import Test Collection.json into POSTMAN
POST: http://localhost:8080/auth/authenticate
BODY:
{
"user":"user2",
"password":"password"
}
GET: http://localhost:8080/micro2/message
must have AUTHORIZATION HEADER = Bearer token
IF token is valid and route is authorized
RETURN: HELLO from microservice 2
GET: http://localhost:8080/micro1/message
must have AUTHORIZATION HEADER = Bearer token
IF token is valid and route is authorized
RETURN: HELLO from microservice 1
allowed_roles is a String variable
@PostMapping(value = "/valid_token")
public Boolean isValidRequest(@RequestBody final ValidationRequest validation_request) throws Exception {
boolean isvalid = true;// variable para dar autorizacion
boolean isValidToken = false;// variable para token valido o no
boolean isAuthoPath = false;//variable para ruta autorizada o no
JPQLQuery<?> query = new JPAQuery<>(entityManager);
final MyUserDetails userDetails1 = (MyUserDetails) SecurityContextHolder.getContext().getAuthentication()
.getPrincipal();
final List<?> list_roles = new ArrayList<>(userDetails1.getAuthorities());
try {
isValidToken = jwt.validateToken(validation_request.getToken(), userDetails1);
QACLModel aclModel = QACLModel.aCLModel;
String r = list_roles.get(0).toString();
List<ACLModel> acl_list = query.select(aclModel).from(aclModel).where(aclModel.method.like(validation_request.getMethod())).where(aclModel.allowed_roles.like("%"+r+"%")).fetch();
PathPatternParser pathPattern = new PathPatternParser();
pathPattern.setCaseSensitive(false);
if (acl_list.size()== 0) {
isAuthoPath = false;
}
else{
Optional<ACLModel> acl= acl_list.stream().filter(u ->{
PathPattern p = pathPattern.parse(u.getPath());
return p.matches(PathContainer.parsePath(validation_request.getPath()));
} ).findFirst();
if (acl.isPresent()) {
isAuthoPath = true;
}
else{
isAuthoPath = false;
}
}
} catch (final Exception e) {
isvalid = false;
}
isvalid = isValidToken == true && isAuthoPath == true ? true : false;
return isvalid;
}