This is an automated email from the ASF dual-hosted git repository. jamesbognar pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/juneau-petstore.git
commit 3338e864541cab842c7986459a6710b29f9093ad Author: JamesBognar <[email protected]> AuthorDate: Thu Jan 2 13:46:04 2020 -0500 Basic Auth support in client code. --- .../main/java/org/apache/juneau/petstore/Main.java | 17 ++++++- .../petstore/config/SpringSecurityConfig.java | 57 ++++++++++------------ .../apache/juneau/petstore/rest/RootResources.java | 3 +- 3 files changed, 45 insertions(+), 32 deletions(-) diff --git a/juneau-petstore-client/src/main/java/org/apache/juneau/petstore/Main.java b/juneau-petstore-client/src/main/java/org/apache/juneau/petstore/Main.java index e97eb52..47b1fce 100644 --- a/juneau-petstore-client/src/main/java/org/apache/juneau/petstore/Main.java +++ b/juneau-petstore-client/src/main/java/org/apache/juneau/petstore/Main.java @@ -17,6 +17,11 @@ import static java.text.MessageFormat.*; import java.io.*; import java.util.*; +import org.apache.http.auth.AuthScope; +import org.apache.http.auth.Credentials; +import org.apache.http.auth.UsernamePasswordCredentials; +import org.apache.http.client.CredentialsProvider; +import org.apache.http.impl.client.BasicCredentialsProvider; import org.apache.juneau.json.*; import org.apache.juneau.marshall.*; import org.apache.juneau.parser.*; @@ -34,10 +39,20 @@ public class Main { private static final JsonParser JSON_PARSER = JsonParser.create().ignoreUnknownBeanProperties().build(); + @SuppressWarnings("deprecation") public static void main(String[] args) { + // TODO - This is broken until we can update to Juneau 8.1.3 which has a fix for handling how Spring Security + // processes Basic Auth requests. + + // Set up BASIC auth. + // User/passwords are hardcoded in SpringSecurityConfig. + Credentials up = new UsernamePasswordCredentials("admin", "password"); + CredentialsProvider p = new BasicCredentialsProvider(); + p.setCredentials(AuthScope.ANY, up); + // Create a RestClient with JSON serialization support. - try (RestClient rc = RestClient.create(SimpleJsonSerializer.class, JsonParser.class).build()) { + try (RestClient rc = RestClient.create(SimpleJsonSerializer.class, JsonParser.class).defaultCredentialsProvider(p).build()) { // Instantiate our proxy. PetStore petStore = rc.getRemote(PetStore.class, "http://localhost:5000";); diff --git a/juneau-petstore-server/src/main/java/org/apache/juneau/petstore/config/SpringSecurityConfig.java b/juneau-petstore-server/src/main/java/org/apache/juneau/petstore/config/SpringSecurityConfig.java index a07b6f9..13f427b 100644 --- a/juneau-petstore-server/src/main/java/org/apache/juneau/petstore/config/SpringSecurityConfig.java +++ b/juneau-petstore-server/src/main/java/org/apache/juneau/petstore/config/SpringSecurityConfig.java @@ -1,40 +1,37 @@ package org.apache.juneau.petstore.config; +import static org.springframework.http.HttpMethod.*; + import org.springframework.context.annotation.Configuration; -import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; /** - * TODO - Needs documentation + * Sets up BASIC authentication for our app. */ @Configuration -public class SpringSecurityConfig extends WebSecurityConfigurerAdapter{ - - @Override - protected void configure(AuthenticationManagerBuilder auth) throws Exception { - - auth.inMemoryAuthentication() - .withUser("user").password("{noop}password").roles("USER") - .and() - .withUser("admin").password("{noop}password").roles("USER", "ADMIN"); - - } - - @Override - protected void configure(HttpSecurity http) throws Exception { - - http - .httpBasic() - .and() - .authorizeRequests() - // .antMatchers(HttpMethod.POST, "/petstore/pet").hasRole("ADMIN") - .antMatchers(HttpMethod.PUT, "/petstore/pet/**").hasRole("ADMIN") - .antMatchers(HttpMethod.DELETE, "/petstore/pet/**").hasRole("ADMIN") - .and() - .csrf().disable() - .formLogin().disable(); - } - -} +public class SpringSecurityConfig extends WebSecurityConfigurerAdapter { + + @Override + protected void configure(AuthenticationManagerBuilder auth) throws Exception { + auth.inMemoryAuthentication() + .withUser("user").password("{noop}password").roles("USER") + .and() + .withUser("admin").password("{noop}password").roles("USER", "ADMIN"); + } + + @Override + protected void configure(HttpSecurity http) throws Exception { + http + .httpBasic() + .and() + .authorizeRequests() + .anyRequest().authenticated() + .antMatchers(GET).anonymous() // Allow anonymous read-only access. + .antMatchers(POST).anonymous() // TEMPORARY. + .and() + .csrf().disable() + .formLogin().disable(); + } +} \ No newline at end of file diff --git a/juneau-petstore-server/src/main/java/org/apache/juneau/petstore/rest/RootResources.java b/juneau-petstore-server/src/main/java/org/apache/juneau/petstore/rest/RootResources.java index 620efd8..9fd94b9 100644 --- a/juneau-petstore-server/src/main/java/org/apache/juneau/petstore/rest/RootResources.java +++ b/juneau-petstore-server/src/main/java/org/apache/juneau/petstore/rest/RootResources.java @@ -31,7 +31,8 @@ import org.apache.juneau.serializer.annotation.*; description="Example of a router resource page.", children={ PetStoreResource.class - } + }, + debug="true" ) @HtmlDocConfig( widgets={
