Token Authentication Micro-service Java

Asked

Viewed 33 times

-1

I am separating my authentication service into microservices, but when I separate the token into a module, my authentication service always returns 401 and does not log any

This is my config class in the authentication service :

package com.meli.ricardo.zoio.auth.security.config;

import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import com.meli.ricardo.zoio.auth.security.filter.JWTUsernameAndPasswordAuthenticationFilter;
import com.meli.ricardo.zoio.core.property.JWTConfiguration;
import com.meli.ricardo.zoio.token.config.TokenConfig;
import com.meli.ricardo.zoio.token.creator.TokenCreator;

@EnableWebSecurity
public class SecurityCredentialsConfig extends TokenConfig{
    
    private final UserDetailsService userDetailsService;
    private final TokenCreator tokenCreator;
        
    public SecurityCredentialsConfig(JWTConfiguration jwtConfiguration, @Qualifier("userDetailsServiceImpl")UserDetailsService userDetailsService, TokenCreator tokenCreator) {
        super(jwtConfiguration);
        this.userDetailsService = userDetailsService;
        this.tokenCreator = tokenCreator;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .addFilter(new JWTUsernameAndPasswordAuthenticationFilter(authenticationManager(), jwtConfiguration, tokenCreator));
        super.configure(http);
    }
    
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
    }
    
    @Bean
    public BCryptPasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
    
}

This is my config class in the token micro service :

package com.meli.ricardo.zoio.token.config;

import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS;

import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.web.cors.CorsConfiguration;

import com.meli.ricardo.zoio.core.property.JWTConfiguration;

import lombok.RequiredArgsConstructor;

@RequiredArgsConstructor( onConstructor_ = {@Autowired})
public class TokenConfig extends WebSecurityConfigurerAdapter{

    protected final JWTConfiguration jwtConfiguration;
    
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()
            .cors().configurationSource(request -> new CorsConfiguration().applyPermitDefaultValues())
            .and()
                .sessionManagement().sessionCreationPolicy(STATELESS)
            .and()
                .exceptionHandling().authenticationEntryPoint((req, resp, e) -> resp.sendError(HttpServletResponse.SC_UNAUTHORIZED))
            .and()
            .authorizeRequests()
                .antMatchers(jwtConfiguration.getLoginUrl()).permitAll()
                .anyRequest().authenticated();
    }
}

Class where I enter Beans and Components in the authentication ms :

package com;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.domain.EntityScan;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.netflix.eureka.EnableEurekaClient;
//import org.springframework.cloud.netflix.eureka.EnableEurekaClient;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;

import com.meli.ricardo.zoio.core.property.JWTConfiguration;

@SpringBootApplication
@EnableEurekaClient
@EntityScan({"com.meli.ricardo.zoio.model"})
@EnableJpaRepositories({"com.meli.ricardo.zoio.core.repository"})
@EnableConfigurationProperties(value = JWTConfiguration.class)
@ComponentScan("com.meli.ricardo.zoio")
public class AuthApplication {

    public static void main(String[] args) {
        SpringApplication.run(AuthApplication.class, args);
    }

}

My only suspicion is that there is some problem with the componentscan, but I’m not sure

java spring spring-boot spring-security spring-jpa

1 answer

0

Try adding this in if application.yml to check the full log.

 logging:
  level:
    br.com.<SEU PACOTE>: DEBUG
    org:
      springframework:
        web: DEBUG

Browser other questions tagged java spring spring-boot spring-security spring-jpa

You are not signed in. Login or sign up in order to post.