diff --git a/aconnect/src/main/java/com/mfsys/aconnect/security/constant/SecurityURI.java b/aconnect/src/main/java/com/mfsys/aconnect/security/constant/SecurityURI.java index 9e8debd..ddefe77 100644 --- a/aconnect/src/main/java/com/mfsys/aconnect/security/constant/SecurityURI.java +++ b/aconnect/src/main/java/com/mfsys/aconnect/security/constant/SecurityURI.java @@ -3,4 +3,5 @@ package com.mfsys.aconnect.security.constant; public interface SecurityURI { String AUTHENTICATION = "/authentication"; String LOGIN = "/login"; + String REGISTER = "/signup"; } diff --git a/aconnect/src/main/java/com/mfsys/aconnect/security/controller/AuthenticationController.java b/aconnect/src/main/java/com/mfsys/aconnect/security/controller/AuthenticationController.java index 3fd64e5..ba06012 100644 --- a/aconnect/src/main/java/com/mfsys/aconnect/security/controller/AuthenticationController.java +++ b/aconnect/src/main/java/com/mfsys/aconnect/security/controller/AuthenticationController.java @@ -4,6 +4,9 @@ import com.mfsys.aconnect.security.constant.SecurityURI; import com.mfsys.aconnect.security.dto.LoginRequest; import com.mfsys.aconnect.security.dto.LoginResponse; import com.mfsys.aconnect.security.service.AuthenticationService; +import com.mfsys.aconnect.usermanagement.constant.UserManagementURI; +import com.mfsys.aconnect.usermanagement.dto.UserDTOs; +import com.mfsys.aconnect.usermanagement.service.UserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; @@ -17,10 +20,12 @@ import org.springframework.web.bind.annotation.RestController; public class AuthenticationController { private final AuthenticationService authenticationService; + private final UserService userService; @Autowired - public AuthenticationController(AuthenticationService authenticationService) { + public AuthenticationController(AuthenticationService authenticationService, UserService userService) { this.authenticationService = authenticationService; + this.userService = userService; } @PostMapping(SecurityURI.LOGIN) @@ -32,4 +37,12 @@ public class AuthenticationController { return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build(); } } + + + @PostMapping(SecurityURI.REGISTER) + public ResponseEntity signupUser(@RequestBody UserDTOs.UserRequest request) { + UserDTOs.UserResponse response = userService.createUser(request); + return new ResponseEntity<>(response, HttpStatus.CREATED); + } + } diff --git a/common/src/main/java/com/mfsys/common/configuration/constant/TokenBypassURI.java b/common/src/main/java/com/mfsys/common/configuration/constant/TokenBypassURI.java index 7d67651..dc917ce 100644 --- a/common/src/main/java/com/mfsys/common/configuration/constant/TokenBypassURI.java +++ b/common/src/main/java/com/mfsys/common/configuration/constant/TokenBypassURI.java @@ -7,12 +7,8 @@ import java.util.List; public interface TokenBypassURI { List URIs = new ArrayList(Arrays.asList( "/aconnect/authentication/login", + "/aconnect/authentication/signup", "/aconnect/signin", - "/aconnect/user/createUser", - "/aconnect/user/getAllUsers", - "/aconnect/user/getUser", - "/aconnect/user/updateUser", - "/aconnect/user/deleteUser" , "/aconnect/transactions/accounttogl", "/aconnect/account/miscDetails", diff --git a/common/src/main/java/com/mfsys/common/configuration/filter/TokenAuthenticationFilter.java b/common/src/main/java/com/mfsys/common/configuration/filter/TokenAuthenticationFilter.java index 5a2a2ef..b33741e 100644 --- a/common/src/main/java/com/mfsys/common/configuration/filter/TokenAuthenticationFilter.java +++ b/common/src/main/java/com/mfsys/common/configuration/filter/TokenAuthenticationFilter.java @@ -1,9 +1,7 @@ package com.mfsys.common.configuration.filter; import java.io.IOException; -import java.util.Objects; -import com.mfsys.common.configuration.constant.PropertyConstant; import com.mfsys.common.configuration.constant.TokenBypassURI; import com.mfsys.common.configuration.service.JwtService; import jakarta.servlet.FilterChain; @@ -23,7 +21,7 @@ import com.mfsys.common.configuration.constant.FilterPriority; @Order(FilterPriority.AUTHENTICATION) public class TokenAuthenticationFilter extends OncePerRequestFilter { - private JwtService jwtService; + private final JwtService jwtService; @Autowired public TokenAuthenticationFilter(JwtService jwtService) { @@ -31,40 +29,58 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { } @Override - protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) - throws ServletException, IOException { - // TODO: For porOrga-change we Will removed it later - if (!(request.getMethod().equals("OPTIONS"))) { - - System.out.println(">> " + request.getRequestURI() + " <<"); -// TODO: - // important add all mconnect url in tokenbypass uri and remove this if - // condition or implement jwt in mconnect module - System.out.println(request.getHeaderNames()); - if (!(TokenBypassURI.URIs.contains(request.getRequestURI()) || request.getRequestURI().startsWith("/MCONNECT/actuator"))) { - String token = parseJwt(request); - if (Objects.isNull(token)) { - response.setStatus(403); - return; - } else { - // String porOrgacode = request.getHeader(FormPropertyConst.POR_ORGACODE); - String userSubject = request.getHeader("userSubject"); - if (!jwtService.validateToken(token,userSubject)) { - return; - } - } - } + protected void doFilterInternal(HttpServletRequest request, + HttpServletResponse response, + FilterChain filterChain) + throws ServletException, IOException { + // 1. Always allow OPTIONS (CORS preflight) + if ("OPTIONS".equalsIgnoreCase(request.getMethod())) { filterChain.doFilter(request, response); + return; } + + String requestUri = request.getRequestURI(); + + // 2. Skip authentication for bypass URIs + if (TokenBypassURI.URIs.contains(requestUri) + || requestUri.startsWith("/MCONNECT/actuator")) { + filterChain.doFilter(request, response); + return; + } + + // 3. Extract JWT + String token = parseJwt(request); + if (!StringUtils.hasText(token)) { + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + return; + } + + // 4. Extract required headers + String userSubject = request.getHeader("userId"); + String porOrgaCode = request.getHeader("POR_ORGACODE"); + + // 5. Validate header presence + if (!StringUtils.hasText(userSubject) || !StringUtils.hasText(porOrgaCode)) { + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + return; + } + + // 6. Validate token against headers + if (!jwtService.validateToken(token, userSubject, porOrgaCode)) { + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + return; + } + + // 7. Continue request + filterChain.doFilter(request, response); } private String parseJwt(HttpServletRequest request) { String headerAuth = request.getHeader("Authorization"); if (StringUtils.hasText(headerAuth) && headerAuth.startsWith("Bearer ")) { - return headerAuth.substring(7, headerAuth.length()); + return headerAuth.substring(7); } return null; } - } diff --git a/common/src/main/java/com/mfsys/common/configuration/service/JwtService.java b/common/src/main/java/com/mfsys/common/configuration/service/JwtService.java index dc8ad2f..0a676c3 100644 --- a/common/src/main/java/com/mfsys/common/configuration/service/JwtService.java +++ b/common/src/main/java/com/mfsys/common/configuration/service/JwtService.java @@ -78,7 +78,7 @@ public class JwtService { .compact(); } - public Boolean validateToken(String token, String subject) { + public Boolean validateToken(String token, String subject, String porOrgacode) { final String username = extractUsername(token); return (username.equals(subject) && !isTokenExpired(token)); }