Spring Boot JWT无法授权Rest API
[英]Spring boot JWT cannot authorized rest api
问题描述
I am trying to implement JWT on my Spring Boot 2 project. 
我正在尝试在我的Spring Boot 2项目上实现JWT。
my reference link https://www.callicoder.com/spring-boot-spring-security-jwt-mysql-react-app-part-2/ 我的参考链接https://www.callicoder.com/spring-boot-spring-security-jwt-mysql-react-app-part-2/
My Securityconfig file is 我的Securityconfig文件是
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(
prePostEnabled=true,
jsr250Enabled = true,
securedEnabled = true
)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private Environment env;
@Autowired
private UserSecurityService userSecurityService;
@Autowired
private JwtAuthenticationEntryPoint unauthorizedHandler;
@Bean
public JwtAuthenticationFilter jwtAuthenticationFilter() {
return new JwtAuthenticationFilter();
}
private BCryptPasswordEncoder passwordEncoder() {
return SecurityUtils.passwordEncoder();
}
@Autowired
private SecurityHandler securityHandler;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
/* antMatchers("/**").*/
.antMatchers(PUBLIC_MATCHERS).
permitAll().anyRequest().authenticated();
http
.cors()
.and()
.csrf()
.disable()
.exceptionHandling()
.authenticationEntryPoint(unauthorizedHandler)
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers("/",
"/favicon.ico",
"/**/*.png",
"/**/*.gif",
"/**/*.svg",
"/**/*.jpg",
"/**/*.html",
"/**/*.css",
"/**/*.js","/login",
"/api/auth/signin")
.permitAll()
.antMatchers("/api/auth/**")
.permitAll()
.antMatchers("/api/user/checkUsernameAvailability", "/api/user/checkEmailAvailability")
.permitAll()
.antMatchers(HttpMethod.GET, "/api/polls/**", "/api/users/**")
.permitAll()
.anyRequest()
.authenticated();
// Add our custom JWT security filter
http.addFilterBefore(jwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userSecurityService).passwordEncoder(passwordEncoder());
}
@Bean(BeanIds.AUTHENTICATION_MANAGER)
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
public void configure(WebSecurity web) throws Exception{
web.ignoring()
.antMatchers("/api/updateCardStatus","/api/login","*/uploads/***","/api/getUsersDetail","/api/getStudentDetails","/api/getAccountLoad","/api/issueDirectives","/api/changePassword","/api/cardActivation","/api/CustomerAccountCardDetails","/api/accountLoad","/api/updateConsumersProfile","/api/verifyCvv"
,"/api/updatePrepaidCardStatus","/api/getStatementData");
}
}
My User class 我的用户班
@Entity
public class User {
private static final long serialVersionUID = 1L;
@Id
@GeneratedValue(strategy=GenerationType.AUTO)
@Column(name="id", nullable = false, updatable = false)
private Long id;
private String username;
private String password;
private String userType;
private boolean enabled=true;
@OneToOne(mappedBy = "user")
private BankUserDetails bankUserDetails;
@OneToOne(mappedBy = "user")
private SctUserDetails sctUserDetails;
@OneToMany(mappedBy = "user", cascade = CascadeType.ALL, fetch = FetchType.EAGER)
@JsonIgnore
private List<UserRole> userRoles = new ArrayList<>();
}
UserRole.java UserRole.java
@Entity
@Table(name="user_role")
public class UserRole {
@Id
@GeneratedValue(strategy=GenerationType.AUTO)
private Long userRoleId;
@ManyToOne(fetch = FetchType.EAGER)
@JoinColumn(name="user_id")
private User user;
@ManyToOne(fetch = FetchType.EAGER)
@JoinColumn(name="role_id")
private Role role;
}
Role.java 角色.java
@Entity
public class Role {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private int roleId;
private String name;
@OneToMany(mappedBy = "role", cascade=CascadeType.ALL, fetch=FetchType.LAZY)
private List<UserRole> userRoles = new ArrayList<>();
public int getRoleId() {
return roleId;
}
public void setRoleId(int roleId) {
this.roleId = roleId;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public List<UserRole> getUserRoles() {
return userRoles;
}
public void setUserRoles(List<UserRole> userRoles) {
this.userRoles = userRoles;
}
}
UserPrincipal.java UserPrincipal.java
public class UserPrincipal implements UserDetails {
private Long id;
private String username;
private String password;
private String userType;
private boolean enabled=true;
@JsonIgnore
private static List<UserRole> userRoles = new ArrayList<>();
private Collection<? extends GrantedAuthority> authorities;
public UserPrincipal(Long id, String username, String password, Collection<? extends GrantedAuthority> authorities) {
this.id = id;
this.username = username;
this.password = password;
this.authorities = authorities;
}
public static UserPrincipal create(User user) {
/* List<GrantedAuthority> authorities = user.getRoles().stream().map(role ->
new SimpleGrantedAuthority(role.getName().name())
).collect(Collectors.toList());*/
List<GrantedAuthority> authorites = new ArrayList<>();
userRoles.forEach(ur -> authorites.add(new Authority(ur.getRole().getName())));
return new UserPrincipal(
user.getId(),
user.getUsername(),
user.getPassword(),
authorites
);
}
public Long getId() {
return id;
}
@Override
public String getUsername() {
return username;
}
@Override
public String getPassword() {
return password;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return authorities;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
UserPrincipal that = (UserPrincipal) o;
return Objects.equals(id, that.id);
}
@Override
public int hashCode() {
return Objects.hash(id);
}
}
now when i try to call http://localhost:5060/token/generate-token from postman i get the response 现在,当我尝试从邮递员致电http://localhost:5060/token/generate-token ,我得到了响应
{
"timestamp": "2018-09-05T09:15:09.797+0000",
"status": 401,
"error": "Unauthorized",
"message": "Sorry, You're not authorized to access this resource.",
"path": "/token/generate-token"
}
now i think this is because i am unable to get thre required authorities. 现在我认为这是因为我无法获得所需的权威。
since my entities are different than the entities given in the example i guess i am unable to acquire the fully authenticated user object. 由于我的实体与示例中给出的实体不同,我想我无法获取经过完全认证的用户对象。 i might be wrong but can someone help me point out the exact problem ? 我可能是错的,但是有人可以帮助我指出确切的问题吗?
1 个解决方案
解决方案1
0 2018-09-18 03:05:09
You have to do three main steps to test this sample. 您必须执行三个主要步骤来测试此样本。 First of all you have to insert some roles in role table. 首先,您必须在角色表中插入一些角色。 After that you have to register a user to the application. 之后,您必须向该应用程序注册用户。 Finally you can signin. 最后,您可以登录了。
This messages means you didn't register this user. 此消息表示您没有注册该用户。
This sample is little complicate because some different things present together, you can find the simple example for this in this URL: 该示例非常复杂,因为同时存在一些不同的事物,您可以在以下URL中找到有关此示例的简单示例:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.