package com.pollex.pam.web.rest; import com.pollex.pam.business.aop.logging.audit.AuditLoggingInject; import com.pollex.pam.security.jwt.JWTFilter; import com.pollex.pam.security.jwt.TokenProvider; import com.pollex.pam.business.security.token.EServiceAuthenticationToken; import com.pollex.pam.business.web.vm.EServiceLoginVM; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import static com.pollex.pam.business.aop.logging.audit.AuditLoggingType.CONSULTANT_LOGIN; @RestController @RequestMapping("/api/eService") public class EServiceResource { @Autowired AuthenticationManagerBuilder authenticationManagerBuilder; @Autowired TokenProvider tokenProvider; @AuditLoggingInject(type = CONSULTANT_LOGIN) @PostMapping("/authenticate") public ResponseEntity authorize(@RequestBody EServiceLoginVM eServiceLoginVM) { EServiceAuthenticationToken authenticationToken = new EServiceAuthenticationToken( eServiceLoginVM.getUsername(), eServiceLoginVM.getPassword() ); Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken); SecurityContextHolder.getContext().setAuthentication(authenticationToken); String jwt = tokenProvider.createToken(authentication, false); HttpHeaders httpHeaders = new HttpHeaders(); httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt); return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK); } }