Enhance AuthenticatedUuid to improve UUID extraction by adding support for decoding tokens from the Authorization header. Add logging, refactor for better null handling, and introduce @RequiredArgsConstructor.
This commit is contained in:
parent
4b466f314e
commit
02adbb2522
|
|
@ -1,20 +1,30 @@
|
|||
|
||||
package com.alttd.altitudeweb.controllers.data_from_auth;
|
||||
|
||||
import com.nimbusds.jwt.JWT;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.oauth2.jwt.Jwt;
|
||||
import org.springframework.security.oauth2.jwt.JwtDecoder;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.web.context.request.RequestAttributes;
|
||||
import org.springframework.web.context.request.RequestContextHolder;
|
||||
import org.springframework.web.context.request.ServletRequestAttributes;
|
||||
import org.springframework.web.server.ResponseStatusException;
|
||||
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import java.util.UUID;
|
||||
|
||||
@Slf4j
|
||||
@Service
|
||||
@RequiredArgsConstructor
|
||||
public class AuthenticatedUuid {
|
||||
private final JwtDecoder jwtDecoder;
|
||||
|
||||
@Value("${UNSECURED:#{false}}")
|
||||
private boolean unsecured;
|
||||
|
||||
|
|
@ -25,14 +35,68 @@ public class AuthenticatedUuid {
|
|||
* @throws ResponseStatusException with 401 status if authentication is invalid
|
||||
*/
|
||||
public UUID getAuthenticatedUserUuid() {
|
||||
UUID uuidFromAuth = getUuidFromAuthentication();
|
||||
if (uuidFromAuth != null) {
|
||||
return uuidFromAuth;
|
||||
}
|
||||
return extractUuidFromAuthorizationHeader();
|
||||
}
|
||||
|
||||
private UUID extractUuidFromAuthorizationHeader() {
|
||||
log.debug("Attempting to extract UUID directly from Authorization header");
|
||||
try {
|
||||
RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
|
||||
if (requestAttributes == null) {
|
||||
log.error("No request attributes found");
|
||||
if (unsecured) {
|
||||
return UUID.fromString("55e46bc3-2a29-4c53-850f-dbd944dc5c5f");
|
||||
}
|
||||
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "No request attributes found");
|
||||
}
|
||||
HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest();
|
||||
String authHeader = request.getHeader("Authorization");
|
||||
|
||||
if (authHeader == null || !authHeader.startsWith("Bearer ")) {
|
||||
log.error("No valid Authorization header found");
|
||||
if (unsecured) {
|
||||
return UUID.fromString("55e46bc3-2a29-4c53-850f-dbd944dc5c5f");
|
||||
}
|
||||
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "No valid Authorization header");
|
||||
}
|
||||
|
||||
String token = authHeader.substring(7);
|
||||
Jwt jwt = jwtDecoder.decode(token);
|
||||
String stringUuid = jwt.getSubject();
|
||||
|
||||
log.debug("Successfully extracted UUID {} from Authorization header", stringUuid);
|
||||
return UUID.fromString(stringUuid);
|
||||
} catch (Exception e) {
|
||||
if (e instanceof ResponseStatusException responseStatusException) {
|
||||
log.debug("Rethrowing ResponseStatusException", e);
|
||||
throw responseStatusException;
|
||||
}
|
||||
log.error("Error extracting UUID from Authorization header", e);
|
||||
if (unsecured) {
|
||||
return UUID.fromString("55e46bc3-2a29-4c53-850f-dbd944dc5c5f");
|
||||
}
|
||||
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "Failed to extract UUID from token");
|
||||
}
|
||||
}
|
||||
|
||||
private UUID getUuidFromAuthentication() {
|
||||
Authentication authentication = getAuthentication();
|
||||
|
||||
if (authentication == null) {
|
||||
log.error("Authentication is null");
|
||||
return null;
|
||||
}
|
||||
|
||||
if (!(authentication.getPrincipal() instanceof Jwt jwt)) {
|
||||
log.error("Authentication principal is not a JWT {}", authentication.getPrincipal() instanceof JWT);
|
||||
if (unsecured) {
|
||||
return UUID.fromString("55e46bc3-2a29-4c53-850f-dbd944dc5c5f");
|
||||
}
|
||||
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "Authentication should be JWT");
|
||||
return null;
|
||||
}
|
||||
|
||||
String stringUuid = jwt.getSubject();
|
||||
|
|
@ -45,11 +109,6 @@ public class AuthenticatedUuid {
|
|||
}
|
||||
|
||||
private static Authentication getAuthentication() {
|
||||
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||
if (authentication == null) {
|
||||
log.error("Authentication is null");
|
||||
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "Authentication required");
|
||||
}
|
||||
return authentication;
|
||||
return SecurityContextHolder.getContext().getAuthentication();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user