Commit ab28861166fda55a820dab368debe0898163c52e
1 parent
765b1a94
Melhorias
Showing
5 changed files
with
15 additions
and
24 deletions
Show diff stats
demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/filter/JaxRsFilter.java
| @@ -43,6 +43,9 @@ public class JaxRsFilter implements ContainerRequestFilter, ContainerResponseFil | @@ -43,6 +43,9 @@ public class JaxRsFilter implements ContainerRequestFilter, ContainerResponseFil | ||
| 43 | public void filter(ContainerRequestContext requestContext, ContainerResponseContext response) { | 43 | public void filter(ContainerRequestContext requestContext, ContainerResponseContext response) { |
| 44 | 44 | ||
| 45 | response.getHeaders().putSingle("Demoiselle", "3.0.0"); | 45 | response.getHeaders().putSingle("Demoiselle", "3.0.0"); |
| 46 | + response.getHeaders().putSingle("Access-Control-Allow-Origin", "*"); | ||
| 47 | + response.getHeaders().putSingle("Access-Control-Allow-Methods", "OPTIONS, GET, POST, PUT, DELETE"); | ||
| 48 | + response.getHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type"); | ||
| 46 | 49 | ||
| 47 | if (requestContext.getMethod().equals("GET")) { | 50 | if (requestContext.getMethod().equals("GET")) { |
| 48 | Cache max = info.getResourceMethod().getAnnotation(Cache.class); | 51 | Cache max = info.getResourceMethod().getAnnotation(Cache.class); |
| @@ -51,16 +54,15 @@ public class JaxRsFilter implements ContainerRequestFilter, ContainerResponseFil | @@ -51,16 +54,15 @@ public class JaxRsFilter implements ContainerRequestFilter, ContainerResponseFil | ||
| 51 | } | 54 | } |
| 52 | } | 55 | } |
| 53 | 56 | ||
| 54 | - CorsAllowMethods corsAllowMethods = info.getResourceMethod().getAnnotation(CorsAllowMethods.class); | ||
| 55 | - if (corsAllowMethods != null) { | ||
| 56 | - response.getHeaders().putSingle("Access-Control-Allow-Methods", requestContext.getMethod()); | ||
| 57 | - } | ||
| 58 | - | ||
| 59 | - CorsAllowOrigin corsAllowOrigin = info.getResourceMethod().getAnnotation(CorsAllowOrigin.class); | ||
| 60 | - if (corsAllowOrigin != null) { | ||
| 61 | - response.getHeaders().putSingle("Access-Control-Allow-Origin", corsAllowOrigin.value()); | ||
| 62 | - } | ||
| 63 | - | 57 | +// CorsAllowMethods corsAllowMethods = info.getResourceMethod().getAnnotation(CorsAllowMethods.class); |
| 58 | +// if (corsAllowMethods != null) { | ||
| 59 | +// response.getHeaders().putSingle("Access-Control-Allow-Methods", requestContext.getMethod()); | ||
| 60 | +// } | ||
| 61 | +// | ||
| 62 | +// CorsAllowOrigin corsAllowOrigin = info.getResourceMethod().getAnnotation(CorsAllowOrigin.class); | ||
| 63 | +// if (corsAllowOrigin != null) { | ||
| 64 | +// response.getHeaders().putSingle("Access-Control-Allow-Origin", corsAllowOrigin.value()); | ||
| 65 | +// } | ||
| 64 | } | 66 | } |
| 65 | 67 | ||
| 66 | @PostConstruct | 68 | @PostConstruct |
demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/TokensManagerImpl.java
| @@ -8,19 +8,15 @@ package org.demoiselle.jee.security.jwt.impl; | @@ -8,19 +8,15 @@ package org.demoiselle.jee.security.jwt.impl; | ||
| 8 | import java.util.List; | 8 | import java.util.List; |
| 9 | import java.util.Map; | 9 | import java.util.Map; |
| 10 | import java.util.logging.Logger; | 10 | import java.util.logging.Logger; |
| 11 | -import javax.enterprise.context.Dependent; | ||
| 12 | import javax.enterprise.context.RequestScoped; | 11 | import javax.enterprise.context.RequestScoped; |
| 13 | import javax.inject.Inject; | 12 | import javax.inject.Inject; |
| 14 | import javax.servlet.http.HttpServletRequest; | 13 | import javax.servlet.http.HttpServletRequest; |
| 15 | import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; | 14 | import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; |
| 16 | import org.demoiselle.jee.core.interfaces.security.Token; | 15 | import org.demoiselle.jee.core.interfaces.security.Token; |
| 17 | import org.demoiselle.jee.core.interfaces.security.TokensManager; | 16 | import org.demoiselle.jee.core.interfaces.security.TokensManager; |
| 18 | -import static org.jose4j.jwk.PublicJsonWebKey.Factory.newPublicJwk; | ||
| 19 | import org.jose4j.jwk.RsaJsonWebKey; | 17 | import org.jose4j.jwk.RsaJsonWebKey; |
| 20 | import org.jose4j.jwk.RsaJwkGenerator; | 18 | import org.jose4j.jwk.RsaJwkGenerator; |
| 21 | -import static org.jose4j.jwk.RsaJwkGenerator.generateJwk; | ||
| 22 | import org.jose4j.jws.AlgorithmIdentifiers; | 19 | import org.jose4j.jws.AlgorithmIdentifiers; |
| 23 | -import static org.jose4j.jws.AlgorithmIdentifiers.HMAC_SHA512; | ||
| 24 | import org.jose4j.jws.JsonWebSignature; | 20 | import org.jose4j.jws.JsonWebSignature; |
| 25 | import org.jose4j.jwt.JwtClaims; | 21 | import org.jose4j.jwt.JwtClaims; |
| 26 | import org.jose4j.jwt.consumer.InvalidJwtException; | 22 | import org.jose4j.jwt.consumer.InvalidJwtException; |
| @@ -51,7 +47,7 @@ public class TokensManagerImpl implements TokensManager { | @@ -51,7 +47,7 @@ public class TokensManagerImpl implements TokensManager { | ||
| 51 | 47 | ||
| 52 | public TokensManagerImpl() throws JoseException { | 48 | public TokensManagerImpl() throws JoseException { |
| 53 | if (rsaJsonWebKey == null) { | 49 | if (rsaJsonWebKey == null) { |
| 54 | - rsaJsonWebKey = (RsaJsonWebKey) newPublicJwk(generateJwk(2048).getKey()); | 50 | + rsaJsonWebKey = (RsaJsonWebKey) RsaJsonWebKey.Factory.newPublicJwk(RsaJwkGenerator.generateJwk(2048).getKey()); |
| 55 | rsaJsonWebKey.setKeyId("demoiselle-security-jwt"); | 51 | rsaJsonWebKey.setKeyId("demoiselle-security-jwt"); |
| 56 | } | 52 | } |
| 57 | } | 53 | } |
| @@ -108,7 +104,7 @@ public class TokensManagerImpl implements TokensManager { | @@ -108,7 +104,7 @@ public class TokensManagerImpl implements TokensManager { | ||
| 108 | jws.setPayload(claims.toJson()); | 104 | jws.setPayload(claims.toJson()); |
| 109 | jws.setKey(rsaJsonWebKey.getKey()); | 105 | jws.setKey(rsaJsonWebKey.getKey()); |
| 110 | jws.setKeyIdHeaderValue(rsaJsonWebKey.getKeyId()); | 106 | jws.setKeyIdHeaderValue(rsaJsonWebKey.getKeyId()); |
| 111 | - jws.setAlgorithmHeaderValue(HMAC_SHA512); | 107 | + jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.HMAC_SHA512); |
| 112 | token.setKey(jws.getCompactSerialization()); | 108 | token.setKey(jws.getCompactSerialization()); |
| 113 | token.setType("JWT"); | 109 | token.setType("JWT"); |
| 114 | } catch (JoseException ex) { | 110 | } catch (JoseException ex) { |
| @@ -120,7 +116,7 @@ public class TokensManagerImpl implements TokensManager { | @@ -120,7 +116,7 @@ public class TokensManagerImpl implements TokensManager { | ||
| 120 | 116 | ||
| 121 | @Override | 117 | @Override |
| 122 | public boolean validate() { | 118 | public boolean validate() { |
| 123 | - return getUser() != null && getUser().getId() != null; | 119 | + return getUser() != null; |
| 124 | } | 120 | } |
| 125 | 121 | ||
| 126 | } | 122 | } |
demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/DemoisellePrincipalImpl.java
| @@ -11,8 +11,6 @@ import java.util.Map; | @@ -11,8 +11,6 @@ import java.util.Map; | ||
| 11 | import java.util.Objects; | 11 | import java.util.Objects; |
| 12 | import java.util.logging.Level; | 12 | import java.util.logging.Level; |
| 13 | import java.util.logging.Logger; | 13 | import java.util.logging.Logger; |
| 14 | -import javax.enterprise.context.ApplicationScoped; | ||
| 15 | -import javax.enterprise.context.Dependent; | ||
| 16 | import javax.enterprise.context.RequestScoped; | 14 | import javax.enterprise.context.RequestScoped; |
| 17 | import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; | 15 | import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; |
| 18 | 16 |
demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java
| @@ -6,8 +6,6 @@ | @@ -6,8 +6,6 @@ | ||
| 6 | */ | 6 | */ |
| 7 | package org.demoiselle.jee.security.impl; | 7 | package org.demoiselle.jee.security.impl; |
| 8 | 8 | ||
| 9 | -import javax.enterprise.context.ApplicationScoped; | ||
| 10 | -import javax.enterprise.context.Dependent; | ||
| 11 | import javax.enterprise.context.RequestScoped; | 9 | import javax.enterprise.context.RequestScoped; |
| 12 | import javax.inject.Inject; | 10 | import javax.inject.Inject; |
| 13 | import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; | 11 | import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; |
demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java
| @@ -14,12 +14,9 @@ import java.io.Serializable; | @@ -14,12 +14,9 @@ import java.io.Serializable; | ||
| 14 | import java.util.logging.Logger; | 14 | import java.util.logging.Logger; |
| 15 | import javax.inject.Inject; | 15 | import javax.inject.Inject; |
| 16 | import static javax.interceptor.Interceptor.Priority.APPLICATION; | 16 | import static javax.interceptor.Interceptor.Priority.APPLICATION; |
| 17 | -import javax.ws.rs.core.Response; | ||
| 18 | import static javax.ws.rs.core.Response.Status.UNAUTHORIZED; | 17 | import static javax.ws.rs.core.Response.Status.UNAUTHORIZED; |
| 19 | import org.demoiselle.jee.core.annotation.Name; | 18 | import org.demoiselle.jee.core.annotation.Name; |
| 20 | import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; | 19 | import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; |
| 21 | -import org.demoiselle.jee.core.util.ResourceBundle; | ||
| 22 | -import org.demoiselle.jee.core.util.Strings; | ||
| 23 | import org.demoiselle.jee.security.annotation.RequiredPermission; | 20 | import org.demoiselle.jee.security.annotation.RequiredPermission; |
| 24 | import org.demoiselle.jee.core.interfaces.security.SecurityContext; | 21 | import org.demoiselle.jee.core.interfaces.security.SecurityContext; |
| 25 | import static org.demoiselle.jee.core.util.Strings.isEmpty; | 22 | import static org.demoiselle.jee.core.util.Strings.isEmpty; |