////
@Component
public class SecurityFilter extends OncePerRequestFilter {
private static final Logger logger = LoggerFactory.getLogger(SecurityFilter.class);
private static final String BEARER_PREFIX = "Bearer ";
@Autowired
private UsuarioRepository repository;
@Autowired
private TokenService tokenService;
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
try {
var tokenJWT = recuperarToken(request);
if (tokenJWT != null) {
var subject = tokenService.getSubject(tokenJWT);
var usuario = repository.findByLogin(subject);
if (usuario == null) {
logger.warn("No se encontro usuario para el subject JWT '{}'.", subject);
SecurityContextHolder.clearContext();
} else {
var authentication = new UsernamePasswordAuthenticationToken(usuario, null, usuario.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication);
}
}
} catch (RuntimeException exception) {
SecurityContextHolder.clearContext();
logger.warn("Error autenticando request {} {}: {}", request.getMethod(), request.getRequestURI(), exception.getMessage());
}
filterChain.doFilter(request, response);
}
private String recuperarToken(HttpServletRequest request) {
var authorizationHeader = request.getHeader(HttpHeaders.AUTHORIZATION);
if (!StringUtils.hasText(authorizationHeader)) {
return null;
}
if (!authorizationHeader.regionMatches(true, 0, BEARER_PREFIX, 0, BEARER_PREFIX.length())) {
return null;
}
var token = authorizationHeader.substring(BEARER_PREFIX.length()).trim();
return StringUtils.hasText(token) ? token : null;
}
}
////