JCH
Java Community | Help. Code. Learn.•6mo ago
Timo

secure my auth with being able to acces swagger

// @Override // protected boolean shouldNotFilter(HttpServletRequest request) { // return PUBLIC_URLS.stream().anyMatch(m -> m.matches(request)); // } @Override protected boolean shouldNotFilter(HttpServletRequest request) { return true; }
13 Replies
JavaBot
JavaBot•6mo ago
⌛ This post has been reserved for your question.
Hey @Timo! Please use /close or the Close Post button above when your problem is solved. Please remember to follow the help guidelines. This post will be automatically marked as dormant after 300 minutes of inactivity.
TIP: Narrow down your issue to simple and precise questions to maximize the chance that others will reply in here.
JavaBot
JavaBot•6mo ago
Please format your code to make it more readable. For java, it should look like this: 
​`​`​`​java
public void foo() {
 
}
​`​`​`​
​`​`​`​java
public void foo() {
 
}
​`​`​`​
Timo
TimoOP•6mo ago
don t want that and don t wanna enter pws
Dexter
Dexter•6mo ago
@Component 
public class JWTFilter extends OncePerRequestFilter {
    private static final String BEARER_PREFIX = "Bearer ";

    private final UserRepository userRepository;
    private final UserService userService;
    private final JWTUtil jwtTokenUtil;

    private static final List<RequestMatcher> PUBLIC_URLS =
            Arrays.stream(SecurityConfig.PUBLIC_URL_PATTERNS)
                    .map(p -> (RequestMatcher) new AntPathRequestMatcher(p))
                    .toList();

    @Autowired
    public JWTFilter(
            UserService userService,
            JWTUtil jwtTokenUtil,
            UserRepository userRepository
    ) {
        this.userService = userService;
        this.jwtTokenUtil = jwtTokenUtil;
        this.userRepository = userRepository;
    }




    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException  {
        final Optional<String> authHeader = Optional.ofNullable(request.getHeader("Authorization"));

        if(authHeader.isPresent()) {
            authHeader
                    .map(header -> header.substring(BEARER_PREFIX.length()))
                    .map(jwtTokenUtil::validateTokenAndRetrieveSubject)
                    .map(email -> userRepository
                            .findByEmail(email)
                            .orElseThrow(() -> new IllegalArgumentException("Invalid bearer token")))
                    .ifPresent(user -> {
                        UserDetails userDetails = userService.loadUserByUsername(user.getEmail());
                        UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(user, userDetails.getPassword(), userDetails.getAuthorities());
                        SecurityContextHolder.getContext().setAuthentication(authToken);
                    });
        }
        filterChain.doFilter(request, response);
    }
} 
public class JWTFilter extends OncePerRequestFilter {
    private static final String BEARER_PREFIX = "Bearer ";

    private final UserRepository userRepository;
    private final UserService userService;
    private final JWTUtil jwtTokenUtil;

    private static final List<RequestMatcher> PUBLIC_URLS =
            Arrays.stream(SecurityConfig.PUBLIC_URL_PATTERNS)
                    .map(p -> (RequestMatcher) new AntPathRequestMatcher(p))
                    .toList();

    @Autowired
    public JWTFilter(
            UserService userService,
            JWTUtil jwtTokenUtil,
            UserRepository userRepository
    ) {
        this.userService = userService;
        this.jwtTokenUtil = jwtTokenUtil;
        this.userRepository = userRepository;
    }




    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException  {
        final Optional<String> authHeader = Optional.ofNullable(request.getHeader("Authorization"));

        if(authHeader.isPresent()) {
            authHeader
                    .map(header -> header.substring(BEARER_PREFIX.length()))
                    .map(jwtTokenUtil::validateTokenAndRetrieveSubject)
                    .map(email -> userRepository
                            .findByEmail(email)
                            .orElseThrow(() -> new IllegalArgumentException("Invalid bearer token")))
                    .ifPresent(user -> {
                        UserDetails userDetails = userService.loadUserByUsername(user.getEmail());
                        UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(user, userDetails.getPassword(), userDetails.getAuthorities());
                        SecurityContextHolder.getContext().setAuthentication(authToken);
                    });
        }
        filterChain.doFilter(request, response);
    }
}
This message has been formatted automatically. You can disable this using /preferences.
Timo
TimoOP•6mo ago
JavaBot
JavaBot•6mo ago
💤 Post marked as dormant
This post has been inactive for over 300 minutes, thus, it has been archived. If your question was not answered yet, feel free to re-open this post or create a new one. In case your post is not getting any attention, you can try to use /help ping. Warning: abusing this will result in moderative actions taken against you.
Timo
TimoOP•6mo ago
:thonk:
ayylmao123xdd
ayylmao123xdd•6mo ago
    @Override
    protected boolean shouldNotFilter(HttpServletRequest request) {
        PUBLIC_URLS.forEach(m -> {
    System.out.println("url " + m.getPattern() + " request " + request.getRequestURI());
});
        return true;
    }
    @Override
    protected boolean shouldNotFilter(HttpServletRequest request) {
        PUBLIC_URLS.forEach(m -> {
    System.out.println("url " + m.getPattern() + " request " + request.getRequestURI());
});
        return true;
    }
try this i wanna see what it prints
Timo
TimoOP•6mo ago
Will check when ik home going to work rn
JavaBot
JavaBot•6mo ago
💤 Post marked as dormant
This post has been inactive for over 300 minutes, thus, it has been archived. If your question was not answered yet, feel free to re-open this post or create a new one. In case your post is not getting any attention, you can try to use /help ping. Warning: abusing this will result in moderative actions taken against you.
Timo
TimoOP•6mo ago
Thank you
JavaBot
JavaBot•6mo ago
If you are finished with your post, please close it. If you are not, please ignore this message. Note that you will not be able to send further messages here after this post have been closed but you will be able to create new posts.
JavaBot
JavaBot•6mo ago
Post Closed
This post has been closed by <@591288621345275915>.

Did you find this page helpful?