityhelper.oauth2.client.config.securityimpl.guard;
 
+import io.github.patternknife.securityhelper.oauth2.api.config.security.core.KnifeUserInfo;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.message.DefaultSecurityUserExceptionMessage;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.message.ISecurityUserExceptionMessageService;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.KnifeErrorMessages;
@@ -13,13 +14,13 @@
 
 public class AccessTokenUserInfoConverter {
 
-    public static AccessTokenUserInfo from(Object principal,
-                                           ConditionalDetailsService conditionalDetailsService,
-                                           OAuth2AuthorizationServiceImpl authorizationService, ISecurityUserExceptionMessageService iSecurityUserExceptionMessageService) {
+    public static KnifeUserInfo<?> from(Object principal,
+                                        ConditionalDetailsService conditionalDetailsService,
+                                        OAuth2AuthorizationServiceImpl authorizationService, ISecurityUserExceptionMessageService iSecurityUserExceptionMessageService) {
 
-        AccessTokenUserInfo accessTokenUserInfo;
-        if (principal instanceof AccessTokenUserInfo) {
-            return ((AccessTokenUserInfo) principal);
+        KnifeUserInfo<?> knifeUserInfo;
+        if (principal instanceof KnifeUserInfo) {
+            return ((KnifeUserInfo<?>) principal);
         } else if (principal instanceof OAuth2IntrospectionAuthenticatedPrincipal) {
             String userName = ((OAuth2IntrospectionAuthenticatedPrincipal) principal).getUsername();
             String clientId = ((OAuth2IntrospectionAuthenticatedPrincipal) principal).getClientId();
@@ -30,7 +31,7 @@ public static AccessTokenUserInfo from(Object principal,
                 throw new KnifeOauth2AuthenticationException(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_FAILURE));
             }
 
-            return (AccessTokenUserInfo) conditionalDetailsService.loadUserByUsername(userName, clientId);
+            return (KnifeUserInfo<?>) conditionalDetailsService.loadUserByUsername(userName, clientId);
         }else {
             throw new KnifeOauth2AuthenticationException(KnifeErrorMessages.builder().message("Wrong principal : " +  principal.toString()).userMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_TOKEN_ERROR.getMessage()).build());
         }

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/guard/AccessTokenUserInfoConverter.java

@@ -10,7 +10,7 @@
 
 @Getter
 @Setter
-public class AdditionalAccessTokenUserInfo implements Serializable {
+public class CustomizedUserInfo implements Serializable {
 
     public enum UserType {
         ADMIN("client_admin"),
@@ -35,7 +35,7 @@ public String getValue() {
 
     private LocalDateTime deletedAt;
 
-    public AdditionalAccessTokenUserInfo(Customer customer) {
+    public CustomizedUserInfo(Customer customer) {
 
         this.userType = UserType.CUSTOMER;
 
@@ -47,7 +47,7 @@ public AdditionalAccessTokenUserInfo(Customer customer) {
 
     }
 
-    public AdditionalAccessTokenUserInfo(Admin admin) {
+    public CustomizedUserInfo(Admin admin) {
 
         this.userType = UserType.ADMIN;
 

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/guard/AdditionalAccessTokenUserInfo.java renamed to client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/guard/CustomizedUserInfo.java

@@ -1,10 +1,7 @@
 package com.patternknife.securityhelper.oauth2.client.config.securityimpl.guard;
 
-import com.patternknife.securityhelper.oauth2.client.config.response.error.exception.auth.CustomAuthGuardException;
-import io.github.patternknife.securityhelper.oauth2.api.config.security.message.DefaultSecurityUserExceptionMessage;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.core.KnifeUserInfo;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.message.ISecurityUserExceptionMessageService;
-import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.KnifeErrorMessages;
-import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.exception.KnifeOauth2AuthenticationException;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.exception.KnifeOauth2AuthorizationException;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.serivce.persistence.authorization.OAuth2AuthorizationServiceImpl;
 import io.github.patternknife.securityhelper.oauth2.api.config.security.serivce.userdetail.ConditionalDetailsService;
@@ -13,12 +10,6 @@
 import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
 import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
-import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
-import org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal;
 import org.springframework.stereotype.Component;
 
 @Aspect
@@ -34,11 +25,11 @@ public class UserCustomerOnlyImpl {
     public Object check(ProceedingJoinPoint joinPoint) throws Throwable {
 
         Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
-        AccessTokenUserInfo accessTokenUserInfo = AccessTokenUserInfoConverter.from(principal, conditionalDetailsService, authorizationService, iSecurityUserExceptionMessageService);
+        KnifeUserInfo<?> knifeUserInfo = AccessTokenUserInfoConverter.from(principal, conditionalDetailsService, authorizationService, iSecurityUserExceptionMessageService);
 
-        if(accessTokenUserInfo != null && (accessTokenUserInfo.getAdditionalAccessTokenUserInfo().getUserType() != AdditionalAccessTokenUserInfo.UserType.CUSTOMER)){
+        if(knifeUserInfo != null && ((CustomizedUserInfo) knifeUserInfo.getCustomizedUserInfo()).getUserType() != CustomizedUserInfo.UserType.CUSTOMER){
             // Authorization
-            throw new KnifeOauth2AuthorizationException("ID \"" + accessTokenUserInfo.getUsername() + "\" : Not in Customer Group");
+            throw new KnifeOauth2AuthorizationException("ID \"" + knifeUserInfo.getUsername() + "\" : Not in Customer Group");
         }
 
         return joinPoint.proceed();

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/guard/UserCustomerOnlyImpl.java

@@ -17,37 +17,37 @@
 *   Set this to your resource servers
 * */
 @Component
-public class CustomDefaultResourceServerTokenIntrospector implements OpaqueTokenIntrospector {
+public class CustomResourceServerTokenIntrospector implements OpaqueTokenIntrospector {
 
     private final OpaqueTokenIntrospector delegate;
 
     /*
     *   api : resource servers call the authorization server
     *   database : the database is shared with the authorization server and resource servers
     * */
-    @Value("${patternknife.securityhelper.oauth2.introspection.type}") String introspectionType;
-    @Value("${patternknife.securityhelper.oauth2.introspection.uri}") String introspectionUri;
-    @Value("${patternknife.securityhelper.oauth2.introspection.client-id}") String clientId;
-    @Value("${patternknife.securityhelper.oauth2.introspection.client-secret}") String clientSecret;
-
+    String introspectionType;
 
     private final OAuth2AuthorizationServiceImpl authorizationService;
     private final ConditionalDetailsService conditionalDetailsService;
     private final ISecurityUserExceptionMessageService iSecurityUserExceptionMessageService;
 
 
-    public CustomDefaultResourceServerTokenIntrospector(
+    public CustomResourceServerTokenIntrospector(
             OAuth2AuthorizationServiceImpl authorizationService,
             ConditionalDetailsService conditionalDetailsService,
             ISecurityUserExceptionMessageService iSecurityUserExceptionMessageService,
-            @Value("${patternknife.securityhelper.oauth2.introspection.type}") String introspectionType,
-            @Value("${patternknife.securityhelper.oauth2.introspection.uri}") String introspectionUri,
-            @Value("${patternknife.securityhelper.oauth2.introspection.client-id}") String clientId,
-            @Value("${patternknife.securityhelper.oauth2.introspection.client-secret}") String clientSecret) {
-        this.delegate = new SpringOpaqueTokenIntrospector(introspectionUri, clientId, clientSecret);
+            @Value("${patternknife.securityhelper.oauth2.introspection.type:database}") String introspectionType,
+            @Value("${patternknife.securityhelper.oauth2.introspection.uri:default-introspect-uri}") String introspectionUri,
+            @Value("${patternknife.securityhelper.oauth2.introspection.client-id:default-client-id}") String clientId,
+            @Value("${patternknife.securityhelper.oauth2.introspection.client-secret:default-client-secret}") String clientSecret) {
+
         this.authorizationService = authorizationService;
         this.conditionalDetailsService = conditionalDetailsService;
         this.iSecurityUserExceptionMessageService = iSecurityUserExceptionMessageService;
+
+        this.introspectionType = introspectionType;
+
+        this.delegate = new SpringOpaqueTokenIntrospector(introspectionUri, clientId, clientSecret);
     }
 
     @Override

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/introspector/CustomDefaultResourceServerTokenIntrospector.java renamed to client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/introspector/CustomResourceServerTokenIntrospector.java

@@ -1,8 +1,8 @@
 package com.patternknife.securityhelper.oauth2.client.config.securityimpl.serivce.userdetail;
 
 
-import com.patternknife.securityhelper.oauth2.client.config.securityimpl.guard.AccessTokenUserInfo;
-import com.patternknife.securityhelper.oauth2.client.config.securityimpl.guard.AdditionalAccessTokenUserInfo;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.core.KnifeUserInfo;
+import com.patternknife.securityhelper.oauth2.client.config.securityimpl.guard.CustomizedUserInfo;
 
 import com.patternknife.securityhelper.oauth2.client.domain.admin.dao.AdminRepository;
 import com.patternknife.securityhelper.oauth2.client.domain.admin.entity.Admin;
@@ -81,7 +81,7 @@ public Admin findByIdWithOrganizationRole(Long id) {
     }
 
 
-    private AccessTokenUserInfo buildAdminForAuthentication(Admin admin, Collection<? extends GrantedAuthority> authorities) {
+    private KnifeUserInfo<CustomizedUserInfo> buildAdminForAuthentication(Admin admin, Collection<? extends GrantedAuthority> authorities) {
 
         String username = admin.getIdName();
         String password = admin.getPassword().getValue();
@@ -91,10 +91,10 @@ private AccessTokenUserInfo buildAdminForAuthentication(Admin admin, Collection<
         boolean credentialsNonExpired = true;
         boolean accountNonLocked = true;
 
-        AccessTokenUserInfo authUser = new AccessTokenUserInfo(username, password, enabled, accountNonExpired, credentialsNonExpired,
+        KnifeUserInfo<CustomizedUserInfo> authUser = new KnifeUserInfo<>(username, password, enabled, accountNonExpired, credentialsNonExpired,
                 accountNonLocked, authorities);
 
-        authUser.setAdditionalAccessTokenUserInfo(new AdditionalAccessTokenUserInfo(admin));
+        authUser.setCustomizedUserInfo(new CustomizedUserInfo(admin));
 
         return authUser;
     }
@@ -109,7 +109,6 @@ private Collection<? extends GrantedAuthority> getAuthorities(Long adminId) {
             return new ArrayList<GrantedAuthority>();
         }
 
-
         String[] adminRoles = admin.getAdminRoles().stream().map((adminRole) -> adminRole.getRole().getName()).toArray(String[]::new);
         Collection<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList(adminRoles);
         return authorities;

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/serivce/userdetail/AdminDetailsService.java

@@ -2,7 +2,7 @@
 
 
 import io.github.patternknife.securityhelper.oauth2.api.config.security.serivce.userdetail.UserDetailsServiceFactory;
-import com.patternknife.securityhelper.oauth2.client.config.securityimpl.guard.AdditionalAccessTokenUserInfo;
+import com.patternknife.securityhelper.oauth2.client.config.securityimpl.guard.CustomizedUserInfo;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.stereotype.Service;
@@ -21,9 +21,9 @@ public CustomUserDetailsServiceFactory(List<UserDetailsService> userDetailsServi
         userDetailsServiceMap = new HashMap<>();
         for (UserDetailsService userDetailsService : userDetailsServices) {
             if (userDetailsService instanceof AdminDetailsService) {
-                userDetailsServiceMap.put(AdditionalAccessTokenUserInfo.UserType.ADMIN.getValue(), userDetailsService);
+                userDetailsServiceMap.put(CustomizedUserInfo.UserType.ADMIN.getValue(), userDetailsService);
             } else if (userDetailsService instanceof CustomerDetailsService) {
-                userDetailsServiceMap.put(AdditionalAccessTokenUserInfo.UserType.CUSTOMER.getValue(), userDetailsService);
+                userDetailsServiceMap.put(CustomizedUserInfo.UserType.CUSTOMER.getValue(), userDetailsService);
             }
         }
     }

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/serivce/userdetail/CustomUserDetailsServiceFactory.java

@@ -1,8 +1,8 @@
 package com.patternknife.securityhelper.oauth2.client.config.securityimpl.serivce.userdetail;
 
 
-import com.patternknife.securityhelper.oauth2.client.config.securityimpl.guard.AccessTokenUserInfo;
-import com.patternknife.securityhelper.oauth2.client.config.securityimpl.guard.AdditionalAccessTokenUserInfo;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.core.KnifeUserInfo;
+import com.patternknife.securityhelper.oauth2.client.config.securityimpl.guard.CustomizedUserInfo;
 import com.patternknife.securityhelper.oauth2.client.config.response.error.exception.auth.UserDeletedException;
 
 import com.patternknife.securityhelper.oauth2.client.domain.customer.dao.CustomerRepository;
@@ -12,7 +12,6 @@
 import com.patternknife.securityhelper.oauth2.client.domain.customer.entity.QCustomerRole;
 import com.patternknife.securityhelper.oauth2.client.domain.role.entity.QRole;
 import com.querydsl.jpa.impl.JPAQueryFactory;
-import io.github.patternknife.securityhelper.oauth2.api.config.security.dao.KnifeClientRepository;
 import jakarta.persistence.EntityManager;
 import jakarta.persistence.PersistenceContext;
 import org.springframework.beans.factory.annotation.Qualifier;
@@ -88,18 +87,18 @@ public Customer findByIdWithOrganizationRole(Long id) {
     }
 
 
-    private AccessTokenUserInfo buildCustomerForAuthentication(Customer customer, Collection<? extends GrantedAuthority> authorities) {
+    private KnifeUserInfo<CustomizedUserInfo> buildCustomerForAuthentication(Customer customer, Collection<? extends GrantedAuthority> authorities) {
         String customername = customer.getIdName();
         String password = customer.getPassword() != null ? customer.getPassword().getValue() : "";
         boolean enabled = true;
         boolean accountNonExpired = true;
         boolean credentialsNonExpired = true;
         boolean accountNonLocked = true;
 
-        AccessTokenUserInfo authCustomer = new AccessTokenUserInfo(customername, password, enabled, accountNonExpired, credentialsNonExpired,
+        KnifeUserInfo<CustomizedUserInfo> authCustomer = new KnifeUserInfo<>(customername, password, enabled, accountNonExpired, credentialsNonExpired,
                 accountNonLocked, authorities);
 
-        authCustomer.setAdditionalAccessTokenUserInfo(new AdditionalAccessTokenUserInfo(customer));
+        authCustomer.setCustomizedUserInfo(new CustomizedUserInfo(customer));
 
         return authCustomer;
     }