Open Fayeredd opened 7 years ago
@tjkemper please review this.
This is a lot in one PR.
/swagger-ui.html
should load without a JWT in the requestdog
Claims have a secret: mySecret (see application.yml and JwtTokenUtil) This secret is validated through the JwtAuthenticationFilter. The password/token generation is handled by JwtTokenUtil, a test class placed in the structure to test the rest of it. It can be replaced later with an external generator.
Build fails for non-existent dependency (JwtAuthenticationFilter [8,37])
The dependency is a local second project. The dependency is in the POM and the directory is in the classpath. Any ideas as to why it can't find this dependency would be appreciated.
POM:
<dependency>
<groupId>com.revature</groupId>
<artifactId>RevatureSecurityLogin</artifactId>
<version>1.0-SNAPSHOT</version>
<scope>compile</scope>
</dependency>
Classpath:
<classpathentry kind="var" path="M2_REPO/com/revature/RevatureSecurityLogin/1.0-SNAPSHOT/RevatureSecurityLogin-1.0-SNAPSHOT.jar"/>
SonarQube analysis reported 18 issues
Watch the comments in this conversation to review them.
Security compatibility using JWT.
Temporary token generator/validator is JwtTokenUtil.
Security classes (by package): com.revature.config: WebSecurityConfig
com.revature.repositories: UserRepository
com.revature.model.security: Authority, AuthorityName, User
com.revature.security: JwtAuthenticationEntryPoint, JwtAuthenticationFilter, JwtAuthenticationRequest, JwtAuthenticationSuccessHandler, JwtTokenUtil (TEMP), JwtUser, JwtUserFactory
com.revature.security.controllers: AuthenticationRestController, UserRestController
com.revature.security.exceptions: JwtTokenMissingException
com.revature.security.service: JwtAuthenticationResponse, JwtUserDetailsServiceImpl