Download as
Browse Code »

Commit 5ce7da6bf709f009720ab860cc2c59d5096ce694

Authored by Cleverson Sacramento
1 parent 595dd074
Exists in master

Implementação da autenticação no arquétipo html+rest

Showing 15 changed files with 138 additions and 29 deletions   Show diff stats
archetype/html-rest/src/main/resources/archetype-resources/src/main/java/entity/Bookmark.java
  Diff comments   View file @5ce7da6
... ... @@ -9,6 +9,7 @@ import javax.persistence.GeneratedValue;
9 9 import javax.persistence.Id;
10 10 import javax.validation.constraints.NotNull;
11 11 import javax.validation.constraints.Pattern;
  12 +import javax.validation.constraints.Size;
12 13  
13 14 @Entity
14 15 public class Bookmark implements Serializable {
... ... @@ -23,14 +24,15 @@ public class Bookmark implements Serializable {
23 24 private Long id;
24 25  
25 26 @NotNull
  27 + @Size(min = 1, message = "{required.field}")
26 28 private String description;
27 29  
28 30 @NotNull
29   - @Pattern(regexp = "^([a-zA-Z]+://)?(\\w+\\.\\w+)(.+)?$", message = "{invalid.url}")
  31 + @Size(min = 1, message = "{required.field}")
  32 + @Pattern(regexp = "^|([a-zA-Z]+://)(\\w+\\.\\w+)(.+)?$", message = "{invalid.url}")
30 33 private String link;
31 34  
32 35 public Bookmark() {
33   - super();
34 36 }
35 37  
36 38 public Bookmark(String description, String link) {
... ...
archetype/html-rest/src/main/resources/archetype-resources/src/main/java/rest/BookmarkREST.java
  Diff comments   View file @5ce7da6
... ... @@ -20,6 +20,7 @@ import ${package}.business.BookmarkBC;
20 20 import ${package}.entity.Bookmark;
21 21 import br.gov.frameworkdemoiselle.BadRequestException;
22 22 import br.gov.frameworkdemoiselle.NotFoundException;
  23 +import br.gov.frameworkdemoiselle.security.LoggedIn;
23 24 import br.gov.frameworkdemoiselle.transaction.Transactional;
24 25 import br.gov.frameworkdemoiselle.util.ValidatePayload;
25 26  
... ... @@ -49,6 +50,7 @@ public class BookmarkREST {
49 50 }
50 51  
51 52 @POST
  53 + @LoggedIn
52 54 @Transactional
53 55 @ValidatePayload
54 56 @Produces("text/plain")
... ... @@ -63,6 +65,7 @@ public class BookmarkREST {
63 65 }
64 66  
65 67 @PUT
  68 + @LoggedIn
66 69 @Path("{id}")
67 70 @Transactional
68 71 @ValidatePayload
... ... @@ -77,6 +80,7 @@ public class BookmarkREST {
77 80 }
78 81  
79 82 @DELETE
  83 + @LoggedIn
80 84 @Path("{id}")
81 85 @Transactional
82 86 public void delete(@PathParam("id") Long id) {
... ... @@ -84,7 +88,7 @@ public class BookmarkREST {
84 88 bc.delete(id);
85 89 }
86 90  
87   - private void checkId(Bookmark entity) throws BadRequestException {
  91 + private void checkId(Bookmark entity) {
88 92 if (entity.getId() != null) {
89 93 throw new BadRequestException();
90 94 }
... ...
archetype/html-rest/src/main/resources/archetype-resources/src/main/java/security/SimpleAuthenticator.java 0 → 100644
  Diff comments   View file @5ce7da6
... ... @@ -0,0 +1,60 @@
  1 +package ${package}.security;
  2 +
  3 +import javax.enterprise.context.RequestScoped;
  4 +import javax.inject.Inject;
  5 +
  6 +import br.gov.frameworkdemoiselle.security.Authenticator;
  7 +import br.gov.frameworkdemoiselle.security.Credentials;
  8 +import br.gov.frameworkdemoiselle.security.InvalidCredentialsException;
  9 +import br.gov.frameworkdemoiselle.security.User;
  10 +
  11 +@RequestScoped
  12 +public class SimpleAuthenticator implements Authenticator {
  13 +
  14 + private static final long serialVersionUID = 1L;
  15 +
  16 + @Inject
  17 + private Credentials credentials;
  18 +
  19 + private User user;
  20 +
  21 + @Override
  22 + public void authenticate() throws Exception {
  23 + if (credentials.getUsername().equalsIgnoreCase("admin") && credentials.getPassword().equalsIgnoreCase("admin")) {
  24 + this.user = createUser();
  25 + } else {
  26 + throw new InvalidCredentialsException("usuário ou senha inválidos");
  27 + }
  28 + }
  29 +
  30 + private User createUser() {
  31 + return new User() {
  32 +
  33 + private static final long serialVersionUID = 1L;
  34 +
  35 + @Override
  36 + public String getId() {
  37 + return credentials.getUsername();
  38 + }
  39 +
  40 + @Override
  41 + public void setAttribute(Object key, Object value) {
  42 + }
  43 +
  44 + @Override
  45 + public Object getAttribute(Object key) {
  46 + return null;
  47 + }
  48 + };
  49 + }
  50 +
  51 + @Override
  52 + public void unauthenticate() throws Exception {
  53 + this.user = null;
  54 + }
  55 +
  56 + @Override
  57 + public User getUser() {
  58 + return this.user;
  59 + }
  60 +}
... ...
archetype/html-rest/src/main/resources/archetype-resources/src/main/resources/ValidationMessages.properties
  Diff comments   View file @5ce7da6
  1 +required.field=campo obrigat\u00F3rio
1 2 invalid.url=formato inv\u00E1lido
... ...
impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/PaginationContextImpl.java
  Diff comments   View file @5ce7da6
... ... @@ -40,7 +40,7 @@ import java.io.Serializable;
40 40 import java.util.HashMap;
41 41 import java.util.Map;
42 42  
43   -import javax.enterprise.context.SessionScoped;
  43 +import javax.enterprise.context.RequestScoped;
44 44  
45 45 import br.gov.frameworkdemoiselle.internal.configuration.PaginationConfig;
46 46 import br.gov.frameworkdemoiselle.pagination.Pagination;
... ... @@ -54,7 +54,7 @@ import br.gov.frameworkdemoiselle.util.Beans;
54 54 * @author SERPRO
55 55 * @see PaginationContext
56 56 */
57   -@SessionScoped
  57 +@RequestScoped
58 58 public class PaginationContextImpl implements Serializable, PaginationContext {
59 59  
60 60 private static final long serialVersionUID = 1L;
... ... @@ -63,6 +63,10 @@ public class PaginationContextImpl implements Serializable, PaginationContext {
63 63  
64 64 private final Map<Class<?>, Pagination> cache = new HashMap<Class<?>, Pagination>();
65 65  
  66 + public PaginationContextImpl() {
  67 + System.out.println();
  68 + }
  69 +
66 70 public Pagination getPagination(final Class<?> clazz) {
67 71 return this.getPagination(clazz, false);
68 72 }
... ...
impl/core/src/test/java/pagination/PaginationContextBasicTest.java
  Diff comments   View file @5ce7da6
... ... @@ -50,7 +50,7 @@ import org.junit.runner.RunWith;
50 50  
51 51 import test.Tests;
52 52 import transaction.defaultstrategy.TransactionDefaultTest;
53   -import br.gov.frameworkdemoiselle.context.SessionContext;
  53 +import br.gov.frameworkdemoiselle.context.RequestContext;
54 54 import br.gov.frameworkdemoiselle.internal.configuration.PaginationConfig;
55 55 import br.gov.frameworkdemoiselle.pagination.Pagination;
56 56 import br.gov.frameworkdemoiselle.pagination.PaginationContext;
... ... @@ -95,14 +95,16 @@ public class PaginationContextBasicTest {
95 95  
96 96 @Before
97 97 public void activeContext() {
98   - SessionContext context = Beans.getReference(SessionContext.class);
  98 + // SessionContext context = Beans.getReference(SessionContext.class);
  99 + RequestContext context = Beans.getReference(RequestContext.class);
99 100 context.activate();
100 101 pagination = paginationContext.getPagination(DummyEntity.class, true);
101 102 }
102 103  
103 104 @After
104 105 public void deactiveContext() {
105   - SessionContext context = Beans.getReference(SessionContext.class);
  106 + // SessionContext context = Beans.getReference(SessionContext.class);
  107 + RequestContext context = Beans.getReference(RequestContext.class);
106 108 context.deactivate();
107 109 }
108 110  
... ...
impl/core/src/test/java/pagination/PaginationContextCache.java
  Diff comments   View file @5ce7da6
... ... @@ -50,7 +50,7 @@ import org.junit.runner.RunWith;
50 50  
51 51 import test.Tests;
52 52 import transaction.defaultstrategy.TransactionDefaultTest;
53   -import br.gov.frameworkdemoiselle.context.SessionContext;
  53 +import br.gov.frameworkdemoiselle.context.RequestContext;
54 54 import br.gov.frameworkdemoiselle.pagination.Pagination;
55 55 import br.gov.frameworkdemoiselle.pagination.PaginationContext;
56 56 import br.gov.frameworkdemoiselle.util.Beans;
... ... @@ -73,13 +73,13 @@ public class PaginationContextCache {
73 73  
74 74 @Before
75 75 public void activeContext() {
76   - SessionContext context = Beans.getReference(SessionContext.class);
  76 + RequestContext context = Beans.getReference(RequestContext.class);
77 77 context.activate();
78 78 }
79 79  
80 80 @After
81 81 public void deactiveContext() {
82   - SessionContext context = Beans.getReference(SessionContext.class);
  82 + RequestContext context = Beans.getReference(RequestContext.class);
83 83 context.deactivate();
84 84 }
85 85  
... ...
impl/core/src/test/java/pagination/PaginationContextNullTest.java
  Diff comments   View file @5ce7da6
... ... @@ -50,7 +50,7 @@ import org.junit.runner.RunWith;
50 50  
51 51 import test.Tests;
52 52 import transaction.defaultstrategy.TransactionDefaultTest;
53   -import br.gov.frameworkdemoiselle.context.SessionContext;
  53 +import br.gov.frameworkdemoiselle.context.RequestContext;
54 54 import br.gov.frameworkdemoiselle.pagination.Pagination;
55 55 import br.gov.frameworkdemoiselle.pagination.PaginationContext;
56 56 import br.gov.frameworkdemoiselle.util.Beans;
... ... @@ -71,13 +71,13 @@ public class PaginationContextNullTest {
71 71  
72 72 @Before
73 73 public void activeContext() {
74   - SessionContext context = Beans.getReference(SessionContext.class);
  74 + RequestContext context = Beans.getReference(RequestContext.class);
75 75 context.activate();
76 76 }
77 77  
78 78 @After
79 79 public void deactiveContext() {
80   - SessionContext context = Beans.getReference(SessionContext.class);
  80 + RequestContext context = Beans.getReference(RequestContext.class);
81 81 context.deactivate();
82 82 }
83 83  
... ...
impl/extension/jsf/src/main/java/br/gov/frameworkdemoiselle/util/Locales.java
  Diff comments   View file @5ce7da6
... ... @@ -59,6 +59,10 @@ public class Locales implements Serializable {
59 59 private static final Locale PT_BR = new Locale("pt", "BR");
60 60  
61 61 private Locale locale = Locale.getDefault();
  62 +
  63 + public Locales() {
  64 + System.out.println();
  65 + }
62 66  
63 67 @Inject
64 68 private FacesContext facesContext;
... ...
impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/SessionNotPermittedListener.java 0 → 100644
  Diff comments   View file @5ce7da6
... ... @@ -0,0 +1,19 @@
  1 +package br.gov.frameworkdemoiselle.internal.implementation;
  2 +
  3 +import javax.servlet.annotation.WebListener;
  4 +import javax.servlet.http.HttpSessionEvent;
  5 +import javax.servlet.http.HttpSessionListener;
  6 +
  7 +@WebListener
  8 +public class SessionNotPermittedListener implements HttpSessionListener {
  9 +
  10 + @Override
  11 + public void sessionCreated(HttpSessionEvent event) {
  12 + event.getSession().invalidate();
  13 + throw new IllegalStateException("Session use is not permitted.");
  14 + }
  15 +
  16 + @Override
  17 + public void sessionDestroyed(HttpSessionEvent event) {
  18 + }
  19 +}
... ...
impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/util/BasicAuthFilter.java
  Diff comments   View file @5ce7da6
... ... @@ -67,8 +67,17 @@ public class BasicAuthFilter implements Filter {
67 67 @Override
68 68 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
69 69 ServletException {
  70 + if (request instanceof HttpServletRequest && ((HttpServletRequest) request).getUserPrincipal() == null) {
  71 + tryLogin((HttpServletRequest) request, (HttpServletResponse) response, chain);
  72 + } else {
  73 + chain.doFilter(request, response);
  74 + }
  75 + }
  76 +
  77 + private void tryLogin(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
  78 + throws IOException, ServletException {
70 79 try {
71   - boolean isLoggedIn = performLogin(getAuthHeader(request), (HttpServletRequest) request);
  80 + boolean isLoggedIn = performLogin(getAuthHeader(request), request);
72 81  
73 82 chain.doFilter(request, response);
74 83  
... ... @@ -77,7 +86,7 @@ public class BasicAuthFilter implements Filter {
77 86 }
78 87  
79 88 } catch (InvalidCredentialsException cause) {
80   - setUnauthorizedStatus((HttpServletResponse) response, cause);
  89 + setUnauthorizedStatus(response, cause);
81 90 }
82 91 }
83 92  
... ... @@ -112,17 +121,9 @@ public class BasicAuthFilter implements Filter {
112 121 response.getWriter().close();
113 122 }
114 123  
115   - private String getAuthHeader(ServletRequest request) {
116   - String result = null;
117   -
118   - if (request instanceof HttpServletRequest) {
119   - HttpServletRequest httpRequest = ((HttpServletRequest) request);
120   -
121   - result = httpRequest.getHeader("Authorization");
122   - result = (result == null ? httpRequest.getHeader("authorization") : result);
123   - }
124   -
125   - return result;
  124 + private String getAuthHeader(HttpServletRequest request) {
  125 + String result = request.getHeader("Authorization");
  126 + return (result == null ? request.getHeader("authorization") : result);
126 127 }
127 128  
128 129 private static String[] getCredentials(String header) throws InvalidCredentialsException {
... ...
impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/util/ServletFilter.java
  Diff comments   View file @5ce7da6
... ... @@ -66,6 +66,14 @@ public class ServletFilter implements Filter {
66 66 ServletException {
67 67 setDelegate(request, response);
68 68 chain.doFilter(request, response);
  69 +
  70 + // if (request instanceof HttpServletRequest) {
  71 + // Object attribute = ((HttpServletRequest) request).getAttribute("x");
  72 + // ((HttpServletResponse) response).setHeader("Set-Cookie", "");
  73 + // ((HttpServletResponse) response).setHeader("XXXX", "CCCC");
  74 + // response.getWriter().flush();
  75 + // response.getWriter().close();
  76 + // }
69 77 }
70 78  
71 79 private void setDelegate(ServletRequest request, ServletResponse response) {
... ...
impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/util/ServletListener.java
  Diff comments   View file @5ce7da6
... ... @@ -37,6 +37,8 @@
37 37 package br.gov.frameworkdemoiselle.util;
38 38  
39 39 import javax.servlet.ServletContextEvent;
  40 +import javax.servlet.ServletContextListener;
  41 +import javax.servlet.annotation.WebListener;
40 42  
41 43 import br.gov.frameworkdemoiselle.lifecycle.AfterShutdownProccess;
42 44 import br.gov.frameworkdemoiselle.lifecycle.AfterStartupProccess;
... ... @@ -47,7 +49,8 @@ import br.gov.frameworkdemoiselle.lifecycle.AfterStartupProccess;
47 49 *
48 50 * @author SERPRO
49 51 */
50   -public class ServletListener implements javax.servlet.ServletContextListener {
  52 +@WebListener
  53 +public class ServletListener implements ServletContextListener {
51 54  
52 55 @Override
53 56 public void contextInitialized(ServletContextEvent event) {
... ...
impl/extension/servlet/src/main/resources/META-INF/web-fragment.xml
  Diff comments   View file @5ce7da6
... ... @@ -52,6 +52,8 @@
52 52 <url-pattern>/*</url-pattern>
53 53 </filter-mapping>
54 54  
  55 + <!--
  56 + -->
55 57 <filter>
56 58 <filter-name>Demoiselle BasicAuth Filter</filter-name>
57 59 <filter-class>br.gov.frameworkdemoiselle.util.BasicAuthFilter</filter-class>
... ...
impl/extension/servlet/src/test/java/producer/request/HelperServlet.java
  Diff comments   View file @5ce7da6
... ... @@ -18,7 +18,6 @@ public class HelperServlet extends HttpServlet {
18 18  
19 19 @Override
20 20 protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
21   -
22 21 HttpServletRequest httpRequest = Beans.getReference(HttpServletRequest.class);
23 22  
24 23 if (httpRequest != null) {
... ...