♻️ refactor: refactor codebase #2

pnguyen215 · pnguyen215 · commit 660e44582c07 · 2024-09-03T22:37:53.000+07:00
diff --git a/README.md b/README.md
@@ -99,6 +99,9 @@ testImplementation group: 'org.mockito', name: 'mockito-junit-jupiter', version:
 // AOP enables modularization of cross-cutting concerns such as logging, security, and transactions by allowing aspects to be applied to various parts of the application.
 // This starter simplifies the setup and configuration of AOP-related functionality, promoting cleaner and more maintainable code by separating concerns effectively.
 implementation group: 'org.springframework.boot', name: 'spring-boot-starter-aop', version: '2.7.18'
+// The "spring-boot-starter-security" library, version 2.7.18, is an essential component of Spring Boot applications,
+// offering robust security features to safeguard your application's endpoints, authenticate users, and manage access control effectively.
+implementation group: 'org.springframework.boot', name: 'spring-boot-starter-security', version: '2.7.18'
 ```
 
 ## Integration
diff --git a/plugin/build.gradle b/plugin/build.gradle
@@ -191,6 +191,9 @@ dependencies {
     // AOP enables modularization of cross-cutting concerns such as logging, security, and transactions by allowing aspects to be applied to various parts of the application.
     // This starter simplifies the setup and configuration of AOP-related functionality, promoting cleaner and more maintainable code by separating concerns effectively.
     implementation group: 'org.springframework.boot', name: 'spring-boot-starter-aop', version: '2.7.18'
+    // The "spring-boot-starter-security" library, version 2.7.18, is an essential component of Spring Boot applications,
+    // offering robust security features to safeguard your application's endpoints, authenticate users, and manage access control effectively.
+    implementation group: 'org.springframework.boot', name: 'spring-boot-starter-security', version: '2.7.18'
 }
 
 test {
diff --git a/plugin/src/main/groovy/org/clarify4j/common/annotation/WithAuthHeader.java b/plugin/src/main/groovy/org/clarify4j/common/annotation/WithAuthHeader.java
@@ -0,0 +1,16 @@
+package org.clarify4j.common.annotation;
+
+import java.lang.annotation.*;
+
+@Documented
+@Retention(RetentionPolicy.RUNTIME)
+@Target({ElementType.METHOD, ElementType.TYPE})
+public @interface WithAuthHeader {
+    boolean disabled() default false;
+
+    String message() default "Access denied";
+
+    String key() default "x-api-key";
+
+    String value() default "";
+}
diff --git a/plugin/src/main/groovy/org/clarify4j/config/handler/WithAuthHeaderHandler.java b/plugin/src/main/groovy/org/clarify4j/config/handler/WithAuthHeaderHandler.java
@@ -0,0 +1,42 @@
+package org.clarify4j.config.handler;
+
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.clarify4j.common.Clarify4j;
+import org.clarify4j.common.annotation.WithAuthHeader;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.stereotype.Component;
+import org.unify4j.common.Request4j;
+
+import java.lang.reflect.Method;
+import java.util.Map;
+
+@Aspect
+@Component
+public class WithAuthHeaderHandler {
+    protected static final Logger logger = LoggerFactory.getLogger(WithAuthHeaderHandler.class);
+
+    @Around(value = "@annotation(org.clarify4j.common.annotation.WithAuthHeader)")
+    public Object execute(ProceedingJoinPoint joinPoint) throws Throwable {
+        Object proceed = joinPoint.proceed();
+        MethodSignature signature = (MethodSignature) joinPoint.getSignature();
+        Method method = signature.getMethod();
+        WithAuthHeader auth = method.getAnnotation(WithAuthHeader.class);
+        if (auth.disabled()) {
+            return proceed;
+        }
+        Map<String, Object> headers = Request4j.getHeaders(Clarify4j.getRequest());
+        if (!headers.containsKey(auth.key())) {
+            String message = String.format("Authentication header by key: '%s' not found", auth.key());
+            throw new AccessDeniedException(message);
+        }
+        if (!headers.get(auth.key()).equals(auth.value())) {
+            throw new AccessDeniedException(auth.message());
+        }
+        return proceed;
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -191,6 +191,9 @@ dependencies {`
`191`	`191`	`// AOP enables modularization of cross-cutting concerns such as logging, security, and transactions by allowing aspects to be applied to various parts of the application.`
`192`	`192`	`// This starter simplifies the setup and configuration of AOP-related functionality, promoting cleaner and more maintainable code by separating concerns effectively.`
`193`	`193`	`implementation group: 'org.springframework.boot', name: 'spring-boot-starter-aop', version: '2.7.18'`
	`194`	`+ // The "spring-boot-starter-security" library, version 2.7.18, is an essential component of Spring Boot applications,`
	`195`	`+ // offering robust security features to safeguard your application's endpoints, authenticate users, and manage access control effectively.`
	`196`	`+ implementation group: 'org.springframework.boot', name: 'spring-boot-starter-security', version: '2.7.18'`
`194`	`197`	`}`
`195`	`198`
`196`	`199`	`test {`