jwt initial config

src/main/java/com/example/springdemo/security/SecurityFilterChainConfig.java

@@ -1,5 +1,7 @@
 package com.example.springdemo.security;
 
+import com.example.springdemo.security.jwt.JwtAuthenticationFilter;
+import jakarta.annotation.Resource;
 import org.jetbrains.annotations.NotNull;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -9,14 +11,19 @@ import org.springframework.security.config.annotation.method.configuration.Enabl
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
-import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
+import org.springframework.security.web.authentication.AuthenticationFilter;
 
 @Configuration
 @EnableWebSecurity // Enable Spring Security
 @EnableGlobalAuthentication // Enable Spring Security's global authentication configuration
 @EnableMethodSecurity(prePostEnabled = true) // Enable Spring Security's method security
-public class SecurityConfig {
+public class SecurityFilterChainConfig {
+    @Resource
+    AuthenticationFilter authenticationFilter;
+
     @Bean
     public SecurityFilterChain SecurityFilterChain(@NotNull HttpSecurity http) throws Exception {
         var ignoreUrls = new String[]{"/login", "/logout", "/error"};
@@ -27,10 +34,12 @@ public class SecurityConfig {
                                 .requestMatchers(authedUrls).authenticated() // authenticate all requests to authedUrls
                                 .requestMatchers(ignoreUrls).permitAll() // permit all requests to ignoreUrls
                 )
-                .formLogin(Customizer.withDefaults())
                 .httpBasic(Customizer.withDefaults())
                 .csrf(AbstractHttpConfigurer::disable)
-                .logout(LogoutConfigurer::permitAll);
+                .sessionManagement(a -> a.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+                .formLogin(AbstractHttpConfigurer::disable)
+                .logout(AbstractHttpConfigurer::disable)
+                .addFilterBefore(authenticationFilter, AnonymousAuthenticationFilter.class); // jwt filter;
         return http.build();
     }
 }

src/main/java/com/example/springdemo/security/events/LoginSuccess.java

@@ -0,0 +1,22 @@
+package com.example.springdemo.security.events;
+
+import com.example.springdemo.entities.Users;
+import org.jetbrains.annotations.NotNull;
+import org.springframework.context.PayloadApplicationEvent;
+import org.springframework.core.ResolvableType;
+
+public class LoginSuccess extends PayloadApplicationEvent<Users> {
+    public LoginSuccess(Object source, Users payload) {
+        super(source, payload);
+    }
+
+    @Override
+    public ResolvableType getResolvableType() {
+        return ResolvableType.forRawClass(LoginSuccess.class);
+    }
+
+    @Override
+    public @NotNull Users getPayload() {
+        return super.getPayload();
+    }
+}

src/main/java/com/example/springdemo/security/jwt/JwtAuthenticationFilter.java

@@ -0,0 +1,23 @@
+package com.example.springdemo.security.jwt;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.extern.slf4j.Slf4j;
+import org.jetbrains.annotations.NotNull;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
+
+@Slf4j
+public class JwtAuthenticationFilter extends OncePerRequestFilter {
+    @Override
+    protected void doFilterInternal(@NotNull HttpServletRequest request,
+                                    @NotNull HttpServletResponse response,
+                                    @NotNull FilterChain filterChain)
+            throws ServletException, IOException {
+
+
+    }
+}

src/main/java/com/example/springdemo/security/jwt/token/RequestAuthToken.java

@@ -0,0 +1,30 @@
+package com.example.springdemo.security.jwt.token;
+
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+
+@Getter
+@Setter
+@EqualsAndHashCode(callSuper = false)
+public class RequestAuthToken extends UsernamePasswordAuthenticationToken {
+
+    private String userId;
+
+    private String secret;
+
+    private TokenType tokenType;
+
+    public RequestAuthToken(Object principal, Object credentials, TokenType tokenType) {
+        this(principal, credentials, null, null, tokenType);
+    }
+
+    public RequestAuthToken(Object principal, Object credentials, final String userId, String secret) {
+        this(principal, credentials, userId, secret, null);
+    }
+
+    public RequestAuthToken(Object principal, Object credentials, final String userId, String secret, TokenType tokenType) {
+        super(principal, credentials);
+    }
+}

src/main/java/com/example/springdemo/security/jwt/token/TokenType.java

@@ -0,0 +1,19 @@
+package com.example.springdemo.security.jwt.token;
+
+import lombok.Getter;
+
+@Getter
+public enum TokenType {
+
+    STRING(1, "String"),//string
+    INFO(3, "INFO");//json
+
+    private final Integer id;
+    private final String name;
+
+    TokenType(Integer id, String name) {
+        this.id = id;
+        this.name = name;
+    }
+
+}