#119 Native Sublinks API

src/main/java/com/sublinks/sublinksapi/api/sublinks/v1/authentication/JwtFilter.java

@@ -0,0 +1,90 @@
+package com.sublinks.sublinksapi.api.sublinks.v1.authentication;
+
+import com.sublinks.sublinksapi.person.entities.Person;
+import com.sublinks.sublinksapi.person.repositories.PersonRepository;
+import com.sublinks.sublinksapi.person.services.UserDataService;
+import io.jsonwebtoken.ExpiredJwtException;
+import io.jsonwebtoken.security.SignatureException;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Optional;
+import lombok.RequiredArgsConstructor;
+import org.springframework.core.annotation.Order;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+@Component
+@RequiredArgsConstructor
+@Order(1)
+public class JwtFilter extends OncePerRequestFilter {
+
+  private final JwtUtil jwtUtil;
+  private final PersonRepository personRepository;
+  private final UserDataService userDataService;
+
+  @Override
+  protected void doFilterInternal(final HttpServletRequest request,
+      final HttpServletResponse response, final FilterChain filterChain)
+      throws ServletException, IOException {
+
+    String authorizingToken = request.getHeader("Authorization");
+
+    if (authorizingToken == null && request.getCookies() != null) {
+      for (Cookie cookie : request.getCookies()) {
+        if (cookie.getName().equals("jwt")) {
+          authorizingToken = cookie.getValue();
+          break;
+        }
+      }
+
+    }
+
+    String token = null;
+    String userName = null;
+
+    try {
+      if (authorizingToken != null) {
+        if (authorizingToken.startsWith("Bearer ")) {
+          token = authorizingToken.substring(7);
+        } else {
+          token = authorizingToken;
+        }
+        userName = jwtUtil.extractUsername(token);
+      }
+    } catch (ExpiredJwtException | SignatureException ex) {
+      response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "invalid_token");
+    }
+
+    if (userName != null && SecurityContextHolder.getContext().getAuthentication() == null) {
+      final Optional<Person> person = personRepository.findOneByName(userName);
+      if (person.isEmpty()) {
+        throw new UsernameNotFoundException("Invalid name");
+      }
+
+      if (jwtUtil.validateToken(token, person.get())) {
+
+        // Add a check if token and ip was changed? To give like a "warning" to the user that he has a new ip logged into his account
+        userDataService.checkAndAddIpRelation(person.get(), request.getRemoteAddr(), token,
+            request.getHeader("User-Agent"));
+        final JwtPerson authenticationToken = new JwtPerson(person.get(),
+            person.get().getAuthorities());
+        authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
+        SecurityContextHolder.getContext().setAuthentication(authenticationToken);
+      }
+    }
+    filterChain.doFilter(request, response);
+  }
+
+  @Override
+  protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {
+
+    return !request.getServletPath().startsWith("/api/v3");
+  }
+}

src/main/java/com/sublinks/sublinksapi/api/sublinks/v1/authentication/JwtPerson.java

@@ -0,0 +1,30 @@
+package com.sublinks.sublinksapi.api.sublinks.v1.authentication;
+
+import com.sublinks.sublinksapi.person.entities.Person;
+import java.util.Collection;
+import org.springframework.security.authentication.AbstractAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
+
+public class JwtPerson extends AbstractAuthenticationToken {
+
+  private final Person person;
+
+  public JwtPerson(final Person person, final Collection<? extends GrantedAuthority> authorities) {
+
+    super(authorities);
+    this.person = person;
+    setAuthenticated(true);
+  }
+
+  @Override
+  public Object getCredentials() {
+
+    return null;
+  }
+
+  @Override
+  public Object getPrincipal() {
+
+    return this.person;
+  }
+}

src/main/java/com/sublinks/sublinksapi/api/sublinks/v1/authentication/JwtUtil.java

@@ -0,0 +1,84 @@
+package com.sublinks.sublinksapi.api.sublinks.v1.authentication;
+
+import com.sublinks.sublinksapi.person.entities.Person;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.io.Decoders;
+import io.jsonwebtoken.security.Keys;
+import java.io.Serial;
+import java.io.Serializable;
+import java.security.Key;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.function.Function;
+import javax.crypto.SecretKey;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+@Component
+public class JwtUtil implements Serializable {
+
+  public static final long JWT_TOKEN_VALIDITY = 24 * 60 * 60;
+  @Serial
+  private static final long serialVersionUID = -2550185165626007488L;
+  private final String secret;
+
+  public JwtUtil(@Value("${jwt.secret}") final String secret) {
+
+    this.secret = secret;
+  }
+
+  public String generateToken(final Person person) {
+
+    final Map<String, Object> claims = new HashMap<>();
+    return doGenerateToken(claims, person.getUsername());
+  }
+
+  public Boolean validateToken(final String token, final Person person) {
+
+    final String tokenUsername = extractUsername(token);
+    return (tokenUsername.equals(person.getUsername()) && !isTokenExpired(token));
+  }
+
+  public String extractUsername(final String token) {
+
+    return extractClaim(token, Claims::getSubject);
+  }
+
+  public Date extractExpiration(final String token) {
+
+    return extractClaim(token, Claims::getExpiration);
+  }
+
+  public <T> T extractClaim(final String token, final Function<Claims, T> claimsResolver) {
+
+    final Claims claims = extractAllClaims(token);
+    return claimsResolver.apply(claims);
+  }
+
+  private Claims extractAllClaims(final String token) {
+
+    final SecretKey key = Keys.hmacShaKeyFor(Decoders.BASE64.decode(secret));
+    return Jwts.parser().verifyWith(key).build().parseSignedClaims(token).getPayload();
+  }
+
+  private Boolean isTokenExpired(final String token) {
+
+    return extractExpiration(token).before(new Date());
+  }
+
+  private String doGenerateToken(final Map<String, Object> claims, final String subject) {
+
+    final byte[] keyBytes = Decoders.BASE64.decode(secret);
+    final Key key = Keys.hmacShaKeyFor(keyBytes);
+    return Jwts.builder()
+        .claims(claims)
+        .subject(subject)
+        .issuedAt(new Date(System.currentTimeMillis()))
+        .expiration(new Date(System.currentTimeMillis() + JWT_TOKEN_VALIDITY * 1000))
+        .signWith(key)
+        .compact();
+  }
+
+}

src/main/java/com/sublinks/sublinksapi/api/sublinks/v1/authentication/config/SecurityConfig.java

@@ -0,0 +1,36 @@
+package com.sublinks.sublinksapi.api.sublinks.v1.authentication.config;
+
+import com.sublinks.sublinksapi.api.sublinks.v1.authentication.JwtFilter;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+@Configuration
+@EnableWebSecurity
+@RequiredArgsConstructor
+public class SecurityConfig {
+
+  private final JwtFilter jwtFilter;
+
+  @Bean
+  public SecurityFilterChain filterChain(final HttpSecurity http) throws Exception {
+
+    http
+        .csrf(AbstractHttpConfigurer::disable)
+        .authorizeHttpRequests((requests) -> requests
+            .anyRequest().permitAll()
+        )
+        .sessionManagement(
+            (sessionManagement) -> sessionManagement.sessionCreationPolicy(
+                SessionCreationPolicy.STATELESS)
+        )
+        .addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class);
+    return http.build();
+  }
+}

src/main/java/com/sublinks/sublinksapi/api/sublinks/v1/common/controllers/AbstractSublinksApiController.java

@@ -1,5 +1,62 @@
 package com.sublinks.sublinksapi.api.sublinks.v1.common.controllers;
 
+import com.sublinks.sublinksapi.api.sublinks.v1.authentication.JwtPerson;
+import com.sublinks.sublinksapi.person.entities.Person;
+import java.util.Optional;
+import java.util.function.Supplier;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.server.ResponseStatusException;
+
 public abstract class AbstractSublinksApiController {
 
+  /**
+   * Get the person object or throw a 400 Bad Request exception.
+   *
+   * @param principal JwtPerson object that contains the person as it's principal
+   * @return Person
+   * @throws ResponseStatusException Exception thrown when Person not present
+   */
+  public Person getPersonOrThrowBadRequest(JwtPerson principal) throws ResponseStatusException {
+
+    return Optional.ofNullable(principal).map(p -> (Person) p.getPrincipal()).orElseThrow(
+        () -> new ResponseStatusException(HttpStatus.BAD_REQUEST));
+  }
+
+  /**
+   * Get the person object or throw a 400 Bad Request exception.
+   *
+   * @param principal JwtPerson object that contains the person as it's principal
+   * @return Person
+   * @throws ResponseStatusException Exception thrown when Person not present
+   */
+  public <X extends Throwable> Person getPersonOrThrow(JwtPerson principal,
+      Supplier<? extends X> exceptionSupplier) throws X {
+
+    return Optional.ofNullable(principal).map(p -> (Person) p.getPrincipal()).orElseThrow(
+        exceptionSupplier);
+  }
+
+
+  /**
+   * Get the person object or throw a 401 Unauthorized exception.
+   *
+   * @param principal JwtPerson object that contains the person as it's principal
+   * @return Person
+   * @throws ResponseStatusException Exception thrown when Person not present
+   */
+  public Person getPersonOrThrowUnauthorized(JwtPerson principal) throws ResponseStatusException {
+
+    return Optional.ofNullable(principal).map(p -> (Person) p.getPrincipal()).orElseThrow(
+        () -> new ResponseStatusException(HttpStatus.UNAUTHORIZED));
+  }
+
+  public Person getPerson(JwtPerson principal) {
+
+    return getOptionalPerson(principal).orElse(null);
+  }
+
+  public Optional<Person> getOptionalPerson(JwtPerson principal) {
+
+    return Optional.ofNullable(principal).map(p -> (Person) p.getPrincipal());
+  }
 }

src/main/java/com/sublinks/sublinksapi/api/sublinks/v1/common/enums/DateSort.java → src/main/java/com/sublinks/sublinksapi/api/sublinks/v1/common/enums/SortOrder.java

@@ -1,6 +1,6 @@
 package com.sublinks.sublinksapi.api.sublinks.v1.common.enums;
 
-public enum DateSort {
+public enum SortOrder {
   ASC,
   DESC
 }

src/main/java/com/sublinks/sublinksapi/api/sublinks/v1/languages/controllers/LanguageController.java

@@ -0,0 +1,58 @@
+package com.sublinks.sublinksapi.api.sublinks.v1.languages.controllers;
+
+import com.sublinks.sublinksapi.api.sublinks.v1.common.controllers.AbstractSublinksApiController;
+import com.sublinks.sublinksapi.api.sublinks.v1.languages.models.LanguageResponse;
+import com.sublinks.sublinksapi.instance.models.LocalInstanceContext;
+import com.sublinks.sublinksapi.language.entities.Language;
+import com.sublinks.sublinksapi.language.services.LanguageService;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.responses.ApiResponses;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import java.util.List;
+import lombok.AllArgsConstructor;
+import org.springframework.core.convert.ConversionService;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.server.ResponseStatusException;
+
+@RequestMapping("api/v1/languages")
+@Tag(name = "Languages", description = "Languages API")
+@AllArgsConstructor
+public class LanguageController extends AbstractSublinksApiController {
+
+  private final LanguageService languageService;
+  private final LocalInstanceContext localInstanceContext;
+  private final ConversionService conversionService;
+
+  @Operation(summary = "Get a list of languagesKeys")
+  @GetMapping
+  @ApiResponses(value = {
+      @ApiResponse(responseCode = "200", description = "List of languagesKeys", useReturnTypeSchema = true)})
+  public List<LanguageResponse> index() {
+
+    List<Language> languages = languageService.instanceLanguages(localInstanceContext.instance());
+
+    return languages.stream().map(
+        language -> conversionService.convert(language, LanguageResponse.class)).toList();
+
+  }
+
+  @Operation(summary = "Get a specific language")
+  @GetMapping("/{id}")
+  @ApiResponses(value = {
+      @ApiResponse(responseCode = "200", description = "Language", useReturnTypeSchema = true),
+      @ApiResponse(responseCode = "404", description = "Language not found")})
+  public LanguageResponse show(@PathVariable String id) {
+
+    List<Language> languages = languageService.instanceLanguages(localInstanceContext.instance());
+
+    Language foundLanguage = languages.stream().filter(
+        language -> language.getId().equals(Long.valueOf(id))).findFirst().orElseThrow(
+        () -> new ResponseStatusException(HttpStatus.NOT_FOUND, "language_not_found"));
+
+    return conversionService.convert(foundLanguage, LanguageResponse.class);
+  }
+}

src/main/java/com/sublinks/sublinksapi/api/sublinks/v1/languages/mappers/LanguageMapper.java

@@ -0,0 +1,22 @@
+package com.sublinks.sublinksapi.api.sublinks.v1.languages.mappers;
+
+import com.sublinks.sublinksapi.api.sublinks.v1.languages.models.LangaugeResponse;
+import com.sublinks.sublinksapi.authorization.services.RoleAuthorizingService;
+import com.sublinks.sublinksapi.language.entities.Language;
+import org.mapstruct.Mapper;
+import org.mapstruct.Mapping;
+import org.mapstruct.MappingConstants;
+import org.springframework.core.convert.converter.Converter;
+import org.springframework.lang.Nullable;
+
+@Mapper(componentModel = MappingConstants.ComponentModel.SPRING, uses = {
+    RoleAuthorizingService.class})
+public abstract class LanguageMapper implements Converter<Language, LangaugeResponse> {
+
+  @Override
+  @Mapping(target = "key", source = "language.name")
+  @Mapping(target = "name", source = "language.name")
+  @Mapping(target = "code", source = "language.code")
+  public abstract LangaugeResponse convert(@Nullable Language language);
+
+}