Ya estoy inscrito ¿Todavía no tienes acceso? Nuestros Planes
Ya estoy inscrito ¿Todavía no tienes acceso? Nuestros Planes
0
respuestas

Haga lo que hicimos: Autorización de requests

////

@Component
public class SecurityFilter extends OncePerRequestFilter {

private static final Logger logger = LoggerFactory.getLogger(SecurityFilter.class);
private static final String BEARER_PREFIX = "Bearer ";

@Autowired
private UsuarioRepository repository;

@Autowired
private TokenService tokenService;

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
    try {
        var tokenJWT = recuperarToken(request);
        if (tokenJWT != null) {
            var subject = tokenService.getSubject(tokenJWT);
            var usuario = repository.findByLogin(subject);

            if (usuario == null) {
                logger.warn("No se encontro usuario para el subject JWT '{}'.", subject);
                SecurityContextHolder.clearContext();
            } else {
                var authentication = new UsernamePasswordAuthenticationToken(usuario, null, usuario.getAuthorities());
                SecurityContextHolder.getContext().setAuthentication(authentication);
            }
        }
    } catch (RuntimeException exception) {
        SecurityContextHolder.clearContext();
        logger.warn("Error autenticando request {} {}: {}", request.getMethod(), request.getRequestURI(), exception.getMessage());
    }

    filterChain.doFilter(request, response);
}

private String recuperarToken(HttpServletRequest request) {
    var authorizationHeader = request.getHeader(HttpHeaders.AUTHORIZATION);
    if (!StringUtils.hasText(authorizationHeader)) {
        return null;
    }
    if (!authorizationHeader.regionMatches(true, 0, BEARER_PREFIX, 0, BEARER_PREFIX.length())) {
        return null;
    }

    var token = authorizationHeader.substring(BEARER_PREFIX.length()).trim();
    return StringUtils.hasText(token) ? token : null;
}

}

////