Merge pull request #1 from skumar3006/develop

Develop

Author: skumar3006

pom.xml

@@ -37,10 +37,10 @@
 			<groupId>org.projectlombok</groupId>
 			<artifactId>lombok</artifactId>
 		</dependency>
-<dependency>
-	<groupId>org.springframework.boot</groupId>
-	<artifactId>spring-boot-starter-data-rest</artifactId>
-</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-data-rest</artifactId>
+		</dependency>
 		<dependency>
 			<groupId>org.flywaydb</groupId>
 			<artifactId>flyway-core</artifactId>
@@ -61,6 +61,20 @@
 			<artifactId>spring-boot-starter-test</artifactId>
 			<scope>test</scope>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security.oauth</groupId>
+			<artifactId>spring-security-oauth2</artifactId>
+			<version>2.3.3.RELEASE</version>
+		</dependency>
+		<dependency>
+			<groupId>org.modelmapper</groupId>
+			<artifactId>modelmapper</artifactId>
+			<version>2.3.5</version>
+		</dependency>
 	</dependencies>
 
 </project>

src/main/java/sandeep/demo/controller/OwnerController.java

@@ -1,12 +1,10 @@
 package sandeep.demo.controller;
 
 import java.util.List;
-import java.util.Optional;
 
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
-import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -15,8 +13,8 @@
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
-import sandeep.demo.entity.Owner;
 import sandeep.demo.manager.OwnerManager;
+import sandeep.demo.model.OwnerBO;
 
 @RestController
 @RequestMapping("/owners")
@@ -26,28 +24,34 @@ public class OwnerController {
 	OwnerManager ownerManager;
 
 	@GetMapping
-	public ResponseEntity<List<Owner>> getAllRecords() {
-		List<Owner> list = ownerManager.getAllRecords();
-
-		return new ResponseEntity<List<Owner>>(list, new HttpHeaders(), HttpStatus.OK);
+	public List<OwnerBO> getAllRecords() {
+		List<OwnerBO> list = ownerManager.getAllRecords();
+		return list;
 	}
 
 	@GetMapping(value = "/{ownerId}")
-	public Optional<Owner> getById(@PathVariable Integer ownerId) {
-		Optional<Owner> owner = ownerManager.getById(ownerId);
+	public OwnerBO getById(@PathVariable Integer ownerId) {
+		OwnerBO owner = ownerManager.getById(ownerId);
 		return owner;
 	}
 
 	@PostMapping
-	public ResponseEntity<Owner> createOrUpdateEmployee(@RequestBody Owner owner) {
-		Owner response = ownerManager.createOwner(owner);
-		return new ResponseEntity<Owner>(response, new HttpHeaders(), HttpStatus.OK);
+	public OwnerBO createOrUpdateEmployee(@RequestBody OwnerBO owner) {
+		OwnerBO ownerBO = ownerManager.createOwner(owner);
+		return ownerBO;
 	}
 
 	@PutMapping(value = "{/ownerId}")
-	public ResponseEntity<Owner> update(Owner owner) {
-		Owner response = ownerManager.updateOwner(owner);
-		return new ResponseEntity<Owner>(response, new HttpHeaders(), HttpStatus.OK);
+	public OwnerBO update(@RequestBody OwnerBO owner) {
+		OwnerBO ownerBO = ownerManager.updateOwner(owner);
+		return ownerBO;
+	}
+	
+	@DeleteMapping(value = "/{ownerId}")
+	public HttpStatus deleteById(@PathVariable Integer ownerId) {
+		 ownerManager.deleteById(ownerId);
+		return HttpStatus.ACCEPTED;
 	}
 
+
 }

src/main/java/sandeep/demo/manager/OwnerManager.java

@@ -1,12 +1,15 @@
 package sandeep.demo.manager;
 
+import java.util.ArrayList;
 import java.util.List;
 import java.util.Optional;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
 import sandeep.demo.entity.Owner;
+import sandeep.demo.model.ModelEntityMapper;
+import sandeep.demo.model.OwnerBO;
 import sandeep.demo.repository.OwnerRepository;
 
 @Component
@@ -15,22 +18,32 @@ public class OwnerManager {
 	@Autowired
 	OwnerRepository ownerRepository;
 
-	public Owner createOwner(Owner owner) {
-		ownerRepository.save(owner);
-		return owner;
+	public OwnerBO createOwner(OwnerBO ownerBO) {
+		Owner owner = ModelEntityMapper.convertToEntity(ownerBO);
+		owner = ownerRepository.save(owner);
+		return ModelEntityMapper.convertToBO(owner);
 	}
 
-	public List<Owner> getAllRecords() {
-		return (List<Owner>) ownerRepository.findAll();
+	public List<OwnerBO> getAllRecords() {
+		List<Owner> owners = (List<Owner>) ownerRepository.findAll();
+		List<OwnerBO> list = new ArrayList<>();
+		owners.forEach(owner -> list.add(ModelEntityMapper.convertToBO(owner)));
+		return list;
 	}
 
-	public Owner updateOwner(Owner owner) {
-		ownerRepository.save(owner);
-		return owner;
+	public OwnerBO updateOwner(OwnerBO ownerBO) {
+		Owner owner = ModelEntityMapper.convertToEntity(ownerBO);
+		owner = ownerRepository.save(owner);
+		return ModelEntityMapper.convertToBO(owner);
 	}
 
-	public Optional<Owner> getById(Integer ownerId) {
-		return ownerRepository.findById(ownerId);
+	public OwnerBO getById(Integer ownerId) {
+		Optional<Owner> owner = ownerRepository.findById(ownerId);
+		return ModelEntityMapper.convertToBO(owner.get());
+	}
+
+	public void deleteById(Integer ownerId) {
+		ownerRepository.deleteById(ownerId);
 	}
 
 }

src/main/java/sandeep/demo/model/ModelEntityMapper.java

@@ -0,0 +1,24 @@
+package sandeep.demo.model;
+
+import org.modelmapper.ModelMapper;
+
+import sandeep.demo.entity.Owner;
+
+public class ModelEntityMapper {
+
+	public static OwnerBO convertToBO(Owner owner) {
+
+		ModelMapper modelMapper = new ModelMapper();
+		OwnerBO ownerBO = modelMapper.map(owner, OwnerBO.class);
+		return ownerBO;
+
+	}
+
+	public static Owner convertToEntity(OwnerBO ownerBO) {
+		ModelMapper modelMapper = new ModelMapper();
+		Owner owner = modelMapper.map(ownerBO, Owner.class);
+		return owner;
+
+	}
+
+}

src/main/java/sandeep/demo/spring/security/AuthorizationServerConfiguration.java

@@ -0,0 +1,69 @@
+package sandeep.demo.spring.security;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
+import org.springframework.security.oauth2.provider.approval.UserApprovalHandler;
+import org.springframework.security.oauth2.provider.token.TokenStore;
+
+/**
+ * 
+ * @author Sandeep Kumar Vishwakarma
+ * Authorization Server
+ */
+
+@Configuration
+@EnableAuthorizationServer
+public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
+
+	private static String REALM = "MY_OAUTH_REALM";
+
+	@Autowired
+	private TokenStore tokenStore;
+
+	@Autowired
+	private UserApprovalHandler userApprovalHandler;
+
+	@Autowired
+	@Qualifier("authenticationManagerBean")
+	private AuthenticationManager authenticationManager;
+
+	@Override
+	public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+
+		clients.inMemory().withClient("sandeep")
+				.authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit")
+				.authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT").scopes("read", "write", "trust").secret("{noop}secret")
+				.accessTokenValiditySeconds(120).// Access token is only valid for 2 minutes.
+				refreshTokenValiditySeconds(600);// Refresh token is only valid for 10 minutes.
+	}
+
+	@Override
+	public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
+		endpoints.tokenStore(tokenStore).userApprovalHandler(userApprovalHandler)
+				.authenticationManager(authenticationManager);
+	}
+	
+	
+	
+	@Bean
+	public PasswordEncoder passwordEncoder() {
+	    return PasswordEncoderFactories.createDelegatingPasswordEncoder();
+	}
+
+	@Override
+	public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
+		oauthServer.realm(REALM + "/client");
+	}
+
+}

src/main/java/sandeep/demo/spring/security/MethodSecurityConfig.java

@@ -0,0 +1,25 @@
+package sandeep.demo.spring.security;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
+import org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler;
+
+/**
+ * 
+ * @author Sandeep Kumar Vishwakarma
+ * Enable Global method security which will activate @PreFilter, @PostFilter, @PreAuthorize @PostAuthorize
+ * 
+ */
+
+
+@Configuration
+@EnableGlobalMethodSecurity(prePostEnabled = true, proxyTargetClass = true)
+public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
+ 
+    @Override
+    protected MethodSecurityExpressionHandler createExpressionHandler() {
+        return new OAuth2MethodSecurityExpressionHandler();
+    }
+}

src/main/java/sandeep/demo/spring/security/OAuth2SecurityConfiguration.java

@@ -0,0 +1,72 @@
+package sandeep.demo.spring.security;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.oauth2.provider.ClientDetailsService;
+import org.springframework.security.oauth2.provider.approval.ApprovalStore;
+import org.springframework.security.oauth2.provider.approval.TokenApprovalStore;
+import org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler;
+import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;
+import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
+
+/**
+ * 
+ * @author Sandeep Kumar Vishwakarma Security Configuration
+ * 
+ */
+
+@Configuration
+@EnableWebSecurity
+public class OAuth2SecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+	@Autowired
+	private ClientDetailsService clientDetailsService;
+
+	@Autowired
+	public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception {
+		auth.inMemoryAuthentication().withUser("sandeep").password("{noop}sandeep123").roles("ADMIN").and().withUser("user")
+				.password("{noop}user123").roles("USER");
+	}
+
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http.csrf().disable().anonymous().disable().authorizeRequests().antMatchers("/oauth/token").permitAll();
+	}
+
+	@Override
+	@Bean
+	public AuthenticationManager authenticationManagerBean() throws Exception {
+		return super.authenticationManagerBean();
+	}
+
+	@Bean
+	public TokenStore tokenStore() {
+		return new InMemoryTokenStore();
+	}
+
+	@Bean
+	@Autowired
+	public TokenStoreUserApprovalHandler userApprovalHandler(TokenStore tokenStore) {
+		TokenStoreUserApprovalHandler handler = new TokenStoreUserApprovalHandler();
+		handler.setTokenStore(tokenStore);
+		handler.setRequestFactory(new DefaultOAuth2RequestFactory(clientDetailsService));
+		handler.setClientDetailsService(clientDetailsService);
+		return handler;
+	}
+
+	@Bean
+	@Autowired
+	public ApprovalStore approvalStore(TokenStore tokenStore) throws Exception {
+		TokenApprovalStore store = new TokenApprovalStore();
+		store.setTokenStore(tokenStore);
+		return store;
+	}
+
+}