From ce195fbbbe1c6abe8510d3f1b236a674796ac55b Mon Sep 17 00:00:00 2001
From: kataus <kataus@gmail.com>
Date: Tue, 18 Aug 2020 17:24:18 +0300
Subject: [PATCH] =?UTF-8?q?=D0=9F=D1=80=D0=B8=D0=BC=D0=B5=D1=80=20=D0=BA?=
 =?UTF-8?q?=20=D0=B7=D0=B0=D0=BD=D1=8F=D1=82=D0=B8=D1=8E=20SpringSecurity?=
 =?UTF-8?q?=20=20=D0=90=D1=80=D1=85=D0=B8=D1=82=D0=B5=D0=BA=D1=82=D1=83?=
 =?UTF-8?q?=D1=80=D0=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../spring-21}/pom.xml                        | 10 ++-
 .../src/main/java/ru/otus/spring/Main.java    | 12 +++
 .../ru/otus/spring/rest/PagesController.java  | 32 ++++++++
 .../security/SecurityConfiguration.java       | 78 +++++++++++++++++++
 .../src/main/resources/application.yml        |  0
 .../resources/templates/authenticated.html    |  9 +++
 .../src/main/resources/templates/index.html   | 11 +++
 .../src/main/resources/templates/public.html  |  9 +++
 .../src/main/resources/templates/success.html | 10 +++
 9 files changed, 169 insertions(+), 2 deletions(-)
 rename {2020-02/spring-21-start-SS => 2020-05/spring-21}/pom.xml (82%)
 create mode 100644 2020-05/spring-21/src/main/java/ru/otus/spring/Main.java
 create mode 100644 2020-05/spring-21/src/main/java/ru/otus/spring/rest/PagesController.java
 create mode 100644 2020-05/spring-21/src/main/java/ru/otus/spring/security/SecurityConfiguration.java
 create mode 100644 2020-05/spring-21/src/main/resources/application.yml
 create mode 100644 2020-05/spring-21/src/main/resources/templates/authenticated.html
 create mode 100644 2020-05/spring-21/src/main/resources/templates/index.html
 create mode 100644 2020-05/spring-21/src/main/resources/templates/public.html
 create mode 100644 2020-05/spring-21/src/main/resources/templates/success.html

diff --git a/2020-02/spring-21-start-SS/pom.xml b/2020-05/spring-21/pom.xml
similarity index 82%
rename from 2020-02/spring-21-start-SS/pom.xml
rename to 2020-05/spring-21/pom.xml
index 4b9ec551..8e1e4810 100644
--- a/2020-02/spring-21-start-SS/pom.xml
+++ b/2020-05/spring-21/pom.xml
@@ -5,15 +5,21 @@
     <modelVersion>4.0.0</modelVersion>
 
     <groupId>ru.otus</groupId>
-    <artifactId>spring-framework-21</artifactId>
+    <artifactId>spring-framework-21-spring-security-start</artifactId>
     <version>1.0-SNAPSHOT</version>
 
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>2.0.3.RELEASE</version>
+        <version>2.3.3.RELEASE</version>
     </parent>
 
+    <properties>
+        <maven.compiler.source>11</maven.compiler.source>
+        <maven.compiler.target>11</maven.compiler.target>
+        <java.version>11</java.version>
+    </properties>
+
     <dependencies>
         <dependency>
             <groupId>org.springframework.boot</groupId>
diff --git a/2020-05/spring-21/src/main/java/ru/otus/spring/Main.java b/2020-05/spring-21/src/main/java/ru/otus/spring/Main.java
new file mode 100644
index 00000000..5406a277
--- /dev/null
+++ b/2020-05/spring-21/src/main/java/ru/otus/spring/Main.java
@@ -0,0 +1,12 @@
+package ru.otus.spring;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class Main {
+
+    public static void main(String[] args) {
+        SpringApplication.run(Main.class);
+    }
+}
diff --git a/2020-05/spring-21/src/main/java/ru/otus/spring/rest/PagesController.java b/2020-05/spring-21/src/main/java/ru/otus/spring/rest/PagesController.java
new file mode 100644
index 00000000..1bdf754e
--- /dev/null
+++ b/2020-05/spring-21/src/main/java/ru/otus/spring/rest/PagesController.java
@@ -0,0 +1,32 @@
+package ru.otus.spring.rest;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class PagesController {
+
+    @GetMapping("/")
+    public String indexPage() {
+        return "index";
+    }
+
+    @GetMapping("/public")
+    public String publicPage() {
+        return "public";
+    }
+
+    @GetMapping("/authenticated")
+    public String authenticatedPage() {
+        return "authenticated";
+    }
+
+    @GetMapping("/success")
+    public String successPage(){
+        return "success";
+    }
+}
diff --git a/2020-05/spring-21/src/main/java/ru/otus/spring/security/SecurityConfiguration.java b/2020-05/spring-21/src/main/java/ru/otus/spring/security/SecurityConfiguration.java
new file mode 100644
index 00000000..cd5b072b
--- /dev/null
+++ b/2020-05/spring-21/src/main/java/ru/otus/spring/security/SecurityConfiguration.java
@@ -0,0 +1,78 @@
+package ru.otus.spring.security;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.NoOpPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+
+import java.util.Collection;
+
+@EnableWebSecurity
+public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+    @Override
+    public void configure(WebSecurity web) {
+        web.ignoring()
+                .antMatchers("/")
+                .antMatchers( "/static/**" );
+    }
+
+    @Override
+    public void configure(HttpSecurity http) throws Exception {
+        http.csrf().disable()
+                // По умолчанию SecurityContext хранится в сессии. Эта часть вырубает и каждый запросом приходитТ
+//                .sessionManagement()
+//                .sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
+//                .and()
+                .authorizeRequests()
+                .antMatchers("/public/").anonymous()
+                .and()
+                .authorizeRequests()
+                .antMatchers("/authenticated").authenticated()
+//                .and()
+//                .authorizeRequests().antMatchers("/public").authenticated()
+                .and()
+                .httpBasic()
+                .and()
+                .anonymous()
+                .principal( "anonymous" )
+                .and()
+                .rememberMe().key( "Some secret" )
+        ;
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+//        return new BCryptPasswordEncoder(10);
+        return NoOpPasswordEncoder.getInstance();
+//        return new PasswordEncoder() {
+//            @Override
+//            public String encode(CharSequence charSequence) {
+//                return charSequence.toString();
+//            }
+//
+//            @Override
+//            public boolean matches(CharSequence charSequence, String s) {
+//                return charSequence.toString().equals(s);
+//            }
+//        };
+    }
+
+    @Autowired
+    public void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.inMemoryAuthentication()
+                .withUser("admin").password("password").roles("ADMIN")
+                ;
+    }
+}
diff --git a/2020-05/spring-21/src/main/resources/application.yml b/2020-05/spring-21/src/main/resources/application.yml
new file mode 100644
index 00000000..e69de29b
diff --git a/2020-05/spring-21/src/main/resources/templates/authenticated.html b/2020-05/spring-21/src/main/resources/templates/authenticated.html
new file mode 100644
index 00000000..9f8b0d7e
--- /dev/null
+++ b/2020-05/spring-21/src/main/resources/templates/authenticated.html
@@ -0,0 +1,9 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8"/>
+</head>
+<body>
+Только для авторизованных
+</body>
+</html>
diff --git a/2020-05/spring-21/src/main/resources/templates/index.html b/2020-05/spring-21/src/main/resources/templates/index.html
new file mode 100644
index 00000000..f4d11090
--- /dev/null
+++ b/2020-05/spring-21/src/main/resources/templates/index.html
@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html lang="en" xmlns:th="http://www.thymeleaf.org">
+<head>
+    <meta charset="UTF-8"/>
+</head>
+<body>
+<a th:href="@{public}">/public</a>
+<br>
+<a th:href="@{authenticated}">/authenticated</a>
+</body>
+</html>
diff --git a/2020-05/spring-21/src/main/resources/templates/public.html b/2020-05/spring-21/src/main/resources/templates/public.html
new file mode 100644
index 00000000..77188469
--- /dev/null
+++ b/2020-05/spring-21/src/main/resources/templates/public.html
@@ -0,0 +1,9 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8"/>
+</head>
+<body>
+Доступен всем
+</body>
+</html>
diff --git a/2020-05/spring-21/src/main/resources/templates/success.html b/2020-05/spring-21/src/main/resources/templates/success.html
new file mode 100644
index 00000000..89db5f22
--- /dev/null
+++ b/2020-05/spring-21/src/main/resources/templates/success.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8"/>
+    <title>Вы успешно вошли</title>
+</head>
+<body>
+Вы успешно вошли
+</body>
+</html>