Added some authentication code and also Springfox!

Followed guides from https://medium.com/@gtommee97/rest-authentication-with-spring-security-and-mongodb-28c06da25fb1 and https://www.baeldung.com/spring-security-registration-password-encoding-bcrypt.

Signed-off-by: Ryan Cloherty <rcloherty@rocketsoftware.com>

pom.xml

@@ -15,12 +15,26 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     </properties>
 
+    <repositories>
+        <repository>
+            <id>JFrog</id>
+            <name>JFrog Snapshot Repository</name>
+            <url>http://oss.jfrog.org/artifactory/oss-snapshot-local/</url>
+        </repository>
+    </repositories>
+
     <dependencies>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-data-mongodb</artifactId>
             <version>2.1.6.RELEASE</version>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+            <version>RELEASE</version>
+            <scope>compile</scope>
+        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
@@ -63,6 +77,21 @@
             <artifactId>spring-data-mongodb</artifactId>
             <version>2.1.9.RELEASE</version>
         </dependency>
+        <dependency>
+            <groupId>io.springfox</groupId>
+            <artifactId>springfox-swagger2</artifactId>
+            <version>3.0.0-SNAPSHOT</version>
+        </dependency>
+        <dependency>
+            <groupId>io.springfox</groupId>
+            <artifactId>springfox-swagger-ui</artifactId>
+            <version>3.0.0-SNAPSHOT</version>
+        </dependency>
+        <dependency>
+            <groupId>io.springfox</groupId>
+            <artifactId>springfox-data-rest</artifactId>
+            <version>3.0.0-SNAPSHOT</version>
+        </dependency>
     </dependencies>
 
 

src/main/java/io/github/incplusplus/thermostat/models/ApiUser.java

@@ -0,0 +1,50 @@
+package io.github.incplusplus.thermostat.models;
+
+import org.bson.types.ObjectId;
+import org.springframework.data.annotation.Id;
+
+public class ApiUser
+{
+	@Id
+	private ObjectId _id;
+	private String username;
+	private String password;
+
+	public ApiUser() {}
+
+	public ApiUser(String username, String password)
+	{
+		this.username = username;
+		this.password = password;
+	}
+
+	public void set_id(ObjectId _id)
+	{
+		this._id = _id;
+	}
+
+	public String get_id()
+	{
+		return this._id.toHexString();
+	}
+
+	public void setPassword(String password)
+	{
+		this.password = password;
+	}
+
+	public String getPassword()
+	{
+		return password;
+	}
+
+	public void setUsername(String username)
+	{
+		this.username = username;
+	}
+
+	public String getUsername()
+	{
+		return username;
+	}
+}

src/main/java/io/github/incplusplus/thermostat/nodeObjects/NodeController.java

@@ -19,7 +19,7 @@
 import java.util.List;
 import java.util.concurrent.atomic.AtomicLong;
 
-@Controller
+@RestController
 @RequestMapping("/nodes")
 public class NodeController
 {

src/main/java/io/github/incplusplus/thermostat/repositories/UsersRepository.java

@@ -0,0 +1,8 @@
+package io.github.incplusplus.thermostat.repositories;
+
+import io.github.incplusplus.thermostat.models.ApiUser;
+import org.springframework.data.mongodb.repository.MongoRepository;
+
+public interface UsersRepository extends MongoRepository<ApiUser, String> {
+	ApiUser findByUsername(String username);
+}

src/main/java/io/github/incplusplus/thermostat/server/ConnectionTestController.java

@@ -1,19 +1,17 @@
 package io.github.incplusplus.thermostat.server;
 
 import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.*;
 
 import java.util.concurrent.atomic.AtomicLong;
 
-@Controller
+@RestController
 public class ConnectionTestController
 {
 	private static final String template = "Hello, %s";
 	private final AtomicLong counter = new AtomicLong();
 
-	@RequestMapping("/hello-world")
+	@GetMapping("/hello-world")
 	@ResponseBody
 	public Greeting sayHello(@RequestParam(name="name", required = false, defaultValue = "Stranger") String name)
 	{

src/main/java/io/github/incplusplus/thermostat/server/beans/Tags.java

@@ -0,0 +1,44 @@
+package io.github.incplusplus.thermostat.server.beans;
+
+import io.github.incplusplus.thermostat.server.config.EndpointTags;
+import org.springframework.beans.factory.ListableBeanFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.stereotype.Component;
+import springfox.documentation.service.Tag;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@Component
+public class Tags
+{
+	@Autowired
+	private ListableBeanFactory listableBeanFactory;
+
+	@Bean
+	public static springfox.documentation.service.Tag[] getTags() {
+		List<String> tagsDeclaredInControllers = new ArrayList<>();
+		// Get all possible tags
+		Tag[] tags = EndpointTags.ALL_ENDPOINT_TAGS;
+
+		// Get all beans annotated with @RestController
+//		listableBeanFactory.getBeansWithAnnotation(RestController.class)
+				// Get all of the values from the <K,V> pairs. These values are Objects with the @Api annotation
+//				.values()
+				// Put it in a stream
+//				.stream()
+				// Filter it to only contain classes annotated with @Api
+				// (just in case another class gets annotated with @RestController for some other reason)
+//				.filter(licensedController -> licensedController.getClass()
+//						.isAnnotationPresent(Api.class))
+				// Get the tags from each endpoint class (this is a String[] at the moment)
+//				.map(endpoint -> endpoint.getClass().getAnnotation(Api.class).tags())
+				// Collect every one of the tag names from every controller in tagsDeclaredInControllers
+//				.forEach(t -> tagsDeclaredInControllers.addAll(Arrays.asList(t)));
+		// Okay. We're done with the crazy stream. I apologize for that eyesore.
+//		Tag[] applicableTags;
+//		applicableTags = Stream.of(tags).filter(tag -> tagsDeclaredInControllers.contains(tag.getName())).toArray(Tag[]::new);
+		return tags;
+	}
+}

src/main/java/io/github/incplusplus/thermostat/server/config/EndpointTags.java

@@ -0,0 +1,17 @@
+package io.github.incplusplus.thermostat.server.config;
+
+import springfox.documentation.service.Tag;
+
+public final class EndpointTags
+{
+	public static final Tag[] ALL_ENDPOINT_TAGS = {
+			/*
+           * This tag is here for the express purpose of being an early warning system
+           * for documentation and/or licensing code not working correctly.
+           * If this tag is showing up in the Swagger docs, it means that something
+           * is wrong with conditionallyAddTags() in SwaggerConfig or there is an issue
+           * at a lower level in a method that conditionallyAddTags() uses.
+           */
+			new Tag("neverShouldBeDisplayed", "THIS TAG SHOULD NOT BE SHOWING ON SWAGGER-UI! Check SwaggerConfig to see what broke."),
+	};
+}

src/main/java/io/github/incplusplus/thermostat/server/config/SecurityConfig.java

@@ -0,0 +1,48 @@
+package io.github.incplusplus.thermostat.server.config;
+
+import com.mongodb.MongoClient;
+import io.github.incplusplus.thermostat.services.MongoUserDetailsService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.mongodb.core.MongoOperations;
+import org.springframework.data.mongodb.core.MongoTemplate;
+import org.springframework.data.mongodb.core.SimpleMongoDbFactory;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+import javax.sql.DataSource;
+
+@EnableWebSecurity
+@Configuration
+@EnableConfigurationProperties
+public class SecurityConfig extends WebSecurityConfigurerAdapter
+{
+	@Autowired
+	MongoUserDetailsService userDetailsService;
+
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http
+				.csrf().disable()
+				.authorizeRequests().anyRequest().authenticated()
+				.and().httpBasic()
+				.and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+	}
+
+	@Bean
+	public PasswordEncoder passwordEncoder() {
+		return new BCryptPasswordEncoder();
+	}
+
+	@Override
+	public void configure(AuthenticationManagerBuilder builder) throws Exception {
+		builder.userDetailsService(userDetailsService);
+	}
+}