From 8d7f74e189a3990c065ac5e32b1b7481146c830f Mon Sep 17 00:00:00 2001
From: ThisBirchWood <dylanseandefaoite@gmail.com>
Date: Fri, 13 Jun 2025 15:45:12 +0200
Subject: [PATCH] ADD SecurityConfig & ADD Auth Endpoints

---
 .gitignore                                    |  8 ++--
 pom.xml                                       |  8 ++++
 .../vodsystem/controllers/AuthController.java | 25 +++++++++++
 .../repositories/UserRepository.java          |  5 +++
 .../security/CustomOAuth2UserService.java     | 44 +++++++++++++++++++
 .../vodsystem/security/SecurityConfig.java    | 38 ++++++++++++++++
 .../resources/application-local.properties    | 16 +++++++
 src/main/resources/application.properties     | 13 +-----
 8 files changed, 141 insertions(+), 16 deletions(-)
 create mode 100644 src/main/java/com/ddf/vodsystem/controllers/AuthController.java
 create mode 100644 src/main/java/com/ddf/vodsystem/security/CustomOAuth2UserService.java
 create mode 100644 src/main/java/com/ddf/vodsystem/security/SecurityConfig.java
 create mode 100644 src/main/resources/application-local.properties

diff --git a/.gitignore b/.gitignore
index a83d689..a449874 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,7 @@
+### Security ###
+.env.local
+.env.prod
+
 node_modules
 HELP.md
 target/
@@ -37,7 +41,3 @@ build/
 videos/
 
 generated
-
-### Security ###
-.env.local
-.env.prod
diff --git a/pom.xml b/pom.xml
index af35711..d722517 100644
--- a/pom.xml
+++ b/pom.xml
@@ -58,6 +58,14 @@
 			<scope>runtime</scope>
 			<optional>true</optional>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-oauth2-client</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
 	</dependencies>
 
 	<build>
diff --git a/src/main/java/com/ddf/vodsystem/controllers/AuthController.java b/src/main/java/com/ddf/vodsystem/controllers/AuthController.java
new file mode 100644
index 0000000..107c7d4
--- /dev/null
+++ b/src/main/java/com/ddf/vodsystem/controllers/AuthController.java
@@ -0,0 +1,25 @@
+package com.ddf.vodsystem.controllers;
+
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.Collections;
+import java.util.Map;
+
+@RestController
+@RequestMapping("/api/v1/auth/")
+public class AuthController {
+
+    @GetMapping("/user")
+    public Map<String, Object> user(@AuthenticationPrincipal OAuth2User principal) {
+        return Collections.singletonMap("name", principal.getAttribute("name"));
+    }
+
+    @GetMapping("/login")
+    public String login() {
+        return "login";
+    }
+}
diff --git a/src/main/java/com/ddf/vodsystem/repositories/UserRepository.java b/src/main/java/com/ddf/vodsystem/repositories/UserRepository.java
index b907163..50262d6 100644
--- a/src/main/java/com/ddf/vodsystem/repositories/UserRepository.java
+++ b/src/main/java/com/ddf/vodsystem/repositories/UserRepository.java
@@ -2,8 +2,13 @@ package com.ddf.vodsystem.repositories;
 
 import com.ddf.vodsystem.entities.User;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
 import org.springframework.stereotype.Repository;
 
+import java.util.Optional;
+
 @Repository
 public interface UserRepository extends JpaRepository<User, Long> {
+    @Query("SELECT u FROM User u WHERE u.googleId = ?1")
+    Optional<User> findByGoogleId(String googleId);
 }
diff --git a/src/main/java/com/ddf/vodsystem/security/CustomOAuth2UserService.java b/src/main/java/com/ddf/vodsystem/security/CustomOAuth2UserService.java
new file mode 100644
index 0000000..0423922
--- /dev/null
+++ b/src/main/java/com/ddf/vodsystem/security/CustomOAuth2UserService.java
@@ -0,0 +1,44 @@
+package com.ddf.vodsystem.security;
+
+import com.ddf.vodsystem.entities.User;
+import com.ddf.vodsystem.repositories.UserRepository;
+import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
+import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import org.springframework.stereotype.Service;
+
+import java.time.LocalDateTime;
+import java.util.Optional;
+
+@Service
+public class CustomOAuth2UserService extends DefaultOAuth2UserService {
+
+    private final UserRepository userRepository;
+
+    public CustomOAuth2UserService(UserRepository userRepository) {
+        this.userRepository = userRepository;
+    }
+
+    @Override
+    public OAuth2User loadUser(OAuth2UserRequest userRequest) {
+        OAuth2User oauthUser = super.loadUser(userRequest);
+
+        String googleId = oauthUser.getAttribute("sub"); // Google's unique user ID
+        String email = oauthUser.getAttribute("email");
+        String name = oauthUser.getAttribute("name");
+
+        Optional<User> userOptional = userRepository.findByGoogleId(googleId);
+        User user;
+        if (userOptional.isEmpty()) {
+            user = new User();
+            user.setGoogleId(googleId);
+            user.setEmail(email);
+            user.setName(name);
+            user.setUsername(email.split("@")[0]);
+            user.setCreatedAt(LocalDateTime.now());
+            userRepository.save(user);
+        }
+
+        return oauthUser;
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/com/ddf/vodsystem/security/SecurityConfig.java b/src/main/java/com/ddf/vodsystem/security/SecurityConfig.java
new file mode 100644
index 0000000..93d3d8c
--- /dev/null
+++ b/src/main/java/com/ddf/vodsystem/security/SecurityConfig.java
@@ -0,0 +1,38 @@
+package com.ddf.vodsystem.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+public class SecurityConfig {
+
+    private final CustomOAuth2UserService customOAuth2UserService;
+
+    public SecurityConfig(CustomOAuth2UserService customOAuth2UserService) {
+        this.customOAuth2UserService = customOAuth2UserService;
+    }
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http
+                .csrf(AbstractHttpConfigurer::disable)
+                .authorizeHttpRequests(auth -> auth
+                        .requestMatchers("/", "/css/**", "api/v1/**").permitAll()
+                        .anyRequest().authenticated()
+                )
+                .oauth2Login(oauth2 -> oauth2
+                        .loginPage("/login")
+                        .userInfoEndpoint(userInfo -> userInfo
+                            .userService(customOAuth2UserService))
+                )
+                .logout(logout -> logout
+                        .logoutSuccessUrl("/")
+                        .permitAll()
+                );
+
+        return http.build();
+    }
+}
diff --git a/src/main/resources/application-local.properties b/src/main/resources/application-local.properties
new file mode 100644
index 0000000..7aa05ee
--- /dev/null
+++ b/src/main/resources/application-local.properties
@@ -0,0 +1,16 @@
+# Database
+spring.datasource.url=jdbc:postgresql://postgres:5432/vodSystem
+spring.datasource.username=myuser
+spring.datasource.password=mypassword
+spring.datasource.driver-class-name=org.postgresql.Driver
+spring.jpa.hibernate.ddl-auto=update
+spring.jpa.show-sql=true
+spring.sql.init.mode=always
+spring.sql.init.schema-locations=classpath:db/schema.sql
+spring.sql.init.data-locations=classpath:db/data.sql
+
+# Security
+spring.security.oauth2.client.registration.google.client-id=${GOOGLE_CLIENT_ID}
+spring.security.oauth2.client.registration.google.client-secret=${GOOGLE_CLIENT_SECRET}
+spring.security.oauth2.client.registration.google.scope=openid,profile,email
+spring.security.oauth2.client.registration.google.redirect-uri=http://localhost:8080/login/oauth2/code/google
\ No newline at end of file
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index f3ab51b..773728b 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,4 +1,5 @@
 spring.application.name=vodSystem
+spring.profiles.active=local
 
 # VODs
 spring.servlet.multipart.max-file-size=2GB
@@ -6,17 +7,5 @@ spring.servlet.multipart.max-request-size=2GB
 temp.vod.storage=videos/inputs/
 temp.vod.output=videos/outputs/
 
-# Database
-spring.datasource.url=jdbc:postgresql://postgres:5432/vodSystem
-spring.datasource.username=myuser
-spring.datasource.password=mypassword
-spring.datasource.driver-class-name=org.postgresql.Driver
-spring.jpa.hibernate.ddl-auto=update
-spring.jpa.show-sql=true
-spring.sql.init.mode=always
-
-spring.sql.init.schema-locations=classpath:db/schema.sql
-spring.sql.init.data-locations=classpath:db/data.sql
-
 # Logging
 logging.level.org.springframework.web=DEBUG
\ No newline at end of file