v4l3n71n/covas-quarkus
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

100% work for getSingleUser INfo

Browse Source
This commit is contained in:
Valentin CZERYBA 2022-05-15 15:11:09 +02:00
parent 950b880d66
commit a312ae4289
3 changed files with 50 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/main/java/com/covas/Json/UserSingle.java Normal file
View File

@ -0,0 +1,21 @@
package com.covas.Json;
import java.time.LocalDate;
import io.quarkus.runtime.annotations.RegisterForReflection;
@RegisterForReflection
public class UserSingle {
public final String name;
public final String pseudo;
public final String firstname;
public UserSingle(String name, String pseudo, String firstname){
this.name = name;
this.pseudo = pseudo;
this.firstname = firstname;
}
}

3
src/main/java/com/covas/Resources/TokenRessource.java
View File

@ -2,9 +2,6 @@ package com.covas.Resources;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.time.Duration; import java.time.Duration;
import java.util.Arrays;
import java.util.HashSet;
import javax.inject.Inject; import javax.inject.Inject;
import javax.ws.rs.CookieParam; import javax.ws.rs.CookieParam;

34
src/main/java/com/covas/Resources/UsersRessources.java
View File

@ -1,24 +1,38 @@
package com.covas.Resources; package com.covas.Resources;
import java.nio.charset.StandardCharsets;
import java.util.UUID; import java.util.UUID;
import javax.annotation.security.RolesAllowed; import javax.annotation.security.RolesAllowed;
import javax.inject.Inject;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.CookieParam;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.Path; import javax.ws.rs.Path;
import javax.ws.rs.PathParam; import javax.ws.rs.PathParam;
import javax.ws.rs.Produces; import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import com.covas.Entity.UsersEntity; import com.covas.Entity.UsersEntity;
import com.covas.Json.UserSingle;
import org.eclipse.microprofile.jwt.Claims;
import org.eclipse.microprofile.jwt.JsonWebToken;
import org.jboss.logging.Logger; import org.jboss.logging.Logger;
import org.postgresql.shaded.com.ongres.scram.common.bouncycastle.base64.Base64;
import io.quarkus.hibernate.orm.panache.PanacheQuery;
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@Path("users") @Path("users")
public class UsersRessources { public class UsersRessources {
private static final Logger LOGGER = Logger.getLogger(UsersRessources.class); private static final Logger LOGGER = Logger.getLogger(UsersRessources.class);
@Inject
JsonWebToken jwt;
@GET @GET
@RolesAllowed("Admin") @RolesAllowed("Admin")
public Response getUsers(){ public Response getUsers(){
@ -40,9 +54,19 @@ public class UsersRessources {
@GET @GET
@RolesAllowed("User") @RolesAllowed("User")
@Path("info") @Path("info")
public Response getInfoUser(){ public Response getInfoUser(@Context SecurityContext ctx, @CookieParam("user") String userCookie){
return Response.ok().build(); if(!ctx.getUserPrincipal().getName().equals(jwt.getName())){
} return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
}
UUID kid = UUID.fromString(jwt.getClaim(Claims.kid));
UsersEntity user = UsersEntity.findById(kid);
if (user == null){
return Response.status(Response.Status.NOT_FOUND).build();
}
String name = new String(Base64.decode(userCookie), StandardCharsets.UTF_8);
if(!name.equals(user.pseudo)){
return Response.status(Response.Status.FORBIDDEN).build();
}
return Response.ok(new UserSingle(user.name, user.pseudo, user.firstName)).build();
}
} }