From d80772118764a2f332e193432c20d766f867d148 Mon Sep 17 00:00:00 2001 From: David Date: Tue, 19 Aug 2025 01:00:00 +0200 Subject: [PATCH] feature google authO2 --- bootstrap/pom.xml | 11 ++++++++ .../OAuth2AuthenticationSuccessHandler.java | 8 +++--- .../src/main/resources/application-dev.yml | 3 ++- .../xpeditis/AuthenticationRepository.java | 25 +++++++++++-------- .../AuthenticationJwtRepository.java | 19 ++++++++++++++ 5 files changed, 49 insertions(+), 17 deletions(-) diff --git a/bootstrap/pom.xml b/bootstrap/pom.xml index a691544..1af24ca 100755 --- a/bootstrap/pom.xml +++ b/bootstrap/pom.xml @@ -40,6 +40,17 @@ infrastructure ${project.version} + + + com.dh7789dev + data + ${project.version} + + + com.dh7789dev + spi + ${project.version} + org.projectlombok diff --git a/bootstrap/src/main/java/com/dh7789dev/xpeditis/configuration/OAuth2AuthenticationSuccessHandler.java b/bootstrap/src/main/java/com/dh7789dev/xpeditis/configuration/OAuth2AuthenticationSuccessHandler.java index 6400c5c..535de9b 100644 --- a/bootstrap/src/main/java/com/dh7789dev/xpeditis/configuration/OAuth2AuthenticationSuccessHandler.java +++ b/bootstrap/src/main/java/com/dh7789dev/xpeditis/configuration/OAuth2AuthenticationSuccessHandler.java @@ -1,10 +1,8 @@ package com.dh7789dev.xpeditis.configuration; import com.dh7789dev.xpeditis.AuthenticationRepository; -import com.dh7789dev.xpeditis.CommonUtil; import com.dh7789dev.xpeditis.UserRepository; import com.dh7789dev.xpeditis.dto.app.UserAccount; -import com.dh7789dev.xpeditis.dto.request.AuthenticationRequest; import com.dh7789dev.xpeditis.dto.response.AuthenticationResponse; import com.fasterxml.jackson.databind.ObjectMapper; import jakarta.servlet.ServletException; @@ -35,11 +33,11 @@ public class OAuth2AuthenticationSuccessHandler implements AuthenticationSuccess DefaultOAuth2User oAuth2User = (DefaultOAuth2User) authentication.getPrincipal(); String email = (String) oAuth2User.getAttributes().get("email"); - String password = CommonUtil.generatePassword(12); + String password = "oauth-generated"; + // Ensure the user exists, but do not try to re-authenticate with password UserAccount user = userRepository.findOrCreateOAuthUser(email, oAuth2User.getAttributes(), password); - AuthenticationResponse authResponse = authenticationRepository.authenticate( - new AuthenticationRequest(user.getEmail(), user.getPassword())); + AuthenticationResponse authResponse = authenticationRepository.authenticateOAuthByEmail(user.getEmail()); response.setContentType("application/json"); response.setCharacterEncoding("UTF-8"); diff --git a/bootstrap/src/main/resources/application-dev.yml b/bootstrap/src/main/resources/application-dev.yml index 9e03ac7..9b282f3 100644 --- a/bootstrap/src/main/resources/application-dev.yml +++ b/bootstrap/src/main/resources/application-dev.yml @@ -9,6 +9,7 @@ spring: scope: - profile - email + redirect-uri: "http://localhost:8080/login/oauth2/code/{registrationId}" provider: google: authorization-uri: https://accounts.google.com/o/oauth2/v2/auth @@ -76,4 +77,4 @@ application: expiration: 604800000 # 7 days server: - port: 8083 \ No newline at end of file + port: 8080 \ No newline at end of file diff --git a/domain/spi/src/main/java/com/dh7789dev/xpeditis/AuthenticationRepository.java b/domain/spi/src/main/java/com/dh7789dev/xpeditis/AuthenticationRepository.java index 6107d94..46a8707 100644 --- a/domain/spi/src/main/java/com/dh7789dev/xpeditis/AuthenticationRepository.java +++ b/domain/spi/src/main/java/com/dh7789dev/xpeditis/AuthenticationRepository.java @@ -1,11 +1,14 @@ -package com.dh7789dev.xpeditis; - -import com.dh7789dev.xpeditis.dto.request.AuthenticationRequest; -import com.dh7789dev.xpeditis.dto.response.AuthenticationResponse; -import com.dh7789dev.xpeditis.dto.request.RegisterRequest; - -public interface AuthenticationRepository { - - AuthenticationResponse authenticate(AuthenticationRequest request); - AuthenticationResponse register(RegisterRequest request); -} +package com.dh7789dev.xpeditis; + +import com.dh7789dev.xpeditis.dto.request.AuthenticationRequest; +import com.dh7789dev.xpeditis.dto.response.AuthenticationResponse; +import com.dh7789dev.xpeditis.dto.request.RegisterRequest; + +public interface AuthenticationRepository { + + AuthenticationResponse authenticate(AuthenticationRequest request); + AuthenticationResponse register(RegisterRequest request); + + // Issue JWT tokens for an already-authenticated OAuth2 user identified by email + AuthenticationResponse authenticateOAuthByEmail(String email); +} diff --git a/infrastructure/src/main/java/com/dh7789dev/xpeditis/repository/AuthenticationJwtRepository.java b/infrastructure/src/main/java/com/dh7789dev/xpeditis/repository/AuthenticationJwtRepository.java index 3954a12..dde22be 100644 --- a/infrastructure/src/main/java/com/dh7789dev/xpeditis/repository/AuthenticationJwtRepository.java +++ b/infrastructure/src/main/java/com/dh7789dev/xpeditis/repository/AuthenticationJwtRepository.java @@ -57,6 +57,25 @@ public class AuthenticationJwtRepository implements AuthenticationRepository { .setExpiresAt(jwtUtil.extractExpiration(jwtToken)); } + @Override + public AuthenticationResponse authenticateOAuthByEmail(String email) { + log.info("OAuth2 authenticate by email: {}", email); + var userEntity = userDao.findByUsernameOrEmail(email) + .orElseThrow(() -> new UsernameNotFoundException("User not found: " + email)); + + var jwtToken = jwtUtil.generateToken(userEntity); + var refreshToken = jwtUtil.generateRefreshToken(userEntity); + + revokeAllUserTokens(userEntity); + saveUserToken(userEntity, jwtToken); + + return new AuthenticationResponse() + .setAccessToken(jwtToken) + .setRefreshToken(refreshToken) + .setCreatedAt(jwtUtil.extractCreatedAt(jwtToken)) + .setExpiresAt(jwtUtil.extractExpiration(jwtToken)); + } + @Override public AuthenticationResponse register(RegisterRequest request) { if (userDao.existsByUsername(request.getUsername())) {