remove google and oauth login
This commit is contained in:
@@ -1,7 +1,5 @@
|
||||
package com.krrishg.config;
|
||||
|
||||
import com.krrishg.service.OAuth2SuccessHandler;
|
||||
import com.krrishg.service.OAuth2UserService;
|
||||
import io.jsonwebtoken.Claims;
|
||||
import jakarta.servlet.FilterChain;
|
||||
import jakarta.servlet.ServletException;
|
||||
@@ -34,23 +32,12 @@ import java.util.UUID;
|
||||
public class SecurityConfig {
|
||||
|
||||
private final JwtConfig jwtConfig;
|
||||
private final OAuth2UserService oAuth2UserService;
|
||||
private final OAuth2SuccessHandler oAuth2SuccessHandler;
|
||||
|
||||
@Value("${indie.cors.allowed-origins:http://localhost:4200}")
|
||||
private String[] allowedOrigins;
|
||||
|
||||
@Value("${spring.security.oauth2.client.registration.google.client-id:}")
|
||||
private String googleClientId;
|
||||
|
||||
@Value("${spring.security.oauth2.client.registration.github.client-id:}")
|
||||
private String githubClientId;
|
||||
|
||||
public SecurityConfig(JwtConfig jwtConfig, OAuth2UserService oAuth2UserService,
|
||||
OAuth2SuccessHandler oAuth2SuccessHandler) {
|
||||
public SecurityConfig(JwtConfig jwtConfig) {
|
||||
this.jwtConfig = jwtConfig;
|
||||
this.oAuth2UserService = oAuth2UserService;
|
||||
this.oAuth2SuccessHandler = oAuth2SuccessHandler;
|
||||
}
|
||||
|
||||
@Bean
|
||||
@@ -72,25 +59,11 @@ public class SecurityConfig {
|
||||
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Forbidden"))
|
||||
);
|
||||
|
||||
if (isOAuth2Configured()) {
|
||||
http.oauth2Login(oauth2 -> oauth2
|
||||
.userInfoEndpoint(userInfo -> userInfo
|
||||
.userService(oAuth2UserService)
|
||||
)
|
||||
.successHandler(oAuth2SuccessHandler)
|
||||
);
|
||||
}
|
||||
|
||||
http.addFilterBefore(jwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
|
||||
|
||||
return http.build();
|
||||
}
|
||||
|
||||
private boolean isOAuth2Configured() {
|
||||
return (googleClientId != null && !googleClientId.isBlank())
|
||||
|| (githubClientId != null && !githubClientId.isBlank());
|
||||
}
|
||||
|
||||
@Bean
|
||||
public PasswordEncoder passwordEncoder() {
|
||||
return new BCryptPasswordEncoder();
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
package com.krrishg.dto;
|
||||
|
||||
import com.krrishg.model.AuthProvider;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
@@ -32,6 +31,5 @@ public class AuthResponse {
|
||||
private String email;
|
||||
private String name;
|
||||
private String avatarUrl;
|
||||
private AuthProvider provider;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
package com.krrishg.model;
|
||||
|
||||
public enum AuthProvider {
|
||||
LOCAL, GOOGLE, GITHUB, OPENID
|
||||
LOCAL
|
||||
}
|
||||
|
||||
@@ -35,13 +35,6 @@ public class User {
|
||||
@Column(name = "avatar_url")
|
||||
private String avatarUrl;
|
||||
|
||||
@Enumerated(EnumType.STRING)
|
||||
@Column(name = "provider", nullable = false)
|
||||
private AuthProvider provider;
|
||||
|
||||
@Column(name = "provider_id")
|
||||
private String providerId;
|
||||
|
||||
@Column(name = "email_verified")
|
||||
@Builder.Default
|
||||
private boolean emailVerified = false;
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
package com.krrishg.repository;
|
||||
|
||||
import com.krrishg.model.AuthProvider;
|
||||
import com.krrishg.model.User;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
|
||||
@@ -11,7 +10,5 @@ public interface UserRepository extends JpaRepository<User, UUID> {
|
||||
|
||||
Optional<User> findByEmail(String email);
|
||||
|
||||
Optional<User> findByProviderAndProviderId(AuthProvider provider, String providerId);
|
||||
|
||||
boolean existsByEmail(String email);
|
||||
}
|
||||
|
||||
@@ -5,7 +5,6 @@ import com.krrishg.dto.AuthResponse;
|
||||
import com.krrishg.dto.LoginRequest;
|
||||
import com.krrishg.dto.RefreshTokenRequest;
|
||||
import com.krrishg.dto.RegisterRequest;
|
||||
import com.krrishg.model.AuthProvider;
|
||||
import com.krrishg.model.User;
|
||||
import com.krrishg.repository.UserRepository;
|
||||
import io.jsonwebtoken.Claims;
|
||||
@@ -36,7 +35,6 @@ public class AuthService {
|
||||
.email(email)
|
||||
.password(passwordEncoder.encode(request.getPassword()))
|
||||
.name(request.getName())
|
||||
.provider(AuthProvider.LOCAL)
|
||||
.emailVerified(false)
|
||||
.build();
|
||||
|
||||
@@ -49,10 +47,6 @@ public class AuthService {
|
||||
User user = userRepository.findByEmail(email)
|
||||
.orElseThrow(() -> new IllegalArgumentException("Invalid email or password"));
|
||||
|
||||
if (user.getProvider() != AuthProvider.LOCAL) {
|
||||
throw new IllegalArgumentException("Please sign in with " + user.getProvider().name().toLowerCase());
|
||||
}
|
||||
|
||||
if (!passwordEncoder.matches(request.getPassword(), user.getPassword())) {
|
||||
throw new IllegalArgumentException("Invalid email or password");
|
||||
}
|
||||
@@ -83,7 +77,6 @@ public class AuthService {
|
||||
.email(user.getEmail())
|
||||
.name(user.getName())
|
||||
.avatarUrl(user.getAvatarUrl())
|
||||
.provider(user.getProvider())
|
||||
.build();
|
||||
|
||||
return AuthResponse.builder()
|
||||
|
||||
@@ -1,40 +0,0 @@
|
||||
package com.krrishg.service;
|
||||
|
||||
import com.krrishg.model.User;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.oauth2.core.user.OAuth2User;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
public class CustomOAuth2User implements OAuth2User {
|
||||
|
||||
private final User user;
|
||||
private final Map<String, Object> attributes;
|
||||
|
||||
public CustomOAuth2User(User user, Map<String, Object> attributes) {
|
||||
this.user = user;
|
||||
this.attributes = attributes;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Map<String, Object> getAttributes() {
|
||||
return attributes;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<? extends GrantedAuthority> getAuthorities() {
|
||||
return List.of(new SimpleGrantedAuthority("ROLE_USER"));
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return user.getId().toString();
|
||||
}
|
||||
|
||||
public User getUser() {
|
||||
return user;
|
||||
}
|
||||
}
|
||||
@@ -1,42 +0,0 @@
|
||||
package com.krrishg.service;
|
||||
|
||||
import com.krrishg.config.JwtConfig;
|
||||
import com.krrishg.model.User;
|
||||
import jakarta.servlet.ServletException;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
@Component
|
||||
public class OAuth2SuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
|
||||
|
||||
private final JwtConfig jwtConfig;
|
||||
|
||||
public OAuth2SuccessHandler(JwtConfig jwtConfig) {
|
||||
this.jwtConfig = jwtConfig;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void onAuthenticationSuccess(HttpServletRequest request,
|
||||
HttpServletResponse response,
|
||||
Authentication authentication) throws IOException, ServletException {
|
||||
if (authentication.getPrincipal() instanceof CustomOAuth2User oAuth2User) {
|
||||
User user = oAuth2User.getUser();
|
||||
|
||||
String accessToken = jwtConfig.generateAccessToken(user);
|
||||
String refreshToken = jwtConfig.generateRefreshToken(user);
|
||||
|
||||
String redirectUrl = "http://localhost:4200/oauth2/callback"
|
||||
+ "?accessToken=" + accessToken
|
||||
+ "&refreshToken=" + refreshToken;
|
||||
|
||||
getRedirectStrategy().sendRedirect(request, response, redirectUrl);
|
||||
} else {
|
||||
super.onAuthenticationSuccess(request, response, authentication);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,110 +0,0 @@
|
||||
package com.krrishg.service;
|
||||
|
||||
import com.krrishg.model.AuthProvider;
|
||||
import com.krrishg.model.User;
|
||||
import com.krrishg.repository.UserRepository;
|
||||
import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
|
||||
import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
|
||||
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
|
||||
import org.springframework.security.oauth2.core.user.OAuth2User;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.util.Optional;
|
||||
|
||||
@Service
|
||||
public class OAuth2UserService extends DefaultOAuth2UserService {
|
||||
|
||||
private final UserRepository userRepository;
|
||||
|
||||
public OAuth2UserService(UserRepository userRepository) {
|
||||
this.userRepository = userRepository;
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException {
|
||||
OAuth2User oAuth2User = super.loadUser(userRequest);
|
||||
|
||||
String registrationId = userRequest.getClientRegistration().getRegistrationId();
|
||||
AuthProvider provider = switch (registrationId) {
|
||||
case "google" -> AuthProvider.GOOGLE;
|
||||
case "github" -> AuthProvider.GITHUB;
|
||||
default -> AuthProvider.OPENID;
|
||||
};
|
||||
|
||||
String providerId = getProviderId(oAuth2User, provider);
|
||||
String email = getAttribute(oAuth2User, "email");
|
||||
if (email != null) {
|
||||
email = email.toLowerCase().strip();
|
||||
}
|
||||
String name = getAttribute(oAuth2User, "name");
|
||||
String avatarUrl = getAvatarUrl(oAuth2User, provider);
|
||||
|
||||
User user = findOrCreateUser(provider, providerId, email, name, avatarUrl);
|
||||
return new CustomOAuth2User(user, oAuth2User.getAttributes());
|
||||
}
|
||||
|
||||
String getProviderId(OAuth2User oAuth2User, AuthProvider provider) {
|
||||
return switch (provider) {
|
||||
case GOOGLE -> oAuth2User.getAttribute("sub");
|
||||
case GITHUB -> oAuth2User.getAttribute("id").toString();
|
||||
default -> oAuth2User.getName();
|
||||
};
|
||||
}
|
||||
|
||||
String getAttribute(OAuth2User oAuth2User, String key) {
|
||||
Object value = oAuth2User.getAttribute(key);
|
||||
return value != null ? value.toString() : null;
|
||||
}
|
||||
|
||||
String getAvatarUrl(OAuth2User oAuth2User, AuthProvider provider) {
|
||||
return switch (provider) {
|
||||
case GOOGLE -> oAuth2User.getAttribute("picture");
|
||||
case GITHUB -> oAuth2User.getAttribute("avatar_url");
|
||||
default -> null;
|
||||
};
|
||||
}
|
||||
|
||||
User findOrCreateUser(AuthProvider provider, String providerId,
|
||||
String email, String name, String avatarUrl) {
|
||||
Optional<User> existing = userRepository.findByProviderAndProviderId(provider, providerId);
|
||||
|
||||
if (existing.isPresent()) {
|
||||
User user = existing.get();
|
||||
user.setName(name);
|
||||
if (avatarUrl != null) {
|
||||
user.setAvatarUrl(avatarUrl);
|
||||
}
|
||||
if (email != null && !email.equals(user.getEmail())) {
|
||||
user.setEmail(email);
|
||||
}
|
||||
return userRepository.save(user);
|
||||
}
|
||||
|
||||
if (email != null) {
|
||||
Optional<User> emailUser = userRepository.findByEmail(email);
|
||||
if (emailUser.isPresent()) {
|
||||
User user = emailUser.get();
|
||||
user.setProvider(provider);
|
||||
user.setProviderId(providerId);
|
||||
user.setEmailVerified(true);
|
||||
if (avatarUrl != null) {
|
||||
user.setAvatarUrl(avatarUrl);
|
||||
}
|
||||
return userRepository.save(user);
|
||||
}
|
||||
}
|
||||
|
||||
User newUser = User.builder()
|
||||
.email(email != null ? email : providerId + "@" + provider.name().toLowerCase() + ".indie")
|
||||
.name(name != null ? name : "User")
|
||||
.avatarUrl(avatarUrl)
|
||||
.provider(provider)
|
||||
.providerId(providerId)
|
||||
.emailVerified(true)
|
||||
.build();
|
||||
|
||||
return userRepository.save(newUser);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user