Java Spring Expert Capítulo 3
Java Spring Expert Capítulo 3
br
Competências
● Modelo de dados de usuários e perfis
● Validação com Bean Validation
○ Annotations
○ Customizando a resposta HTTP
○ Validações personalizadas com acesso a banco
● Login e controle de acesso
○ Spring Security
○ OAuth 2.0
○ Token JWT
○ Autorização de rotas por perfil
https://docs.jboss.org/hibernate/beanvalidation/spec/2.0/api/overview-summary.html
https://docs.jboss.org/hibernate/beanvalidation/spec/2.0/api/javax/validation/constraints/
package-summary.html
https://www.baeldung.com/java-bean-validation-not-null-empty-blank
https://www.baeldung.com/spring-custom-validation-message-source
https://pt.stackoverflow.com/questions/133691/formatar-campo-cpf-ou-cnpj-usando-regex
https://regexlib.com/
https://regexr.com/
https://devsuperior.com.br
https://www.youtube.com/watch?v=n1z9lx4ymPM
OAuth 2.0
https://oauth.net/2/
https://devsuperior.com.br
Recursos DSCatalog:
https://github.com/devsuperior/dscatalog-resources/tree/master/backend
Figma do DSCatalog
https://www.figma.com/file/cNa2l3TqZXxbU6NBDPruNw/BDS-DSCatalog
https://devsuperior.com.br
Spring Security
Dependências
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
Checklist
https://devsuperior.com.br
Spring OAuth2
Dependências
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-authorization-server</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
</dependency>
Valores de configuração
security.client-id=${CLIENT_ID:myclientid}
security.client-secret=${CLIENT_SECRET:myclientsecret}
security.jwt.duration=${JWT_DURATION:86400}
cors.origins=${CORS_ORIGINS:http://localhost:3000,http://localhost:5173}
Authorization Server
● Habilitar Authorization server
● Configurar token (codificação, formato, assinatura)
● Configurar autenticação / password encoder
● Registrar aplicação cliente
Resource Server
● Configurar controle de acesso aos recursos
● Configurar CSRF, CORS
● Configurar token
● Liberar H2 Console no modo teste
Requisição de login
Authorization:
Tipo: Basic
Username: client-id
Password: client-secret
https://devsuperior.com.br
Body:
Tipo: x-www-form-urlencoded
username: [email protected]
password: 123456
grant_type: password
@PreAuthorize("hasAnyRole('ROLE_ADMIN', 'ROLE_OPERATOR')")