From ab28861166fda55a820dab368debe0898163c52e Mon Sep 17 00:00:00 2001 From: PauloGladson Date: Thu, 29 Sep 2016 18:29:40 -0300 Subject: [PATCH] Melhorias --- demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/filter/JaxRsFilter.java | 22 ++++++++++++---------- demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/TokensManagerImpl.java | 10 +++------- demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/DemoisellePrincipalImpl.java | 2 -- demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java | 2 -- demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java | 3 --- 5 files changed, 15 insertions(+), 24 deletions(-) diff --git a/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/filter/JaxRsFilter.java b/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/filter/JaxRsFilter.java index c8cb381..34797f2 100644 --- a/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/filter/JaxRsFilter.java +++ b/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/filter/JaxRsFilter.java @@ -43,6 +43,9 @@ public class JaxRsFilter implements ContainerRequestFilter, ContainerResponseFil public void filter(ContainerRequestContext requestContext, ContainerResponseContext response) { response.getHeaders().putSingle("Demoiselle", "3.0.0"); + response.getHeaders().putSingle("Access-Control-Allow-Origin", "*"); + response.getHeaders().putSingle("Access-Control-Allow-Methods", "OPTIONS, GET, POST, PUT, DELETE"); + response.getHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type"); if (requestContext.getMethod().equals("GET")) { Cache max = info.getResourceMethod().getAnnotation(Cache.class); @@ -51,16 +54,15 @@ public class JaxRsFilter implements ContainerRequestFilter, ContainerResponseFil } } - CorsAllowMethods corsAllowMethods = info.getResourceMethod().getAnnotation(CorsAllowMethods.class); - if (corsAllowMethods != null) { - response.getHeaders().putSingle("Access-Control-Allow-Methods", requestContext.getMethod()); - } - - CorsAllowOrigin corsAllowOrigin = info.getResourceMethod().getAnnotation(CorsAllowOrigin.class); - if (corsAllowOrigin != null) { - response.getHeaders().putSingle("Access-Control-Allow-Origin", corsAllowOrigin.value()); - } - +// CorsAllowMethods corsAllowMethods = info.getResourceMethod().getAnnotation(CorsAllowMethods.class); +// if (corsAllowMethods != null) { +// response.getHeaders().putSingle("Access-Control-Allow-Methods", requestContext.getMethod()); +// } +// +// CorsAllowOrigin corsAllowOrigin = info.getResourceMethod().getAnnotation(CorsAllowOrigin.class); +// if (corsAllowOrigin != null) { +// response.getHeaders().putSingle("Access-Control-Allow-Origin", corsAllowOrigin.value()); +// } } @PostConstruct diff --git a/demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/TokensManagerImpl.java b/demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/TokensManagerImpl.java index d25f96c..76bac97 100644 --- a/demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/TokensManagerImpl.java +++ b/demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/TokensManagerImpl.java @@ -8,19 +8,15 @@ package org.demoiselle.jee.security.jwt.impl; import java.util.List; import java.util.Map; import java.util.logging.Logger; -import javax.enterprise.context.Dependent; import javax.enterprise.context.RequestScoped; import javax.inject.Inject; import javax.servlet.http.HttpServletRequest; import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; import org.demoiselle.jee.core.interfaces.security.Token; import org.demoiselle.jee.core.interfaces.security.TokensManager; -import static org.jose4j.jwk.PublicJsonWebKey.Factory.newPublicJwk; import org.jose4j.jwk.RsaJsonWebKey; import org.jose4j.jwk.RsaJwkGenerator; -import static org.jose4j.jwk.RsaJwkGenerator.generateJwk; import org.jose4j.jws.AlgorithmIdentifiers; -import static org.jose4j.jws.AlgorithmIdentifiers.HMAC_SHA512; import org.jose4j.jws.JsonWebSignature; import org.jose4j.jwt.JwtClaims; import org.jose4j.jwt.consumer.InvalidJwtException; @@ -51,7 +47,7 @@ public class TokensManagerImpl implements TokensManager { public TokensManagerImpl() throws JoseException { if (rsaJsonWebKey == null) { - rsaJsonWebKey = (RsaJsonWebKey) newPublicJwk(generateJwk(2048).getKey()); + rsaJsonWebKey = (RsaJsonWebKey) RsaJsonWebKey.Factory.newPublicJwk(RsaJwkGenerator.generateJwk(2048).getKey()); rsaJsonWebKey.setKeyId("demoiselle-security-jwt"); } } @@ -108,7 +104,7 @@ public class TokensManagerImpl implements TokensManager { jws.setPayload(claims.toJson()); jws.setKey(rsaJsonWebKey.getKey()); jws.setKeyIdHeaderValue(rsaJsonWebKey.getKeyId()); - jws.setAlgorithmHeaderValue(HMAC_SHA512); + jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.HMAC_SHA512); token.setKey(jws.getCompactSerialization()); token.setType("JWT"); } catch (JoseException ex) { @@ -120,7 +116,7 @@ public class TokensManagerImpl implements TokensManager { @Override public boolean validate() { - return getUser() != null && getUser().getId() != null; + return getUser() != null; } } diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/DemoisellePrincipalImpl.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/DemoisellePrincipalImpl.java index 54b5bff..30ca9ec 100644 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/DemoisellePrincipalImpl.java +++ b/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/DemoisellePrincipalImpl.java @@ -11,8 +11,6 @@ import java.util.Map; import java.util.Objects; import java.util.logging.Level; import java.util.logging.Logger; -import javax.enterprise.context.ApplicationScoped; -import javax.enterprise.context.Dependent; import javax.enterprise.context.RequestScoped; import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java index df372d6..3f054cd 100644 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java +++ b/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java @@ -6,8 +6,6 @@ */ package org.demoiselle.jee.security.impl; -import javax.enterprise.context.ApplicationScoped; -import javax.enterprise.context.Dependent; import javax.enterprise.context.RequestScoped; import javax.inject.Inject; import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java index 3a08d3c..70cd5b2 100644 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java +++ b/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java @@ -14,12 +14,9 @@ import java.io.Serializable; import java.util.logging.Logger; import javax.inject.Inject; import static javax.interceptor.Interceptor.Priority.APPLICATION; -import javax.ws.rs.core.Response; import static javax.ws.rs.core.Response.Status.UNAUTHORIZED; import org.demoiselle.jee.core.annotation.Name; import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; -import org.demoiselle.jee.core.util.ResourceBundle; -import org.demoiselle.jee.core.util.Strings; import org.demoiselle.jee.security.annotation.RequiredPermission; import org.demoiselle.jee.core.interfaces.security.SecurityContext; import static org.demoiselle.jee.core.util.Strings.isEmpty; -- libgit2 0.21.2