From 0b4bb54ba6e6c03c58636debaead158fd84d6333 Mon Sep 17 00:00:00 2001 From: Valentin CZERYBA Date: Sat, 23 Apr 2022 10:52:27 +0200 Subject: [PATCH] Password WIP --- pom.xml | 4 ++ .../ApplicationLifeCycle.java | 36 ++------------- .../java/com/covas/Entity/UsersEntity.java | 44 ++++++++++++++++--- src/main/java/com/covas/Enums/Roles.java | 9 ---- src/main/java/com/covas/Json/Jwt2.java | 11 ++++- .../com/covas/Resources/TokenRessource.java | 17 ++++--- src/main/resources/application.properties | 3 +- 7 files changed, 69 insertions(+), 55 deletions(-) delete mode 100644 src/main/java/com/covas/Enums/Roles.java diff --git a/pom.xml b/pom.xml index 6c9dbf3..b188d1d 100644 --- a/pom.xml +++ b/pom.xml @@ -56,6 +56,10 @@ io.quarkus quarkus-hibernate-orm-panache + + io.quarkus + quarkus-security-jpa + io.quarkus quarkus-junit5 diff --git a/src/main/java/com/covas/ApplicationScoped/ApplicationLifeCycle.java b/src/main/java/com/covas/ApplicationScoped/ApplicationLifeCycle.java index 54df434..7e7be39 100644 --- a/src/main/java/com/covas/ApplicationScoped/ApplicationLifeCycle.java +++ b/src/main/java/com/covas/ApplicationScoped/ApplicationLifeCycle.java @@ -14,9 +14,7 @@ import javax.enterprise.event.Observes; import javax.inject.Inject; import javax.transaction.Transactional; -import com.covas.Classes.Hash; import com.covas.Entity.UsersEntity; -import com.covas.Enums.Roles; import org.eclipse.microprofile.config.inject.ConfigProperty; @@ -33,37 +31,9 @@ public class ApplicationLifeCycle { void onStart(@Observes StartupEvent ev) { LOGGER.info("The application has started"); if (schemaCreate){ - UsersEntity users = new UsersEntity(); - UsersEntity users2 = new UsersEntity(); - Hash hash = new Hash(); - if(users.findByPseudo("Peter") == null){ - users.pseudo = "Peter"; - users.email = "peter@email.com"; - users.name = "Toto"; - users.firstName = "Peter"; - users.birth = LocalDate.of(1993, Month.FEBRUARY, 23); - users.status = true; - users.password = hash.encryptSHA512("toto"); - users.roles = Roles.User; - users.persist(); - LOGGER.info("Peter test was created"); - } else { - LOGGER.info("Peter's user test wasn't created"); - } - if(users2.findByPseudo("Robert") == null){ - users2.pseudo = "Robert"; - users2.email = "robert@email.com"; - users2.name = "Toto"; - users2.firstName = "Peter"; - users2.birth = LocalDate.of(1993, Month.FEBRUARY, 23); - users2.status = true; - users2.password = hash.encryptSHA512("toto"); - users2.roles = Roles.Admin; - users2.persist(); - LOGGER.info("Robert test was created"); - } else { - LOGGER.info("Robert's user test wasn't created"); - } + UsersEntity.deleteAll(); + UsersEntity.add("robert80", "robert80@gmail.com", "titi", "robert", LocalDate.of(1990, Month.JANUARY, 23), "toto", "User"); + UsersEntity.add("peter93", "peter93gmail.com", "yollo", "peter", LocalDate.of(1993, Month.FEBRUARY, 26), "toto", "Admin"); } else { LOGGER.info("DB init wassn't created"); } diff --git a/src/main/java/com/covas/Entity/UsersEntity.java b/src/main/java/com/covas/Entity/UsersEntity.java index 3f01c85..2735072 100644 --- a/src/main/java/com/covas/Entity/UsersEntity.java +++ b/src/main/java/com/covas/Entity/UsersEntity.java @@ -5,17 +5,26 @@ import java.time.LocalDate; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.Table; - -import com.covas.Enums.Roles; +import javax.xml.bind.DatatypeConverter; import org.hibernate.annotations.ColumnDefault; +import org.wildfly.security.password.interfaces.SimpleDigestPassword; +import io.quarkus.elytron.security.common.BcryptUtil; import io.quarkus.hibernate.orm.panache.PanacheEntity; +import io.quarkus.security.jpa.UserDefinition; +import io.quarkus.security.jpa.Username; +import io.quarkus.security.jpa.Password; +import io.quarkus.security.jpa.PasswordProvider; +import io.quarkus.security.jpa.PasswordType; +import io.quarkus.security.jpa.Roles; @Entity @Table(name = "users") +@UserDefinition public class UsersEntity extends PanacheEntity { - + + @Username @Column(nullable = false, unique = true) public String pseudo; @Column(nullable = false, unique = true) @@ -28,13 +37,36 @@ public class UsersEntity extends PanacheEntity { public LocalDate birth; @ColumnDefault("false") public Boolean status; + @Password(value = PasswordType.CUSTOM, provider = CustomPasswordProvider.class) @Column(nullable = false) public String password; - - public Roles roles; + @Roles + public String roles; public static UsersEntity findByPseudo(String pseudo){ return find("pseudo", pseudo).firstResult(); } - + + public static void add(String pseudo, String email, String name, String firstName, LocalDate birth, String password, String roles){ + UsersEntity users = new UsersEntity(); + users.pseudo = pseudo; + users.email = email; + users.name = name; + users.firstName = firstName; + users.birth = birth; + users.status = false; + users.password = BcryptUtil.bcryptHash(password); + users.roles = roles; + users.persist(); + } +} + +public class CustomPasswordProvider implements PasswordProvider { + + @Override + public org.wildfly.security.password.Password getPassword(String pass) { + byte[] digest = DatatypeConverter.parseHexBinary(pass); + return SimpleDigestPassword.createRaw(SimpleDigestPassword.ALGORITHM_SIMPLE_DIGEST_SHA_256, digest); + } + } diff --git a/src/main/java/com/covas/Enums/Roles.java b/src/main/java/com/covas/Enums/Roles.java deleted file mode 100644 index 8185ec4..0000000 --- a/src/main/java/com/covas/Enums/Roles.java +++ /dev/null @@ -1,9 +0,0 @@ -package com.covas; - -public enum Roles { - User, - Admin; - Roles(){ - - } -} \ No newline at end of file diff --git a/src/main/java/com/covas/Json/Jwt2.java b/src/main/java/com/covas/Json/Jwt2.java index d20a02d..ac6fbd9 100644 --- a/src/main/java/com/covas/Json/Jwt2.java +++ b/src/main/java/com/covas/Json/Jwt2.java @@ -8,6 +8,7 @@ public class Jwt2 { public String name; public Boolean status; public String message; + public String password; public Jwt2(){ name = ""; @@ -21,10 +22,18 @@ public class Jwt2 { message = ""; } - public Jwt2(String name, String message){ + public Jwt2(String name, String password){ + this.name = name; + status = true; + this.password = password; + message = ""; + } + + public Jwt2(String name, String password, String message){ this.name = name; this.message = message; status = true; + this.password = password; } public Jwt2(String name, Boolean status, String message){ diff --git a/src/main/java/com/covas/Resources/TokenRessource.java b/src/main/java/com/covas/Resources/TokenRessource.java index 84acce6..b9bb5c6 100644 --- a/src/main/java/com/covas/Resources/TokenRessource.java +++ b/src/main/java/com/covas/Resources/TokenRessource.java @@ -38,25 +38,32 @@ public class TokenRessource { @GET @Path("authentificate") + @RolesAllowed("User") @Produces(MediaType.APPLICATION_JSON) - public Response getUserName(@CookieParam("jwt") String jwtCookie) { - if (jwtCookie == null) { + public Response getUserName(@Context SecurityContext ctx, @CookieParam("jwt") String jwtCookie) { + String name = "anonymous"; + String hash = ""; + if(ctx.getUserPrincipal() != null){ + name = ctx.getUserPrincipal().getName(); + hash = ctx.getUserPrincipal().toString(); + } + if (jwtCookie == null) { // Create a JWT token signed using the 'HS256' algorithm String newJwtCookie = Jwt.issuer("https://example.com/issuer").upn("Alice").groups(new HashSet<>(Arrays.asList("User"))).sign(); // or create a JWT token encrypted using the 'A256KW' algorithm // Jwt.upn("alice").encryptWithSecret(secret); - return Response.status(Response.Status.CREATED).entity(new Jwt2("Alice")).cookie(new NewCookie("jwt", newJwtCookie)).build(); + return Response.status(Response.Status.CREATED).entity(new Jwt2(name, hash)).cookie(new NewCookie("jwt", newJwtCookie)).build(); } else { // All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized. try { jwt = parser.parse(jwtCookie); } catch(ParseException p){ - return Response.status(Response.Status.NOT_ACCEPTABLE).entity(new Jwt2("Alice", false, p.getMessage())).build(); + return Response.status(Response.Status.NOT_ACCEPTABLE).entity(new Jwt2(name, false, p.getMessage())).build(); } // or jwt = parser.decrypt(jwtCookie, secret); - return Response.status(Response.Status.OK).entity(new Jwt2(jwt.getName())).build(); + return Response.status(Response.Status.OK).entity(new Jwt2(jwt.getName(),hash)).build(); } } diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 8e2db47..cf310af 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -12,4 +12,5 @@ quarkus.datasource.jdbc.url = jdbc:postgresql://localhost:5432/toto # drop and create the database at startup (use `update` to only update the schema) quarkus.hibernate-orm.database.generation = drop-and-create -covas.schema.create = true \ No newline at end of file +covas.schema.create = true +