VKR-QR-codes/qr-access-api
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: VKR-QR-codes:1549abfac4725420685f434f8108d1195b94e6bb
Branches Tags
VKR-QR-codes:main
..
compare: VKR-QR-codes:a5c570ec42f4eb856899520b62605971854544fd
Branches Tags
VKR-QR-codes:main

3 Commits
1549abfac4 ... a5c570ec42

Author SHA1 Message Date
kashiuno
a5c570ec42 Add logic to get unit_id from token sub claim 2025-01-08 09:58:59 +03:00
kashiuno
9d658cea12 Disable security debug 2025-01-08 09:17:20 +03:00
kashiuno
e3566ec66b Add authorization for endpoints 2025-01-08 09:17:04 +03:00
8 changed files with 42 additions and 10 deletions
Show Stats Expand all files Collapse all files

1
build.gradle.kts
View File

@ -34,6 +34,7 @@ dependencies {
testImplementation("org.springframework.security:spring-security-test") testImplementation("org.springframework.security:spring-security-test")
testImplementation("org.testcontainers:postgresql") testImplementation("org.testcontainers:postgresql")
testRuntimeOnly("org.junit.platform:junit-platform-launcher") testRuntimeOnly("org.junit.platform:junit-platform-launcher")
implementation("org.yaml:snakeyaml")
} }
kotlin { kotlin {

20
src/main/kotlin/ru/vyatsu/qr_access_api/config/SecurityConfig.kt Normal file
View File

@ -0,0 +1,20 @@
package ru.vyatsu.qr_access_api.config
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.security.config.Customizer
import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.web.SecurityFilterChain
@Configuration
@EnableWebSecurity
class SecurityConfig {
@Bean
fun defaultSecurityFilterChain(http: HttpSecurity): SecurityFilterChain {
return http.authorizeHttpRequests { it.anyRequest().authenticated() }
.oauth2ResourceServer { it.jwt(Customizer.withDefaults()) }
.build()
}
}

2
src/main/kotlin/ru/vyatsu/qr_access_api/controller/QrSyncController.kt
View File

@ -1,10 +1,12 @@
package ru.vyatsu.qr_access_api.controller package ru.vyatsu.qr_access_api.controller
import org.springframework.http.ResponseEntity import org.springframework.http.ResponseEntity
import org.springframework.web.bind.annotation.RestController
import ru.vyatsu.apis.QrApi import ru.vyatsu.apis.QrApi
import ru.vyatsu.models.QrCodesResponse import ru.vyatsu.models.QrCodesResponse
import ru.vyatsu.qr_access_api.service.QrSyncService import ru.vyatsu.qr_access_api.service.QrSyncService
@RestController
class QrSyncController(val syncService: QrSyncService) : QrApi { class QrSyncController(val syncService: QrSyncService) : QrApi {
override fun getQrCodes(): ResponseEntity<QrCodesResponse> = override fun getQrCodes(): ResponseEntity<QrCodesResponse> =

4
src/main/kotlin/ru/vyatsu/qr_access_api/repository/QrRepository.kt
View File

@ -9,8 +9,8 @@ import java.util.*
private const val GET_ACTUAL_QRS_BY_UNIT_ID = """ private const val GET_ACTUAL_QRS_BY_UNIT_ID = """
SELECT q.start_date_time, q.end_date_time, q.door_id, q.key_code FROM qrs q SELECT q.start_date_time, q.end_date_time, q.door_id, q.key_code FROM qrs q
JOIN doors d ON (d.id = q.door_id) JOIN doors d ON (d.id = q.door_id)
JOIN oauth2_registered_client c ON (c.id = d.unit_id) JOIN oauth2_registered_client c ON (c.client_id = d.unit_id)
WHERE c.id = ? AND q.start_date_time <= CURRENT_TIMESTAMP AND q.end_date_time >= CURRENT_TIMESTAMP WHERE c.client_id = ? AND q.start_date_time <= CURRENT_TIMESTAMP AND q.end_date_time >= CURRENT_TIMESTAMP
""" """
@Repository @Repository

6
src/main/kotlin/ru/vyatsu/qr_access_api/service/QrSyncService.kt
View File

@ -1,5 +1,6 @@
package ru.vyatsu.qr_access_api.service package ru.vyatsu.qr_access_api.service
import org.springframework.security.core.context.SecurityContextHolder
import org.springframework.stereotype.Service import org.springframework.stereotype.Service
import ru.vyatsu.models.QrCode import ru.vyatsu.models.QrCode
import ru.vyatsu.qr_access_api.repository.QrRepository import ru.vyatsu.qr_access_api.repository.QrRepository
@ -7,8 +8,7 @@ import ru.vyatsu.qr_access_api.repository.QrRepository
@Service @Service
class QrSyncService(val qrRepository: QrRepository) { class QrSyncService(val qrRepository: QrRepository) {
fun getQrCodes(): List<QrCode> { fun getQrCodes(): List<QrCode> {
// TODO: Тут логика с извлечением клайма из jwt в котором идентификатор клиента лежит val sc = SecurityContextHolder.getContext()
val extractedUnitId = "945c8621-9adc-4a49-bc56-10253d27c581" return qrRepository.getActualQrCodesByUnitId(sc.authentication.name)
return qrRepository.getActualQrCodesByUnitId(extractedUnitId)
} }
} }

4
src/main/resources/application.properties
View File

@ -1,4 +0,0 @@
spring.application.name=qr-access-api
spring.datasource.url=jdbc:postgresql://localhost:5432/qr_access
spring.datasource.username=qr_access_user
spring.datasource.password=123

12
src/main/resources/application.yaml Normal file
View File

@ -0,0 +1,12 @@
spring:
application:
name: qr-access-api
datasource:
url: jdbc:postgresql://localhost:5432/qr_access
username: qr_access_user
password: 123
security:
oauth2:
resourceserver:
jwt:
jwk-set-uri: http://localhost:8081/oauth2/jwks

3
src/main/resources/db/changelog/1.0.0/changelog.yml
View File

@ -16,6 +16,7 @@ databaseChangeLog:
- column: - column:
constraints: constraints:
nullable: false nullable: false
unique: true
name: client_id name: client_id
type: VARCHAR(100) type: VARCHAR(100)
- column: - column:
@ -119,5 +120,5 @@ databaseChangeLog:
baseColumnNames: unit_id baseColumnNames: unit_id
baseTableName: doors baseTableName: doors
constraintName: FK_unit_door constraintName: FK_unit_door
referencedColumnNames: id referencedColumnNames: client_id
referencedTableName: oauth2_registered_client referencedTableName: oauth2_registered_client