fix(auth): Fix AuthorizationService missing Service annotation

Author: andrefelipebarros

Vava-API.zip

@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>3.4.2</version>
+		<version>3.4.3</version>
 		<relativePath/> <!-- lookup parent from repository -->
 	</parent>
 	<groupId>com.helper</groupId>
@@ -30,65 +30,62 @@
 		<java.version>17</java.version>
 	</properties>
 	<dependencies>
+		<!-- Spring Dependencies -->
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-web</artifactId>
+			<artifactId>spring-boot-starter-data-jpa</artifactId>
 		</dependency>
-
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-security</artifactId>
+			<artifactId>spring-boot-starter-actuator</artifactId>
 		</dependency>
-
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-devtools</artifactId>
-			<scope>runtime</scope>
-			<optional>true</optional>
+			<artifactId>spring-boot-starter-validation</artifactId>
 		</dependency>
-		
 		<dependency>
-			<groupId>org.projectlombok</groupId>
-			<artifactId>lombok</artifactId>
-			<optional>true</optional>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
 		</dependency>
-		
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-test</artifactId>
 			<scope>test</scope>
 		</dependency>
-		
 		<dependency>
 			<groupId>org.springframework.security</groupId>
 			<artifactId>spring-security-test</artifactId>
 			<scope>test</scope>
 		</dependency>
-		
 		<dependency>
-		    <groupId>org.springframework.boot</groupId>
-		    <artifactId>spring-boot-starter-data-jpa</artifactId>
-		</dependency>
-		
-		<!-- JWT Dependencies -->
-		<dependency>
-			<groupId>com.auth0</groupId>
-			<artifactId>java-jwt</artifactId>
-			<version>4.5.0</version>
+			<groupId>org.projectlombok</groupId>
+			<artifactId>lombok</artifactId>
+			<version>1.18.36</version>
+			<scope>provided</scope>
 		</dependency>
-
+		<!-- Spring Boot Azure Dependencies -->
 		<dependency>
-		    <groupId>org.springframework.boot</groupId>
-		    <artifactId>spring-boot-starter-validation</artifactId>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-web</artifactId>
 		</dependency>
-
-		<!-- Dependência para utilizar API em DESENVOLVIMENTO(dsv) -->
+		<!-- H2 DataBase Dependencies -->
 		<dependency>
 			<groupId>com.h2database</groupId>
 			<artifactId>h2</artifactId>
-			<version>2.3.232</version>
 			<scope>runtime</scope>
 		</dependency>
+		<!-- Spring Boot DevTools (*optional* for development, i like it) -->
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-devtools</artifactId>
+			<scope>runtime</scope>
+		</dependency>
+		<!-- JWT Dependencies -->
+		<dependency>
+			<groupId>com.auth0</groupId>
+			<artifactId>java-jwt</artifactId>
+			<version>4.5.0</version>
+		</dependency>
 	</dependencies>
 
 	<build>
@@ -105,18 +102,19 @@
 					</annotationProcessorPaths>
 				</configuration>
 			</plugin>
-			<plugin>
-				<groupId>org.springframework.boot</groupId>
-				<artifactId>spring-boot-maven-plugin</artifactId>
-				<configuration>
-					<excludes>
-						<exclude>
+				<plugin>
+					<groupId>org.apache.maven.plugins</groupId>
+					<artifactId>maven-compiler-plugin</artifactId>
+					<configuration>
+						<annotationProcessorPaths>
+						<path>
 							<groupId>org.projectlombok</groupId>
 							<artifactId>lombok</artifactId>
-						</exclude>
-					</excludes>
-				</configuration>
-			</plugin>
+							<version>1.18.36</version>
+						</path>
+						</annotationProcessorPaths>
+					</configuration>
+				</plugin>
 		</plugins>
 	</build>
 

pom.xml

@@ -5,6 +5,7 @@
 
 import com.helper.vavahelper.models.User.User;
 
+
 public interface UserRepository extends JpaRepository<User, String> {
     UserDetails findByLogin(String login);
 }

src/main/java/com/helper/vavahelper/Repositories/UserRepository.java

@@ -1,13 +1,5 @@
 package com.helper.vavahelper.controllers;
 
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.ResponseEntity;
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.web.bind.annotation.CrossOrigin;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
@@ -19,13 +11,26 @@
 import com.helper.vavahelper.models.User.body.UserRegisterDTO;
 import com.helper.vavahelper.repositories.UserRepository;
 
+import org.springframework.beans.factory.annotation.Autowired;
+
+
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.web.bind.annotation.CrossOrigin;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
 import jakarta.validation.Valid;
 
+
 @RestController
 @RequestMapping("auth")
 @CrossOrigin(origins = "*")
 public class AuthenticationController {
-@Autowired
+    
+    @Autowired
     private AuthenticationManager authenticationManager;
 
     @Autowired
@@ -34,16 +39,6 @@ public class AuthenticationController {
     @Autowired 
     private UserRepository repository;
 
-    @PostMapping("/login")
-    public ResponseEntity<LoginResponseDTO> postMethodLogin(@RequestBody @Valid AuthenticationDTO data) {
-        var usernamePassword = new UsernamePasswordAuthenticationToken(data.login(), data.password());
-        var auth = this.authenticationManager.authenticate(usernamePassword);
-
-        var token = tokenService.generateToken((User)auth.getPrincipal());
-
-        return ResponseEntity.ok(new LoginResponseDTO(token));
-    }
-
     @PostMapping("/register")
     public ResponseEntity<String> postMethodRegister(@RequestBody @Valid UserRegisterDTO data){
 
@@ -57,4 +52,15 @@ public ResponseEntity<String> postMethodRegister(@RequestBody @Valid UserRegiste
         this.repository.save(newUser);
         return ResponseEntity.ok("User registered successfully.");
     }
-}
+
+    @PostMapping("/login")
+    public ResponseEntity<LoginResponseDTO> postMethodLogin(@RequestBody @Valid AuthenticationDTO data) {
+        var usernamePassword = new UsernamePasswordAuthenticationToken(data.login(), data.password());
+        var auth = this.authenticationManager.authenticate(usernamePassword);
+
+        var token = tokenService.generateToken((User)auth.getPrincipal());
+
+        return ResponseEntity.ok(new LoginResponseDTO(token));
+    }
+
+}

src/main/java/com/helper/vavahelper/controllers/AuthenticationController.java

@@ -1,20 +1,31 @@
 package com.helper.vavahelper.infra.security;
 
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+
 import org.springframework.http.HttpMethod;
+
 import org.springframework.security.authentication.AuthenticationManager;
+
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
+
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
+
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 @Configuration
 @EnableWebSecurity
 public class SecurityConfiguration {
+
+    @Autowired
+    SecurityFilter securityFilter;
+
     //Filtro de Segurança de Rotas:
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception{
@@ -23,10 +34,12 @@ public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws
                 .csrf(csrf -> csrf.disable())
                 .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                 .authorizeHttpRequests(authorize -> authorize
-                    .requestMatchers(HttpMethod.POST, "auth/**").permitAll()
+                    .requestMatchers(HttpMethod.POST, "/auth/register").permitAll()
+                    .requestMatchers(HttpMethod.POST, "/auth/login").permitAll()
                     .requestMatchers("/h2/**").permitAll()
                     .anyRequest().authenticated()
                 )
+                .addFilterBefore(securityFilter, UsernamePasswordAuthenticationFilter.class)
                 .headers(headers -> headers
                 .frameOptions().sameOrigin()  // Permite iframes no H2
                 )

src/main/java/com/helper/vavahelper/infra/security/SecurityConfiguration.java

@@ -4,6 +4,7 @@
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -15,6 +16,7 @@
 
 import java.io.IOException;
 
+
 @Component
 public class SecurityFilter extends OncePerRequestFilter{
 

src/main/java/com/helper/vavahelper/infra/security/SecurityFilter.java

@@ -12,10 +12,8 @@
 import com.auth0.jwt.algorithms.Algorithm;
 import com.auth0.jwt.exceptions.JWTCreationException;
 import com.auth0.jwt.exceptions.JWTVerificationException;
-
 import com.helper.vavahelper.models.User.User;
 
-
 @Service
 public class TokenService {
 
@@ -46,11 +44,11 @@ public String validateToken(String token){
                     .verify(token)
                     .getSubject();
         } catch (JWTVerificationException exception){
-            return "";
+            throw new RuntimeException("", exception);
         }
     }
 
     private Instant getExpirationDate(){
         return LocalDateTime.now().plusHours(2).toInstant(ZoneOffset.of("-03:00"));
     }
-}
+}

src/main/java/com/helper/vavahelper/infra/security/TokenService.java

@@ -1,6 +1,7 @@
 package com.helper.vavahelper.models.User;
 import jakarta.persistence.*;
 import lombok.AllArgsConstructor;
+import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
@@ -13,18 +14,20 @@
 import java.util.Collection;
 import java.util.List;
 
-@Table(name = "users")
-@Entity(name = "users")
-@Getter
+@Data
 @Setter
-@NoArgsConstructor
+@Getter
 @AllArgsConstructor
+@NoArgsConstructor
+@Table(name= "users")
+@Entity(name = "users")
 @EqualsAndHashCode(of = "id")
 public class User implements UserDetails {
     @Id
     @GeneratedValue(strategy = GenerationType.UUID)
     private String id;
     private UserRole role;
+    @Column(unique=true)
     private String login;
     private String password;
 

src/main/java/com/helper/vavahelper/models/User/User.java

@@ -1,6 +1,3 @@
 package com.helper.vavahelper.models.User.body;
 
-public record AuthenticationDTO(String login, String password) {
-
-    
-}
+public record AuthenticationDTO(String login, String password){}

src/main/java/com/helper/vavahelper/models/User/body/AuthenticationDTO.java

@@ -2,6 +2,4 @@
 
 import com.helper.vavahelper.models.User.UserRole;
 
-public record UserRegisterDTO(String login, String password, UserRole role) {
-    
-}
+public record UserRegisterDTO(String login, String password, UserRole role) {}