torresj / infosas-api / 87

Committed 12 Jan 2026 02:35PM UTC coverage: 76.32% (-15.3%) from 91.648%

Build # 87

Build Type

push

circleci

Committed by

torresj

Commit Message

Auth API added

Run Details

70 of 170 new or added lines in 20 files covered. (41.18%)

477 of 625 relevant lines covered (76.32%)

0.76 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

73.33

/src/main/java/com/torresj/infosas/security/JwtRequestFilter.java

package com.torresj.infosas.security;

import com.torresj.infosas.services.ClientService;
import com.torresj.infosas.services.JwtService;
import com.torresj.infosas.services.impl.ClientServiceImpl;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpHeaders;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

import java.io.IOException;

@Component
@RequiredArgsConstructor
public class JwtRequestFilter extends OncePerRequestFilter {

    private final JwtService jwtService;
    private final ClientService clientService;

    @Value("${jwt.token.prefix}")
    private final String prefix;

    @Override
    protected void doFilterInternal(
            final HttpServletRequest request,
            final HttpServletResponse response,
            final FilterChain chain
    ) throws ServletException, IOException {
        // look for Bearer auth header
        final String header = request.getHeader(HttpHeaders.AUTHORIZATION);
        if (header == null || !header.startsWith(prefix + " ")) {
            chain.doFilter(request, response);
            return;
        }

        final String token = header.substring(7);
        final String name = jwtService.validateJWS(token);
        if (name == null) {
            // validation failed or token expired
            chain.doFilter(request, response);
            return;
        }

        // set user details on spring security context
        final UserDetails userDetails = ((ClientServiceImpl) clientService).loadUserByUsername(name);
        final UsernamePasswordAuthenticationToken authentication =
                new UsernamePasswordAuthenticationToken(
                        userDetails, null, userDetails.getAuthorities());
        SecurityContextHolder.getContext().setAuthentication(authentication);

        // continue with authenticated user
        chain.doFilter(request, response);
    }
}

1	package com.torresj.infosas.security;
2
3	import com.torresj.infosas.services.ClientService;
4	import com.torresj.infosas.services.JwtService;
5	import com.torresj.infosas.services.impl.ClientServiceImpl;
6	import jakarta.servlet.FilterChain;
7	import jakarta.servlet.ServletException;
8	import jakarta.servlet.http.HttpServletRequest;
9	import jakarta.servlet.http.HttpServletResponse;
10	import lombok.RequiredArgsConstructor;
11	import org.springframework.beans.factory.annotation.Value;
12	import org.springframework.http.HttpHeaders;
13	import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
14	import org.springframework.security.core.context.SecurityContextHolder;
15	import org.springframework.security.core.userdetails.UserDetails;
16	import org.springframework.security.core.userdetails.UserDetailsService;
17	import org.springframework.stereotype.Component;
18	import org.springframework.web.filter.OncePerRequestFilter;
19
20	import java.io.IOException;
21
22	@Component
23	@RequiredArgsConstructor
24	public class JwtRequestFilter extends OncePerRequestFilter {
25
26	private final JwtService jwtService;
27	private final ClientService clientService;
28
29	@Value("${jwt.token.prefix}")
30	private final String prefix;
31
32	@Override
33	protected void doFilterInternal(
34	final HttpServletRequest request,
35	final HttpServletResponse response,
36	final FilterChain chain
37	) throws ServletException, IOException {
38	// look for Bearer auth header
39	final String header = request.getHeader(HttpHeaders.AUTHORIZATION);	1✔
40	if (header == null \|\| !header.startsWith(prefix + " ")) {	1✔
NEW 41	chain.doFilter(request, response);	×
NEW 42	return;	×
43	}
44
45	final String token = header.substring(7);	1✔
46	final String name = jwtService.validateJWS(token);	1✔
47	if (name == null) {	1✔
48	// validation failed or token expired
NEW 49	chain.doFilter(request, response);	×
NEW 50	return;	×
51	}
52
53	// set user details on spring security context
54	final UserDetails userDetails = ((ClientServiceImpl) clientService).loadUserByUsername(name);	1✔
55	final UsernamePasswordAuthenticationToken authentication =	1✔
56	new UsernamePasswordAuthenticationToken(
57	userDetails, null, userDetails.getAuthorities());	1✔
58	SecurityContextHolder.getContext().setAuthentication(authentication);	1✔
59
60	// continue with authenticated user
61	chain.doFilter(request, response);	1✔
62	}	1✔
63	}

torresj / infosas-api / 87

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous